Fix dast report parsing regression

This regression was caused by changes in zaproxy

Fix dast report parsing regression
This regression was caused by changes in zaproxy
ad01f86e · rossfuhrman · Philippe Lafoucrière · 6e103155 · ad01f86e · ad01f86e
Commit ad01f86e authored Jun 03, 2019 by rossfuhrman Committed by Philippe Lafoucrière Jun 03, 2019
5 changed files
--- a/ee/changelogs/unreleased/61264-dast-report-error.yml
+++ b/ee/changelogs/unreleased/61264-dast-report-error.yml
+---
+title: Fix dast report parsing regression caused by change in zaproxy
+merge_request: 13789
+author:
+type: fixed
--- a/ee/lib/gitlab/ci/parsers/security/dast.rb
+++ b/ee/lib/gitlab/ci/parsers/security/dast.rb
@@ -25,7 +25,7 @@ module Gitlab
          end
          def extract_vulnerabilities_from(data)
-            site = data['site']
+            site = data['site'].first
            results = []
            if site

--- a/ee/spec/finders/security/pipeline_vulnerabilities_finder_spec.rb
+++ b/ee/spec/finders/security/pipeline_vulnerabilities_finder_spec.rb
@@ -18,7 +18,7 @@ describe Security::PipelineVulnerabilitiesFinder do
    set(:artifact_sast) { create(:ee_ci_job_artifact, :sast, job: build_sast, project: project) }
    let(:cs_count) { read_fixture(artifact_cs)['unapproved'].count }
-    let(:dast_count) { read_fixture(artifact_dast).dig('site', 'alerts').first['instances'].count }
+    let(:dast_count) { read_fixture(artifact_dast)['site'].first['alerts'].first['instances'].count }
    let(:ds_count) { read_fixture(artifact_ds)['vulnerabilities'].count }
    let(:sast_count) { read_fixture(artifact_sast)['vulnerabilities'].count }

--- a/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
@@ -4,7 +4,7 @@ require 'spec_helper'
 describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
  let(:formatter) { described_class.new(file_vulnerability) }
-  let(:file_vulnerability) { parsed_report['site']['alerts'][0] }
+  let(:file_vulnerability) { parsed_report['site'].first['alerts'][0] }
  let(:parsed_report) do
    JSON.parse!(

--- a/spec/fixtures/security-reports/master/gl-dast-report.json
+++ b/spec/fixtures/security-reports/master/gl-dast-report.json
 {
-  "site": {
+  "site": [
+    {
      "alerts": [
        {
          "sourceid": "3",
@@ -34,7 +35,8 @@
      "@port": "80",
      "@host": "bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io",
      "@name": "http://bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io"
-  },
+    }
+  ],
  "@generated": "Fri, 13 Apr 2018 09:22:01",
  "@version": "2.7.0"
 }