Security navigation in left sidebar
requested to merge 34910-display-security-navigation-in-left-sidebar-to-a-cohort-of-net-new-com-signups into master
What does this MR do?
Display security navigation in left sidebar to a cohort of net new .com signups
- We show a "Security & Compliance" slideshow for users to discover GitLab security features
- We show it only to the owners of any group which doesn't have enough plan to see the "Security & Compliance" dashboards
- Only on .com and only for users registered after 2020 mid january.
- This is a growth experiment behind a feature flagged for discovery features, so may need more iterations to perfect it https://docs.gitlab.com/ee/development/experiment_guide/#code-reviews
- We show this slideshow both at group and project level
- The design comes from the issue Issue #34910 (closed)
Issue #34910 (closed)
Testing
- Enable the feature flag: Feature.enable(:discover_security)
- I lib/gitlab.rb to return
.com?true so that we have a gitlab.com environment - Here under "Account and Limit" http://localhost:3000/admin/application_settings/general enable "Check feature availability on namespace plan Enabling this will only make licensed EE features available to projects if the project namespace's plan includes the feature or if the project is public. "
Screenshots
| Screenshot | Video |
|---|---|
 |
security-navbar-4-2020 |
- 0 We show a carousel
- 1 This appears on left navigation
- 2,3,4,5 We have CTA links
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
-
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec -
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Alper Akgun