Commit 477fe927 authored by Markus Koller's avatar Markus Koller

Merge branch 'move-security-jobs-finder-out-of-ee' into 'master'

Move Secure report download dependencies to FOSS

See merge request gitlab-org/gitlab!47095
parents b830907d a38ebd24
...@@ -42,11 +42,11 @@ Graphql/IDType: ...@@ -42,11 +42,11 @@ Graphql/IDType:
Graphql/ResolverType: Graphql/ResolverType:
Exclude: Exclude:
- 'app/graphql/resolvers/base_resolver.rb' - 'app/graphql/resolvers/base_resolver.rb'
- 'app/graphql/resolvers/ci/jobs_resolver.rb'
- 'app/graphql/resolvers/ci/pipeline_stages_resolver.rb' - 'app/graphql/resolvers/ci/pipeline_stages_resolver.rb'
- 'app/graphql/resolvers/error_tracking/sentry_error_stack_trace_resolver.rb' - 'app/graphql/resolvers/error_tracking/sentry_error_stack_trace_resolver.rb'
- 'app/graphql/resolvers/merge_requests_resolver.rb' - 'app/graphql/resolvers/merge_requests_resolver.rb'
- 'app/graphql/resolvers/users/group_count_resolver.rb' - 'app/graphql/resolvers/users/group_count_resolver.rb'
- 'ee/app/graphql/resolvers/ci/jobs_resolver.rb'
- 'ee/app/graphql/resolvers/geo/merge_request_diff_registries_resolver.rb' - 'ee/app/graphql/resolvers/geo/merge_request_diff_registries_resolver.rb'
- 'ee/app/graphql/resolvers/geo/package_file_registries_resolver.rb' - 'ee/app/graphql/resolvers/geo/package_file_registries_resolver.rb'
- 'ee/app/graphql/resolvers/geo/terraform_state_version_registries_resolver.rb' - 'ee/app/graphql/resolvers/geo/terraform_state_version_registries_resolver.rb'
......
...@@ -13,65 +13,87 @@ module Types ...@@ -13,65 +13,87 @@ module Types
field :id, GraphQL::ID_TYPE, null: false, field :id, GraphQL::ID_TYPE, null: false,
description: 'ID of the pipeline' description: 'ID of the pipeline'
field :iid, GraphQL::STRING_TYPE, null: false, field :iid, GraphQL::STRING_TYPE, null: false,
description: 'Internal ID of the pipeline' description: 'Internal ID of the pipeline'
field :sha, GraphQL::STRING_TYPE, null: false, field :sha, GraphQL::STRING_TYPE, null: false,
description: "SHA of the pipeline's commit" description: "SHA of the pipeline's commit"
field :before_sha, GraphQL::STRING_TYPE, null: true, field :before_sha, GraphQL::STRING_TYPE, null: true,
description: 'Base SHA of the source branch' description: 'Base SHA of the source branch'
field :status, PipelineStatusEnum, null: false, field :status, PipelineStatusEnum, null: false,
description: "Status of the pipeline (#{::Ci::Pipeline.all_state_names.compact.join(', ').upcase})" description: "Status of the pipeline (#{::Ci::Pipeline.all_state_names.compact.join(', ').upcase})"
field :detailed_status, Types::Ci::DetailedStatusType, null: false, field :detailed_status, Types::Ci::DetailedStatusType, null: false,
description: 'Detailed status of the pipeline', description: 'Detailed status of the pipeline',
resolve: -> (obj, _args, ctx) { obj.detailed_status(ctx[:current_user]) } resolve: -> (obj, _args, ctx) { obj.detailed_status(ctx[:current_user]) }
field :config_source, PipelineConfigSourceEnum, null: true, field :config_source, PipelineConfigSourceEnum, null: true,
description: "Config source of the pipeline (#{::Enums::Ci::Pipeline.config_sources.keys.join(', ').upcase})" description: "Config source of the pipeline (#{::Enums::Ci::Pipeline.config_sources.keys.join(', ').upcase})"
field :duration, GraphQL::INT_TYPE, null: true, field :duration, GraphQL::INT_TYPE, null: true,
description: 'Duration of the pipeline in seconds' description: 'Duration of the pipeline in seconds'
field :coverage, GraphQL::FLOAT_TYPE, null: true, field :coverage, GraphQL::FLOAT_TYPE, null: true,
description: 'Coverage percentage' description: 'Coverage percentage'
field :created_at, Types::TimeType, null: false, field :created_at, Types::TimeType, null: false,
description: "Timestamp of the pipeline's creation" description: "Timestamp of the pipeline's creation"
field :updated_at, Types::TimeType, null: false, field :updated_at, Types::TimeType, null: false,
description: "Timestamp of the pipeline's last activity" description: "Timestamp of the pipeline's last activity"
field :started_at, Types::TimeType, null: true, field :started_at, Types::TimeType, null: true,
description: 'Timestamp when the pipeline was started' description: 'Timestamp when the pipeline was started'
field :finished_at, Types::TimeType, null: true, field :finished_at, Types::TimeType, null: true,
description: "Timestamp of the pipeline's completion" description: "Timestamp of the pipeline's completion"
field :committed_at, Types::TimeType, null: true, field :committed_at, Types::TimeType, null: true,
description: "Timestamp of the pipeline's commit" description: "Timestamp of the pipeline's commit"
field :stages, Types::Ci::StageType.connection_type, null: true, field :stages, Types::Ci::StageType.connection_type, null: true,
description: 'Stages of the pipeline', description: 'Stages of the pipeline',
extras: [:lookahead], extras: [:lookahead],
resolver: Resolvers::Ci::PipelineStagesResolver resolver: Resolvers::Ci::PipelineStagesResolver
field :user, Types::UserType, null: true, field :user, Types::UserType, null: true,
description: 'Pipeline user', description: 'Pipeline user',
resolve: -> (pipeline, _args, _context) { Gitlab::Graphql::Loaders::BatchModelLoader.new(User, pipeline.user_id).find } resolve: -> (pipeline, _args, _context) { Gitlab::Graphql::Loaders::BatchModelLoader.new(User, pipeline.user_id).find }
field :retryable, GraphQL::BOOLEAN_TYPE, field :retryable, GraphQL::BOOLEAN_TYPE,
description: 'Specifies if a pipeline can be retried', description: 'Specifies if a pipeline can be retried',
method: :retryable?, method: :retryable?,
null: false null: false
field :cancelable, GraphQL::BOOLEAN_TYPE, field :cancelable, GraphQL::BOOLEAN_TYPE,
description: 'Specifies if a pipeline can be canceled', description: 'Specifies if a pipeline can be canceled',
method: :cancelable?, method: :cancelable?,
null: false null: false
field :jobs, field :jobs,
::Types::Ci::JobType.connection_type, ::Types::Ci::JobType.connection_type,
null: true, null: true,
description: 'Jobs belonging to the pipeline', description: 'Jobs belonging to the pipeline',
method: :statuses resolver: ::Resolvers::Ci::JobsResolver
field :source_job, Types::Ci::JobType, null: true, field :source_job, Types::Ci::JobType, null: true,
description: 'Job where pipeline was triggered from' description: 'Job where pipeline was triggered from'
field :downstream, Types::Ci::PipelineType.connection_type, null: true, field :downstream, Types::Ci::PipelineType.connection_type, null: true,
description: 'Pipelines this pipeline will trigger', description: 'Pipelines this pipeline will trigger',
method: :triggered_pipelines_with_preloads method: :triggered_pipelines_with_preloads
field :upstream, Types::Ci::PipelineType, null: true, field :upstream, Types::Ci::PipelineType, null: true,
description: 'Pipeline that triggered the pipeline', description: 'Pipeline that triggered the pipeline',
method: :triggered_by_pipeline method: :triggered_by_pipeline
field :path, GraphQL::STRING_TYPE, null: true, field :path, GraphQL::STRING_TYPE, null: true,
description: "Relative path to the pipeline's page", description: "Relative path to the pipeline's page",
resolve: -> (obj, _args, _ctx) { ::Gitlab::Routing.url_helpers.project_pipeline_path(obj.project, obj) } resolve: -> (obj, _args, _ctx) { ::Gitlab::Routing.url_helpers.project_pipeline_path(obj.project, obj) }
field :project, Types::ProjectType, null: true, field :project, Types::ProjectType, null: true,
description: 'Project the pipeline belongs to' description: 'Project the pipeline belongs to'
end end
......
---
title: Filter jobs by security report type in GraphQL
merge_request: 47095
author:
type: added
...@@ -13,12 +13,6 @@ module EE ...@@ -13,12 +13,6 @@ module EE
extras: [:lookahead], extras: [:lookahead],
description: 'Vulnerability and scanned resource counts for each security scanner of the pipeline', description: 'Vulnerability and scanned resource counts for each security scanner of the pipeline',
resolver: ::Resolvers::SecurityReportSummaryResolver resolver: ::Resolvers::SecurityReportSummaryResolver
field :jobs,
::Types::Ci::JobType.connection_type,
null: true,
description: 'Jobs belonging to the pipeline',
resolver: ::Resolvers::Ci::JobsResolver
end end
end end
end end
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Query.project(fullPath).pipelines' do
include GraphqlHelpers
let_it_be(:project) { create(:project, :repository, :public) }
let_it_be(:first_user) { create(:user) }
let_it_be(:second_user) { create(:user) }
describe '.jobs' do
let_it_be(:query) do
%(
query {
project(fullPath: "#{project.full_path}") {
pipelines {
nodes {
jobs {
nodes {
name
}
}
}
}
}
}
)
end
it 'fetches the jobs without an N+1' do
pipeline = create(:ci_pipeline, project: project)
create(:ci_build, pipeline: pipeline, name: 'Job 1')
control_count = ActiveRecord::QueryRecorder.new do
post_graphql(query, current_user: first_user)
end
pipeline = create(:ci_pipeline, project: project)
create(:ci_build, pipeline: pipeline, name: 'Job 2')
expect do
post_graphql(query, current_user: second_user)
end.not_to exceed_query_limit(control_count)
expect(response).to have_gitlab_http_status(:ok)
pipelines_data = graphql_data.dig('project', 'pipelines', 'nodes')
job_names = pipelines_data.map do |pipeline_data|
jobs_data = pipeline_data.dig('jobs', 'nodes')
jobs_data.map { |job_data| job_data['name'] }
end.flatten
expect(job_names).to contain_exactly('Job 1', 'Job 2')
end
end
describe '.jobs(securityReportTypes)' do
let_it_be(:query) do
%(
query {
project(fullPath: "#{project.full_path}") {
pipelines {
nodes {
jobs(securityReportTypes: [SAST]) {
nodes {
name
}
}
}
}
}
}
)
end
it 'fetches the jobs matching the report type filter' do
pipeline = create(:ci_pipeline, project: project)
create(:ci_build, :dast, name: 'DAST Job 1', pipeline: pipeline)
create(:ci_build, :sast, name: 'SAST Job 1', pipeline: pipeline)
post_graphql(query, current_user: first_user)
expect(response).to have_gitlab_http_status(:ok)
pipelines_data = graphql_data.dig('project', 'pipelines', 'nodes')
job_names = pipelines_data.map do |pipeline_data|
jobs_data = pipeline_data.dig('jobs', 'nodes')
jobs_data.map { |job_data| job_data['name'] }
end.flatten
expect(job_names).to contain_exactly('SAST Job 1')
end
end
end
...@@ -56,6 +56,45 @@ RSpec.describe 'Query.project(fullPath).pipelines' do ...@@ -56,6 +56,45 @@ RSpec.describe 'Query.project(fullPath).pipelines' do
end end
end end
describe '.jobs(securityReportTypes)' do
let_it_be(:query) do
%(
query {
project(fullPath: "#{project.full_path}") {
pipelines {
nodes {
jobs(securityReportTypes: [SAST]) {
nodes {
name
}
}
}
}
}
}
)
end
it 'fetches the jobs matching the report type filter' do
pipeline = create(:ci_pipeline, project: project)
create(:ci_build, :dast, name: 'DAST Job 1', pipeline: pipeline)
create(:ci_build, :sast, name: 'SAST Job 1', pipeline: pipeline)
post_graphql(query, current_user: first_user)
expect(response).to have_gitlab_http_status(:ok)
pipelines_data = graphql_data.dig('project', 'pipelines', 'nodes')
job_names = pipelines_data.map do |pipeline_data|
jobs_data = pipeline_data.dig('jobs', 'nodes')
jobs_data.map { |job_data| job_data['name'] }
end.flatten
expect(job_names).to contain_exactly('SAST Job 1')
end
end
describe 'upstream' do describe 'upstream' do
let_it_be(:pipeline) { create(:ci_pipeline, project: project, user: first_user) } let_it_be(:pipeline) { create(:ci_pipeline, project: project, user: first_user) }
let_it_be(:upstream_project) { create(:project, :repository, :public) } let_it_be(:upstream_project) { create(:project, :repository, :public) }
...@@ -176,8 +215,6 @@ RSpec.describe 'Query.project(fullPath).pipelines' do ...@@ -176,8 +215,6 @@ RSpec.describe 'Query.project(fullPath).pipelines' do
expect do expect do
post_graphql(query, current_user: second_user) post_graphql(query, current_user: second_user)
end.not_to exceed_query_limit(control_count) end.not_to exceed_query_limit(control_count)
expect(response).to have_gitlab_http_status(:ok)
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment