Add filtering Jira issues on GitLab Vulnerability ID

4f819e21 · Alan (Maciej) Paruszewski · Vitali Tatarintev · ef62291f · 4f819e21 · 4f819e21
Commit 4f819e21 authored Nov 10, 2020 by Alan (Maciej) Paruszewski Committed by Vitali Tatarintev Nov 10, 2020
4 changed files
--- a/ee/app/finders/projects/integrations/jira/issues_finder.rb
+++ b/ee/app/finders/projects/integrations/jira/issues_finder.rb
@@ -13,7 +13,7 @@ module Projects
          def valid_params
            @valid_params ||= %i[page per_page search state status author_username assignee_username]
            # to permit array params you need to init them to an empty array
-            @valid_params << { labels: [] }
+            @valid_params << { labels: [], vulnerability_ids: [] }
          end
        end


--- a/ee/app/services/jira/jql_builder_service.rb
+++ b/ee/app/services/jira/jql_builder_service.rb
@@ -18,6 +18,7 @@ module Jira
      @assignee = params[:assignee_username]
      @sort = params[:sort] || DEFAULT_SORT
      @sort_direction = params[:sort_direction] || DEFAULT_SORT_DIRECTION
+      @vulnerability_ids = params[:vulnerability_ids]
    end

    def execute
@@ -29,7 +30,7 @@ module Jira

    private

-    attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state
+    attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state, :vulnerability_ids

    def jql_filters
      [
@@ -39,7 +40,8 @@ module Jira
        by_reporter,
        by_assignee,
        by_open_and_closed,
-        by_summary_and_description
+        by_summary_and_description,
+        by_vulnerability_ids
      ].compact.join(' AND ')
    end

@@ -93,6 +95,15 @@ module Jira
      end
    end

+    def by_vulnerability_ids
+      return if vulnerability_ids.blank?
+
+      vulnerability_ids
+        .map { |vulnerability_id| %Q[description ~ "/-/security/vulnerabilities/#{vulnerability_id}"] }
+        .join(' OR ')
+        .then { |query| "(#{query})" }
+    end
+
    def escape_quotes(param)
      param.gsub('\\', '\\\\\\').gsub('"', '\\"')
    end

--- a/ee/changelogs/unreleased/276898-add-filtering-jira-issues-on-vulnerability-id.yml
+++ b/ee/changelogs/unreleased/276898-add-filtering-jira-issues-on-vulnerability-id.yml
+---
+title: Add filtering Jira issues on GitLab Vulnerability ID
+merge_request: 47198
+author:
+type: added
--- a/ee/spec/services/jira/jql_builder_service_spec.rb
+++ b/ee/spec/services/jira/jql_builder_service_spec.rb
@@ -109,5 +109,13 @@ RSpec.describe Jira::JqlBuilderService do
        expect(subject).to eq('project = PROJECT_KEY order by created DESC')
      end
    end
+
+    context 'with vulnerability_ids params' do
+      let(:params) { { vulnerability_ids: [1, 25] } }
+
+      it 'builds jql' do
+        expect(subject).to eq('project = PROJECT_KEY AND (description ~ "/-/security/vulnerabilities/1" OR description ~ "/-/security/vulnerabilities/25") order by created DESC')
+      end
+    end
  end
 end