Commit 6af21fa9 authored by Lukas Eipert's avatar Lukas Eipert Committed by Dmitriy Zaporozhets

Add missing paths to EE environment serializer

parent 766514a8
......@@ -8,7 +8,11 @@ module EE
logs_project_environment_path(environment.project, environment)
end
expose :secure_artifacts do
expose :security_reports do
expose :has_security_reports do |environment|
has_security_reports?
end
expose :sast_path, if: -> (*) { environment.last_pipeline&.expose_sast_data? } do |environment|
raw_project_build_artifacts_url(environment.project,
environment.last_pipeline.sast_artifact,
......@@ -32,6 +36,14 @@ module EE
environment.last_pipeline.container_scanning_artifact,
path: Ci::Build::CONTAINER_SCANNING_FILE)
end
expose :vulnerability_feedback_path, if: -> (*) { has_security_reports? } do |environment|
project_vulnerability_feedback_index_path(environment.project)
end
expose :pipeline_security_path, if: -> (*) { has_security_reports? } do |environment|
security_project_pipeline_path(environment.project, environment.last_pipeline)
end
end
end
......@@ -40,5 +52,9 @@ module EE
def can_read_pod_logs?
can?(current_user, :read_pod_logs, environment.project)
end
def has_security_reports?
environment.last_pipeline&.expose_security_dashboard? || false
end
end
end
......@@ -9,7 +9,7 @@
"environment_path",
"created_at",
"updated_at",
"secure_artifacts"
"security_reports"
],
"properties": {
"id": {
......@@ -70,20 +70,29 @@
"can_stop": {
"type": "boolean"
},
"secure_artifacts": {
"security_reports": {
"type": "object",
"additionalProperties": false,
"properties": {
"sast": {
"type": "integer"
"has_security_reports": {
"type": "boolean"
},
"sast_path": {
"type": "string"
},
"dast_path": {
"type": "string"
},
"container_scanning_path": {
"type": "string"
},
"dast": {
"dependency_scanning_path": {
"type": "string"
},
"container_scanning": {
"vulnerability_feedback_path": {
"type": "string"
},
"dependency_scanning": {
"pipeline_security_path": {
"type": "string"
}
}
......
......@@ -33,13 +33,15 @@ describe EnvironmentEntity do
it_behaves_like 'protected environments access', false
end
describe 'secure_artifacts hash' do
describe 'security_reports hash' do
it 'is present' do
expect(entity.as_json.include?(:secure_artifacts)).to eq(true)
expect(entity.as_json.include?(:security_reports)).to eq(true)
end
it 'is empty' do
expect(entity.as_json[:secure_artifacts].size).to eq(0)
it 'value :has_security_reports is false' do
expect(entity.as_json[:security_reports].size).to eq(1)
expect(entity.as_json[:security_reports]).to include(:has_security_reports)
expect(entity.as_json[:security_reports][:has_security_reports]).to eq(false)
end
end
......@@ -48,10 +50,10 @@ describe EnvironmentEntity do
let(:deployable) { create(:ci_build, :success, pipeline: pipeline) }
jobs_parameters = [
{ name: 'sast', filename: 'gl-sast-report.json' },
{ name: 'dast', filename: 'gl-dast-report.json' },
{ name: 'container_scanning', filename: 'gl-container-scanning-report.json' },
{ name: 'dependency_scanning', filename: 'gl-dependency-scanning-report.json' }
{ name: 'sast', filename: Ci::Build::SAST_FILE },
{ name: 'dast', filename: Ci::Build::DAST_FILE },
{ name: 'container_scanning', filename: Ci::Build::CONTAINER_SCANNING_FILE },
{ name: 'dependency_scanning', filename: Ci::Build::DEPENDENCY_SCANNING_FILE }
]
before do
......@@ -73,23 +75,34 @@ describe EnvironmentEntity do
}
}))
end
allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
end
describe 'secure_artifacts hash' do
describe 'security_reports hash' do
it 'contains the reports' do
allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
expect(entity.as_json[:security_reports]).to include(:sast_path)
expect(entity.as_json[:security_reports]).to include(:dast_path)
expect(entity.as_json[:security_reports]).to include(:container_scanning_path)
expect(entity.as_json[:security_reports]).to include(:dependency_scanning_path)
expect(entity.as_json[:security_reports][:sast_path]).to end_with(Ci::Build::SAST_FILE)
expect(entity.as_json[:security_reports][:dast_path]).to end_with(Ci::Build::DAST_FILE)
expect(entity.as_json[:security_reports][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
expect(entity.as_json[:security_reports][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
end
expect(entity.as_json[:secure_artifacts].size).to eq(4)
it 'value :has_security_reports is true' do
expect(entity.as_json[:security_reports]).to include(:has_security_reports)
expect(entity.as_json[:security_reports][:has_security_reports]).to eq(true)
end
expect(entity.as_json[:secure_artifacts]).to include(:sast_path)
expect(entity.as_json[:secure_artifacts]).to include(:dast_path)
expect(entity.as_json[:secure_artifacts]).to include(:container_scanning_path)
expect(entity.as_json[:secure_artifacts]).to include(:dependency_scanning_path)
it 'contains link to latest pipeline' do
expect(entity.as_json[:security_reports]).to include(:pipeline_security_path)
end
expect(entity.as_json[:secure_artifacts][:sast_path]).to end_with(Ci::Build::SAST_FILE)
expect(entity.as_json[:secure_artifacts][:dast_path]).to end_with(Ci::Build::DAST_FILE)
expect(entity.as_json[:secure_artifacts][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
expect(entity.as_json[:secure_artifacts][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
it 'contains link to vulnerability feedback' do
expect(entity.as_json[:security_reports]).to include(:vulnerability_feedback_path)
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment