Merge branch 'remove-unused-security-fixtures-ee' into 'master'

Remove unused security fixtures EE

See merge request gitlab-org/gitlab-ee!15029

db/fixtures/development/14_pipelines.rb

 require './spec/support/sidekiq'
 
 class Gitlab::Seeder::Pipelines
-  STAGES = %w[build test security deploy notify]
+  STAGES = %w[build test deploy notify]
   BUILDS = [
     # build stage
     { name: 'build:linux', stage: 'build', status: :success,
@@ -31,16 +31,6 @@ class Gitlab::Seeder::Pipelines
     { name: 'spinach:osx', stage: 'test', status: :failed, allow_failure: true,
       queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
 
-    # security stage
-    { name: 'dast', stage: 'security', status: :success,
-      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
-    { name: 'sast', stage: 'security', status: :success,
-      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
-    { name: 'dependency_scanning', stage: 'security', status: :success,
-      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
-    { name: 'container_scanning', stage: 'security', status: :success,
-      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
-
     # deploy stage
     { name: 'staging', stage: 'deploy', environment: 'staging', status_event: :success,
       options: { environment: { action: 'start', on_stop: 'stop staging' } },
@@ -127,11 +117,6 @@ class Gitlab::Seeder::Pipelines
 
       setup_artifacts(build)
       setup_test_reports(build)
-      if build.ref == build.project.default_branch
-        setup_security_reports_file(build)
-      else
-        setup_security_reports_legacy_archive(build)
-      end
       setup_build_log(build)
 
       build.project.environments.
@@ -167,55 +152,6 @@ class Gitlab::Seeder::Pipelines
     end
   end
 
-  def setup_security_reports_file(build)
-    return unless build.stage == "security"
-
-    # we have two sources: master and feature-branch
-    branch_name = build.ref == build.project.default_branch ?
-      'master' : 'feature-branch'
-
-    artifacts_cache_file(security_reports_path(branch_name, build.name)) do |file|
-      build.job_artifacts.build(
-        project: build.project,
-        file_type: build.name,
-        file_format: :raw,
-        file: file)
-    end
-  end
-
-  def setup_security_reports_legacy_archive(build)
-    return unless build.stage == "security"
-
-    # we have two sources: master and feature-branch
-    branch_name = build.ref == build.project.default_branch ?
-      'master' : 'feature-branch'
-
-    artifacts_cache_file(security_reports_archive_path(branch_name)) do |file|
-      build.job_artifacts.build(
-        project: build.project,
-        file_type: :archive,
-        file_format: :zip,
-        file: file)
-    end
-
-    # assign dummy metadata
-    artifacts_cache_file(artifacts_metadata_path) do |file|
-      build.job_artifacts.build(
-        project: build.project,
-        file_type: :metadata,
-        file_format: :gzip,
-        file: file)
-    end
-
-    build.options = {
-      artifacts: {
-        paths: [
-          Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(build.name.to_sym)
-        ]
-      }
-    }
-  end
-
   def setup_build_log(build)
     if %w(running success failed).include?(build.status)
       build.trace.set(FFaker::Lorem.paragraphs(6).join("\n\n"))
@@ -267,15 +203,6 @@ class Gitlab::Seeder::Pipelines
     Rails.root + 'spec/fixtures/junit/junit.xml.gz'
   end
 
-  def security_reports_archive_path(branch)
-    Rails.root.join('spec', 'fixtures', 'security-reports', branch + '.zip')
-  end
-
-  def security_reports_path(branch, name)
-    file_name = Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(name.to_sym)
-    Rails.root.join('spec', 'fixtures', 'security-reports', branch, file_name)
-  end
-
   def artifacts_cache_file(file_path)
     file = Tempfile.new("artifacts")
     file.close

ee/spec/factories/ci/job_artifacts.rb

@@ -8,7 +8,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, evaluator|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/master/gl-sast-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-sast-report.json'), 'text/plain')
       end
     end
 
@@ -18,7 +18,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, evaluator|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/deprecated/gl-sast-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/deprecated/gl-sast-report.json'), 'text/plain')
       end
     end
 
@@ -38,7 +38,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, evaluator|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/master/gl-license-management-report.json'), 'application/json')
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-license-management-report.json'), 'application/json')
       end
     end
 
@@ -48,7 +48,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, evaluator|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/feature-branch/gl-license-management-report.json'), 'application/json')
+          Rails.root.join('ee/spec/fixtures/security_reports/feature-branch/gl-license-management-report.json'), 'application/json')
       end
     end
 
@@ -88,7 +88,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/master/gl-dependency-scanning-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-dependency-scanning-report.json'), 'text/plain')
       end
     end
 
@@ -98,7 +98,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/remediations/gl-dependency-scanning-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/remediations/gl-dependency-scanning-report.json'), 'text/plain')
       end
     end
 
@@ -108,7 +108,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/deprecated/gl-dependency-scanning-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/deprecated/gl-dependency-scanning-report.json'), 'text/plain')
       end
     end
 
@@ -138,7 +138,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/master/gl-container-scanning-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-container-scanning-report.json'), 'text/plain')
       end
     end
 
@@ -168,7 +168,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/master/gl-dast-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-dast-report.json'), 'text/plain')
       end
     end
 
@@ -198,7 +198,7 @@ FactoryBot.define do
 
       after(:build) do |artifact, _|
         artifact.file = fixture_file_upload(
-          Rails.root.join('spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json'), 'text/plain')
+          Rails.root.join('ee/spec/fixtures/security_reports/dependency_list/gl-dependency-scanning-report.json'), 'text/plain')
       end
     end
   end

ee/spec/lib/gitlab/ci/parsers/license_management/license_management_spec.rb

@@ -9,7 +9,7 @@ describe Gitlab::Ci::Parsers::LicenseManagement::LicenseManagement do
     let(:report) { Gitlab::Ci::Reports::LicenseManagement::Report.new }
 
     context 'when data is a JSON license management report' do
-      let(:data) { File.read(Rails.root.join('spec/fixtures/security-reports/master/gl-license-management-report.json')) }
+      let(:data) { File.read(Rails.root.join('ee/spec/fixtures/security_reports/master/gl-license-management-report.json')) }
 
       it 'parses without error' do
         expect { subject }.not_to raise_error

ee/spec/lib/gitlab/ci/parsers/security/container_scanning_spec.rb

@@ -8,7 +8,7 @@ describe Gitlab::Ci::Parsers::Security::ContainerScanning do
   let(:clair_vulnerabilities) do
     JSON.parse!(
       File.read(
-        Rails.root.join('spec/fixtures/security-reports/master/gl-container-scanning-report.json')
+        Rails.root.join('ee/spec/fixtures/security_reports/master/gl-container-scanning-report.json')
       )
     )['vulnerabilities']
   end

ee/spec/lib/gitlab/ci/parsers/security/formatters/container_scanning_spec.rb

@@ -6,7 +6,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::ContainerScanning do
   let(:raw_report) do
     JSON.parse!(
       File.read(
-        Rails.root.join('spec/fixtures/security-reports/master/gl-container-scanning-report.json')
+        Rails.root.join('ee/spec/fixtures/security_reports/master/gl-container-scanning-report.json')
       )
     )
   end

ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb

@@ -9,7 +9,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
   let(:parsed_report) do
     JSON.parse!(
       File.read(
-        Rails.root.join('spec/fixtures/security-reports/master/gl-dast-report.json')
+        Rails.root.join('ee/spec/fixtures/security_reports/master/gl-dast-report.json')
       )
     )
   end

ee/spec/lib/gitlab/ci/parsers/security/formatters/dependency_list_spec.rb

@@ -10,7 +10,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::DependencyList do
   let(:parsed_report) do
     JSON.parse!(
       File.read(
-        Rails.root.join('spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json')
+        Rails.root.join('ee/spec/fixtures/security_reports/dependency_list/gl-dependency-scanning-report.json')
       )
     )
   end

ee/spec/lib/gitlab/ci/parsers/security/formatters/formatted_container_scanning_vulnerability_spec.rb

@@ -6,7 +6,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::FormattedContainerScanningVu
   let(:raw_report) do
     JSON.parse!(
       File.read(
-        Rails.root.join('spec/fixtures/security-reports/master/gl-container-scanning-report.json')
+        Rails.root.join('ee/spec/fixtures/security_reports/master/gl-container-scanning-report.json')
       )
     )
   end

ee/spec/services/ee/merge_requests/create_from_vulnerability_data_service_spec.rb

@@ -3,7 +3,7 @@
 require 'spec_helper'
 
 describe MergeRequests::CreateFromVulnerabilityDataService, '#execute' do
-  let(:remediations_folder) { Rails.root.join('spec/fixtures/security-reports/remediations') }
+  let(:remediations_folder) { Rails.root.join('ee/spec/fixtures/security_reports/remediations') }
   let(:yarn_lock_content) { File.read(File.join(remediations_folder, "yarn.lock")) }
   let(:remediation_patch_content) { File.read(File.join(remediations_folder, "remediation.patch")) }
 

ee/spec/services/vulnerability_feedback/create_service_spec.rb

@@ -130,7 +130,7 @@ describe VulnerabilityFeedback::CreateService, '#execute' do
     end
 
     context 'when feedback_type is merge_request' do
-      let(:remediations_folder) { Rails.root.join('spec/fixtures/security-reports/remediations') }
+      let(:remediations_folder) { Rails.root.join('ee/spec/fixtures/security_reports/remediations') }
       let(:yarn_lock_content) do
         File.read(
           File.join(remediations_folder, "yarn.lock")