Skip to content

G
gitlab-ce
Commit 4c05bcaf authored by Bob Van Landuyt's avatar Bob Van Landuyt
Browse files
Options

Merge branch... 

Merge branch '353125-feature-flag-enable-display-of-security-report-validation-warnings' into 'master'

Remove show_report_validation_warnings feature flag

See merge request gitlab-org/gitlab!82405
parents c7800342 f2ced743
Hide whitespace changes
Inline Side-by-side
Showing with 76 additions and 155 deletions
config/feature_flags/development/show_report_validation_warnings.yml deleted 100644 → 0
View file @ c7800342
---
name: show_report_validation_warnings
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80930
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353125
milestone: '14.9'
type: development
group: group::threat insights
default_enabled: true
lib/gitlab/ci/parsers/security/common.rb
View file @ 4c05bcaf
...@@ -43,26 +43,25 @@ module Gitlab ...@@ -43,26 +43,25 @@ module Gitlab
attr_reader :json_data, :report, :validate attr_reader :json_data, :report, :validate
def valid? def valid?
if Feature.enabled?(:show_report_validation_warnings, default_enabled: :yaml) # We want validation to happen regardless of VALIDATE_SCHEMA
# We want validation to happen regardless of VALIDATE_SCHEMA CI variable # CI variable.
schema_validation_passed = schema_validator.valid? #
# Previously it controlled BOTH validation and enforcement of
if validate # schema validation result.
schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed #
# After 15.0 we will enforce schema validation by default
schema_validation_passed # See: https://gitlab.com/groups/gitlab-org/-/epics/6968
else schema_validation_passed = schema_validator.valid?
# We treat all schema validation errors as warnings
schema_validator.errors.each { |error| report.add_warning('Schema', error) } if validate
schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed
true
end schema_validation_passed
else else
return true if !validate || schema_validator.valid? # We treat all schema validation errors as warnings
schema_validator.errors.each { |error| report.add_warning('Schema', error) }
schema_validator.errors.each { |error| report.add_error('Schema', error) }
false true
end end
end end
......
spec/lib/gitlab/ci/parsers/security/common_spec.rb
View file @ 4c05bcaf
...@@ -38,172 +38,102 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do ...@@ -38,172 +38,102 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do
allow(validator_class).to receive(:new).and_call_original allow(validator_class).to receive(:new).and_call_original
end end
context 'when show_report_validation_warnings is enabled' do context 'when the validate flag is set to `false`' do
before do let(:validate) { false }
stub_feature_flags(show_report_validation_warnings: true) let(:valid?) { false }
end let(:errors) { ['foo'] }
context 'when the validate flag is set to `false`' do
let(:validate) { false }
let(:valid?) { false }
let(:errors) { ['foo'] }
before do
allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(errors)
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true)
end
it 'instantiates the validator with correct params' do
parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
end
context 'when the report data is not valid according to the schema' do
it 'adds warnings to the report' do
expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }])
end
it 'keeps the execution flow as normal' do before do
parse_report allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
expect(parser).to have_received(:create_scanner) allow(instance).to receive(:errors).and_return(errors)
expect(parser).to have_received(:create_scan)
end
end end
context 'when the report data is valid according to the schema' do allow(parser).to receive_messages(create_scanner: true, create_scan: true)
let(:valid?) { true }
let(:errors) { [] }
it 'does not add warnings to the report' do
expect { parse_report }.not_to change { report.errors }
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan)
end
end
end end
context 'when the validate flag is set to `true`' do it 'instantiates the validator with correct params' do
let(:validate) { true } parse_report
let(:valid?) { false }
let(:errors) { ['foo'] }
before do expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
allow_next_instance_of(validator_class) do |instance| end
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(errors)
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true) context 'when the report data is not valid according to the schema' do
it 'adds warnings to the report' do
expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }])
end end
it 'instantiates the validator with correct params' do it 'keeps the execution flow as normal' do
parse_report parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan)
end end
end
context 'when the report data is not valid according to the schema' do context 'when the report data is valid according to the schema' do
it 'adds errors to the report' do let(:valid?) { true }
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) let(:errors) { [] }
end
it 'does not try to create report entities' do
parse_report
expect(parser).not_to have_received(:create_scanner) it 'does not add warnings to the report' do
expect(parser).not_to have_received(:create_scan) expect { parse_report }.not_to change { report.errors }
end
end end
context 'when the report data is valid according to the schema' do it 'keeps the execution flow as normal' do
let(:valid?) { true } parse_report
let(:errors) { [] }
it 'does not add errors to the report' do
expect { parse_report }.not_to change { report.errors }.from([])
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan) expect(parser).to have_received(:create_scan)
end
end end
end end
end end
context 'when show_report_validation_warnings is disabled' do context 'when the validate flag is set to `true`' do
before do let(:validate) { true }
stub_feature_flags(show_report_validation_warnings: false) let(:valid?) { false }
end let(:errors) { ['foo'] }
context 'when the validate flag is set as `false`' do
let(:validate) { false }
it 'does not run the validation logic' do before do
parse_report allow_next_instance_of(validator_class) do |instance|
allow(instance).to receive(:valid?).and_return(valid?)
expect(validator_class).not_to have_received(:new) allow(instance).to receive(:errors).and_return(errors)
end end
allow(parser).to receive_messages(create_scanner: true, create_scan: true)
end end
context 'when the validate flag is set as `true`' do it 'instantiates the validator with correct params' do
let(:validate) { true } parse_report
let(:valid?) { false }
before do expect(validator_class).to have_received(:new).with(report.type, {}, report.version)
allow_next_instance_of(validator_class) do |instance| end
allow(instance).to receive(:valid?).and_return(valid?)
allow(instance).to receive(:errors).and_return(['foo'])
end
allow(parser).to receive_messages(create_scanner: true, create_scan: true) context 'when the report data is not valid according to the schema' do
it 'adds errors to the report' do
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }])
end end
it 'instantiates the validator with correct params' do it 'does not try to create report entities' do
parse_report parse_report
expect(validator_class).to have_received(:new).with(report.type, {}, report.version) expect(parser).not_to have_received(:create_scanner)
expect(parser).not_to have_received(:create_scan)
end end
end
context 'when the report data is not valid according to the schema' do context 'when the report data is valid according to the schema' do
it 'adds errors to the report' do let(:valid?) { true }
expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) let(:errors) { [] }
end
it 'does not try to create report entities' do
parse_report
expect(parser).not_to have_received(:create_scanner) it 'does not add errors to the report' do
expect(parser).not_to have_received(:create_scan) expect { parse_report }.not_to change { report.errors }.from([])
end
end end
context 'when the report data is valid according to the schema' do it 'keeps the execution flow as normal' do
let(:valid?) { true } parse_report
it 'does not add errors to the report' do
expect { parse_report }.not_to change { report.errors }.from([])
end
it 'keeps the execution flow as normal' do
parse_report
expect(parser).to have_received(:create_scanner) expect(parser).to have_received(:create_scanner)
expect(parser).to have_received(:create_scan) expect(parser).to have_received(:create_scan)
end
end end
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7