Allow Security Managers to toggle SAST Vulnerability Resolution setting

Eugie Limpinrequested to merge
el-security-manager-toggle-sast-vuln-resolution-setting into master

What does this MR do and why?

Exposes only the Turn on SAST vulnerability resolution workflow toggle on the project General Settings → GitLab Duo section to Security Managers.

References

SAST VR, SAST FP, Secret Detection FP – Permiss... (gitlab-org#21725)

Screenshots or screen recordings

How to set up and validate locally

  1. Start GDK with support for Security Manager role

    $ export GITLAB_SECURITY_MANAGER_ROLE=true
$ gdk start

  2. Ensure that your instance has an active EE license

  3. Enable required feature flags in the Rails console:

    > Feature.enable(:update_sast_vr_setting_permission)
> Feature.enable(:enable_vulnerability_resolution)

  4. Login with root then navigate to a project (e.g. http://localhost:3000/gitlab-org/gitlab-shell/)

  5. Add another user as a Security Manager

  6. Logout then login with the Security Manager user

  7. Navigate to the project's General Settings → GitLab Duo page

  8. Verify that only Turn on SAST vulnerability resolution workflow setting is visible

  9. Verify that the setting can be toggled

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugie Limpin

Merge request reports