Expose analyzers in the SAST Configuration UI
requested to merge 238602-integrate-analyzerconfiguration-component-into-sast-configuration-ui into master
What does this MR do?
Implement analyzers section in SAST Configuration
This integrates various pieces of ground work:
- Migrating a POST request to a GraphQL mutation
- Creating an expandable container component
- Creating an AnalyzerConfiguration component
- Extending the AnalyzerConfiguration component
This is implemented behind the sast_configuration_ui_analyzers feature
flag, since the necessary backend changes are not yet in place. A future
iteration will enable or remove the feature flag.
Other changes include:
- Explicitly pass the disabled prop to child fields, so they can hide the custom value message when disabled
- Relax the analyzer entity prop validator, since the description is nullable, and the template already handles this
Addresses #238602 (closed), part of &3635 (closed).
Draft
This marked Draft since it's based on and targets the branch of !41995 (merged). Once that's merged, the draft status can be removed, and this can be rebased onto be target master.
Screenshots
| Before | After (feature flag disabled; i.e., no change) | After (feature flag disabled; i.e., no change) | After (feature flag enabled) |
|---|---|---|---|
 |
 |
 |
 |
Expanded analyzers section
Video
Testing locally
This work is done behind the sast_configuration_ui_analyzers feature flag, because it relies on some backend work that's not yet merged at the time of writing:
So, there are two main ways to test this locally:
- With the branch as-is, with the feature flag disabled
- This should look and behave identically to current
master. This is more important to test than the other way!
- This should look and behave identically to current
- With the above MRs merged in to this branch, and the feature flag enabled
- This represents the
Afterscreenshots, and how the feature should behave once everything is merged intomasterand the feature flag is enabled or removed. - Since the necessary backend work to fully test this (with form submission including analyzers) isn't yet available, this can't really be done yet. An imminent MR to enable the feature flag by default (or remove it) would be a better place to test the full flow.
- This represents the
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines - [-] Merge request performance guidelines
-
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Mark Florian