Upgrade Alert - Add proper API support
What does this MR do and why?
Closes #387719 (closed)
Implements GitLab support for VersionCheck API change: https://gitlab.com/gitlab-services/version-gitlab-com/-/issues/455
Removes Feature Flag :critical_security_alert
This change adds support for a new key to be provided from the VersionCheck API critical_vulnerability
. This key will be a Boolean that when true will trigger the Critical Security Alert Modal to appear.
Through customer feedback of this feature we created the feature flag :critical_security_alert
to hide the UI elements while we added the new API support. Now that we have it we can remove the said feature flag. Additionally through customer feedback we have found the undismissible Page Alert was excessive. We decided to remove it in favor of only showing the Modal.
Screenshots or screen recordings
UI | |
---|---|
No updates available | ![]() |
Non-security update available | ![]() |
Non-critical security update available | ![]() |
Critical security update available ASAP | ![]() |
How to set up and validate locally
Important: You will need to provide "spoofs" to make your GDK think its behind a version. Below are patches to achieve each type of scenario.
Important: You need to reset any changes between adding different patches.
No updates available
diff --git a/app/helpers/version_check_helper.rb b/app/helpers/version_check_helper.rb
index 9f9cccf54a53..713cf2491315 100644
--- a/app/helpers/version_check_helper.rb
+++ b/app/helpers/version_check_helper.rb
@@ -13,7 +13,8 @@ def show_version_check?
end
def gitlab_version_check
- VersionCheck.new.response
+ #VersionCheck.new.response
+ { "severity" => 'success' }
end
strong_memoize_attr :gitlab_version_check
Non-security update available
diff --git a/app/helpers/version_check_helper.rb b/app/helpers/version_check_helper.rb
index 9f9cccf54a53..adc310b600d3 100644
--- a/app/helpers/version_check_helper.rb
+++ b/app/helpers/version_check_helper.rb
@@ -13,7 +13,8 @@ def show_version_check?
end
def gitlab_version_check
- VersionCheck.new.response
+ #VersionCheck.new.response
+ { "severity" => 'warning' }
end
strong_memoize_attr :gitlab_version_check
Non-critical security update available
diff --git a/app/helpers/version_check_helper.rb b/app/helpers/version_check_helper.rb
index 9f9cccf54a53..202101e5c900 100644
--- a/app/helpers/version_check_helper.rb
+++ b/app/helpers/version_check_helper.rb
@@ -13,7 +13,8 @@ def show_version_check?
end
def gitlab_version_check
- VersionCheck.new.response
+ #VersionCheck.new.response
+ { "severity" => 'danger' }
end
strong_memoize_attr :gitlab_version_check
Critical security update available
diff --git a/app/helpers/version_check_helper.rb b/app/helpers/version_check_helper.rb
index 5b33af161aff..1ad23f573f8c 100644
--- a/app/helpers/version_check_helper.rb
+++ b/app/helpers/version_check_helper.rb
@@ -11,7 +11,8 @@ def show_version_check?
end
def gitlab_version_check
- VersionCheck.new.response
+ #VersionCheck.new.response
+ { "severity" => 'danger', "critical_vulnerability" => true, "details" => 'There is a runner token vulnerability on this version. Please upgrade to prevent an attacker executing code on your instance', "latest_stable_versions" => ['15.9.2', '15.10.0', '16.0.0'] }
end
strong_memoize_attr :gitlab_version_check
- Login as an Admin (root is admin by default)
- Apply your selected patch
- Refresh any page
- Click Help Dropdown in the Top Right of nav (? icon)
- Ensure UI matches the Screenshot above
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #387719 (closed)