Merge branch 'sec-rep-mr-fixes' into 'master'

Fixes issues with the security reports migration See merge request gitlab-org/gitlab!17519

Merge branch 'sec-rep-mr-fixes' into 'master'
Fixes issues with the security reports migration See merge request gitlab-org/gitlab!17519
42853d8b · Mike Greiling · 8cf91a90 · ae2fd1df · 42853d8b · 42853d8b
Commit 42853d8b authored Sep 26, 2019 by Mike Greiling
7 changed files
--- a/changelogs/unreleased/sec-rep-mr-fixes.yml
+++ b/changelogs/unreleased/sec-rep-mr-fixes.yml
+---
+title: Fixes issues with the security reports migration
+merge_request: 17519
+author:
+type: fixed
--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_container_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_container_issue_body.vue
@@ -5,6 +5,7 @@
 */
 import ReportLink from '~/reports/components/report_link.vue';
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
+import { humanize } from '~/lib/utils/text_utility';

 export default {
  name: 'SastContainerIssueBody',
@@ -23,14 +24,19 @@ export default {
      required: true,
    },
  },
+  computed: {
+    severity() {
+      return this.issue.severity ? humanize(this.issue.severity) : null;
+    },
+  },
 };
 </script>
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      <template v-if="issue.severity"
-        >{{ issue.severity }}:</template
-      >
+      <template v-if="severity">
+        {{ severity }}:
+      </template>

      <modal-open-name :issue="issue" :status="status" />
    </div>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
@@ -5,6 +5,7 @@
 */
 import ReportLink from '~/reports/components/report_link.vue';
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
+import { humanize } from '~/lib/utils/text_utility';

 export default {
  name: 'SastIssueBody',
@@ -25,24 +26,29 @@ export default {
      required: true,
    },
  },
+
+  computed: {
+    title() {
+      const { severity, confidence, priority } = this.issue;
+
+      if (severity) {
+        if (confidence) {
+          return `${humanize(severity)} (${humanize(confidence)})`;
+        }
+        return humanize(severity);
+      } else if (confidence) {
+        return `(${humanize(confidence)})`;
+      }
+
+      return priority;
+    },
+  },
 };
 </script>
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      <template v-if="issue.severity && issue.confidence">
-        {{ issue.severity }} ({{ issue.confidence }}):
-      </template>
-      <template v-else-if="issue.severity">
-        {{ issue.severity }}:
-      </template>
-      <template v-else-if="issue.confidence">
-        ({{ issue.confidence }}):
-      </template>
-      <template v-else-if="issue.priority"
-        >{{ issue.priority }}:</template
-      >
-
+      {{ title }}:
      <modal-open-name :issue="issue" :status="status" />
    </div>


--- a/ee/app/services/ci/compare_container_scanning_reports_service.rb
+++ b/ee/app/services/ci/compare_container_scanning_reports_service.rb
@@ -11,7 +11,7 @@ module Ci
    end

    def get_report(pipeline)
-      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[container_scanning] }).execute
+      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[container_scanning], scope: 'all' }).execute
    end
  end
 end
--- a/ee/app/services/ci/compare_dependency_scanning_reports_service.rb
+++ b/ee/app/services/ci/compare_dependency_scanning_reports_service.rb
@@ -11,7 +11,7 @@ module Ci
    end

    def get_report(pipeline)
-      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning] }).execute
+      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning], scope: 'all' }).execute
    end
  end
 end
--- a/ee/app/services/ci/compare_sast_reports_service.rb
+++ b/ee/app/services/ci/compare_sast_reports_service.rb
@@ -11,7 +11,7 @@ module Ci
    end

    def get_report(pipeline)
-      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[sast] }).execute
+      Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[sast], scope: 'all' }).execute
    end
  end
 end
--- a/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
@@ -19,8 +19,8 @@ describe('sast issue body', () => {
    tool: 'bundler_audit',
    url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00',
    urlPath: '/Gemfile.lock',
-    severity: 'Medium',
-    confidence: 'Low',
+    severity: 'medium',
+    confidence: 'low',
  };

  const status = STATUS_FAILED;
@@ -36,9 +36,7 @@ describe('sast issue body', () => {
        status,
      });

-      expect(vm.$el.textContent.trim()).toContain(
-        `${sastIssue.severity} (${sastIssue.confidence}):`,
-      );
+      expect(vm.$el.textContent.trim()).toContain('Medium (Low):');
    });
  });

@@ -51,7 +49,7 @@ describe('sast issue body', () => {
        status,
      });

-      expect(vm.$el.textContent.trim()).toContain(`${issueCopy.severity}:`);
+      expect(vm.$el.textContent.trim()).toContain('Medium:');
    });
  });

@@ -64,7 +62,7 @@ describe('sast issue body', () => {
        status,
      });

-      expect(vm.$el.textContent.trim()).toContain(`(${issueCopy.confidence}):`);
+      expect(vm.$el.textContent.trim()).toContain('(Low):');
    });
  });