Refactor compliance dashboard merge requests
What does this MR do?
Move the merge requests content into its own directory in preparation for future additional dashboard pages #220328 (closed).
This also hides the GlTabs
added in !37959 (merged) by default using a cookie flag. The flag will be removed once the Approvals
tab has been added.
Screenshots
Flag on | Flag off (default) |
---|---|
![]() |
![]() |
Local testing
Compliance dashboard
The URL for the dashboard is https://[GDK_HOST]/groups/gitlab-org/-/security/compliance_dashboard
If you don't see any merge requests, you can run the following in your rails console
in your gitlab directory to add a merge request event:
# Include FactoryBot
FactoryBot.definition_file_paths = [Rails.root.join('ee', 'spec', 'factories')]
FactoryBot.find_definitions
group = Group.find(22) # The group id for gitlab-org, replace it for a different group
user = User.find(1) # The admin id on GDK, replace it for a different user
project = FactoryBot.create(:project, :repository, :public, group: group)
merge_request = FactoryBot.create(:merge_request, source_project: project, state: :merged)
FactoryBot.create(:event, :merged, project: project, target: merge_request, author: user, created_at: 10.minutes.ago)
Cookie flag
To show or hide tabs, paste the either of the following in your browser console and refresh the page:
// Show tabs
document.cookie = 'compliance_dashboard_tabs=true'
// Hide tabs
document.cookie = 'compliance_dashboard_tabs=false'
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team