Commit 4a92beb1 authored by Rémy Coutable's avatar Rémy Coutable

Merge branch '263497-add-details-column-to-vulnerability-findings' into 'master'

Add details column to vulnerability findings table

See merge request gitlab-org/gitlab!49005
parents 7747578d bd862761
{
"type": "object",
"description": "The schema for vulnerability finding details",
"additionalProperties": false
}
---
title: Add details column to vulnerability findings table
merge_request: 49005
author:
type: added
# frozen_string_literal: true
class AddDetailsToVulnerabilityFindings < ActiveRecord::Migration[6.0]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
def up
with_lock_retries do
add_column :vulnerability_occurrences, :details, :jsonb, default: {}, null: false
end
end
def down
with_lock_retries do
remove_column :vulnerability_occurrences, :details
end
end
end
af9d8c7cda142e2a96a289ebd7afef73367bd544a60794c9e0414c7b82bef8a2
\ No newline at end of file
...@@ -17539,7 +17539,8 @@ CREATE TABLE vulnerability_occurrences ( ...@@ -17539,7 +17539,8 @@ CREATE TABLE vulnerability_occurrences (
name character varying NOT NULL, name character varying NOT NULL,
metadata_version character varying NOT NULL, metadata_version character varying NOT NULL,
raw_metadata text NOT NULL, raw_metadata text NOT NULL,
vulnerability_id bigint vulnerability_id bigint,
details jsonb DEFAULT '{}'::jsonb NOT NULL
); );
CREATE SEQUENCE vulnerability_occurrences_id_seq CREATE SEQUENCE vulnerability_occurrences_id_seq
......
...@@ -34,6 +34,8 @@ module Vulnerabilities ...@@ -34,6 +34,8 @@ module Vulnerabilities
has_many :finding_pipelines, class_name: 'Vulnerabilities::FindingPipeline', inverse_of: :finding, foreign_key: 'occurrence_id' has_many :finding_pipelines, class_name: 'Vulnerabilities::FindingPipeline', inverse_of: :finding, foreign_key: 'occurrence_id'
has_many :pipelines, through: :finding_pipelines, class_name: 'Ci::Pipeline' has_many :pipelines, through: :finding_pipelines, class_name: 'Ci::Pipeline'
serialize :config_options, Serializers::JSON # rubocop:disable Cop/ActiveRecordSerialize
attr_writer :sha attr_writer :sha
attr_accessor :scan attr_accessor :scan
...@@ -90,6 +92,7 @@ module Vulnerabilities ...@@ -90,6 +92,7 @@ module Vulnerabilities
validates :metadata_version, presence: true validates :metadata_version, presence: true
validates :raw_metadata, presence: true validates :raw_metadata, presence: true
validates :details, json_schema: { filename: 'vulnerability_finding_details' }
delegate :name, :external_id, to: :scanner, prefix: true, allow_nil: true delegate :name, :external_id, to: :scanner, prefix: true, allow_nil: true
......
...@@ -36,6 +36,23 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -36,6 +36,23 @@ RSpec.describe Vulnerabilities::Finding do
it { is_expected.to validate_presence_of(:raw_metadata) } it { is_expected.to validate_presence_of(:raw_metadata) }
it { is_expected.to validate_presence_of(:severity) } it { is_expected.to validate_presence_of(:severity) }
it { is_expected.to validate_presence_of(:confidence) } it { is_expected.to validate_presence_of(:confidence) }
context 'when value for details field is valid' do
it 'is valid' do
finding.details = {}
expect(finding).to be_valid
end
end
context 'when value for details field is invalid' do
it 'returns errors' do
finding.details = { invalid: 'data' }
expect(finding).to be_invalid
expect(finding.errors.full_messages).to eq(["Details must be a valid json schema"])
end
end
end end
context 'database uniqueness' do context 'database uniqueness' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment