Add missing paths to EE environment serializer

ee/app/serializers/ee/environment_entity.rb

@@ -8,7 +8,11 @@ module EE
         logs_project_environment_path(environment.project, environment)
       end
 
-      expose :secure_artifacts do
+      expose :security_reports do
+        expose :has_security_reports do |environment|
+          has_security_reports?
+        end
+
         expose :sast_path, if: -> (*) { environment.last_pipeline&.expose_sast_data? } do |environment|
           raw_project_build_artifacts_url(environment.project,
                                           environment.last_pipeline.sast_artifact,
@@ -32,6 +36,14 @@ module EE
                                           environment.last_pipeline.container_scanning_artifact,
                                           path: Ci::Build::CONTAINER_SCANNING_FILE)
         end
+
+        expose :vulnerability_feedback_path, if: -> (*) { has_security_reports? } do |environment|
+          project_vulnerability_feedback_index_path(environment.project)
+        end
+
+        expose :pipeline_security_path, if: -> (*) { has_security_reports? } do |environment|
+          security_project_pipeline_path(environment.project, environment.last_pipeline)
+        end
       end
     end
 
@@ -40,5 +52,9 @@ module EE
     def can_read_pod_logs?
       can?(current_user, :read_pod_logs, environment.project)
     end
+
+    def has_security_reports?
+      environment.last_pipeline&.expose_security_dashboard? || false
+    end
   end
 end

ee/spec/fixtures/api/schemas/environment.json

@@ -9,7 +9,7 @@
         "environment_path",
         "created_at",
         "updated_at",
-        "secure_artifacts"
+        "security_reports"
     ],
     "properties": {
         "id": {
@@ -70,20 +70,29 @@
         "can_stop": {
             "type": "boolean"
         },
-        "secure_artifacts": {
+        "security_reports": {
             "type": "object",
             "additionalProperties": false,
             "properties": {
-                "sast": {
-                    "type": "integer"
+                "has_security_reports": {
+                    "type": "boolean"
+                },
+                "sast_path": {
+                    "type": "string"
+                },
+                "dast_path": {
+                    "type": "string"
+                },
+                "container_scanning_path": {
+                    "type": "string"
                 },
-                "dast": {
+                "dependency_scanning_path": {
                     "type": "string"
                 },
-                "container_scanning": {
+                "vulnerability_feedback_path": {
                     "type": "string"
                 },
-                "dependency_scanning": {
+                "pipeline_security_path": {
                     "type": "string"
                 }
             }

ee/spec/serializers/ee/environment_entity_spec.rb

@@ -33,13 +33,15 @@ describe EnvironmentEntity do
     it_behaves_like 'protected environments access', false
   end
 
-  describe 'secure_artifacts hash' do
+  describe 'security_reports hash' do
     it 'is present' do
-      expect(entity.as_json.include?(:secure_artifacts)).to eq(true)
+      expect(entity.as_json.include?(:security_reports)).to eq(true)
     end
 
-    it 'is empty' do
-      expect(entity.as_json[:secure_artifacts].size).to eq(0)
+    it 'value :has_security_reports is false' do
+      expect(entity.as_json[:security_reports].size).to eq(1)
+      expect(entity.as_json[:security_reports]).to include(:has_security_reports)
+      expect(entity.as_json[:security_reports][:has_security_reports]).to eq(false)
     end
   end
 
@@ -48,10 +50,10 @@ describe EnvironmentEntity do
     let(:deployable) { create(:ci_build, :success, pipeline: pipeline) }
 
     jobs_parameters = [
-        { name: 'sast', filename: 'gl-sast-report.json' },
-        { name: 'dast', filename: 'gl-dast-report.json' },
-        { name: 'container_scanning', filename: 'gl-container-scanning-report.json' },
-        { name: 'dependency_scanning', filename: 'gl-dependency-scanning-report.json' }
+      { name: 'sast', filename: Ci::Build::SAST_FILE },
+      { name: 'dast', filename: Ci::Build::DAST_FILE },
+      { name: 'container_scanning', filename: Ci::Build::CONTAINER_SCANNING_FILE },
+      { name: 'dependency_scanning', filename: Ci::Build::DEPENDENCY_SCANNING_FILE }
     ]
 
     before do
@@ -73,23 +75,34 @@ describe EnvironmentEntity do
               }
             }))
       end
+
+      allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
     end
 
-    describe 'secure_artifacts hash' do
+    describe 'security_reports hash' do
       it 'contains the reports' do
-        allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
+        expect(entity.as_json[:security_reports]).to include(:sast_path)
+        expect(entity.as_json[:security_reports]).to include(:dast_path)
+        expect(entity.as_json[:security_reports]).to include(:container_scanning_path)
+        expect(entity.as_json[:security_reports]).to include(:dependency_scanning_path)
+
+        expect(entity.as_json[:security_reports][:sast_path]).to end_with(Ci::Build::SAST_FILE)
+        expect(entity.as_json[:security_reports][:dast_path]).to end_with(Ci::Build::DAST_FILE)
+        expect(entity.as_json[:security_reports][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
+        expect(entity.as_json[:security_reports][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
+      end
 
-        expect(entity.as_json[:secure_artifacts].size).to eq(4)
+      it 'value :has_security_reports is true' do
+        expect(entity.as_json[:security_reports]).to include(:has_security_reports)
+        expect(entity.as_json[:security_reports][:has_security_reports]).to eq(true)
+      end
 
-        expect(entity.as_json[:secure_artifacts]).to include(:sast_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:dast_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:container_scanning_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:dependency_scanning_path)
+      it 'contains link to latest pipeline' do
+        expect(entity.as_json[:security_reports]).to include(:pipeline_security_path)
+      end
 
-        expect(entity.as_json[:secure_artifacts][:sast_path]).to end_with(Ci::Build::SAST_FILE)
-        expect(entity.as_json[:secure_artifacts][:dast_path]).to end_with(Ci::Build::DAST_FILE)
-        expect(entity.as_json[:secure_artifacts][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
-        expect(entity.as_json[:secure_artifacts][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
+      it 'contains link to vulnerability feedback' do
+        expect(entity.as_json[:security_reports]).to include(:vulnerability_feedback_path)
       end
     end
   end