Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
643582f6
Commit
643582f6
authored
Oct 22, 2021
by
Mehmet Emin INAC
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use `overridden_uuid` as primary lookup for the report finding
Changelog: fixed EE: true
parent
1ac8a9d1
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
27 additions
and
1 deletion
+27
-1
ee/app/finders/security/findings_finder.rb
ee/app/finders/security/findings_finder.rb
+3
-1
ee/spec/finders/security/findings_finder_spec.rb
ee/spec/finders/security/findings_finder_spec.rb
+24
-0
No files found.
ee/app/finders/security/findings_finder.rb
View file @
643582f6
...
...
@@ -74,7 +74,9 @@ module Security
end
def
report_finding_for
(
security_finding
)
report_findings
.
dig
(
security_finding
.
build
.
id
,
security_finding
.
uuid
)
lookup_uuid
=
security_finding
.
overridden_uuid
||
security_finding
.
uuid
report_findings
.
dig
(
security_finding
.
build
.
id
,
lookup_uuid
)
end
def
vulnerability_for
(
security_finding
)
...
...
ee/spec/finders/security/findings_finder_spec.rb
View file @
643582f6
...
...
@@ -338,6 +338,30 @@ RSpec.describe Security::FindingsFinder do
it
{
is_expected
.
to
match_array
(
expected_fingerprints
)
}
end
context
'when the `security_findings` records have `overridden_uuid`s'
do
let
(
:security_findings
)
{
Security
::
Finding
.
by_build_ids
(
build_1
)
}
let
(
:expected_fingerprints
)
do
%w[
4ae096451135db224b9e16818baaca8096896522
0bfcfbb70b15a7cecef9a1ea39df15ecfd88949f
157f362acf654c60e224400f59a088e1c01b369f
b9c0d1cdc7cb9c180ebb6981abbddc2df0172509
baf3e36cda35331daed7a3e80155533d552844fa
3204893d5894c74aaee86ce5bc28427f9f14e512
98366a28fa80b23a1dafe2b36e239a04909495c4
9a644ee1b89ac29d6175dc1170914f47b0531635
]
end
before
do
security_findings
.
each
do
|
security_finding
|
security_finding
.
update!
(
overridden_uuid:
security_finding
.
uuid
,
uuid:
SecureRandom
.
uuid
)
end
end
it
{
is_expected
.
to
match_array
(
expected_fingerprints
)
}
end
context
'when a build has more than one security report artifacts'
do
let
(
:report_types
)
{
:secret_detection
}
let
(
:secret_detection_report
)
{
create
(
:ci_reports_security_report
,
pipeline:
pipeline
,
type: :secret_detection
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment