Create edit compliance framework page
What does this MR do?
This MR creates a new page to allow users to edit custom compliance frameworks in a group. This page contains the HTML and JS needed to show the associated Vue form. The form itself handles the rendering, errors and submissions processes.
It also adds the edit framework icon button to the compliance frameworks listing in the groups general settings so users can get to the page.
These changes are behind the feature flag :ff_custom_compliance_frameworks. While the rendering of the pipeline configuration field is behind the feature flag :evaluate_group_level_compliance_pipeline.
Screenshots (strongly suggested)
Note: There are some known UX issues for this feature that are being addressed in a separate issue:
- On successful form submission, the form shouldn't be reshown
- The success banner on framework deletion is marked as dismissable but doesn't actually dismiss
Note 2: There is a known inputting values bug with the pipeline configuration input which will be addressed in a separate MR
Both these issues will be addressed before this feature flag is defaulted to on and way before the feature flag is removed entirely
| Video |
|---|
| Screen_Recording_2021-02-25_at_09.57.29 |
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
- Enable the feature flag
Feature.enable(:ff_custom_compliance_frameworks)and make sure you are at least on GitLab Premium - Go to
[GDK_HOST]/groups/gitlab-org/-/edit#js-compliance-frameworks-settings - Click the
Add frameworkbutton and add a framework if you don't have one already - Click the edit icon and confirm the form submits successfully
To test the pipeline configuration, you will need to enable the feature flag Feature.enable(:evaluate_group_level_compliance_pipeline) and make sure you are on GitLab Ultimate. This field should be optional.
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec - [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related to #287846 (closed)