Commit 960360b0 authored by Thiago Figueiró's avatar Thiago Figueiró

Track findings_count in security scan reports

parent 48658f1b
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
# @param build [Ci::Build] the build that ran the scan. # @param build [Ci::Build] the build that ran the scan.
module Security module Security
class TrackScanService class TrackScanService
SECURE_SCAN_SCHEMA_URL = 'iglu:com.gitlab/secure_scan/jsonschema/1-0-1' SECURE_SCAN_SCHEMA_URL = 'iglu:com.gitlab/secure_scan/jsonschema/1-1-0'
def initialize(build) def initialize(build)
@build = build @build = build
...@@ -40,11 +40,13 @@ module Security ...@@ -40,11 +40,13 @@ module Security
analyzer = report&.analyzer analyzer = report&.analyzer
scan = report&.scan scan = report&.scan
primary_scanner = report&.primary_scanner primary_scanner = report&.primary_scanner
findings = report&.findings || []
{ {
analyzer: analyzer_id(report), analyzer: analyzer_id(report),
analyzer_vendor: analyzer&.vendor, analyzer_vendor: analyzer&.vendor,
analyzer_version: analyzer&.version, analyzer_version: analyzer&.version,
findings_count: findings.count,
end_time: scan&.end_time, end_time: scan&.end_time,
report_schema_version: report&.version, report_schema_version: report&.version,
scan_type: scan_type(report, report_type), scan_type: scan_type(report, report_type),
......
...@@ -32,6 +32,7 @@ RSpec.describe Security::TrackScanService do ...@@ -32,6 +32,7 @@ RSpec.describe Security::TrackScanService do
analyzer_vendor: 'GitLab', analyzer_vendor: 'GitLab',
analyzer_version: '2.0.1', analyzer_version: '2.0.1',
end_time: '2021-06-11T07:27:50', end_time: '2021-06-11T07:27:50',
findings_count: 1,
scan_type: 'dast', scan_type: 'dast',
scanner: 'zaproxy-browserker', scanner: 'zaproxy-browserker',
scanner_vendor: 'GitLab', scanner_vendor: 'GitLab',
...@@ -69,6 +70,7 @@ RSpec.describe Security::TrackScanService do ...@@ -69,6 +70,7 @@ RSpec.describe Security::TrackScanService do
analyzer_vendor: nil, analyzer_vendor: nil,
analyzer_version: nil, analyzer_version: nil,
end_time: nil, end_time: nil,
findings_count: 1,
scan_type: 'dast', scan_type: 'dast',
scanner: "zaproxy", scanner: "zaproxy",
scanner_vendor: nil, scanner_vendor: nil,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment