Refactor into vulnerability_details

ee/app/helpers/vulnerabilities_helper.rb

 # frozen_string_literal: true
 
 module VulnerabilitiesHelper
-  def vulnerability_data(vulnerability, pipeline)
+  def vulnerability_details_json(vulnerability, pipeline)
+    vulnerability_details(vulnerability, pipeline).to_json
+  end
+
+  def vulnerability_details(vulnerability, pipeline)
     return unless vulnerability
 
-    {
-      vulnerability_json: VulnerabilitySerializer.new.represent(vulnerability).to_json,
-      project_fingerprint: vulnerability.finding.project_fingerprint,
+    result = {
+      timestamp: Time.now.to_i,
       create_issue_url: create_vulnerability_feedback_issue_path(vulnerability.finding.project),
-      notes_url: project_security_vulnerability_notes_path(vulnerability.project, vulnerability),
-      discussions_url: discussions_project_security_vulnerability_path(vulnerability.project, vulnerability),
-      pipeline_json: vulnerability_pipeline_data(pipeline).to_json,
       has_mr: !!vulnerability.finding.merge_request_feedback.try(:merge_request_iid),
-      vulnerability_feedback_help_path: help_page_path('user/application_security/index', anchor: 'interacting-with-the-vulnerabilities'),
-      finding_json: vulnerability_finding_data(vulnerability).to_json,
+      finding_json: vulnerability_finding_data(vulnerability),
       create_mr_url: create_vulnerability_feedback_merge_request_path(vulnerability.finding.project),
-      timestamp: Time.now.to_i
+      discussions_url: discussions_project_security_vulnerability_path(vulnerability.project, vulnerability),
+      notes_url: project_security_vulnerability_notes_path(vulnerability.project, vulnerability),
+      vulnerability_feedback_help_path: help_page_path('user/application_security/index', anchor: 'interacting-with-the-vulnerabilities'),
+      pipeline: vulnerability_pipeline_data(pipeline)
     }
+
+    result.merge(vulnerability_data(vulnerability), vulnerability_finding_data(vulnerability))
   end
 
   def vulnerability_pipeline_data(pipeline)
@@ -30,9 +34,12 @@ module VulnerabilitiesHelper
     }
   end
 
+  def vulnerability_data(vulnerability)
+    VulnerabilitySerializer.new.represent(vulnerability)
+  end
+
   def vulnerability_finding_data(vulnerability)
     finding = Vulnerabilities::FindingSerializer.new(current_user: current_user).represent(vulnerability.finding)
-    remediation = finding[:remediations]&.first
 
     data = finding.slice(
       :description,
@@ -43,11 +50,11 @@ module VulnerabilitiesHelper
       :issue_feedback,
       :merge_request_feedback,
       :project,
+      :project_fingerprint,
       :remediations,
       :evidence,
-      :scanner
-    ).merge(
-      solution: remediation ? remediation['summary'] : finding[:solution]
+      :scanner,
+      :solution
     )
 
     if data[:location]['file']

ee/app/views/projects/security/vulnerabilities/show.html.haml

@@ -3,8 +3,10 @@
 - breadcrumb_title @vulnerability.id
 - page_title @vulnerability.title
 - page_description @vulnerability.description
-- vulnerability_data = vulnerability_data(@vulnerability, @pipeline)
+- finding = @vulnerability.finding
+- location = finding.location
+- vulnerability_init_details = vulnerability_details_json(@vulnerability, @pipeline)
 
-#js-vulnerability-header{ data: vulnerability_data }
-#js-vulnerability-details{ data: vulnerability_data }
-#js-vulnerability-footer{ data: vulnerability_data }
+#js-vulnerability-header{ data: vulnerability_init_details }
+#js-vulnerability-details{ data: vulnerability_init_details }
+#js-vulnerability-footer{ data: vulnerability_init_details }

ee/spec/helpers/vulnerabilities_helper_spec.rb

@@ -58,35 +58,31 @@ RSpec.describe VulnerabilitiesHelper do
 
     it 'has expected vulnerability properties' do
       expect(subject).to include(
-        vulnerability_json: kind_of(String),
-        project_fingerprint: vulnerability.finding.project_fingerprint,
+        timestamp: Time.now.to_i,
         create_issue_url: "/#{project.full_path}/-/vulnerability_feedback",
-        notes_url: "/#{project.full_path}/-/security/vulnerabilities/#{vulnerability.id}/notes",
-        discussions_url: "/#{project.full_path}/-/security/vulnerabilities/#{vulnerability.id}/discussions",
         has_mr: anything,
-        vulnerability_feedback_help_path: kind_of(String),
-        finding_json: kind_of(String),
         create_mr_url: "/#{project.full_path}/-/vulnerability_feedback",
-        timestamp: Time.now.to_i
+        discussions_url: "/#{project.full_path}/-/security/vulnerabilities/#{vulnerability.id}/discussions",
+        notes_url: "/#{project.full_path}/-/security/vulnerabilities/#{vulnerability.id}/notes",
+        vulnerability_feedback_help_path: kind_of(String),
+        pipeline: anything
       )
     end
   end
 
-  describe '#vulnerability_data' do
-    subject { helper.vulnerability_data(vulnerability, pipeline) }
+  describe '#vulnerability_details' do
+    subject { helper.vulnerability_details(vulnerability, pipeline) }
 
     describe 'when pipeline exists' do
       let(:pipeline) { create(:ci_pipeline) }
-      let(:pipelineData) { Gitlab::Json.parse(subject[:pipeline_json]) }
 
       include_examples 'vulnerability properties'
 
       it 'returns expected pipeline data' do
-        expect(pipelineData).to include(
-          'id' => pipeline.id,
-          'created_at' => pipeline.created_at.iso8601,
-          'url' => be_present,
-          'source_branch' => pipeline.ref
+        expect(subject[:pipeline]).to include(
+          id: pipeline.id,
+          created_at: pipeline.created_at.iso8601,
+          url: be_present
         )
       end
     end
@@ -110,11 +106,12 @@ RSpec.describe VulnerabilitiesHelper do
         description: finding.description,
         identifiers: kind_of(Array),
         issue_feedback: anything,
-        merge_request_feedback: anything,
         links: finding.links,
         location: finding.location,
         name: finding.name,
+        merge_request_feedback: anything,
         project: kind_of(Grape::Entity::Exposure::NestingExposure::OutputBuilder),
+        project_fingerprint: finding.project_fingerprint,
         remediations: finding.remediations,
         solution: kind_of(String),
         evidence: kind_of(String),