Commit 5cc6ecfd authored by Jan Provaznik's avatar Jan Provaznik

Merge branch '284108-refactor-dependency-scanning-mutation' into 'master'

Add ConfigureSecurityAnalyzer superclass [RUN AS-IF-FOSS]

See merge request gitlab-org/gitlab!65965
parents 80bea93f 8bc0ef86
# frozen_string_literal: true
module Mutations
module Security
module CiConfiguration
class BaseSecurityAnalyzer < BaseMutation
include FindsProject
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:, **args)
project = authorized_find!(project_path)
result = configure_analyzer(project, **args)
prepare_response(result)
end
private
def configure_analyzer(project, **args)
raise NotImplementedError
end
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
end
end
end
end
end
......@@ -3,9 +3,7 @@
module Mutations
module Security
module CiConfiguration
class ConfigureSast < BaseMutation
include FindsProject
class ConfigureSast < BaseSecurityAnalyzer
graphql_name 'ConfigureSast'
description <<~DESC
Configure SAST for a project by enabling SAST in a new or modified
......@@ -13,37 +11,12 @@ module Mutations
create a Merge Request are a part of the response.
DESC
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
argument :configuration, ::Types::CiConfiguration::Sast::InputType,
required: true,
description: 'SAST CI configuration for the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:, configuration:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::SastCreateService.new(project, current_user, configuration).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
def configure_analyzer(project, **args)
::Security::CiConfiguration::SastCreateService.new(project, current_user, args[:configuration]).execute
end
end
end
......
......@@ -3,9 +3,7 @@
module Mutations
module Security
module CiConfiguration
class ConfigureSecretDetection < BaseMutation
include FindsProject
class ConfigureSecretDetection < BaseSecurityAnalyzer
graphql_name 'ConfigureSecretDetection'
description <<~DESC
Configure Secret Detection for a project by enabling Secret Detection
......@@ -14,33 +12,8 @@ module Mutations
response.
DESC
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::SecretDetectionCreateService.new(project, current_user).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
def configure_analyzer(project, **_args)
::Security::CiConfiguration::SecretDetectionCreateService.new(project, current_user).execute
end
end
end
......
......@@ -3,9 +3,7 @@
module Mutations
module Security
module CiConfiguration
class ConfigureDependencyScanning < BaseMutation
include FindsProject
class ConfigureDependencyScanning < BaseSecurityAnalyzer
graphql_name 'ConfigureDependencyScanning'
description <<~DESC
Configure Dependency Scanning for a project by enabling Dependency Scanning in a new or modified
......@@ -13,33 +11,8 @@ module Mutations
create a Merge Request are a part of the response.
DESC
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::DependencyScanningCreateService.new(project, current_user).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
def configure_analyzer(project, **_args)
::Security::CiConfiguration::DependencyScanningCreateService.new(project, current_user).execute
end
end
end
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Mutations::Security::CiConfiguration::BaseSecurityAnalyzer do
include GraphqlHelpers
it 'raises a NotImplementedError error if the resolve method is called on the base class' do
user = create(:user)
project = create(:project, :public, :repository)
project.add_developer(user)
expect { resolve(described_class, args: { project_path: project.full_path }, ctx: { current_user: user }) }.to raise_error(NotImplementedError)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment