Expose build environment latest deployable name and path

app/serializers/deployment_entity.rb

@@ -22,8 +22,18 @@ class DeploymentEntity < Grape::Entity
   expose :last?
   expose :user, using: UserEntity
 
+  expose :deployable do |deployment, opts|
+    deployment.deployable.yield_self do |deployable|
+      if include_details?
+        JobEntity.represent(deployable, opts)
+      elsif can_read_deployables?
+        { name: deployable.name,
+          build_path: project_job_path(deployable.project, deployable) }
+      end
+    end
+  end
+
   expose :commit, using: CommitEntity, if: -> (*) { include_details? }
-  expose :deployable, using: JobEntity, if: -> (*) { include_details? }
   expose :manual_actions, using: JobEntity, if: -> (*) { include_details? && can_create_deployment? }
   expose :scheduled_actions, using: JobEntity, if: -> (*) { include_details? && can_create_deployment? }
 
@@ -36,4 +46,13 @@ class DeploymentEntity < Grape::Entity
   def can_create_deployment?
     can?(request.current_user, :create_deployment, request.project)
   end
+
+  def can_read_deployables?
+    ##
+    # We intentionally do not check `:read_build, deployment.deployable`
+    # because it triggers a policy evaluation that involves multiple
+    # Gitaly calls that might not be cached.
+    #
+    can?(request.current_user, :read_build, request.project)
+  end
 end

spec/fixtures/api/schemas/environment.json

@@ -31,7 +31,11 @@
     "last_deployment": {
       "oneOf": [
         { "type": "null" },
-        { "$ref": "deployment.json" }
+        { "$ref": "deployment.json" },
+        {
+          "name": { "type": "string" },
+          "build_path": { "type": "string" }
+        }
       ]
     }
   },

spec/serializers/build_details_entity_spec.rb

@@ -142,7 +142,7 @@ describe BuildDetailsEntity do
         response = subject.with_indifferent_access
 
         response.dig(:deployment_status, :environment, :last_deployment).tap do |deployment|
-          expect(deployment).not_to include(:commit, :deployable, :manual_actions, :scheduled_actions)
+          expect(deployment).not_to include(:commit, :manual_actions, :scheduled_actions)
         end
       end
     end

spec/serializers/deployment_entity_spec.rb

@@ -93,13 +93,22 @@ describe DeploymentEntity do
   end
 
   context 'when deployment details serialization was disabled' do
+    include Gitlab::Routing
+
     let(:entity) do
       described_class.new(deployment, request: request, deployment_details: false)
     end
 
     it 'does not serialize deployment details' do
       expect(subject.with_indifferent_access)
-        .not_to include(:commit, :deployable, :manual_actions, :scheduled_actions)
+        .not_to include(:commit, :manual_actions, :scheduled_actions)
+    end
+
+    it 'only exposes deployable name and path' do
+      project_job_path(project, deployment.deployable).tap do |path|
+        expect(subject.fetch(:deployable))
+          .to eq('name' => 'test', 'build_path' => path)
+      end
     end
   end
 end