Commit 07eaa105 authored by Nick Thomas's avatar Nick Thomas

Merge branch '35860-notify-user-when-a-vulnerability-is-resolved' into 'master'

Add #resolved_on_default_branch to Vulnerability

See merge request gitlab-org/gitlab!26906
parents 056b69fd cb21c323
...@@ -60,6 +60,8 @@ class Vulnerability < ApplicationRecord ...@@ -60,6 +60,8 @@ class Vulnerability < ApplicationRecord
scope :with_severities, -> (severities) { where(severity: severities) } scope :with_severities, -> (severities) { where(severity: severities) }
scope :with_states, -> (states) { where(state: states) } scope :with_states, -> (states) { where(state: states) }
delegate :default_branch, to: :project, prefix: :project
# There will only be one finding associated with a vulnerability for the foreseeable future # There will only be one finding associated with a vulnerability for the foreseeable future
def finding def finding
findings.first findings.first
...@@ -70,4 +72,12 @@ class Vulnerability < ApplicationRecord ...@@ -70,4 +72,12 @@ class Vulnerability < ApplicationRecord
def self.parent_class def self.parent_class
::Project ::Project
end end
def resolved_on_default_branch
return false unless findings.any?
latest_successful_pipeline_for_default_branch = project.latest_successful_pipeline_for_default_branch
latest_pipeline_with_vulnerability = finding.pipelines.order(created_at: :desc).first
latest_pipeline_with_vulnerability != latest_successful_pipeline_for_default_branch
end
end end
---
title: 'Add #resolved_on_default_branch to Vulnerability'
merge_request: 26906
author:
type: added
...@@ -16,6 +16,8 @@ module EE ...@@ -16,6 +16,8 @@ module EE
expose :project, using: ::API::Entities::ProjectIdentity expose :project, using: ::API::Entities::ProjectIdentity
expose :finding expose :finding
expose :resolved_on_default_branch
expose :project_default_branch
expose :author_id expose :author_id
expose :updated_by_id expose :updated_by_id
......
...@@ -171,4 +171,37 @@ describe Vulnerability do ...@@ -171,4 +171,37 @@ describe Vulnerability do
it { is_expected.to eq(finding.scanner_name) } it { is_expected.to eq(finding.scanner_name) }
end end
describe '#project_default_branch' do
let_it_be(:project) { create(:project, :repository, :with_vulnerabilities) }
let_it_be(:vulnerability) { project.vulnerabilities.first }
subject { vulnerability.project_default_branch }
it { is_expected.to eq("master") }
end
describe '#resolved_on_default_branch' do
let_it_be(:project) { create(:project, :repository, :with_vulnerabilities) }
let_it_be(:pipeline_with_vulnerability) { create(:ci_pipeline, :success, project: project, sha: project.commit.id) }
let_it_be(:vulnerability) { project.vulnerabilities.first }
let_it_be(:finding1) { create(:vulnerabilities_occurrence, vulnerability: vulnerability, pipelines: [pipeline_with_vulnerability]) }
let_it_be(:finding2) { create(:vulnerabilities_occurrence, vulnerability: vulnerability, pipelines: [pipeline_with_vulnerability]) }
subject { vulnerability.resolved_on_default_branch }
context 'Vulnerability::Occurrence is present on the pipeline for default branch' do
it { is_expected.to eq(false) }
end
context 'Vulnerability::Occurrence is not present on the pipeline for default branch' do
before do
project.instance_variable_set(:@latest_successful_pipeline_for_default_branch, pipeline_without_vulnerability)
end
let_it_be(:pipeline_without_vulnerability) { create(:ci_pipeline, :success, project: project, sha: project.commit.id) }
it { is_expected.to eq(true) }
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment