DAST On-Demand Scans - Use existing site profiles for scans - Frontend
- Related issues: #230612 (closed), #232487 (closed), #233371 (closed)
What does this MR do?
This adds support for using existing DAST site profiles when running a DAST On-demand Scan.
How to test this?
- Enable both feature flags.
echo "Feature.enable(:security_on_demand_scans_feature_flag)" | spring rails c
echo "Feature.enable(:security_on_demand_scans_site_profiles_feature_flag)" | spring rails c
- Visit a project's on-demand scan form:
/:group/:project/-/on_demand_scans/
.
Screenshots
Description | Screenshot |
---|---|
Site profiles could not be fetched | |
Site profiles loaded successfully | |
Site profile selected | |
No site profiles created yet |
Recordings
Description | Recording |
---|---|
An unknown error prevented the DAST site profiles from loading. In this case we don't show the form at all as it would't be functional without the profiles. | Screen_Recording_2020-08-04_at_4.53.35_PM |
Site profiles are fetched successfully, we can show the form. | success |
When selecting a site profile, its summary appears below the dropdown. | site_profile_selected |
User didn't create any DAST site profile yet, we show a button to create one. | no_site_profiles |
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry (not needed, this is behind a feature flag)
- [-] Documentation (if required)
-
Code review guidelines - [-] Merge request performance guidelines
-
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Paul Gascou-Vaillancourt