Commit 8bc0ef86 authored by Adam Cohen's avatar Adam Cohen Committed by Jan Provaznik

Add ConfigureSecurityAnalyzer superclass [RUN AS-IF-FOSS]

parent 20659ba3
# frozen_string_literal: true
module Mutations
module Security
module CiConfiguration
class BaseSecurityAnalyzer < BaseMutation
include FindsProject
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:, **args)
project = authorized_find!(project_path)
result = configure_analyzer(project, **args)
prepare_response(result)
end
private
def configure_analyzer(project, **args)
raise NotImplementedError
end
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
end
end
end
end
end
...@@ -3,9 +3,7 @@ ...@@ -3,9 +3,7 @@
module Mutations module Mutations
module Security module Security
module CiConfiguration module CiConfiguration
class ConfigureSast < BaseMutation class ConfigureSast < BaseSecurityAnalyzer
include FindsProject
graphql_name 'ConfigureSast' graphql_name 'ConfigureSast'
description <<~DESC description <<~DESC
Configure SAST for a project by enabling SAST in a new or modified Configure SAST for a project by enabling SAST in a new or modified
...@@ -13,37 +11,12 @@ module Mutations ...@@ -13,37 +11,12 @@ module Mutations
create a Merge Request are a part of the response. create a Merge Request are a part of the response.
DESC DESC
argument :project_path, GraphQL::ID_TYPE,
required: true,
description: 'Full path of the project.'
argument :configuration, ::Types::CiConfiguration::Sast::InputType, argument :configuration, ::Types::CiConfiguration::Sast::InputType,
required: true, required: true,
description: 'SAST CI configuration for the project.' description: 'SAST CI configuration for the project.'
field :success_path, GraphQL::STRING_TYPE, null: true, def configure_analyzer(project, **args)
description: 'Redirect path to use when the response is successful.' ::Security::CiConfiguration::SastCreateService.new(project, current_user, args[:configuration]).execute
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:, configuration:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::SastCreateService.new(project, current_user, configuration).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
end end
end end
end end
......
...@@ -3,9 +3,7 @@ ...@@ -3,9 +3,7 @@
module Mutations module Mutations
module Security module Security
module CiConfiguration module CiConfiguration
class ConfigureSecretDetection < BaseMutation class ConfigureSecretDetection < BaseSecurityAnalyzer
include FindsProject
graphql_name 'ConfigureSecretDetection' graphql_name 'ConfigureSecretDetection'
description <<~DESC description <<~DESC
Configure Secret Detection for a project by enabling Secret Detection Configure Secret Detection for a project by enabling Secret Detection
...@@ -14,33 +12,8 @@ module Mutations ...@@ -14,33 +12,8 @@ module Mutations
response. response.
DESC DESC
argument :project_path, GraphQL::ID_TYPE, def configure_analyzer(project, **_args)
required: true, ::Security::CiConfiguration::SecretDetectionCreateService.new(project, current_user).execute
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::SecretDetectionCreateService.new(project, current_user).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
end end
end end
end end
......
...@@ -3,9 +3,7 @@ ...@@ -3,9 +3,7 @@
module Mutations module Mutations
module Security module Security
module CiConfiguration module CiConfiguration
class ConfigureDependencyScanning < BaseMutation class ConfigureDependencyScanning < BaseSecurityAnalyzer
include FindsProject
graphql_name 'ConfigureDependencyScanning' graphql_name 'ConfigureDependencyScanning'
description <<~DESC description <<~DESC
Configure Dependency Scanning for a project by enabling Dependency Scanning in a new or modified Configure Dependency Scanning for a project by enabling Dependency Scanning in a new or modified
...@@ -13,33 +11,8 @@ module Mutations ...@@ -13,33 +11,8 @@ module Mutations
create a Merge Request are a part of the response. create a Merge Request are a part of the response.
DESC DESC
argument :project_path, GraphQL::ID_TYPE, def configure_analyzer(project, **_args)
required: true, ::Security::CiConfiguration::DependencyScanningCreateService.new(project, current_user).execute
description: 'Full path of the project.'
field :success_path, GraphQL::STRING_TYPE, null: true,
description: 'Redirect path to use when the response is successful.'
field :branch, GraphQL::STRING_TYPE, null: true,
description: 'Branch that has the new/modified `.gitlab-ci.yml` file.'
authorize :push_code
def resolve(project_path:)
project = authorized_find!(project_path)
result = ::Security::CiConfiguration::DependencyScanningCreateService.new(project, current_user).execute
prepare_response(result)
end
private
def prepare_response(result)
{
branch: result.payload[:branch],
success_path: result.payload[:success_path],
errors: result.errors
}
end end
end end
end end
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Mutations::Security::CiConfiguration::BaseSecurityAnalyzer do
include GraphqlHelpers
it 'raises a NotImplementedError error if the resolve method is called on the base class' do
user = create(:user)
project = create(:project, :public, :repository)
project.add_developer(user)
expect { resolve(described_class, args: { project_path: project.full_path }, ctx: { current_user: user }) }.to raise_error(NotImplementedError)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment