Dependency Scanning - MVC to enable within the UI - Backend

release notes gitlab-com/www-gitlab-com!85841 (merged)

frontend part #282533 (comment 448413910)

Why are we doing this work

We need to add an Enable button on the Dependency Scanning row within the Security Configuration page. When clicked, the backend will create an MR and the user will be directed to the MR page.

We're going to create a GraphQL endpoint that will create a Merge Request for enabling ~"Category:Dependency Scanning" by updating gitlab_ci.yml. This feature is already enabled for SAST so we can reuse some code.

Relevant links

• Frotend Issue -->

Non-functional requirements

• [-] Documentation: is a part of frontend
• Feature flag: name will be discussed with frontend counterpart. We need to add feature flag to mutation.
• Testing: unit tests for service and mutation, test in graphql console

Implementation plan

• Create GraphQL mutation ::Mutations::Security::CiConfiguration::ConfigureDependencyScanning (similar to ConfigureSast)
• To reuse parts of ConfigureSast extract them into a base mutation ConfigureSecurityAnalyzer
  • Created separate issue Remove duplication from Security::CiConfiguration GraphQL mutations to handle this
    • !65965 (merged)
• Create Security::CiConfiguration::DependencyScanningCreateService based on Security::CiConfiguration::BaseCreateService
• Create Security::CiConfiguration::DependencyScanningBuildAction based on Security::CiConfiguration::BaseBuildAction
• Check that all new entities have test coverage and there are no regressions.
• Remove configure_dependency_scanning from the list of known invalid queries in config/known_invalid_graphql_queries.yml
  • !66041 (merged)

Availability and Testing

SET to update existing E2E tests, or create a new E2E test to test that when selected the gitlab-ci is updated. gitlab-org/quality/testcases#1666 (closed)