Fix security report schema validation logic

Previously, if there was only one report for a report type, that report was not being validated because of a bug in the logic. Changelog: fixed EE: true

Fix security report schema validation logic
Previously, if there was only one report for a report type, that report was not being validated because of a bug in the logic. Changelog: fixed EE: true
262b2371 · Mehmet Emin INAC · 16a9ff55 · 262b2371 · 262b2371
Commit 262b2371 authored Nov 18, 2021 by Mehmet Emin INAC
2 changed files
--- a/ee/app/services/security/store_grouped_scans_service.rb
+++ b/ee/app/services/security/store_grouped_scans_service.rb
@@ -43,14 +43,18 @@ module Security
    end

    def sorted_artifacts
-      @sorted_artifacts ||= artifacts.sort do |a, b|
-        report_a = a.security_report(validate: true)
-        report_b = b.security_report(validate: true)
+      @sorted_artifacts ||= artifacts.each(&method(:prepare_report_for)).sort do |a, b|
+        report_a = a.security_report
+        report_b = b.security_report

        report_a.primary_scanner_order_to(report_b)
      end
    end

+    def prepare_report_for(artifact)
+      artifact.security_report(validate: true)
+    end
+
    def store_scan_for(artifact, deduplicate)
      StoreScanService.execute(artifact, known_keys, deduplicate)
    ensure

--- a/ee/spec/services/security/store_grouped_scans_service_spec.rb
+++ b/ee/spec/services/security/store_grouped_scans_service_spec.rb
@@ -69,12 +69,24 @@ RSpec.describe Security::StoreGroupedScansService do
          allow(artifact_3).to receive(:security_report).and_return(mock_report)
        end

-        it 'accesses the validated security reports' do
-          store_scan_group
+        context 'when there is only one report' do
+          let(:artifacts) { [artifact_1] }
+
+          it 'accesses the validated security report' do
+            store_scan_group
+
+            expect(artifact_1).to have_received(:security_report).with(validate: true).once
+          end
+        end
+
+        context 'when there are more than one reports' do
+          it 'accesses the validated security reports' do
+            store_scan_group

-          expect(artifact_1).to have_received(:security_report).with(validate: true).once
-          expect(artifact_2).to have_received(:security_report).with(validate: true).twice
-          expect(artifact_3).to have_received(:security_report).with(validate: true).once
+            expect(artifact_1).to have_received(:security_report).with(validate: true).once
+            expect(artifact_2).to have_received(:security_report).with(validate: true).once
+            expect(artifact_3).to have_received(:security_report).with(validate: true).once
+          end
        end
      end