Commit 46c2faab authored by Yevgeny Pats's avatar Yevgeny Pats Committed by Dmytro Zaporozhets (DZ)

Bugfix: add route to coverage_fuzzing_reports

Update fuzzing feature category

* Fix tipo in feature categeory name
* Change - to _

Fix feature_category definition

* Fix syntax error for fuzz_testing

Switch feature_category to use fuzz-testing

* Match naming concention in stages.yml
parent a1a963a0
......@@ -49,7 +49,7 @@
- error_tracking
- feature_flags
- foundations
- fuzz-testing
- fuzz_testing
- gdk
- geo_replication
- git_lfs
......
......@@ -23,6 +23,7 @@ module EE
feature_category :code_review, [:delete_description_version, :description_diff]
feature_category :container_scanning, [:container_scanning_reports]
feature_category :dependency_scanning, [:dependency_scanning_reports]
feature_category :fuzz_testing, [:coverage_fuzzing_reports]
feature_category :license_compliance, [:license_scanning_reports]
feature_category :static_application_security_testing, [:sast_reports]
feature_category :secret_detection, [:secret_detection_reports]
......
---
title: Add route to coverage_fuzzing_reports
merge_request: 43664
author:
type: fixed
......@@ -11,6 +11,7 @@ resources :merge_requests, only: [], constraints: { id: /\d+/ } do
get :sast_reports
get :secret_detection_reports
get :dast_reports
get :coverage_fuzzing_reports
post :rebase
end
......
......@@ -586,6 +586,79 @@ RSpec.describe Projects::MergeRequestsController do
it_behaves_like 'authorize read pipeline'
end
describe 'GET #coverage_fuzzing_reports' do
let(:merge_request) { create(:ee_merge_request, :with_coverage_fuzzing_reports, source_project: project, author: create(:user)) }
let(:params) do
{
namespace_id: project.namespace.to_param,
project_id: project,
id: merge_request.iid
}
end
subject { get :coverage_fuzzing_reports, params: params, format: :json }
before do
allow_any_instance_of(::MergeRequest).to receive(:compare_reports)
.with(::Ci::CompareSecurityReportsService, viewer, 'coverage_fuzzing').and_return(comparison_status)
end
it_behaves_like 'pending pipeline response'
context 'when comparison is being processed' do
let(:comparison_status) { { status: :parsing } }
it 'sends polling interval' do
expect(::Gitlab::PollingInterval).to receive(:set_header)
subject
end
it 'returns 204 HTTP status' do
subject
expect(response).to have_gitlab_http_status(:no_content)
end
end
context 'when comparison is done' do
let(:comparison_status) { { status: :parsed, data: { added: [], fixed: [], existing: [] } } }
it 'does not send polling interval' do
expect(::Gitlab::PollingInterval).not_to receive(:set_header)
subject
end
it 'returns 200 HTTP status' do
subject
expect(response).to have_gitlab_http_status(:ok)
expect(json_response).to eq({ "added" => [], "fixed" => [], "existing" => [] })
end
end
context 'when user created corrupted vulnerability reports' do
let(:comparison_status) { { status: :error, status_reason: 'Failed to parse coverage fuzzing reports' } }
it 'does not send polling interval' do
expect(::Gitlab::PollingInterval).not_to receive(:set_header)
subject
end
it 'returns 400 HTTP status' do
subject
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response).to eq({ 'status_reason' => 'Failed to parse coverage fuzzing reports' })
end
end
it_behaves_like 'authorize read pipeline'
end
describe 'GET #secret_detection_reports' do
let(:merge_request) { create(:ee_merge_request, :with_secret_detection_reports, source_project: project, author: create(:user)) }
let(:params) do
......
......@@ -145,6 +145,18 @@ FactoryBot.define do
end
end
trait :with_coverage_fuzzing_reports do
after(:build) do |merge_request|
merge_request.head_pipeline = build(
:ee_ci_pipeline,
:success,
:with_coverage_fuzzing_report,
project: merge_request.source_project,
ref: merge_request.source_branch,
sha: merge_request.diff_head_sha)
end
end
trait :with_dast_reports do
after(:build) do |merge_request|
merge_request.head_pipeline = build(
......
......@@ -240,6 +240,7 @@ RSpec.describe MergeRequest do
:dependency_scanning | :with_dependency_scanning_reports | :dependency_scanning
:license_scanning | :with_license_management_reports | :license_scanning
:license_scanning | :with_license_scanning_reports | :license_scanning
:coverage_fuzzing | :with_coverage_fuzzing_reports | :coverage_fuzzing
end
with_them do
......@@ -446,6 +447,28 @@ RSpec.describe MergeRequest do
end
end
describe '#has_coverage_fuzzing_reports?' do
subject { merge_request.has_coverage_fuzzing_reports? }
let_it_be(:project) { create(:project, :repository) }
before do
stub_licensed_features(coverage_fuzzing: true)
end
context 'when head pipeline has coverage fuzzing reports' do
let(:merge_request) { create(:ee_merge_request, :with_coverage_fuzzing_reports, source_project: project) }
it { is_expected.to be_truthy }
end
context 'when head pipeline does not have coverage fuzzing reports' do
let(:merge_request) { create(:ee_merge_request, source_project: project) }
it { is_expected.to be_falsey }
end
end
describe '#calculate_reactive_cache with current_user' do
let(:project) { create(:project, :repository) }
let(:current_user) { project.users.take }
......@@ -837,6 +860,66 @@ RSpec.describe MergeRequest do
end
end
describe '#compare_coverage_fuzzing_reports' do
subject { merge_request.compare_coverage_fuzzing_reports(current_user) }
let_it_be(:project) { create(:project, :repository) }
let(:current_user) { project.users.first }
let(:merge_request) { create(:merge_request, source_project: project) }
let!(:base_pipeline) do
create(:ee_ci_pipeline,
:with_coverage_fuzzing_report,
project: project,
ref: merge_request.target_branch,
sha: merge_request.diff_base_sha)
end
before do
merge_request.update!(head_pipeline_id: head_pipeline.id)
end
context 'when head pipeline has coverage fuzzing reports' do
let!(:head_pipeline) do
create(:ee_ci_pipeline,
:with_coverage_fuzzing_report,
project: project,
ref: merge_request.source_branch,
sha: merge_request.diff_head_sha)
end
context 'when reactive cache worker is parsing asynchronously' do
it 'returns status' do
expect(subject[:status]).to eq(:parsing)
end
end
context 'when reactive cache worker is inline' do
before do
synchronous_reactive_cache(merge_request)
end
it 'returns status and data' do
expect_any_instance_of(Ci::CompareSecurityReportsService)
.to receive(:execute).with(base_pipeline, head_pipeline).and_call_original
subject
end
context 'when cached results is not latest' do
before do
allow_any_instance_of(Ci::CompareSecurityReportsService)
.to receive(:latest?).and_return(false)
end
it 'raises and InvalidateReactiveCache error' do
expect { subject }.to raise_error(ReactiveCaching::InvalidateReactiveCache)
end
end
end
end
end
describe '#mergeable_with_quick_action?' do
def create_pipeline(status)
pipeline = create(:ci_pipeline,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment