Commit 6b7a726a authored by Matija Čupić's avatar Matija Čupić Committed by Kamil Trzciński

Refactor test reports

parent 562618d3
...@@ -10,7 +10,7 @@ class Projects::ArtifactsController < Projects::ApplicationController ...@@ -10,7 +10,7 @@ class Projects::ArtifactsController < Projects::ApplicationController
before_action :authorize_update_build!, only: [:keep] before_action :authorize_update_build!, only: [:keep]
before_action :extract_ref_name_and_path before_action :extract_ref_name_and_path
before_action :set_request_format, only: [:file] before_action :set_request_format, only: [:file]
before_action :validate_artifacts! before_action :validate_artifacts!, except: [:download]
before_action :entry, only: [:file] before_action :entry, only: [:file]
def download def download
...@@ -102,7 +102,7 @@ class Projects::ArtifactsController < Projects::ApplicationController ...@@ -102,7 +102,7 @@ class Projects::ArtifactsController < Projects::ApplicationController
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
def artifacts_file def artifacts_file
@artifacts_file ||= build.artifacts_file_for_type(params[:file_type] || :archive) @artifacts_file ||= build&.artifacts_file_for_type(params[:file_type] || :archive)
end end
def entry def entry
......
...@@ -6,7 +6,7 @@ class Projects::BuildArtifactsController < Projects::ApplicationController ...@@ -6,7 +6,7 @@ class Projects::BuildArtifactsController < Projects::ApplicationController
before_action :authorize_read_build! before_action :authorize_read_build!
before_action :extract_ref_name_and_path before_action :extract_ref_name_and_path
before_action :validate_artifacts! before_action :validate_artifacts!, except: [:download]
def download def download
redirect_to download_project_job_artifacts_path(project, job) redirect_to download_project_job_artifacts_path(project, job)
......
...@@ -29,37 +29,6 @@ module EE ...@@ -29,37 +29,6 @@ module EE
group_epic_path(entity.group, entity, *args) group_epic_path(entity.group, entity, *args)
end end
def sast_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project,
pipeline.sast_artifact,
path: Ci::Build::SAST_FILE)
end
def dependency_scanning_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project,
pipeline.dependency_scanning_artifact,
path: Ci::Build::DEPENDENCY_SCANNING_FILE)
end
# sast_container_artifact_url is deprecated and replaced with container_scanning_artifact_url (#5778)
def sast_container_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project,
pipeline.sast_container_artifact,
path: Ci::Build::SAST_CONTAINER_FILE)
end
def container_scanning_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project,
pipeline.container_scanning_artifact,
path: Ci::Build::CONTAINER_SCANNING_FILE)
end
def dast_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project,
pipeline.dast_artifact,
path: Ci::Build::DAST_FILE)
end
def license_management_artifact_url(pipeline) def license_management_artifact_url(pipeline)
raw_project_build_artifacts_url(pipeline.project, raw_project_build_artifacts_url(pipeline.project,
pipeline.license_management_artifact, pipeline.license_management_artifact,
......
...@@ -148,21 +148,12 @@ module EE ...@@ -148,21 +148,12 @@ module EE
can_create_issue: "false" can_create_issue: "false"
} }
else else
# Handle old job and artifact names for container scanning
sast_container_head_path = if pipeline.expose_sast_container_data?
sast_container_artifact_url(pipeline)
elsif pipeline.expose_container_scanning_data?
container_scanning_artifact_url(pipeline)
else
nil
end
{ {
head_blob_path: project_blob_path(project, pipeline.sha), head_blob_path: project_blob_path(project, pipeline.sha),
sast_head_path: pipeline.expose_sast_data? ? sast_artifact_url(pipeline) : nil, sast_head_path: pipeline.downloadable_path_for_report_type(:sast),
dependency_scanning_head_path: pipeline.expose_dependency_scanning_data? ? dependency_scanning_artifact_url(pipeline) : nil, dependency_scanning_head_path: pipeline.downloadable_path_for_report_type(:dependency_scanning),
dast_head_path: pipeline.expose_dast_data? ? dast_artifact_url(pipeline) : nil, dast_head_path: pipeline.downloadable_path_for_report_type(:dast),
sast_container_head_path: sast_container_head_path, sast_container_head_path: pipeline.downloadable_path_for_report_type(:container_scanning),
vulnerability_feedback_path: project_vulnerability_feedback_index_path(project), vulnerability_feedback_path: project_vulnerability_feedback_index_path(project),
pipeline_id: pipeline.id, pipeline_id: pipeline.id,
vulnerability_feedback_help_path: help_page_path("user/project/merge_requests/index", anchor: "interacting-with-security-reports-ultimate"), vulnerability_feedback_help_path: help_page_path("user/project/merge_requests/index", anchor: "interacting-with-security-reports-ultimate"),
......
...@@ -7,14 +7,8 @@ module EE ...@@ -7,14 +7,8 @@ module EE
module Build module Build
extend ActiveSupport::Concern extend ActiveSupport::Concern
DEPENDENCY_SCANNING_FILE = 'gl-dependency-scanning-report.json'.freeze
LICENSE_MANAGEMENT_FILE = 'gl-license-management-report.json'.freeze LICENSE_MANAGEMENT_FILE = 'gl-license-management-report.json'.freeze
SAST_FILE = 'gl-sast-report.json'.freeze
PERFORMANCE_FILE = 'performance.json'.freeze PERFORMANCE_FILE = 'performance.json'.freeze
# SAST_CONTAINER_FILE is deprecated and replaced with CONTAINER_SCANNING_FILE (#5778)
SAST_CONTAINER_FILE = 'gl-sast-container-report.json'.freeze
CONTAINER_SCANNING_FILE = 'gl-container-scanning-report.json'.freeze
DAST_FILE = 'gl-dast-report.json'.freeze
prepended do prepended do
after_save :stick_build_if_status_changed after_save :stick_build_if_status_changed
...@@ -36,37 +30,11 @@ module EE ...@@ -36,37 +30,11 @@ module EE
has_artifact?(PERFORMANCE_FILE) has_artifact?(PERFORMANCE_FILE)
end end
def has_sast_json?
name_in?('sast') &&
has_artifact?(SAST_FILE)
end
def has_dependency_scanning_json?
name_in?('dependency_scanning') &&
has_artifact?(DEPENDENCY_SCANNING_FILE)
end
def has_license_management_json? def has_license_management_json?
name_in?('license_management') && name_in?('license_management') &&
has_artifact?(LICENSE_MANAGEMENT_FILE) has_artifact?(LICENSE_MANAGEMENT_FILE)
end end
# has_sast_container_json? is deprecated and replaced with has_container_scanning_json? (#5778)
def has_sast_container_json?
name_in?(%w[sast:container container_scanning]) &&
has_artifact?(SAST_CONTAINER_FILE)
end
def has_container_scanning_json?
name_in?(%w[sast:container container_scanning]) &&
has_artifact?(CONTAINER_SCANNING_FILE)
end
def has_dast_json?
name_in?('dast') &&
has_artifact?(DAST_FILE)
end
def log_geo_deleted_event def log_geo_deleted_event
# It is not needed to generate a Geo deleted event # It is not needed to generate a Geo deleted event
# since Legacy Artifacts are migrated to multi-build artifacts # since Legacy Artifacts are migrated to multi-build artifacts
......
...@@ -17,6 +17,16 @@ module EE ...@@ -17,6 +17,16 @@ module EE
joins(:artifacts).where(ci_builds: { name: %w[sast dependency_scanning sast:container container_scanning dast] }) joins(:artifacts).where(ci_builds: { name: %w[sast dependency_scanning sast:container container_scanning dast] })
} }
# This structure describes feature levels
# to access the file types for given reports
LEGACY_REPORT_LICENSED_FEATURES = {
codequality: nil,
sast: :sast,
dependency_scanning: :dependency_scanning,
container_scanning: :sast_container,
dast: :dast
}.freeze
# Deprecated, to be removed in 12.0 # Deprecated, to be removed in 12.0
# A hash of Ci::JobArtifact file_types # A hash of Ci::JobArtifact file_types
# With mapping to the legacy job names, # With mapping to the legacy job names,
...@@ -25,15 +35,39 @@ module EE ...@@ -25,15 +35,39 @@ module EE
codequality: { codequality: {
names: %w(codeclimate codequality code_quality), names: %w(codeclimate codequality code_quality),
files: %w(codeclimate.json gl-code-quality-report.json) files: %w(codeclimate.json gl-code-quality-report.json)
},
sast: {
names: %w(deploy sast),
files: %w(gl-sast-report.json)
},
dependency_scanning: {
names: %w(dependency_scanning),
files: %w(gl-dependency-scanning-report.json)
},
container_scanning: {
names: %w(sast:container container_scanning),
files: %w(gl-sast-container-report.json gl-container-scanning-report.json)
},
dast: {
names: %w(dast),
files: %w(gl-dast-report.json)
} }
}.freeze }.freeze
end end
def artifact_for_file_type(file_type) def any_report_artifact_for_type(file_type)
report_artifact_for_file_type(file_type) || legacy_report_artifact_for_file_type(file_type)
end
def report_artifact_for_file_type(file_type)
return unless available_licensed_report_type?(file_type)
job_artifacts.where(file_type: ::Ci::JobArtifact.file_types[file_type]).last job_artifacts.where(file_type: ::Ci::JobArtifact.file_types[file_type]).last
end end
def legacy_report_artifact_for_file_type(file_type) def legacy_report_artifact_for_file_type(file_type)
return unless available_licensed_report_type?(file_type)
legacy_names = LEGACY_REPORT_FORMATS[file_type] legacy_names = LEGACY_REPORT_FORMATS[file_type]
return unless legacy_names return unless legacy_names
...@@ -53,106 +87,35 @@ module EE ...@@ -53,106 +87,35 @@ module EE
@performance_artifact ||= artifacts_with_files.find(&:has_performance_json?) @performance_artifact ||= artifacts_with_files.find(&:has_performance_json?)
end end
def sast_artifact
@sast_artifact ||= artifacts_with_files.find(&:has_sast_json?)
end
def dependency_scanning_artifact
@dependency_scanning_artifact ||= artifacts_with_files.find(&:has_dependency_scanning_json?)
end
def license_management_artifact def license_management_artifact
@license_management_artifact ||= artifacts_with_files.find(&:has_license_management_json?) @license_management_artifact ||= artifacts_with_files.find(&:has_license_management_json?)
end end
# sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
def sast_container_artifact
@sast_container_artifact ||= artifacts_with_files.find(&:has_sast_container_json?)
end
def container_scanning_artifact
@container_scanning_artifact ||= artifacts_with_files.find(&:has_container_scanning_json?)
end
def dast_artifact
@dast_artifact ||= artifacts_with_files.find(&:has_dast_json?)
end
def has_sast_data?
sast_artifact&.success?
end
def has_dependency_scanning_data?
dependency_scanning_artifact&.success?
end
def has_license_management_data? def has_license_management_data?
license_management_artifact&.success? license_management_artifact&.success?
end end
# has_sast_container_data? is deprecated and replaced with has_container_scanning_data? (#5778)
def has_sast_container_data?
sast_container_artifact&.success?
end
def has_container_scanning_data?
container_scanning_artifact&.success?
end
def has_dast_data?
dast_artifact&.success?
end
def has_performance_data? def has_performance_data?
performance_artifact&.success? performance_artifact&.success?
end end
def expose_sast_data?
project.feature_available?(:sast) &&
has_sast_data?
end
def expose_dependency_scanning_data?
project.feature_available?(:dependency_scanning) &&
has_dependency_scanning_data?
end
def expose_license_management_data? def expose_license_management_data?
project.feature_available?(:license_management) && project.feature_available?(:license_management) &&
has_license_management_data? has_license_management_data?
end end
# expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778)
def expose_sast_container_data?
project.feature_available?(:sast_container) &&
has_sast_container_data?
end
def expose_container_scanning_data?
project.feature_available?(:sast_container) &&
has_container_scanning_data?
end
def expose_dast_data?
project.feature_available?(:dast) &&
has_dast_data?
end
def expose_performance_data? def expose_performance_data?
project.feature_available?(:merge_request_performance_metrics) && project.feature_available?(:merge_request_performance_metrics) &&
has_performance_data? has_performance_data?
end end
def expose_security_dashboard?
expose_sast_data? ||
expose_dependency_scanning_data? ||
expose_dast_data? ||
expose_sast_container_data? ||
expose_container_scanning_data?
end
private private
def available_licensed_report_type?(file_type)
feature_name = LEGACY_REPORT_LICENSED_FEATURES.fetch(file_type)
feature_name.nil? || project.feature_available?(feature_name)
end
def artifacts_with_files def artifacts_with_files
@artifacts_with_files ||= artifacts.includes(:job_artifacts_metadata, :job_artifacts_archive).to_a @artifacts_with_files ||= artifacts.includes(:job_artifacts_metadata, :job_artifacts_archive).to_a
end end
......
...@@ -13,35 +13,12 @@ module EE ...@@ -13,35 +13,12 @@ module EE
delegate :performance_artifact, to: :head_pipeline, prefix: :head, allow_nil: true delegate :performance_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :performance_artifact, to: :base_pipeline, prefix: :base, allow_nil: true delegate :performance_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :sast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :sast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :dependency_scanning_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :dependency_scanning_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :license_management_artifact, to: :head_pipeline, prefix: :head, allow_nil: true delegate :license_management_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :license_management_artifact, to: :base_pipeline, prefix: :base, allow_nil: true delegate :license_management_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
# sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
delegate :sast_container_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :sast_container_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :container_scanning_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :container_scanning_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :dast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
delegate :dast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :sha, to: :head_pipeline, prefix: :head_pipeline, allow_nil: true delegate :sha, to: :head_pipeline, prefix: :head_pipeline, allow_nil: true
delegate :sha, to: :base_pipeline, prefix: :base_pipeline, allow_nil: true delegate :sha, to: :base_pipeline, prefix: :base_pipeline, allow_nil: true
delegate :has_sast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :has_dependency_scanning_data?, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :has_license_management_data?, to: :base_pipeline, prefix: :base, allow_nil: true delegate :has_license_management_data?, to: :base_pipeline, prefix: :base, allow_nil: true
# has_sast_container_data? is deprecated and replaced with has_container_scanning_data? (#5778)
delegate :has_sast_container_data?, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :has_container_scanning_data?, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :has_dast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
delegate :expose_sast_data?, to: :head_pipeline, allow_nil: true
delegate :expose_dependency_scanning_data?, to: :head_pipeline, allow_nil: true
delegate :expose_license_management_data?, to: :head_pipeline, allow_nil: true delegate :expose_license_management_data?, to: :head_pipeline, allow_nil: true
# expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778)
delegate :expose_sast_container_data?, to: :head_pipeline, allow_nil: true
delegate :expose_container_scanning_data?, to: :head_pipeline, allow_nil: true
delegate :expose_dast_data?, to: :head_pipeline, allow_nil: true
delegate :merge_requests_author_approval?, to: :target_project, allow_nil: true delegate :merge_requests_author_approval?, to: :target_project, allow_nil: true
participant :participant_approvers participant :participant_approvers
......
...@@ -6,10 +6,17 @@ module EE ...@@ -6,10 +6,17 @@ module EE
size_limit_exceeded: 'Pipeline size limit exceeded!' size_limit_exceeded: 'Pipeline size limit exceeded!'
}.freeze }.freeze
def downloadable_url_for_report_type(file_type) def expose_security_dashboard?
if (job_artifact = artifact_for_file_type(file_type)) && any_report_artifact_for_type(:sast) ||
any_report_artifact_for_type(:dependency_scanning) ||
any_report_artifact_for_type(:dast) ||
any_report_artifact_for_type(:container_scanning)
end
def downloadable_path_for_report_type(file_type)
if (job_artifact = report_artifact_for_file_type(file_type)) &&
can?(current_user, :read_build, job_artifact.job) can?(current_user, :read_build, job_artifact.job)
return download_project_build_artifacts_url( return download_project_job_artifacts_path(
job_artifact.project, job_artifact.project,
job_artifact.job, job_artifact.job,
file_type: file_type) file_type: file_type)
...@@ -17,7 +24,7 @@ module EE ...@@ -17,7 +24,7 @@ module EE
if (build_artifact = legacy_report_artifact_for_file_type(file_type)) && if (build_artifact = legacy_report_artifact_for_file_type(file_type)) &&
can?(current_user, :read_build, build_artifact.build) can?(current_user, :read_build, build_artifact.build)
return raw_project_build_artifacts_url( return raw_project_job_artifacts_path(
build_artifact.build.project, build_artifact.build.project,
build_artifact.build, build_artifact.build,
path: build_artifact.path) path: build_artifact.path)
......
...@@ -16,13 +16,13 @@ module EE ...@@ -16,13 +16,13 @@ module EE
end end
end end
expose :codeclimate, if: -> (mr, _) { head_pipeline_downloadable_url_for_report_type(:codequality) } do expose :codeclimate, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:codequality) } do
expose :head_path do |merge_request| expose :head_path do |merge_request|
head_pipeline_downloadable_url_for_report_type(:codequality) head_pipeline_downloadable_path_for_report_type(:codequality)
end end
expose :base_path do |merge_request| expose :base_path do |merge_request|
base_pipeline_downloadable_url_for_report_type(:codequality) base_pipeline_downloadable_path_for_report_type(:codequality)
end end
end end
...@@ -40,31 +40,23 @@ module EE ...@@ -40,31 +40,23 @@ module EE
end end
end end
expose :sast, if: -> (mr, _) { mr.expose_sast_data? } do expose :sast, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:sast) } do
expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_sast_artifact) } do |merge_request| expose :head_path do |merge_request|
raw_project_build_artifacts_url(merge_request.source_project, head_pipeline_downloadable_path_for_report_type(:sast)
merge_request.head_sast_artifact,
path: Ci::Build::SAST_FILE)
end end
expose :base_path, if: -> (mr, _) { mr.base_has_sast_data? && can?(current_user, :read_build, mr.base_sast_artifact) } do |merge_request| expose :base_path do |merge_request|
raw_project_build_artifacts_url(merge_request.target_project, base_pipeline_downloadable_path_for_report_type(:sast)
merge_request.base_sast_artifact,
path: Ci::Build::SAST_FILE)
end end
end end
expose :dependency_scanning, if: -> (mr, _) { mr.expose_dependency_scanning_data? } do expose :dependency_scanning, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:dependency_scanning) } do
expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_dependency_scanning_artifact) } do |merge_request| expose :head_path do |merge_request|
raw_project_build_artifacts_url(merge_request.source_project, head_pipeline_downloadable_path_for_report_type(:dependency_scanning)
merge_request.head_dependency_scanning_artifact,
path: Ci::Build::DEPENDENCY_SCANNING_FILE)
end end
expose :base_path, if: -> (mr, _) { mr.base_has_dependency_scanning_data? && can?(current_user, :read_build, mr.base_dependency_scanning_artifact) } do |merge_request| expose :base_path do |merge_request|
raw_project_build_artifacts_url(merge_request.target_project, base_pipeline_downloadable_path_for_report_type(:dependency_scanning)
merge_request.base_dependency_scanning_artifact,
path: Ci::Build::DEPENDENCY_SCANNING_FILE)
end end
end end
...@@ -98,47 +90,23 @@ module EE ...@@ -98,47 +90,23 @@ module EE
end end
end end
# expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778) expose :sast_container, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:container_scanning) } do
expose :sast_container, if: -> (mr, _) { mr.expose_sast_container_data? } do expose :head_path do |merge_request|
expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_sast_container_artifact) } do |merge_request| head_pipeline_downloadable_path_for_report_type(:container_scanning)
raw_project_build_artifacts_url(merge_request.source_project,
merge_request.head_sast_container_artifact,
path: Ci::Build::SAST_CONTAINER_FILE)
end
expose :base_path, if: -> (mr, _) { mr.base_has_sast_container_data? && can?(current_user, :read_build, mr.base_sast_container_artifact) } do |merge_request|
raw_project_build_artifacts_url(merge_request.target_project,
merge_request.base_sast_container_artifact,
path: Ci::Build::SAST_CONTAINER_FILE)
end
end
# We still expose it as `sast_container` to keep compatibility with Frontend (#5778)
expose :sast_container, if: -> (mr, _) { mr.expose_container_scanning_data? } do
expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_container_scanning_artifact) } do |merge_request|
raw_project_build_artifacts_url(merge_request.source_project,
merge_request.head_container_scanning_artifact,
path: Ci::Build::CONTAINER_SCANNING_FILE)
end end
expose :base_path, if: -> (mr, _) { mr.base_has_container_scanning_data? && can?(current_user, :read_build, mr.base_container_scanning_artifact) } do |merge_request| expose :base_path do |merge_request|
raw_project_build_artifacts_url(merge_request.target_project, base_pipeline_downloadable_path_for_report_type(:container_scanning)
merge_request.base_container_scanning_artifact,
path: Ci::Build::CONTAINER_SCANNING_FILE)
end end
end end
expose :dast, if: -> (mr, _) { mr.expose_dast_data? } do expose :dast, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:dast) } do
expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_dast_artifact) } do |merge_request| expose :head_path do |merge_request|
raw_project_build_artifacts_url(merge_request.source_project, head_pipeline_downloadable_path_for_report_type(:dast)
merge_request.head_dast_artifact,
path: Ci::Build::DAST_FILE)
end end
expose :base_path, if: -> (mr, _) { mr.base_has_dast_data? && can?(current_user, :read_build, mr.base_dast_artifact) } do |merge_request| expose :base_path do |merge_request|
raw_project_build_artifacts_url(merge_request.target_project, base_pipeline_downloadable_path_for_report_type(:dast)
merge_request.base_dast_artifact,
path: Ci::Build::DAST_FILE)
end end
end end
...@@ -170,12 +138,14 @@ module EE ...@@ -170,12 +138,14 @@ module EE
private private
def head_pipeline_downloadable_url_for_report_type(file_type) def head_pipeline_downloadable_path_for_report_type(file_type)
object.head_pipeline&.present(current_user: current_user)&.downloadable_url_for_report_type(file_type) object.head_pipeline&.present(current_user: current_user)
&.downloadable_path_for_report_type(file_type)
end end
def base_pipeline_downloadable_url_for_report_type(file_type) def base_pipeline_downloadable_path_for_report_type(file_type)
object.base_pipeline&.present(current_user: current_user)&.downloadable_url_for_report_type(file_type) object.base_pipeline&.present(current_user: current_user)
&.downloadable_path_for_report_type(file_type)
end end
end end
end end
- pipeline = local_assigns.fetch(:pipeline) - pipeline = local_assigns.fetch(:pipeline)
- project = local_assigns.fetch(:project) - project = local_assigns.fetch(:project)
- sast_endpoint = pipeline.expose_sast_data? ? sast_artifact_url(pipeline) : nil - sast_endpoint = pipeline.downloadable_path_for_report_type(:sast)
- dependency_scanning_endpoint = pipeline.expose_dependency_scanning_data? ? dependency_scanning_artifact_url(pipeline) : nil - dependency_scanning_endpoint = pipeline.downloadable_path_for_report_type(:dependency_scanning)
- dast_endpoint = pipeline.expose_dast_data? ? dast_artifact_url(pipeline) : nil - dast_endpoint = pipeline.downloadable_path_for_report_type(:dast)
- sast_container_endpoint = pipeline.expose_sast_container_data? ? sast_container_artifact_url(pipeline) : pipeline.expose_container_scanning_data? ? container_scanning_artifact_url(pipeline) : nil - sast_container_endpoint = pipeline.downloadable_path_for_report_type(:container_scanning)
- blob_path = project_blob_path(project, pipeline.sha) - blob_path = project_blob_path(project, pipeline.sha)
- license_management_settings_path = can?(current_user, :admin_software_license_policy, project) ? license_management_settings_path(project) : nil - license_management_settings_path = can?(current_user, :admin_software_license_policy, project) ? license_management_settings_path(project) : nil
......
---
title: Refactor test reports to use new artifact architecture.
merge_request: 7827
author:
type: changed
...@@ -23,7 +23,7 @@ describe Projects::PipelinesController do ...@@ -23,7 +23,7 @@ describe Projects::PipelinesController do
pipeline: pipeline, pipeline: pipeline,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
......
...@@ -23,7 +23,7 @@ describe Projects::Security::DashboardController do ...@@ -23,7 +23,7 @@ describe Projects::Security::DashboardController do
pipeline: pipeline_1, pipeline: pipeline_1,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
......
...@@ -26,7 +26,7 @@ describe 'Pipeline', :js do ...@@ -26,7 +26,7 @@ describe 'Pipeline', :js do
pipeline: pipeline, pipeline: pipeline,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
......
...@@ -120,30 +120,9 @@ describe Ci::Build do ...@@ -120,30 +120,9 @@ describe Ci::Build do
filename: Ci::Build::PERFORMANCE_FILE, filename: Ci::Build::PERFORMANCE_FILE,
job_names: %w[performance deploy] job_names: %w[performance deploy]
}, },
has_sast_json?: {
filename: Ci::Build::SAST_FILE,
job_names: %w[sast]
},
has_dependency_scanning_json?: {
filename: Ci::Build::DEPENDENCY_SCANNING_FILE,
job_names: %w[dependency_scanning]
},
has_license_management_json?: { has_license_management_json?: {
filename: Ci::Build::LICENSE_MANAGEMENT_FILE, filename: Ci::Build::LICENSE_MANAGEMENT_FILE,
job_names: %w[license_management] job_names: %w[license_management]
},
# has_sast_container_json? is deprecated and replaced with has_container_scanning_json (#5778)
has_sast_container_json?: {
filename: Ci::Build::SAST_CONTAINER_FILE,
job_names: %w[sast:container container_scanning]
},
has_container_scanning_json?: {
filename: Ci::Build::CONTAINER_SCANNING_FILE,
job_names: %w[sast:container container_scanning]
},
has_dast_json?: {
filename: Ci::Build::DAST_FILE,
job_names: %w[dast]
} }
} }
......
...@@ -20,15 +20,7 @@ describe Ci::Pipeline do ...@@ -20,15 +20,7 @@ describe Ci::Pipeline do
PIPELINE_ARTIFACTS_METHODS = [ PIPELINE_ARTIFACTS_METHODS = [
{ method: :performance_artifact, options: [Ci::Build::PERFORMANCE_FILE, 'performance'] }, { method: :performance_artifact, options: [Ci::Build::PERFORMANCE_FILE, 'performance'] },
{ method: :sast_artifact, options: [Ci::Build::SAST_FILE, 'sast'] }, { method: :license_management_artifact, options: [Ci::Build::LICENSE_MANAGEMENT_FILE, 'license_management'] }
{ method: :dependency_scanning_artifact, options: [Ci::Build::DEPENDENCY_SCANNING_FILE, 'dependency_scanning'] },
{ method: :license_management_artifact, options: [Ci::Build::LICENSE_MANAGEMENT_FILE, 'license_management'] },
# sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
{ method: :sast_container_artifact, options: [Ci::Build::SAST_CONTAINER_FILE, 'sast:container'] },
{ method: :sast_container_artifact, options: [Ci::Build::SAST_CONTAINER_FILE, 'container_scanning'] },
{ method: :container_scanning_artifact, options: [Ci::Build::CONTAINER_SCANNING_FILE, 'sast:container'] },
{ method: :container_scanning_artifact, options: [Ci::Build::CONTAINER_SCANNING_FILE, 'container_scanning'] },
{ method: :dast_artifact, options: [Ci::Build::DAST_FILE, 'dast'] }
].freeze ].freeze
PIPELINE_ARTIFACTS_METHODS.each do |method_test| PIPELINE_ARTIFACTS_METHODS.each do |method_test|
...@@ -64,7 +56,7 @@ describe Ci::Pipeline do ...@@ -64,7 +56,7 @@ describe Ci::Pipeline do
end end
end end
%w(sast dependency_scanning dast performance sast_container container_scanning).each do |type| %w(performance license_management).each do |type|
method = "has_#{type}_data?" method = "has_#{type}_data?"
describe "##{method}" do describe "##{method}" do
...@@ -78,7 +70,7 @@ describe Ci::Pipeline do ...@@ -78,7 +70,7 @@ describe Ci::Pipeline do
end end
end end
%w(sast dependency_scanning dast performance sast_container container_scanning).each do |type| %w(performance license_management).each do |type|
method = "expose_#{type}_data?" method = "expose_#{type}_data?"
describe "##{method}" do describe "##{method}" do
...@@ -107,7 +99,7 @@ describe Ci::Pipeline do ...@@ -107,7 +99,7 @@ describe Ci::Pipeline do
pipeline: pipeline_1, pipeline: pipeline_1,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
...@@ -119,7 +111,7 @@ describe Ci::Pipeline do ...@@ -119,7 +111,7 @@ describe Ci::Pipeline do
pipeline: pipeline_2, pipeline: pipeline_2,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::DEPENDENCY_SCANNING_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:dependency_scanning]]
} }
} }
) )
...@@ -131,7 +123,7 @@ describe Ci::Pipeline do ...@@ -131,7 +123,7 @@ describe Ci::Pipeline do
pipeline: pipeline_3, pipeline: pipeline_3,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::CONTAINER_SCANNING_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:container_scanning]]
} }
} }
) )
...@@ -143,7 +135,7 @@ describe Ci::Pipeline do ...@@ -143,7 +135,7 @@ describe Ci::Pipeline do
pipeline: pipeline_4, pipeline: pipeline_4,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::DAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:dast]]
} }
} }
) )
...@@ -152,12 +144,7 @@ describe Ci::Pipeline do ...@@ -152,12 +144,7 @@ describe Ci::Pipeline do
:success, :success,
:artifacts, :artifacts,
name: 'foobar', name: 'foobar',
pipeline: pipeline_5, pipeline: pipeline_5
options: {
artifacts: {
paths: ['foobar-report.json']
}
}
) )
end end
...@@ -166,12 +153,12 @@ describe Ci::Pipeline do ...@@ -166,12 +153,12 @@ describe Ci::Pipeline do
end end
end end
describe '#artifact_for_file_type' do describe '#report_artifact_for_file_type' do
let(:file_type) { :codequality } let(:file_type) { :codequality }
let!(:build) { create(:ci_build, pipeline: pipeline) } let!(:build) { create(:ci_build, pipeline: pipeline) }
let!(:artifact) { create(:ci_job_artifact, :codequality, job: build) } let!(:artifact) { create(:ci_job_artifact, :codequality, job: build) }
subject { pipeline.artifact_for_file_type(file_type) } subject { pipeline.report_artifact_for_file_type(file_type) }
it 'returns the artifact' do it 'returns the artifact' do
expect(subject).to eq(artifact) expect(subject).to eq(artifact)
...@@ -221,12 +208,12 @@ describe Ci::Pipeline do ...@@ -221,12 +208,12 @@ describe Ci::Pipeline do
end end
it 'does not perform extra queries when calling pipeline artifacts methods after the first' do it 'does not perform extra queries when calling pipeline artifacts methods after the first' do
create_build('sast', Ci::Build::SAST_FILE) create_build('performance', 'performance.json')
create_build('dependency_scanning', 'gl-dependency-scanning-report.json') create_build('license_management', 'gl-license-management-report.json')
pipeline.sast_artifact pipeline.performance_artifact
expect { pipeline.dependency_scanning_artifact }.not_to exceed_query_limit(0) expect { pipeline.license_management_artifact }.not_to exceed_query_limit(0)
end end
end end
end end
...@@ -63,11 +63,26 @@ describe MergeRequest do ...@@ -63,11 +63,26 @@ describe MergeRequest do
end end
end end
%w(sast dast sast_container container_scanning).each do |type| describe '#base_license_management_artifact' do
it { is_expected.to delegate_method(:"expose_#{type}_data?").to(:head_pipeline) } before do
it { is_expected.to delegate_method(:"has_#{type}_data?").to(:base_pipeline).with_prefix(:base) } allow(subject.base_pipeline).to receive(:license_management_artifact)
it { is_expected.to delegate_method(:"#{type}_artifact").to(:head_pipeline).with_prefix(:head) } .and_return(1)
it { is_expected.to delegate_method(:"#{type}_artifact").to(:base_pipeline).with_prefix(:base) } end
it 'delegates to merge request diff' do
expect(subject.base_license_management_artifact).to eq(1)
end
end
describe '#head_license_management_artifact' do
before do
allow(subject.head_pipeline).to receive(:license_management_artifact)
.and_return(1)
end
it 'delegates to merge request diff' do
expect(subject.head_license_management_artifact).to eq(1)
end
end end
describe '#expose_performance_data?' do describe '#expose_performance_data?' do
...@@ -86,4 +101,15 @@ describe MergeRequest do ...@@ -86,4 +101,15 @@ describe MergeRequest do
it { expect(subject.expose_performance_data?).to be_falsey } it { expect(subject.expose_performance_data?).to be_falsey }
end end
end end
describe '#expose_license_management_data?' do
before do
allow(subject.head_pipeline).to receive(:expose_license_management_data?)
.and_return(1)
end
it 'delegates to merge request diff' do
expect(subject.expose_license_management_data?).to eq(1)
end
end
end end
...@@ -1541,7 +1541,7 @@ describe Project do ...@@ -1541,7 +1541,7 @@ describe Project do
pipeline: pipeline_1, pipeline: pipeline_1,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
...@@ -1553,7 +1553,7 @@ describe Project do ...@@ -1553,7 +1553,7 @@ describe Project do
pipeline: pipeline_2, pipeline: pipeline_2,
options: { options: {
artifacts: { artifacts: {
paths: [Ci::Build::SAST_FILE] paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
} }
} }
) )
......
