Commit bd0dab96 authored by Igor Drozdov's avatar Igor Drozdov

Merge branch '239177_implement_fallback_for_remediations' into 'master'

Implement fallback for remediations

See merge request gitlab-org/gitlab!50201
parents e4bd141e c08e6490
...@@ -271,7 +271,9 @@ module Vulnerabilities ...@@ -271,7 +271,9 @@ module Vulnerabilities
end end
def remediations def remediations
metadata.dig('remediations') return metadata.dig('remediations') unless super.present?
super.as_json(only: [:summary, :diff])
end end
def build_evidence_request(data) def build_evidence_request(data)
......
...@@ -22,6 +22,10 @@ module Vulnerabilities ...@@ -22,6 +22,10 @@ module Vulnerabilities
scope :by_checksum, -> (checksum) { where(checksum: checksum) } scope :by_checksum, -> (checksum) { where(checksum: checksum) }
def diff
@diff ||= file.read
end
def retrieve_upload(_identifier, paths) def retrieve_upload(_identifier, paths)
Upload.find_by(model: self, path: paths) Upload.find_by(model: self, path: paths)
end end
......
...@@ -452,6 +452,33 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -452,6 +452,33 @@ RSpec.describe Vulnerabilities::Finding do
end end
end end
describe '#remediations' do
let(:raw_remediation) { { summary: 'foo', diff: 'bar' }.stringify_keys }
let(:raw_metadata) { { remediations: [raw_remediation] }.to_json }
let(:finding) { create(:vulnerabilities_finding, raw_metadata: raw_metadata) }
subject { finding.remediations }
context 'when the finding has associated remediation records' do
let!(:persisted_remediation) { create(:vulnerabilities_remediation, findings: [finding]) }
let(:remediation_hash) { persisted_remediation.as_json(only: [:summary, :diff]) }
it { is_expected.to eq([remediation_hash]) }
end
context 'when the finding does not have associated remediation records' do
context 'when the finding has remediations in `raw_metadata`' do
it { is_expected.to eq([raw_remediation]) }
end
context 'when the finding does not have remediations in `raw_metadata`' do
let(:raw_metadata) { {}.to_json }
it { is_expected.to be_nil }
end
end
end
describe 'feedback' do describe 'feedback' do
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let(:finding) do let(:finding) do
......
...@@ -20,4 +20,14 @@ RSpec.describe Vulnerabilities::Remediation do ...@@ -20,4 +20,14 @@ RSpec.describe Vulnerabilities::Remediation do
it { is_expected.to match_array([remediation_2]) } it { is_expected.to match_array([remediation_2]) }
end end
describe '#diff' do
let(:diff_content) { 'foo' }
let(:diff_file) { Tempfile.new.tap { |f| f.write(diff_content) } }
let(:remediation) { create(:vulnerabilities_remediation, file: diff_file) }
subject { remediation.diff }
it { is_expected.to eq(diff_content) }
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment