Merge branch 'nicolasdular/record-sast-onboardin-progress' into 'master'

Record onboarding action for SAST See merge request gitlab-org/gitlab!52328

Merge branch 'nicolasdular/record-sast-onboardin-progress' into 'master'
Record onboarding action for SAST See merge request gitlab-org/gitlab!52328
25eb8288 · Matthias Käppler · 120c7235 · 9c52b084 · 25eb8288 · 25eb8288
Commit 25eb8288 authored Jan 28, 2021 by Matthias Käppler
Showing with 28 additions and 3 deletions

ee/app/workers/security/store_scans_worker.rb ee/app/workers/security/store_scans_worker.rb +11 -0

ee/spec/workers/security/store_scans_worker_spec.rb ee/spec/workers/security/store_scans_worker_spec.rb +17 -3

No files found.
--- a/ee/app/workers/security/store_scans_worker.rb
+++ b/ee/app/workers/security/store_scans_worker.rb
@@ -10,8 +10,19 @@ module Security
      ::Ci::Pipeline.find_by(id: pipeline_id).try do |pipeline|
        break unless pipeline.can_store_security_reports?
+        record_onboarding_progress(pipeline)
        Security::StoreScansService.execute(pipeline)
      end
    end
+    private
+    def record_onboarding_progress(pipeline)
+      # We only record SAST scans since it's a Free feature and available to all users
+      return unless pipeline.security_scans.sast.any?
+      OnboardingProgressService.new(pipeline.project.namespace).execute(action: :security_scan_enabled)
+    end
  end
 end
--- a/ee/spec/workers/security/store_scans_worker_spec.rb
+++ b/ee/spec/workers/security/store_scans_worker_spec.rb
@@ -4,11 +4,11 @@ require 'spec_helper'
 RSpec.describe Security::StoreScansWorker do
  let_it_be(:sast_scan) { create(:security_scan, scan_type: :sast) }
-  let_it_be(:sast_pipeline) { sast_scan.pipeline }
+  let_it_be(:pipeline) { sast_scan.pipeline }
-  let_it_be(:sast_build) { sast_pipeline.security_scans.sast.last&.build }
+  let_it_be(:sast_build) { pipeline.security_scans.sast.last&.build }
  describe '#perform' do
-    subject(:run_worker) { described_class.new.perform(sast_pipeline.id) }
+    subject(:run_worker) { described_class.new.perform(pipeline.id) }
    before do
      allow(Security::StoreScansService).to receive(:execute)
@@ -25,6 +25,8 @@ RSpec.describe Security::StoreScansWorker do
        expect(Security::StoreScansService).not_to have_received(:execute)
      end
+      it_behaves_like 'does not record an onboarding progress action'
    end
    context 'when security reports can be stored for the pipeline' do
@@ -35,6 +37,18 @@ RSpec.describe Security::StoreScansWorker do
        expect(Security::StoreScansService).to have_received(:execute)
      end
+      it_behaves_like 'records an onboarding progress action', :security_scan_enabled do
+        let(:namespace) { pipeline.project.namespace }
+      end
+      context 'dast scan' do
+        let_it_be(:dast_scan) { create(:security_scan, scan_type: :dast) }
+        let_it_be(:pipeline) { dast_scan.pipeline }
+        let_it_be(:dast_build) { pipeline.security_scans.dast.last&.build }
+        it_behaves_like 'does not record an onboarding progress action'
+      end
    end
  end
 end