Automatic merge of gitlab-org/gitlab master

app/models/compare.rb

@@ -25,6 +25,16 @@ class Compare
     @straight = straight
   end
 
+  # Return a Hash of parameters for passing to a URL helper
+  #
+  # See `namespace_project_compare_url`
+  def to_param
+    {
+      from: @straight ? start_commit_sha : base_commit_sha,
+      to: head_commit_sha
+    }
+  end
+
   def cache_key
     [@project, :compare, diff_refs.hash]
   end

doc/api/repositories.md

@@ -200,7 +200,8 @@ Example response:
     "deleted_file": false
   }],
   "compare_timeout": false,
-  "compare_same_ref": false
+  "compare_same_ref": false,
+  "web_url": "https://gitlab.example.com/thedude/gitlab-foss/-/compare/ae73cb07c9eeaf35924a10f713b364d32b2dd34f...0b4bc9a49b562e85de7cc9e834518ea6828729b9"
 }
 ```
 

doc/development/integrations/secure.md

@@ -444,6 +444,10 @@ the system saves only the first 20 of them. Note that vulnerabilities in the [Pi
 Security](../../user/application_security/security_dashboard/#pipeline-security)
 tab do not enforce this limit and all identifiers present in the report artifact are displayed.
 
+### Details
+
+The `details` field is an object that supports many different content elements that are displayed when viewing vulnerability information. An example of the various data elements can be seen in the [security-reports repository](https://gitlab.com/gitlab-examples/security/security-reports/-/tree/master/samples/details-example).
+
 ### Location
 
 The `location` indicates where the vulnerability has been detected.
@@ -454,10 +458,6 @@ which is used to track vulnerabilities
 as new commits are pushed to the repository.
 The attributes used to generate the location fingerprint also depend on the type of scanning.
 
-### Details
-
-The `details` field is an object that supports many different content elements that are displayed when viewing vulnerability information. An example of the various data elements can be seen in the [security-reports repository](https://gitlab.com/gitlab-examples/security/security-reports/-/tree/master/samples/details-example).
-
 #### Dependency Scanning
 
 The `location` of a Dependency Scanning vulnerability is composed of a `dependency` and a `file`.

doc/user/application_security/index.md

@@ -337,6 +337,16 @@ For more details about which findings or vulnerabilities you can view in each of
 
 ## Troubleshooting
 
+### Secure job failing with exit code 1
+
+If a Secure job is failing and it's unclear why, add `SECURE_LOG_LEVEL: "debug"` as a global CI/CD variable for
+more verbose output that is helpful for troubleshooting.
+
+```yaml
+variables:
+  SECURE_LOG_LEVEL: "debug"
+```
+
 ### Outdated security reports
 
 When a security report generated for a merge request becomes outdated, the merge request shows a warning

lib/api/entities/compare.rb

@@ -20,6 +20,10 @@ module API
       end
 
       expose :same, as: :compare_same_ref
+
+      expose :web_url do |compare, _|
+        Gitlab::UrlBuilder.build(compare)
+      end
     end
   end
 end

lib/gitlab/url_builder.rb

@@ -24,6 +24,8 @@ module Gitlab
           instance.project_job_url(object.project, object, **options)
         when Commit
           commit_url(object, **options)
+        when Compare
+          compare_url(object, **options)
         when Group
           instance.group_canonical_url(object, **options)
         when Issue
@@ -68,6 +70,12 @@ module Gitlab
         instance.commit_url(commit, **options)
       end
 
+      def compare_url(compare, **options)
+        return '' unless compare.project
+
+        instance.project_compare_url(compare.project, **options.merge(compare.to_param))
+      end
+
       def note_url(note, **options)
         if note.for_commit?
           return '' unless note.project

package.json

@@ -150,7 +150,7 @@
     "lowlight": "^1.20.0",
     "marked": "^0.3.12",
     "mathjax": "3",
-    "mermaid": "^8.10.2",
+    "mermaid": "^8.11.5",
     "minimatch": "^3.0.4",
     "monaco-editor": "^0.25.2",
     "monaco-editor-webpack-plugin": "^4.0.0",

spec/factories/compares.rb

+# frozen_string_literal: true
+
+FactoryBot.define do
+  factory :compare do
+    skip_create # No persistence
+
+    start_project { association(:project, :repository) }
+    target_project { start_project }
+
+    start_ref { 'master' }
+    target_ref { 'feature' }
+
+    base_sha { nil }
+    straight { false }
+
+    initialize_with do
+      CompareService
+        .new(start_project, start_ref)
+        .execute(target_project, target_ref, base_sha: base_sha, straight: straight)
+    end
+  end
+end

spec/lib/gitlab/url_builder_spec.rb

@@ -69,6 +69,27 @@ RSpec.describe Gitlab::UrlBuilder do
       end
     end
 
+    context 'when passing a compare' do
+      # NOTE: The Compare requires an actual repository, which isn't available
+      # with the `build_stubbed` strategy used by the table tests above
+      let_it_be(:compare) { create(:compare) }
+      let_it_be(:project) { compare.project }
+
+      it 'returns the full URL' do
+        expect(subject.build(compare)).to eq("#{Gitlab.config.gitlab.url}/#{project.full_path}/-/compare/#{compare.base_commit_sha}...#{compare.head_commit_sha}")
+      end
+
+      it 'returns only the path if only_path is given' do
+        expect(subject.build(compare, only_path: true)).to eq("/#{project.full_path}/-/compare/#{compare.base_commit_sha}...#{compare.head_commit_sha}")
+      end
+
+      it 'returns an empty string for missing project' do
+        expect(compare).to receive(:project).and_return(nil)
+
+        expect(subject.build(compare)).to eq('')
+      end
+    end
+
     context 'when passing a commit without a project' do
       let(:commit) { build_stubbed(:commit) }
 

spec/requests/api/repositories_spec.rb

@@ -354,6 +354,7 @@ RSpec.describe API::Repositories do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['commits']).to be_present
         expect(json_response['diffs']).to be_present
+        expect(json_response['web_url']).to be_present
       end
 
       it "compares branches with explicit merge-base mode" do
@@ -365,6 +366,7 @@ RSpec.describe API::Repositories do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['commits']).to be_present
         expect(json_response['diffs']).to be_present
+        expect(json_response['web_url']).to be_present
       end
 
       it "compares branches with explicit straight mode" do
@@ -376,6 +378,7 @@ RSpec.describe API::Repositories do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['commits']).to be_present
         expect(json_response['diffs']).to be_present
+        expect(json_response['web_url']).to be_present
       end
 
       it "compares tags" do
@@ -384,6 +387,7 @@ RSpec.describe API::Repositories do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['commits']).to be_present
         expect(json_response['diffs']).to be_present
+        expect(json_response['web_url']).to be_present
       end
 
       it "compares commits" do
@@ -393,6 +397,7 @@ RSpec.describe API::Repositories do
         expect(json_response['commits']).to be_empty
         expect(json_response['diffs']).to be_empty
         expect(json_response['compare_same_ref']).to be_falsey
+        expect(json_response['web_url']).to be_present
       end
 
       it "compares commits in reverse order" do
@@ -401,6 +406,7 @@ RSpec.describe API::Repositories do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['commits']).to be_present
         expect(json_response['diffs']).to be_present
+        expect(json_response['web_url']).to be_present
       end
 
       it "compare commits between different projects with non-forked relation" do