Commit 696b84b2 authored by Michał Zając's avatar Michał Zając

Refine QA test

* Use Resource::Repository::Commit instead of ProjectPush
* Do not overwrite default Project options
* Remove job_log_json from spec
* Mark QA test as flaky (as per
  https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31616#note_364833812)
* Apply prettier formatting
parent 7a77698f
...@@ -54,9 +54,17 @@ export default { ...@@ -54,9 +54,17 @@ export default {
<template> <template>
<div class="md" data-qa-selector="vulnerability_details"> <div class="md" data-qa-selector="vulnerability_details">
<h1 class="mt-3 mb-2 border-bottom-0" data-testid="title">{{ vulnerability.title }}</h1> <h1
class="mt-3 mb-2 border-bottom-0"
data-testid="title"
data-qa-selector="vulnerability_title"
>
{{ vulnerability.title }}
</h1>
<h3 class="mt-0">{{ __('Description') }}</h3> <h3 class="mt-0">{{ __('Description') }}</h3>
<p data-testid="description">{{ vulnerability.description }}</p> <p data-testid="description" data-qa-selector="vulnerability_description">
{{ vulnerability.description }}
</p>
<ul> <ul>
<detail-item :sprintf-message="__('%{labelStart}Severity:%{labelEnd} %{severity}')"> <detail-item :sprintf-message="__('%{labelStart}Severity:%{labelEnd} %{severity}')">
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
{ {
"category": "container_scanning", "category": "container_scanning",
"message": "CVE-2017-18269 in glibc", "message": "CVE-2017-18269 in glibc",
"description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.", "description": "Short description to match in specs",
"cve": "debian:9:glibc:CVE-2017-18269", "cve": "debian:9:glibc:CVE-2017-18269",
"severity": "Critical", "severity": "Critical",
"confidence": "Unknown", "confidence": "Unknown",
......
...@@ -12,6 +12,8 @@ module QA ...@@ -12,6 +12,8 @@ module QA
view 'ee/app/assets/javascripts/vulnerabilities/components/details.vue' do view 'ee/app/assets/javascripts/vulnerabilities/components/details.vue' do
element :vulnerability_details element :vulnerability_details
element :vulnerability_title
element :vulnerability_description
end end
view 'ee/app/assets/javascripts/vulnerabilities/components/footer.vue' do view 'ee/app/assets/javascripts/vulnerabilities/components/footer.vue' do
...@@ -21,6 +23,14 @@ module QA ...@@ -21,6 +23,14 @@ module QA
def has_component?(component_name:) def has_component?(component_name:)
has_element?(component_name.to_sym) has_element?(component_name.to_sym)
end end
def has_vulnerability_title?(title:)
has_element?(:vulnerability_title, text: title)
end
def has_vulnerability_description?(description:)
has_element?(:vulnerability_description, text: description)
end
end end
end end
end end
......
...@@ -29,6 +29,30 @@ module QA ...@@ -29,6 +29,30 @@ module QA
@add_files = files @add_files = files
end end
def add_directory(dir)
raise "Must set directory as a Pathname" unless dir.is_a?(Pathname)
files_to_add = []
dir.each_child do |child|
case child.ftype?
when "file"
files_to_add.append({
file_path: child.to_s,
content: child.read
})
when "directory"
add_directory(child)
else
continue
end
end
validate_files!(files_to_add)
@add_files.merge(files_to_add)
end
def update_files(files) def update_files(files)
validate_files!(files) validate_files!(files)
......
...@@ -3,7 +3,8 @@ ...@@ -3,7 +3,8 @@
module QA module QA
context 'Secure', :docker, :runner do context 'Secure', :docker, :runner do
describe 'Security Dashboard in a Project' do describe 'Security Dashboard in a Project' do
let(:vuln_name) { "CVE-2017-18269 in glibc" } let(:vulnerability_name) { "CVE-2017-18269 in glibc" }
let(:vulnerability_description) { "Short description to match in specs" }
before(:all) do before(:all) do
@executor = "qa-runner-#{Time.now.to_i}" @executor = "qa-runner-#{Time.now.to_i}"
...@@ -52,23 +53,23 @@ module QA ...@@ -52,23 +53,23 @@ module QA
after(:all) do after(:all) do
@runner.remove_via_api! @runner.remove_via_api!
Runtime::Feature.enable('job_log_json') if @job_log_json_flag_enabled
end end
it 'shows vulnerability details' do it 'shows vulnerability details', quarantine: { type: :investigating } do
@project.visit! @project.visit!
Page::Project::Menu.perform(&:click_on_security_dashboard) Page::Project::Menu.perform(&:click_on_security_dashboard)
EE::Page::Project::Secure::SecurityDashboard.perform do |security_dashboard| EE::Page::Project::Secure::SecurityDashboard.perform do |security_dashboard|
expect(security_dashboard).to have_vulnerability(description: vuln_name) expect(security_dashboard).to have_vulnerability(description: vulnerability_name)
security_dashboard.click_vulnerability(description: vuln_name) security_dashboard.click_vulnerability(description: vulnerability_name)
end end
EE::Page::Project::Secure::VulnerabilityDetails.perform do |vulnerability_details| EE::Page::Project::Secure::VulnerabilityDetails.perform do |vulnerability_details|
expect(vulnerability_details).to have_component(component_name: :vulnerability_header) expect(vulnerability_details).to have_component(component_name: :vulnerability_header)
expect(vulnerability_details).to have_component(component_name: :vulnerability_details) expect(vulnerability_details).to have_component(component_name: :vulnerability_details)
expect(vulnerability_details).to have_vulnerability_title(title: vulnerability_name)
expect(vulnerability_details).to have_vulnerability_description(description: vulnerability_description)
expect(vulnerability_details).to have_component(component_name: :vulnerability_footer) expect(vulnerability_details).to have_component(component_name: :vulnerability_footer)
end end
end end
......
...@@ -25,8 +25,6 @@ module QA ...@@ -25,8 +25,6 @@ module QA
@project = Resource::Project.fabricate_via_api! do |p| @project = Resource::Project.fabricate_via_api! do |p|
p.name = Runtime::Env.auto_devops_project_name || 'project-with-secure' p.name = Runtime::Env.auto_devops_project_name || 'project-with-secure'
p.description = 'Project with Secure' p.description = 'Project with Secure'
p.auto_devops_enabled = false
p.initialize_with_readme = true
end end
@runner = Resource::Runner.fabricate! do |runner| @runner = Resource::Runner.fabricate! do |runner|
...@@ -35,15 +33,16 @@ module QA ...@@ -35,15 +33,16 @@ module QA
runner.tags = %w[qa test] runner.tags = %w[qa test]
end end
# Push fixture to generate Secure reports commit_message = 'Add premade security reports'
@source = Resource::Repository::ProjectPush.fabricate! do |push| @commit = Resource::Repository::Commit.fabricate_via_api! do |commit|
push.project = @project commit.project = @project
push.directory = Pathname commit.commit_message = commit_message
.new(__dir__) commit.branch = 'secure-mr'
.join('../../../../../ee/fixtures/secure_premade_reports') commit.add_directory(
push.commit_message = 'Create Secure compatible application to serve premade reports' Pathname.new(__dir__).join('../../../../../ee/fixtures/secure_premade_reports')
push.branch_name = 'secure-mr' )
end end
@project.wait_for_push(commit_message)
@merge_request = Resource::MergeRequest.fabricate_via_api! do |mr| @merge_request = Resource::MergeRequest.fabricate_via_api! do |mr|
mr.project = @project mr.project = @project
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment