Commit ffdf2f23 authored by Stan Hu's avatar Stan Hu

Merge branch '258203-add-api-fuzzing-report' into 'master'

Add API Fuzzing report type to backend

See merge request gitlab-org/gitlab!43763
parents 2c3abd36 3d743738
......@@ -46,7 +46,8 @@ module Ci
terraform: 'tfplan.json',
cluster_applications: 'gl-cluster-applications.json',
requirements: 'requirements.json',
coverage_fuzzing: 'gl-coverage-fuzzing.json'
coverage_fuzzing: 'gl-coverage-fuzzing.json',
api_fuzzing: 'gl-api-fuzzing-report.json'
}.freeze
INTERNAL_TYPES = {
......@@ -82,11 +83,13 @@ module Ci
load_performance: :raw,
terraform: :raw,
requirements: :raw,
coverage_fuzzing: :raw
coverage_fuzzing: :raw,
api_fuzzing: :raw
}.freeze
DOWNLOADABLE_TYPES = %w[
accessibility
api_fuzzing
archive
cobertura
codequality
......@@ -194,7 +197,8 @@ module Ci
requirements: 22, ## EE-specific
coverage_fuzzing: 23, ## EE-specific
browser_performance: 24, ## EE-specific
load_performance: 25 ## EE-specific
load_performance: 25, ## EE-specific
api_fuzzing: 26 ## EE-specific
}
# `file_location` indicates where actual files are stored.
......
......@@ -16654,6 +16654,11 @@ type ScannedResourceEdge {
Represents summary of a security report
"""
type SecurityReportSummary {
"""
Aggregated counts for the api_fuzzing scan
"""
apiFuzzing: SecurityReportSummarySection
"""
Aggregated counts for the container_scanning scan
"""
......@@ -16734,6 +16739,7 @@ type SecurityReportSummarySection {
The type of the security scanner
"""
enum SecurityScannerType {
API_FUZZING
CONTAINER_SCANNING
COVERAGE_FUZZING
DAST
......@@ -20173,7 +20179,7 @@ type Vulnerability implements Noteable {
"""
Type of the security report that found the vulnerability (SAST,
DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION,
COVERAGE_FUZZING)
COVERAGE_FUZZING, API_FUZZING)
"""
reportType: VulnerabilityReportType
......@@ -20636,6 +20642,7 @@ type VulnerabilityPermissions {
The type of the security scan that found the vulnerability
"""
enum VulnerabilityReportType {
API_FUZZING
CONTAINER_SCANNING
COVERAGE_FUZZING
DAST
......
......@@ -48143,6 +48143,20 @@
"name": "SecurityReportSummary",
"description": "Represents summary of a security report",
"fields": [
{
"name": "apiFuzzing",
"description": "Aggregated counts for the api_fuzzing scan",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "SecurityReportSummarySection",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "containerScanning",
"description": "Aggregated counts for the container_scanning scan",
......@@ -48386,6 +48400,12 @@
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "API_FUZZING",
"description": null,
"isDeprecated": false,
"deprecationReason": null
}
],
"possibleTypes": null
......@@ -58532,7 +58552,7 @@
},
{
"name": "reportType",
"description": "Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING)",
"description": "Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING)",
"args": [
],
......@@ -59983,6 +60003,12 @@
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "API_FUZZING",
"description": null,
"isDeprecated": false,
"deprecationReason": null
}
],
"possibleTypes": null
......@@ -2246,6 +2246,7 @@ Represents summary of a security report.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `apiFuzzing` | SecurityReportSummarySection | Aggregated counts for the api_fuzzing scan |
| `containerScanning` | SecurityReportSummarySection | Aggregated counts for the container_scanning scan |
| `coverageFuzzing` | SecurityReportSummarySection | Aggregated counts for the coverage_fuzzing scan |
| `dast` | SecurityReportSummarySection | Aggregated counts for the dast scan |
......@@ -2817,7 +2818,7 @@ Represents a vulnerability.
| `location` | VulnerabilityLocation | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability |
| `primaryIdentifier` | VulnerabilityIdentifier | Primary identifier of the vulnerability. |
| `project` | Project | The project on which the vulnerability was found |
| `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING) |
| `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING) |
| `resolvedOnDefaultBranch` | Boolean! | Indicates whether the vulnerability is fixed on the default branch or not |
| `scanner` | VulnerabilityScanner | Scanner metadata for the vulnerability. |
| `severity` | VulnerabilitySeverity | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL) |
......@@ -3551,6 +3552,7 @@ The type of the security scanner.
| Value | Description |
| ----- | ----------- |
| `API_FUZZING` | |
| `CONTAINER_SCANNING` | |
| `COVERAGE_FUZZING` | |
| `DAST` | |
......@@ -3735,6 +3737,7 @@ The type of the security scan that found the vulnerability.
| Value | Description |
| ----- | ----------- |
| `API_FUZZING` | |
| `CONTAINER_SCANNING` | |
| `COVERAGE_FUZZING` | |
| `DAST` | |
......
......@@ -15,7 +15,9 @@ module EE
before_action :whitelist_query_limiting_ee_merge, only: [:merge]
before_action :authorize_read_pipeline!, only: [:container_scanning_reports, :dependency_scanning_reports,
:sast_reports, :secret_detection_reports, :dast_reports, :metrics_reports, :coverage_fuzzing_reports]
:sast_reports, :secret_detection_reports, :dast_reports,
:metrics_reports, :coverage_fuzzing_reports,
:api_fuzzing_reports]
before_action :authorize_read_licenses!, only: [:license_scanning_reports]
feature_category :code_review, [:delete_description_version, :description_diff]
......@@ -60,6 +62,10 @@ module EE
reports_response(merge_request.compare_coverage_fuzzing_reports(current_user), head_pipeline)
end
def api_fuzzing_reports
reports_response(merge_request.compare_api_fuzzing_reports(current_user), head_pipeline)
end
private
def whitelist_query_limiting_ee_merge
......
......@@ -13,7 +13,7 @@
module Security
class SecurityJobsFinder < JobsFinder
def self.allowed_job_types
[:sast, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing]
[:sast, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing, :api_fuzzing]
end
end
end
......@@ -20,7 +20,7 @@ module Types
VulnerabilityLocation::ContainerScanningType
when 'dependency_scanning'
VulnerabilityLocation::DependencyScanningType
when 'dast'
when 'dast', 'api_fuzzing'
VulnerabilityLocation::DastType
when 'sast'
VulnerabilityLocation::SastType
......
......@@ -16,7 +16,8 @@ module EE
dependency_scanning: :dependency_scanning,
container_scanning: :container_scanning,
dast: :dast,
coverage_fuzzing: :coverage_fuzzing
coverage_fuzzing: :coverage_fuzzing,
api_fuzzing: :api_fuzzing
}.with_indifferent_access.freeze
EE_RUNNER_FEATURES = {
......
......@@ -12,7 +12,7 @@ module EE
prepended do
after_destroy :log_geo_deleted_event
SECURITY_REPORT_FILE_TYPES = %w[sast secret_detection dependency_scanning container_scanning dast coverage_fuzzing].freeze
SECURITY_REPORT_FILE_TYPES = %w[sast secret_detection dependency_scanning container_scanning dast coverage_fuzzing api_fuzzing].freeze
LICENSE_SCANNING_REPORT_FILE_TYPES = %w[license_management license_scanning].freeze
DEPENDENCY_LIST_REPORT_FILE_TYPES = %w[dependency_scanning].freeze
METRICS_REPORT_FILE_TYPES = %w[metrics].freeze
......@@ -22,6 +22,7 @@ module EE
DAST_REPORT_TYPES = %w[dast].freeze
REQUIREMENTS_REPORT_FILE_TYPES = %w[requirements].freeze
COVERAGE_FUZZING_REPORT_TYPES = %w[coverage_fuzzing].freeze
API_FUZZING_REPORT_TYPES = %w[api_fuzzing].freeze
BROWSER_PERFORMANCE_REPORT_FILE_TYPES = %w[browser_performance performance].freeze
scope :project_id_in, ->(ids) { where(project_id: ids) }
......@@ -64,6 +65,10 @@ module EE
scope :coverage_fuzzing_reports, -> do
with_file_types(COVERAGE_FUZZING_REPORT_TYPES)
end
scope :api_fuzzing_reports, -> do
with_file_types(API_FUZZING_REPORT_TYPES)
end
end
class_methods do
......
......@@ -51,7 +51,8 @@ module EE
license_scanning: %i[license_scanning],
metrics: %i[metrics_reports],
requirements: %i[requirements],
coverage_fuzzing: %i[coverage_fuzzing]
coverage_fuzzing: %i[coverage_fuzzing],
api_fuzzing: %i[api_fuzzing]
}.freeze
state_machine :status do
......
......@@ -164,7 +164,8 @@ module EE
dependency_scanning: report_type_enabled?(:dependency_scanning),
license_scanning: report_type_enabled?(:license_scanning),
coverage_fuzzing: report_type_enabled?(:coverage_fuzzing),
secret_detection: report_type_enabled?(:secret_detection)
secret_detection: report_type_enabled?(:secret_detection),
api_fuzzing: report_type_enabled?(:api_fuzzing)
}
end
......@@ -248,6 +249,12 @@ module EE
compare_reports(::Ci::CompareSecurityReportsService, current_user, 'coverage_fuzzing')
end
def compare_api_fuzzing_reports(current_user)
return missing_report_error('api fuzzing') unless has_api_fuzzing_reports?
compare_reports(::Ci::CompareSecurityReportsService, current_user, 'api_fuzzing')
end
def synchronize_approval_rules_from_target_project
return if merged?
......
......@@ -338,7 +338,8 @@ module EE
feature_available?(:dependency_scanning) ||
feature_available?(:container_scanning) ||
feature_available?(:dast) ||
feature_available?(:coverage_fuzzing)
feature_available?(:coverage_fuzzing) ||
feature_available?(:api_fuzzing)
end
def free_plan?
......
......@@ -19,7 +19,8 @@ module Security
container_scanning: 3,
dast: 4,
secret_detection: 5,
coverage_fuzzing: 6
coverage_fuzzing: 6,
api_fuzzing: 7
}
delegate :project, to: :build
......
......@@ -15,7 +15,7 @@ module Vulnerabilities
attr_accessor :vulnerability_data
enum feedback_type: { dismissal: 0, issue: 1, merge_request: 2 }, _prefix: :for
enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3, secret_detection: 4, coverage_fuzzing: 5 }
enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3, secret_detection: 4, coverage_fuzzing: 5, api_fuzzing: 6 }
validates :project, presence: true
validates :author, presence: true
......
......@@ -59,7 +59,8 @@ module Vulnerabilities
container_scanning: 2,
dast: 3,
secret_detection: 4,
coverage_fuzzing: 5
coverage_fuzzing: 5,
api_fuzzing: 6
}.with_indifferent_access.freeze
enum confidence: CONFIDENCE_LEVELS, _prefix: :confidence
......
......@@ -18,7 +18,8 @@ module Projects
license_scanning: 'user/compliance/license_compliance/index',
sast: 'user/application_security/sast/index',
secret_detection: 'user/application_security/secret_detection/index',
coverage_fuzzing: 'user/application_security/coverage_fuzzing/index'
coverage_fuzzing: 'user/application_security/coverage_fuzzing/index',
api_fuzzing: 'user/application_security/api_fuzzing/index'
}.freeze
def self.localized_scan_descriptions
......@@ -31,7 +32,8 @@ module Projects
license_scanning: _('Search your project dependencies for their licenses and apply policies.'),
sast: _('Analyze your source code for known vulnerabilities.'),
secret_detection: _('Analyze your source code and git history for secrets.'),
coverage_fuzzing: _('Find bugs in your code with coverage-guided fuzzing.')
coverage_fuzzing: _('Find bugs in your code with coverage-guided fuzzing.'),
api_fuzzing: _('Find bugs in your code with API fuzzing.')
}.freeze
end
......@@ -45,7 +47,8 @@ module Projects
license_scanning: _('License Compliance'),
sast: _('Static Application Security Testing (SAST)'),
secret_detection: _('Secret Detection'),
coverage_fuzzing: _('Coverage Fuzzing')
coverage_fuzzing: _('Coverage Fuzzing'),
api_fuzzing: _('API Fuzzing')
}.freeze
end
......
---
title: Add API Fuzzing report type (backend)
merge_request: 43763
author:
type: added
......@@ -15,6 +15,7 @@ module EE
container_scanning: ::Gitlab::Ci::Parsers::Security::ContainerScanning,
dast: ::Gitlab::Ci::Parsers::Security::Dast,
sast: ::Gitlab::Ci::Parsers::Security::Sast,
api_fuzzing: ::Gitlab::Ci::Parsers::Security::Dast,
coverage_fuzzing: ::Gitlab::Ci::Parsers::Security::CoverageFuzzing,
secret_detection: ::Gitlab::Ci::Parsers::Security::SecretDetection,
metrics: ::Gitlab::Ci::Parsers::Metrics::Generic,
......
......@@ -29,7 +29,7 @@ RSpec.describe Projects::Security::ConfigurationController do
it 'responds in json format when requested' do
get :show, params: { namespace_id: project.namespace, project_id: project, format: :json }
types = %w(sast dast dast_profiles dependency_scanning container_scanning secret_detection coverage_fuzzing license_scanning)
types = %w(sast dast dast_profiles dependency_scanning container_scanning secret_detection coverage_fuzzing license_scanning api_fuzzing)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['features'].map { |f| f['type'] }).to match_array(types)
......
......@@ -6,7 +6,7 @@ FactoryBot.define do
failure_reason { Ci::Build.failure_reasons[:protected_environment_failure] }
end
%i[codequality container_scanning dast dependency_scanning license_management license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
%i[api_fuzzing codequality container_scanning dast dependency_scanning license_management license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
trait "legacy_#{report_type}".to_sym do
success
artifacts
......@@ -133,5 +133,11 @@ FactoryBot.define do
build.job_artifacts << create(:ee_ci_job_artifact, :coverage_fuzzing, job: build)
end
end
trait :api_fuzzing_report do
after(:build) do |build|
build.job_artifacts << create(:ee_ci_job_artifact, :api_fuzzing, job: build)
end
end
end
end
......@@ -413,5 +413,16 @@ FactoryBot.define do
'application/json')
end
end
trait :api_fuzzing do
file_format { :raw }
file_type { :api_fuzzing }
after(:build) do |artifact, _|
artifact.file = fixture_file_upload(
Rails.root.join('ee/spec/fixtures/security_reports/master/gl-api-fuzzing-report.json'),
'application/json')
end
end
end
end
......@@ -2,7 +2,7 @@
FactoryBot.define do
factory :ee_ci_pipeline, class: 'Ci::Pipeline', parent: :ci_pipeline do
%i[browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_management license_scanning load_performance sast secret_detection].each do |report_type|
%i[api_fuzzing browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_management license_scanning load_performance sast secret_detection].each do |report_type|
trait "with_#{report_type}_report".to_sym do
status { :success }
......
......@@ -32,7 +32,7 @@
},
"category": {
"type": "string",
"enum": ["sast", "dependency_scanning", "container_scanning", "dast", "coverage_fuzzing"]
"enum": ["sast", "dependency_scanning", "container_scanning", "dast", "coverage_fuzzing", "api_fuzzing"]
},
"project_fingerprint": { "type": "string" },
"branch": { "type": ["string", "null"] },
......
......@@ -31,6 +31,7 @@
"auto_fix_dast": true,
"auto_fix_dependency_scanning": false,
"auto_fix_sast": false,
"auto_fix_coverage_fuzzing": false
"auto_fix_coverage_fuzzing": false,
"auto_fix_api_fuzzing": false
}
}
{"security_setting": {"auto_fix_container_scanning": true,"auto_fix_dast": true,"auto_fix_dependency_scanning": false,"auto_fix_sast": false, "auto_fix_coverage": false}}
{"security_setting": {"auto_fix_container_scanning": true,"auto_fix_dast": true,"auto_fix_dependency_scanning": false,"auto_fix_sast": false, "auto_fix_coverage": false, "auto_fix_api_fuzzing": false}}
......@@ -4,6 +4,6 @@ require 'spec_helper'
RSpec.describe GitlabSchema.types['SecurityScannerType'] do
it 'exposes all security scanner types' do
expect(described_class.values.keys).to contain_exactly(*%w[CONTAINER_SCANNING COVERAGE_FUZZING DAST DEPENDENCY_SCANNING SAST SECRET_DETECTION])
expect(described_class.values.keys).to match_array(%w[API_FUZZING CONTAINER_SCANNING COVERAGE_FUZZING DAST DEPENDENCY_SCANNING SAST SECRET_DETECTION])
end
end
......@@ -4,6 +4,6 @@ require 'spec_helper'
RSpec.describe GitlabSchema.types['VulnerabilityReportType'] do
it 'exposes all vulnerability report types' do
expect(described_class.values.keys).to contain_exactly(*%w[SAST SECRET_DETECTION DAST CONTAINER_SCANNING DEPENDENCY_SCANNING COVERAGE_FUZZING])
expect(described_class.values.keys).to match_array(%w[SAST SECRET_DETECTION DAST CONTAINER_SCANNING DEPENDENCY_SCANNING COVERAGE_FUZZING API_FUZZING])
end
end
......@@ -535,6 +535,8 @@ RSpec.describe Gitlab::UsageData do
secret_detection_scans: 0,
coverage_fuzzing_pipeline: 0,
coverage_fuzzing_scans: 0,
api_fuzzing_pipeline: 0,
api_fuzzing_scans: 0,
user_unique_users_all_secure_scanners: 1
)
end
......@@ -586,13 +588,15 @@ RSpec.describe Gitlab::UsageData do
dast_pipeline: 0,
secret_detection_pipeline: 1,
coverage_fuzzing_pipeline: 0,
api_fuzzing_pipeline: 0,
user_unique_users_all_secure_scanners: 1,
sast_scans: 0,
dependency_scanning_scans: 2,
container_scanning_scans: 1,
dast_scans: 0,
secret_detection_scans: 1,
coverage_fuzzing_scans: 0
coverage_fuzzing_scans: 0,
api_fuzzing_scans: 0
)
end
......@@ -624,6 +628,8 @@ RSpec.describe Gitlab::UsageData do
secret_detection_scans: 0,
coverage_fuzzing_pipeline: 0,
coverage_fuzzing_scans: 0,
api_fuzzing_pipeline: 0,
api_fuzzing_scans: 0,
user_unique_users_all_secure_scanners: 3
)
end
......@@ -654,6 +660,8 @@ RSpec.describe Gitlab::UsageData do
secret_detection_scans: 0,
coverage_fuzzing_pipeline: 0,
coverage_fuzzing_scans: 0,
api_fuzzing_pipeline: 0,
api_fuzzing_scans: 0,
user_unique_users_all_secure_scanners: 1
)
end
......@@ -684,6 +692,8 @@ RSpec.describe Gitlab::UsageData do
secret_detection_scans: -1,
coverage_fuzzing_pipeline: -1,
coverage_fuzzing_scans: -1,
api_fuzzing_pipeline: -1,
api_fuzzing_scans: -1,
user_unique_users_all_secure_scanners: -1
)
end
......
......@@ -16,7 +16,8 @@ RSpec.describe Vulnerability do
container_scanning: 2,
dast: 3,
secret_detection: 4,
coverage_fuzzing: 5 }
coverage_fuzzing: 5,
api_fuzzing: 6 }
end
it { is_expected.to define_enum_for(:state).with_values(state_values) }
......@@ -306,12 +307,13 @@ RSpec.describe Vulnerability do
let_it_be(:vulnerability_secret_detection) { create(:vulnerability, :secret_detection) }
let_it_be(:vulnerability_sast) { create(:vulnerability, :sast) }
let_it_be(:vulnerability_coverage_fuzzing) { create(:vulnerability, :coverage_fuzzing) }
let_it_be(:vulnerability_api_fuzzing) { create(:vulnerability, :api_fuzzing) }
describe 'asc' do
subject { described_class.order_report_type_asc }
it 'returns vulnerabilities ordered by report_type' do
is_expected.to eq([vulnerability_coverage_fuzzing, vulnerability_dast, vulnerability_sast, vulnerability_secret_detection])
is_expected.to eq([vulnerability_api_fuzzing, vulnerability_coverage_fuzzing, vulnerability_dast, vulnerability_sast, vulnerability_secret_detection])
end
end
......@@ -319,7 +321,7 @@ RSpec.describe Vulnerability do
subject { described_class.order_report_type_desc }
it 'returns vulnerabilities ordered by report_type' do
is_expected.to eq([vulnerability_secret_detection, vulnerability_sast, vulnerability_dast, vulnerability_coverage_fuzzing])
is_expected.to eq([vulnerability_secret_detection, vulnerability_sast, vulnerability_dast, vulnerability_coverage_fuzzing, vulnerability_api_fuzzing])
end
end
end
......
......@@ -72,7 +72,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false, auto_dev_ops_enabled: true),
security_scan(:license_scanning, configured: false, auto_dev_ops_enabled: true),
security_scan(:secret_detection, configured: true, auto_dev_ops_enabled: true),
security_scan(:coverage_fuzzing, configured: false, auto_dev_ops_enabled: true)
security_scan(:coverage_fuzzing, configured: false, auto_dev_ops_enabled: true),
security_scan(:api_fuzzing, configured: false, auto_dev_ops_enabled: true)
)
end
end
......@@ -95,7 +96,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: false),
security_scan(:secret_detection, configured: false),
security_scan(:coverage_fuzzing, configured: false)
security_scan(:coverage_fuzzing, configured: false),
security_scan(:api_fuzzing, configured: false)
)
end
end
......@@ -125,7 +127,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: false),
security_scan(:secret_detection, configured: true),
security_scan(:coverage_fuzzing, configured: false)
security_scan(:coverage_fuzzing, configured: false),
security_scan(:api_fuzzing, configured: false)
)
end
......@@ -142,7 +145,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: false),
security_scan(:secret_detection, configured: false),
security_scan(:coverage_fuzzing, configured: false)
security_scan(:coverage_fuzzing, configured: false),
security_scan(:api_fuzzing, configured: false)
)
end
......@@ -165,7 +169,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: false),
security_scan(:secret_detection, configured: false),
security_scan(:coverage_fuzzing, configured: false)
security_scan(:coverage_fuzzing, configured: false),
security_scan(:api_fuzzing, configured: false)
)
end
......@@ -180,7 +185,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
security_scan(:dependency_scanning, configured: false),
security_scan(:license_scanning, configured: true),
security_scan(:secret_detection, configured: true),
security_scan(:coverage_fuzzing, configured: false)
security_scan(:coverage_fuzzing, configured: false),
security_scan(:api_fuzzing, configured: false)
)
end
......
......@@ -15,7 +15,7 @@ module Gitlab
%i[junit codequality sast secret_detection dependency_scanning container_scanning
dast performance browser_performance load_performance license_management license_scanning metrics lsif
dotenv cobertura terraform accessibility cluster_applications
requirements coverage_fuzzing].freeze
requirements coverage_fuzzing api_fuzzing].freeze
attributes ALLOWED_KEYS
......@@ -25,6 +25,7 @@ module Gitlab
with_options allow_nil: true do
validates :junit, array_of_strings_or_string: true
validates :api_fuzzing, array_of_strings_or_string: true
validates :coverage_fuzzing, array_of_strings_or_string: true
validates :sast, array_of_strings_or_string: true
validates :sast, array_of_strings_or_string: true
......
......@@ -1305,6 +1305,9 @@ msgstr ""
msgid "ACTION REQUIRED: Something went wrong while obtaining the Let's Encrypt certificate for GitLab Pages domain '%{domain}'"
msgstr ""
msgid "API Fuzzing"
msgstr ""
msgid "API Help"
msgstr ""
......@@ -11365,6 +11368,9 @@ msgstr ""
msgid "Find File"
msgstr ""
msgid "Find bugs in your code with API fuzzing."
msgstr ""
msgid "Find bugs in your code with coverage-guided fuzzing."
msgstr ""
......
......@@ -46,7 +46,8 @@ RSpec.describe Ci::RetryBuildService do
job_variables waiting_for_resource_at job_artifacts_metrics_referee
job_artifacts_network_referee job_artifacts_dotenv
job_artifacts_cobertura needs job_artifacts_accessibility
job_artifacts_requirements job_artifacts_coverage_fuzzing].freeze
job_artifacts_requirements job_artifacts_coverage_fuzzing
job_artifacts_api_fuzzing].freeze
ignore_accessors =
%i[type lock_version target_url base_tags trace_sections
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment