Merge branch '8412-wrong-icon-for-fixed-vulnerability-in-container-scanning-report' into 'master'

Resolve "Wrong icon for fixed vulnerability in Container Scanning report" Closes #8412 See merge request gitlab-org/gitlab-ee!9120

Merge branch '8412-wrong-icon-for-fixed-vulnerability-in-container-scanning-report' into 'master'
Resolve "Wrong icon for fixed vulnerability in Container Scanning report" Closes #8412 See merge request gitlab-org/gitlab-ee!9120
a6641434 · Filipa Lacerda · 9ff0680d · ff944b3a · a6641434 · a6641434
Commit a6641434 authored Jan 16, 2019 by Filipa Lacerda
6 changed files
--- a/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
@@ -290,7 +290,7 @@ export default {
        <issues-list
          v-if="sastContainer.newIssues.length || sastContainer.resolvedIssues.length"
          :unresolved-issues="sastContainer.newIssues"
-          :neutral-issues="sastContainer.resolvedIssues"
+          :resolved-issues="sastContainer.resolvedIssues"
          :component="$options.componentNames.SastContainerIssueBody"
          class="report-block-group-list"
        />

--- a/ee/changelogs/unreleased/8412-wrong-icon-for-fixed-vulnerability-in-container-scanning-report.yml
+++ b/ee/changelogs/unreleased/8412-wrong-icon-for-fixed-vulnerability-in-container-scanning-report.yml
+---
+title: Fixes the icon for fixed vulnerability in Container Scanning report
+merge_request: 9120
+author:
+type: fixed
--- a/ee/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
+++ b/ee/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
@@ -579,7 +579,7 @@ describe('ee merge request widget options', () => {
              vm.$el.querySelector('.js-sast-container .report-block-list-issue-description')
                .textContent,
            ),
-          ).toEqual('Container scanning detected 1 new vulnerability');
+          ).toEqual('Container scanning detected 1 new, and 1 fixed vulnerabilities');
          done();
        }, 0);
      });

--- a/ee/spec/javascripts/vue_shared/security_reports/grouped_security_reports_app_spec.js
+++ b/ee/spec/javascripts/vue_shared/security_reports/grouped_security_reports_app_spec.js
@@ -12,8 +12,6 @@ import {
  dockerBaseReport,
  dast,
  dastBase,
-  sastHeadAllIssues,
-  sastBaseAllIssues,
 } from './mock_data';

 describe('Grouped security reports app', () => {
@@ -183,7 +181,7 @@ describe('Grouped security reports app', () => {

        // Renders the summary text
        expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
-          'Security scanning detected 6 new, and 2 fixed vulnerabilities',
+          'Security scanning detected 6 new, and 3 fixed vulnerabilities',
        );

        // Renders the expand button
@@ -198,8 +196,11 @@ describe('Grouped security reports app', () => {
        expect(trimText(vm.$el.textContent)).toContain(
          'Dependency scanning detected 2 new, and 1 fixed vulnerabilities',
        );
+
        // Renders container scanning result
-        expect(vm.$el.textContent).toContain('Container scanning detected 1 new vulnerability');
+        expect(vm.$el.textContent).toContain(
+          'Container scanning detected 1 new, and 1 fixed vulnerabilities',
+        );

        // Renders DAST result
        expect(vm.$el.textContent).toContain('DAST detected 1 new vulnerability');
@@ -222,41 +223,16 @@ describe('Grouped security reports app', () => {
        });
      }, 0);
    });
-  });

-  describe('with all issues for sast and dependency scanning', () => {
-    beforeEach(() => {
-      mock.onGet('sast_head.json').reply(200, sastHeadAllIssues);
-      mock.onGet('sast_base.json').reply(200, sastBaseAllIssues);
-      mock.onGet('dast_head.json').reply(200, dast);
-      mock.onGet('dast_base.json').reply(200, dastBase);
-      mock.onGet('sast_container_head.json').reply(200, dockerReport);
-      mock.onGet('sast_container_base.json').reply(200, dockerBaseReport);
-      mock.onGet('dss_head.json').reply(200, sastHeadAllIssues);
-      mock.onGet('dss_base.json').reply(200, sastBaseAllIssues);
-      mock.onGet('vulnerability_feedback_path.json').reply(200, []);
+    it('has the success icon for fixed vulnerabilities', done => {
+      setTimeout(() => {
+        const icon = vm.$el.querySelector(
+          '.js-sast-container~.js-plain-element .ic-status_success_borderless',
+        );

-      vm = mountComponent(Component, {
-        headBlobPath: 'path',
-        baseBlobPath: 'path',
-        sastHeadPath: 'sast_head.json',
-        sastBasePath: 'sast_base.json',
-        dastHeadPath: 'dast_head.json',
-        dastBasePath: 'dast_base.json',
-        sastContainerHeadPath: 'sast_container_head.json',
-        sastContainerBasePath: 'sast_container_base.json',
-        dependencyScanningHeadPath: 'dss_head.json',
-        dependencyScanningBasePath: 'dss_base.json',
-        sastHelpPath: 'path',
-        sastContainerHelpPath: 'path',
-        dastHelpPath: 'path',
-        dependencyScanningHelpPath: 'path',
-        vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
-        vulnerabilityFeedbackHelpPath: 'path',
-        pipelineId: 123,
-        canCreateIssue: true,
-        canCreateFeedback: true,
-      });
+        expect(icon).not.toBeNull();
+        done();
+      }, 0);
    });
  });


--- a/ee/spec/javascripts/vue_shared/security_reports/mock_data.js
+++ b/ee/spec/javascripts/vue_shared/security_reports/mock_data.js
@@ -673,6 +673,27 @@ export const parsedDependencyScanningBaseStore = [
  },
 ];

+export const parsedSastContainerBaseStore = [
+  {
+    category: 'container_scanning',
+    description: 'debian:8 is affected by CVE-2014-8130.',
+    identifiers: [
+      {
+        name: 'CVE-2014-8130',
+        type: 'CVE',
+        url: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130',
+        value: 'CVE-2014-8130',
+      },
+    ],
+    namespace: 'debian:8',
+    path: 'debian:8',
+    project_fingerprint: '20a19f706d82cec1c04d1c9a8858e89b142d602f',
+    severity: 'Negligible',
+    title: 'CVE-2014-8130',
+    vulnerability: 'CVE-2014-8130',
+  },
+];
+
 export const allIssuesParsed = [
  {
    title: 'Possible Information Leak Vulnerability in Action View',
@@ -710,7 +731,7 @@ export const dockerReport = {
 };

 export const dockerBaseReport = {
-  unapproved: ['CVE-2017-12944'],
+  unapproved: ['CVE-2017-12944', 'CVE-2014-8130'],
  vulnerabilities: [
    {
      vulnerability: 'CVE-2017-12944',

--- a/ee/spec/javascripts/vue_shared/security_reports/store/mutations_spec.js
+++ b/ee/spec/javascripts/vue_shared/security_reports/store/mutations_spec.js
@@ -12,6 +12,7 @@ import {
  parsedDependencyScanningIssuesHead,
  parsedDependencyScanningBaseStore,
  parsedDependencyScanningIssuesStore,
+  parsedSastContainerBaseStore,
  dockerReport,
  dockerBaseReport,
  dockerNewIssues,
@@ -184,8 +185,8 @@ describe('security reports mutations', () => {

        expect(stateCopy.sastContainer.isLoading).toEqual(false);
        expect(stateCopy.sastContainer.newIssues).toEqual(dockerNewIssues);
-        expect(stateCopy.sastContainer.resolvedIssues).toEqual([]);
-        expect(stateCopy.summaryCounts).toEqual({ added: 1, fixed: 0, existing: 0 });
+        expect(stateCopy.sastContainer.resolvedIssues).toEqual(parsedSastContainerBaseStore);
+        expect(stateCopy.summaryCounts).toEqual({ added: 1, fixed: 1, existing: 0 });
      });
    });