Commit 4c05bcaf authored by Bob Van Landuyt's avatar Bob Van Landuyt

Merge branch...

Merge branch '353125-feature-flag-enable-display-of-security-report-validation-warnings' into 'master'

Remove show_report_validation_warnings feature flag

See merge request gitlab-org/gitlab!82405
parents c7800342 f2ced743
---
name: show_report_validation_warnings
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80930
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353125
milestone: '14.9'
type: development
group: group::threat insights
default_enabled: true
...@@ -43,26 +43,25 @@ module Gitlab ...@@ -43,26 +43,25 @@ module Gitlab
attr_reader :json_data, :report, :validate attr_reader :json_data, :report, :validate
def valid? def valid?
if Feature.enabled?(:show_report_validation_warnings, default_enabled: :yaml) # We want validation to happen regardless of VALIDATE_SCHEMA
# We want validation to happen regardless of VALIDATE_SCHEMA CI variable # CI variable.
schema_validation_passed = schema_validator.valid? #
# Previously it controlled BOTH validation and enforcement of
if validate # schema validation result.
schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed #
# After 15.0 we will enforce schema validation by default
schema_validation_passed # See: https://gitlab.com/groups/gitlab-org/-/epics/6968
else schema_validation_passed = schema_validator.valid?
# We treat all schema validation errors as warnings
schema_validator.errors.each { |error| report.add_warning('Schema', error) } if validate
schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed
true
end schema_validation_passed
else else
return true if !validate || schema_validator.valid? # We treat all schema validation errors as warnings
schema_validator.errors.each { |error| report.add_warning('Schema', error) }
schema_validator.errors.each { |error| report.add_error('Schema', error) }
false true
end end
end end
......
...@@ -38,172 +38,102 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do ...@@ -38,172 +38,102 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do
allow(validator_class).to receive(:new).and_call_original allow(validator_class).to receive(:new).and_call_original
end end
context 'when show_report_validation_warnings is enabled' do context 'when the validate flag is set to `false`' do
before do let(:validate) { false }
stub_feature_flags(show_report_validation_warnings: true) let(:valid?) { false }
end let(:errors) { ['foo'] }
context 'when the validate flag is set to `false`' do
let(:validate) { false }
let(:valid?) { false }
let(:errors) { ['foo'] }
before do
allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(errors)
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true)
end
it 'instantiates the validator with correct params' do
parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
end
context 'when the report data is not valid according to the schema' do
it 'adds warnings to the report' do
expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }])
end
it 'keeps the execution flow as normal' do before do
parse_report allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
expect(parser).to have_received(:create_scanner) allow(instance).to receive(:errors).and_return(errors)
expect(parser).to have_received(:create_scan)
end
end end
context 'when the report data is valid according to the schema' do allow(parser).to receive_messages(create_scanner: true, create_scan: true)
let(:valid?) { true }
let(:errors) { [] }
it 'does not add warnings to the report' do
expect { parse_report }.not_to change { report.errors }
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan)
end
end
end end
context 'when the validate flag is set to `true`' do it 'instantiates the validator with correct params' do
let(:validate) { true } parse_report
let(:valid?) { false }
let(:errors) { ['foo'] }
before do expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
allow_next_instance_of(validator_class) do |instance| end
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(errors)
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true) context 'when the report data is not valid according to the schema' do
it 'adds warnings to the report' do
expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }])
end end
it 'instantiates the validator with correct params' do it 'keeps the execution flow as normal' do
parse_report parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan)
end end
end
context 'when the report data is not valid according to the schema' do context 'when the report data is valid according to the schema' do
it 'adds errors to the report' do let(:valid?) { true }
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) let(:errors) { [] }
end
it 'does not try to create report entities' do
parse_report
expect(parser).not_to have_received(:create_scanner) it 'does not add warnings to the report' do
expect(parser).not_to have_received(:create_scan) expect { parse_report }.not_to change { report.errors }
end
end end
context 'when the report data is valid according to the schema' do it 'keeps the execution flow as normal' do
let(:valid?) { true } parse_report
let(:errors) { [] }
it 'does not add errors to the report' do
expect { parse_report }.not_to change { report.errors }.from([])
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan) expect(parser).to have_received(:create_scan)
end
end end
end end
end end
context 'when show_report_validation_warnings is disabled' do context 'when the validate flag is set to `true`' do
before do let(:validate) { true }
stub_feature_flags(show_report_validation_warnings: false) let(:valid?) { false }
end let(:errors) { ['foo'] }
context 'when the validate flag is set as `false`' do
let(:validate) { false }
it 'does not run the validation logic' do before do
parse_report allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
expect(validator_class).not_to have_received(:new) allow(instance).to receive(:errors).and_return(errors)
end end
allow(parser).to receive_messages(create_scanner: true, create_scan: true)
end end
context 'when the validate flag is set as `true`' do it 'instantiates the validator with correct params' do
let(:validate) { true } parse_report
let(:valid?) { false }
before do expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
allow_next_instance_of(validator_class) do |instance| end
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(['foo'])
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true) context 'when the report data is not valid according to the schema' do
it 'adds errors to the report' do
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }])
end end
it 'instantiates the validator with correct params' do it 'does not try to create report entities' do
parse_report parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version) expect(parser).not_to have_received(:create_scanner)
expect(parser).not_to have_received(:create_scan)
end end
end
context 'when the report data is not valid according to the schema' do context 'when the report data is valid according to the schema' do
it 'adds errors to the report' do let(:valid?) { true }
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) let(:errors) { [] }
end
it 'does not try to create report entities' do
parse_report
expect(parser).not_to have_received(:create_scanner) it 'does not add errors to the report' do
expect(parser).not_to have_received(:create_scan) expect { parse_report }.not_to change { report.errors }.from([])
end
end end
context 'when the report data is valid according to the schema' do it 'keeps the execution flow as normal' do
let(:valid?) { true } parse_report
it 'does not add errors to the report' do
expect { parse_report }.not_to change { report.errors }.from([])
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan) expect(parser).to have_received(:create_scan)
end
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment