Commit 17a069ae authored by Jonathan Schafer's avatar Jonathan Schafer

Remove elements from base json file

Use base file and remove elements for invalid data
parent b24538af
...@@ -17,6 +17,7 @@ module Security ...@@ -17,6 +17,7 @@ module Security
def execute def execute
# Ensure we're not trying to insert data twice for this report # Ensure we're not trying to insert data twice for this report
return error("#{@report.type} report already stored for this pipeline, skipping...") if executed? return error("#{@report.type} report already stored for this pipeline, skipping...") if executed?
raise ParseError, 'JSON parsing failed' if report.error.is_a?(Gitlab::Ci::Parsers::Security::Common::SecurityReportParserError)
vulnerability_ids = create_all_vulnerabilities! vulnerability_ids = create_all_vulnerabilities!
mark_as_resolved_except(vulnerability_ids) mark_as_resolved_except(vulnerability_ids)
......
...@@ -184,8 +184,12 @@ FactoryBot.define do ...@@ -184,8 +184,12 @@ FactoryBot.define do
file_format { :raw } file_format { :raw }
after(:build) do |artifact, _| after(:build) do |artifact, _|
artifact.file = fixture_file_upload( file = fixture_file_upload(
Rails.root.join('ee/spec/fixtures/security_reports/master/gl-sast-missing-identifiers.json'), 'application/json') Rails.root.join('ee/spec/fixtures/security_reports/master/gl-sast-report.json'), 'application/json')
data = Gitlab::Json.parse(file.tempfile.read)['vulnerabilities'].each { |v| v.delete('identifiers') }.to_json
output = Tempfile.new("gl-sast-missing-identifiers")
output.write(data)
artifact.file = fixture_file_upload(output.path, 'application/json')
end end
end end
......
...@@ -205,14 +205,14 @@ RSpec.describe Security::StoreReportService, '#execute' do ...@@ -205,14 +205,14 @@ RSpec.describe Security::StoreReportService, '#execute' do
end end
context 'when the finding does not include a primary identifier' do context 'when the finding does not include a primary identifier' do
let(:bad_pipeline) { create(:ci_pipeline, project: project) } let(:bad_project) { bad_artifact.project }
let(:bad_build) { create(:ci_build, pipeline: bad_pipeline) } let(:bad_pipeline) { bad_artifact.job.pipeline }
let!(:bad_artifact) { create(:ee_ci_job_artifact, :sast_with_missing_identifiers, job: bad_build) } let!(:bad_artifact) { create(:ee_ci_job_artifact, :sast_with_missing_identifiers) }
let(:bad_report) { bad_pipeline.security_reports.get_report(report_type.to_s, bad_artifact) } let(:bad_report) { bad_pipeline.security_reports.get_report(report_type.to_s, bad_artifact) }
let(:report_type) { :sast } let(:report_type) { :sast }
before do before do
project.add_developer(user) bad_project.add_developer(user)
allow(bad_pipeline).to receive(:user).and_return(user) allow(bad_pipeline).to receive(:user).and_return(user)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment