Commit c26b7daf authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

Merge branch...

Merge branch '299420-refactor-update_location_fingerprint_for_container_scanning_findings_spec' into 'master'

Remove attributes_for from UpdateLocationFingerprintForContainerScanningFindings spec

See merge request gitlab-org/gitlab!53614
parents 3c8f7bf4 438ec458
...@@ -82,7 +82,8 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine ...@@ -82,7 +82,8 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine
end end
def finding_params(primary_identifier_id) def finding_params(primary_identifier_id)
attrs = attributes_for(:vulnerabilities_finding) # rubocop: disable RSpec/FactoriesInMigrationSpecs uuid = SecureRandom.uuid
{ {
severity: 0, severity: 0,
confidence: 5, confidence: 5,
...@@ -90,12 +91,32 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine ...@@ -90,12 +91,32 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine
project_id: 123, project_id: 123,
scanner_id: 6, scanner_id: 6,
primary_identifier_id: primary_identifier_id, primary_identifier_id: primary_identifier_id,
project_fingerprint: attrs[:project_fingerprint], project_fingerprint: SecureRandom.hex(20),
location_fingerprint: Digest::SHA1.hexdigest(SecureRandom.hex(10)), location_fingerprint: Digest::SHA1.hexdigest(SecureRandom.hex(10)),
uuid: attrs[:uuid], uuid: uuid,
name: attrs[:name], name: "Vulnerability Finding #{uuid}",
metadata_version: '1.3', metadata_version: '1.3',
raw_metadata: attrs[:raw_metadata] raw_metadata: raw_metadata
} }
end end
def raw_metadata
{ "description" => "The cipher does not provide data integrity update 1",
"message" => "The cipher does not provide data integrity",
"cve" => "818bf5dacb291e15d9e6dc3c5ac32178:CIPHER",
"solution" => "GCM mode introduces an HMAC into the resulting encrypted data, providing integrity of the result.",
"location" => { "file" => "maven/src/main/java/com/gitlab/security_products/tests/App.java", "start_line" => 29, "end_line" => 29, "class" => "com.gitlab.security_products.tests.App", "method" => "insecureCypher" },
"links" => [{ "name" => "Cipher does not check for integrity first?", "url" => "https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first" }],
"assets" => [{ "type" => "postman", "name" => "Test Postman Collection", "url" => "http://localhost/test.collection" }],
"evidence" =>
{ "summary" => "Credit card detected",
"request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => nil },
"response" => { "headers" => [{ "name" => "Content-Length", "value" => "0" }], "reason_phrase" => "OK", "status_code" => 200, "body" => nil },
"source" => { "id" => "assert:Response Body Analysis", "name" => "Response Body Analysis", "url" => "htpp://hostname/documentation" },
"supporting_messages" =>
[{ "name" => "Origional", "request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => "" } },
{ "name" => "Recorded",
"request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => "" },
"response" => { "headers" => [{ "name" => "Content-Length", "value" => "0" }], "reason_phrase" => "OK", "status_code" => 200, "body" => "" } }] } }
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment