Seed Vulnerability and IssueLink in development

Additionally, associate Occurrences with the Vulnerability. Closes https://gitlab.com/gitlab-org/gitlab/issues/36446

Seed Vulnerability and IssueLink in development
Additionally, associate Occurrences with the Vulnerability. Closes https://gitlab.com/gitlab-org/gitlab/issues/36446
b005d318 · Michał Zając · 1168fbb0 · b005d318
Commit b005d318 authored Feb 03, 2020 by Michał Zając
Hide whitespace changes
Inline Side-by-side

Showing with 38 additions and 5 deletions

ee/db/fixtures/development/20_vulnerabilities.rb ee/db/fixtures/development/20_vulnerabilities.rb +38 -5

No files found.
--- a/ee/db/fixtures/development/20_vulnerabilities.rb
+++ b/ee/db/fixtures/development/20_vulnerabilities.rb
@@ -12,7 +12,8 @@ class Gitlab::Seeder::Vulnerabilities

    10.times do |rank|
      primary_identifier = create_identifier(rank)
-      occurrence = create_occurrence(rank, primary_identifier)
+      vulnerability = create_vulnerability
+      occurrence = create_occurrence(vulnerability, rank, primary_identifier)
      # Create occurrence_pipeline join model
      occurrence.pipelines << pipeline
      # Create occurrence_identifier join models
@@ -24,7 +25,7 @@ class Gitlab::Seeder::Vulnerabilities
        when 0
          create_feedback(occurrence, 'dismissal')
        when 1
-          create_feedback(occurrence, 'issue')
+          create_feedback(occurrence, 'issue', vulnerability: vulnerability)
        else
          # no feedback
        end
@@ -34,8 +35,20 @@ class Gitlab::Seeder::Vulnerabilities

  private

-  def create_occurrence(rank, primary_identifier)
+  def create_vulnerability
+    project.vulnerabilities.create!(
+      state: random_state,
+      author: author,
+      title: 'Cypher with no integrity',
+      severity: random_severity_level,
+      confidence: random_confidence_level,
+      report_type: random_report_type
+    )
+  end
+
+  def create_occurrence(vulnerability, rank, primary_identifier)
    project.vulnerability_findings.create!(
+      vulnerability: vulnerability,
      uuid: random_uuid,
      name: 'Cipher with no integrity',
      report_type: :sast,
@@ -59,8 +72,12 @@ class Gitlab::Seeder::Vulnerabilities
    )
  end

-  def create_feedback(occurrence, type)
-    issue = create_issue("Dismiss #{occurrence.name}") if type == 'issue'
+  def create_feedback(occurrence, type, vulnerability: nil)
+    if type == 'issue'
+      issue = create_issue("Dismiss #{occurrence.name}")
+      create_vulnerability_issue_link(vulnerability, issue)
+    end
+
    project.vulnerability_feedback.create!(
      feedback_type: type,
      category: 'sast',
@@ -71,6 +88,14 @@ class Gitlab::Seeder::Vulnerabilities
      vulnerability_data: { category: 'sast' })
  end

+  def create_vulnerability_issue_link(vulnerability, issue)
+    ::Vulnerabilities::IssueLink.create!(
+      vulnerability: vulnerability,
+      issue: issue,
+      link_type: :created
+    )
+  end
+
  def scanner
    @scanner ||= project.vulnerability_scanners.create!(
      project: project,
@@ -90,6 +115,14 @@ class Gitlab::Seeder::Vulnerabilities
    ::Vulnerabilities::Occurrence::SEVERITY_LEVELS.keys.sample
  end

+  def random_report_type
+    ::Vulnerabilities::Occurrence::REPORT_TYPES.keys.sample
+  end
+
+  def random_state
+    ::Vulnerability.states.keys.sample
+  end
+
  def metadata(line)
    {
      description: "The cipher does not provide data integrity update 1",