Skip to content

Add standards adherence refresh worker

Huzaifa Iftikhar requested to merge 434199_add_feature_run_adherence_scan_manually into master

What does this MR do and why?

  1. This worker can be enqueued to run all the adherence checks for all the projects within a group.
  2. This option to trigger the ComplianceManagement::Standards::RefreshWorker will be exposed via a GraphQL API in a subsequent MR.
  3. The GraphQL API would be used by the frontend at the standards adherence dashboard. Since we need to show the progress of the running checks at frontend we have stored the current progress in Redis.
  4. We've kept the TTL of the redis hash as 24 hours so that users cannot trigger this worker more than once per day.
  5. Moved most of the code from ee/app/services/compliance_management/standards/gitlab/base_service.rb to ee/app/services/compliance_management/standards/base_service.rb so that we can use this base class for other standards as well when we add them in the future.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Ensure you have ultimate license on your GDK.
  2. Visit the standards adherence dashboard. Eg: ``https://gdk.test:3000/groups/twitter/-/security/compliance_dashboard/standards_adherence`
  3. Delete all the adherence records for all the projects within this group by running the following in rails console
group = Group.find(<id_of_your_group>)
Projects::ComplianceStandards::Adherence.for_group_and_its_subgroups(group).each(&:destroy)
  1. Visit the standards adherence dashboard again for that group and ensure that it is empty.
  2. Run ComplianceManagement::Standards::RefreshWorker.perform_async({ 'group_id' => <your_group_id>, 'user_id' => 1 })
  3. Visit the standards adherence dashboard again for that group and ensure that it has all the records again.
  4. Run the following command on rails console and verify that we have the current progress stored in Redis
[3] pry(main)> ComplianceManagement::StandardsAdherenceChecksTracker.new(group.id).progress
=> {"started_at"=>"2024-01-12 20:23:11 UTC", "total_checks"=>"6", "checks_completed"=>"6"}

Related to #434199 (closed)

Edited by Huzaifa Iftikhar

Merge request reports