...@@ -26,7 +26,22 @@ describe MergeRequestWidgetEntity do ...@@ -26,7 +26,22 @@ describe MergeRequestWidgetEntity do
expect(subject.as_json[:blob_path]).to include(:head_path) expect(subject.as_json[:blob_path]).to include(:head_path)
end end
describe 'codeclimate' do it 'sets approvals_before_merge to 0 if nil' do
expect(subject.as_json[:approvals_before_merge]).to eq(0)
end
describe 'test report artifacts' do
using RSpec::Parameterized::TableSyntax
where(:json_entry, :artifact_type) do
:codeclimate | :codequality
:sast | :sast
:dependency_scanning | :dependency_scanning
:sast_container | :container_scanning
:dast | :dast
end
with_them do
before do before do
allow(merge_request).to receive_messages( allow(merge_request).to receive_messages(
base_pipeline: pipeline, base_pipeline: pipeline,
...@@ -34,26 +49,29 @@ describe MergeRequestWidgetEntity do ...@@ -34,26 +49,29 @@ describe MergeRequestWidgetEntity do
) )
end end
context 'with codeclimate data' do context 'when feature is available' do
before do
allow(pipeline).to receive(:available_licensed_report_type?).and_return(true)
end
context "with data" do
before do before do
job = create(:ci_build, pipeline: pipeline) job = create(:ci_build, pipeline: pipeline)
create(:ci_job_artifact, :codequality, job: job) create(:ci_job_artifact, file_type: artifact_type, file_format: Ci::JobArtifact::TYPE_AND_FORMAT_PAIRS[artifact_type], job: job)
end end
it 'has codeclimate data entry' do it "has data entry" do
expect(subject.as_json).to include(:codeclimate) expect(subject.as_json).to include(json_entry)
end end
end end
context 'without codeclimate data' do context "without data" do
it 'does not have codeclimate data entry' do it "does not have data entry" do
expect(subject.as_json).not_to include(:codeclimate) expect(subject.as_json).not_to include(json_entry)
end
end end
end end
end end
it 'sets approvals_before_merge to 0 if nil' do
expect(subject.as_json[:approvals_before_merge]).to eq(0)
end end
it 'has performance data' do it 'has performance data' do
...@@ -61,7 +79,6 @@ describe MergeRequestWidgetEntity do ...@@ -61,7 +79,6 @@ describe MergeRequestWidgetEntity do
allow(merge_request).to receive_messages( allow(merge_request).to receive_messages(
expose_performance_data?: true, expose_performance_data?: true,
expose_security_dashboard?: false,
base_performance_artifact: build, base_performance_artifact: build,
head_performance_artifact: build head_performance_artifact: build
) )
...@@ -69,45 +86,12 @@ describe MergeRequestWidgetEntity do ...@@ -69,45 +86,12 @@ describe MergeRequestWidgetEntity do
expect(subject.as_json).to include(:performance) expect(subject.as_json).to include(:performance)
end end
it 'has sast data' do
build = create(:ci_build, name: 'sast', pipeline: pipeline)
allow(merge_request).to receive_messages(
expose_sast_data?: true,
expose_security_dashboard?: true,
base_has_sast_data?: true,
base_sast_artifact: build,
head_sast_artifact: build
)
expect(subject.as_json).to include(:sast)
expect(subject.as_json[:sast]).to include(:head_path)
expect(subject.as_json[:sast]).to include(:base_path)
end
it 'has dependency_scanning data' do
build = create(:ci_build, name: 'dependency_scanning', pipeline: pipeline)
allow(merge_request).to receive_messages(
expose_dependency_scanning_data?: true,
expose_security_dashboard?: true,
base_has_dependency_scanning_data?: true,
base_dependency_scanning_artifact: build,
head_dependency_scanning_artifact: build
)
expect(subject.as_json).to include(:dependency_scanning)
expect(subject.as_json[:dependency_scanning]).to include(:head_path)
expect(subject.as_json[:dependency_scanning]).to include(:base_path)
end
describe '#license_management' do describe '#license_management' do
before do before do
build = create(:ci_build, name: 'license_management', pipeline: pipeline) build = create(:ci_build, name: 'license_management', pipeline: pipeline)
allow(merge_request).to receive_messages( allow(merge_request).to receive_messages(
expose_license_management_data?: true, expose_license_management_data?: true,
expose_security_dashboard?: false,
base_has_license_management_data?: true, base_has_license_management_data?: true,
base_license_management_artifact: build, base_license_management_artifact: build,
head_license_management_artifact: build, head_license_management_artifact: build,
...@@ -143,55 +127,6 @@ describe MergeRequestWidgetEntity do ...@@ -143,55 +127,6 @@ describe MergeRequestWidgetEntity do
end end
end end
# methods for old artifact are deprecated and replaced with ones for the new name (#5779)
it 'has sast_container data (with old artifact name gl-sast-container-report.json)' do
build = create(:ci_build, name: 'container_scanning', pipeline: pipeline)
allow(merge_request).to receive_messages(
expose_sast_container_data?: true,
expose_security_dashboard?: true,
base_has_sast_container_data?: true,
base_sast_container_artifact: build,
head_sast_container_artifact: build
)
expect(subject.as_json).to include(:sast_container)
expect(subject.as_json[:sast_container]).to include(:head_path)
expect(subject.as_json[:sast_container]).to include(:base_path)
end
it 'has sast_container data (with new artifact name gl-container-scanning-report.json)' do
build = create(:ci_build, name: 'container_scanning', pipeline: pipeline)
allow(merge_request).to receive_messages(
expose_container_scanning_data?: true,
expose_security_dashboard?: true,
base_has_container_scanning_data?: true,
base_container_scanning_artifact: build,
head_container_scanning_artifact: build
)
expect(subject.as_json).to include(:sast_container)
expect(subject.as_json[:sast_container]).to include(:head_path)
expect(subject.as_json[:sast_container]).to include(:base_path)
end
it 'has dast data' do
build = create(:ci_build, name: 'dast', pipeline: pipeline)
allow(merge_request).to receive_messages(
expose_dast_data?: true,
expose_security_dashboard?: true,
base_has_dast_data?: true,
base_dast_artifact: build,
head_dast_artifact: build
)
expect(subject.as_json).to include(:dast)
expect(subject.as_json[:dast]).to include(:head_path)
expect(subject.as_json[:dast]).to include(:base_path)
end
it 'has vulnerability feedbacks path' do it 'has vulnerability feedbacks path' do
expect(subject.as_json).to include(:vulnerability_feedback_path) expect(subject.as_json).to include(:vulnerability_feedback_path)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment