DAST Saved Scans - On-demand scans form - Add fields
What does this MR do?
This adjusts the On-demand scans form to match saved scans requirements:
- Added a
name
field. - Added a
description
field. - The
Run scan
button has been renamed toSave and run scan
. - A new
Save scan
button has been added.
Those changes are feature-flagged and are currently non-functional while the backend is being worked on.
How to test this?
- Enable the feature flag:
echo "Feature.enable(:dast_saved_scans)" | rails c
- Mock the API by applying the following patch:
diff --git a/ee/app/assets/javascripts/on_demand_scans/graphql/dast_scan_create.mutation.graphql b/ee/app/assets/javascripts/on_demand_scans/graphql/dast_scan_create.mutation.graphql
index f7c664d275a..8d50dcdb55c 100644
--- a/ee/app/assets/javascripts/on_demand_scans/graphql/dast_scan_create.mutation.graphql
+++ b/ee/app/assets/javascripts/on_demand_scans/graphql/dast_scan_create.mutation.graphql
@@ -15,7 +15,7 @@ mutation dastScanCreate(
dastScannerProfileID: $dastScannerProfileID
runAfterCreate: $runAfterCreate
}
- ) {
+ ) @client {
dastScan {
editPath
}
diff --git a/ee/app/assets/javascripts/on_demand_scans/graphql/provider.js b/ee/app/assets/javascripts/on_demand_scans/graphql/provider.js
index ef96b443da8..15727d089c5 100644
--- a/ee/app/assets/javascripts/on_demand_scans/graphql/provider.js
+++ b/ee/app/assets/javascripts/on_demand_scans/graphql/provider.js
@@ -4,6 +4,20 @@ import createDefaultClient from '~/lib/graphql';
Vue.use(VueApollo);
+const resolvers = {
+ Mutation: {
+ dastScanCreate: () => {
+ return {
+ dastScan: {
+ editPath: '/your/scan/edit/page',
+ },
+ pipelineUrl: '/your/dast/pipeline',
+ errors: [],
+ };
+ },
+ },
+};
+
export default new VueApollo({
- defaultClient: createDefaultClient(),
+ defaultClient: createDefaultClient(resolvers),
});
- Browse to the new DAST scan page at
/:namespace/:project/-/on_demand_scans/new
. - Fill-in the form and click on
Save and run scan
, you should be redirected to/your/dast/pipeline
(path mocked in the patch above). - Go back to the form, fill it again and click on
Save scan
, you should be redirected to/your/scan/edit/page
(also mocked in the patch).
Screenshots (strongly suggested)
Before | After |
---|---|
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry (behind a feature flag)
-
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Related to #295241 (closed)
Edited by Paul Gascou-Vaillancourt