Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9f43f28b
Commit
9f43f28b
authored
Oct 05, 2021
by
drew cimino
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Break up cross-model Security::Scan/Finding scope
parent
c9555383
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
2 deletions
+13
-2
ee/app/models/security/finding.rb
ee/app/models/security/finding.rb
+1
-1
ee/app/models/security/scan.rb
ee/app/models/security/scan.rb
+1
-0
ee/spec/models/security/finding_spec.rb
ee/spec/models/security/finding_spec.rb
+1
-1
ee/spec/models/security/scan_spec.rb
ee/spec/models/security/scan_spec.rb
+10
-0
No files found.
ee/app/models/security/finding.rb
View file @
9f43f28b
...
...
@@ -22,7 +22,7 @@ module Security
validates
:uuid
,
presence:
true
scope
:by_uuid
,
->
(
uuids
)
{
where
(
uuid:
uuids
)
}
scope
:by_build_ids
,
->
(
build_ids
)
{
joins
(
:scan
).
where
(
security_scans:
{
build_id:
build_ids
}
)
}
scope
:by_build_ids
,
->
(
build_ids
)
{
joins
(
:scan
).
merge
(
Security
::
Scan
.
by_build_ids
(
build_ids
)
)
}
scope
:by_project_fingerprints
,
->
(
fingerprints
)
{
where
(
project_fingerprint:
fingerprints
)
}
scope
:by_severity_levels
,
->
(
severity_levels
)
{
where
(
severity:
severity_levels
)
}
scope
:by_confidence_levels
,
->
(
confidence_levels
)
{
where
(
confidence:
confidence_levels
)
}
...
...
ee/app/models/security/scan.rb
View file @
9f43f28b
...
...
@@ -44,6 +44,7 @@ module Security
# We are going to deprecate the following scope soon as this requires join between ci and non-ci table
# which will not be possible after database decomposition (https://gitlab.com/groups/gitlab-org/-/epics/6373)
scope
:latest_successful_by_build
,
->
{
joins
(
:build
).
where
(
ci_builds:
{
retried:
[
nil
,
false
],
status:
'success'
})
}
scope
:by_build_ids
,
->
(
build_ids
)
{
where
(
build_id:
build_ids
)
}
scope
:without_errors
,
->
{
where
(
"jsonb_array_length(COALESCE(info->'errors', '[]'::jsonb)) = 0"
)
}
delegate
:name
,
to: :build
...
...
ee/spec/models/security/finding_spec.rb
View file @
9f43f28b
...
...
@@ -33,7 +33,7 @@ RSpec.describe Security::Finding do
describe
'.by_build_ids'
do
subject
{
described_class
.
by_build_ids
(
finding_1
.
scan
.
build_id
)
}
it
{
is_expected
.
to
eq
([
finding_1
])
}
it
{
with_cross_joins_prevented
{
is_expected
.
to
match_array
([
finding_1
])
}
}
end
describe
'.by_severity_levels'
do
...
...
ee/spec/models/security/scan_spec.rb
View file @
9f43f28b
...
...
@@ -89,6 +89,16 @@ RSpec.describe Security::Scan do
it
{
is_expected
.
to
match_array
([
second_successful_scan
])
}
end
describe
'.by_build_ids'
do
let!
(
:sast_scan
)
{
create
(
:security_scan
,
scan_type: :sast
)
}
let!
(
:dast_scan
)
{
create
(
:security_scan
,
scan_type: :dast
,
build:
sast_scan
.
build
)
}
let
(
:expected_scans
)
{
[
sast_scan
,
dast_scan
]
}
subject
{
described_class
.
by_build_ids
(
expected_scans
.
map
(
&
:build_id
))
}
it
{
with_cross_joins_prevented
{
is_expected
.
to
match_array
(
expected_scans
)
}
}
end
describe
'.has_dismissal_feedback'
do
let
(
:project_1
)
{
create
(
:project
)
}
let
(
:project_2
)
{
create
(
:project
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment