Use finding_description in CSV vulnerability export

7e36d346 · Alan (Maciej) Paruszewski · Robert Speicher · 48a15e58 · 7e36d346 · 7e36d346
Commit 7e36d346 authored Sep 03, 2020 by Alan (Maciej) Paruszewski Committed by Robert Speicher Sep 03, 2020
4 changed files
--- a/ee/app/models/vulnerability.rb
+++ b/ee/app/models/vulnerability.rb
@@ -127,7 +127,7 @@ class Vulnerability < ApplicationRecord
    super || finding&.dismissal_feedback&.author_id
  end

-  delegate :scanner_name, :scanner_external_id, :metadata, :message, :cve,
+  delegate :scanner_name, :scanner_external_id, :metadata, :message, :cve, :description,
           to: :finding, prefix: true, allow_nil: true

  delegate :default_branch, :name, to: :project, prefix: true, allow_nil: true

--- a/ee/app/services/vulnerability_exports/exporters/csv_service.rb
+++ b/ee/app/services/vulnerability_exports/exporters/csv_service.rb
@@ -10,7 +10,7 @@ module VulnerabilityExports
        'Scanner Name' => 'finding_scanner_name',
        'Status' => 'state',
        'Vulnerability' => 'title',
-        'Details' => 'description',
+        'Details' => 'finding_description',
        'Additional Info' => 'finding_message',
        'Severity' => 'severity',
        'CVE' => 'finding_cve'

--- a/ee/changelogs/unreleased/214223-change-description-to-finding-description-in-vuln-export.yml
+++ b/ee/changelogs/unreleased/214223-change-description-to-finding-description-in-vuln-export.yml
+---
+title: Use finding_description for Details in CSV vulnerability export
+merge_request: 40944
+author:
+type: changed
--- a/ee/spec/services/vulnerability_exports/exporters/csv_service_spec.rb
+++ b/ee/spec/services/vulnerability_exports/exporters/csv_service_spec.rb
@@ -36,7 +36,7 @@ RSpec.describe VulnerabilityExports::Exporters::CsvService do
      expect(csv[0]['Scanner Name']).to eq vulnerability.finding_scanner_name
      expect(csv[0]['Status']).to eq vulnerability.state
      expect(csv[0]['Vulnerability']).to eq vulnerability.title
-      expect(csv[0]['Details']).to eq vulnerability.description
+      expect(csv[0]['Details']).to eq vulnerability.finding_description
      expect(csv[0]['Additional Info']).to eq vulnerability.finding_message
      expect(csv[0]['Severity']).to eq vulnerability.severity
      expect(csv[0]['CVE']).to eq vulnerability.finding_cve
@@ -55,7 +55,7 @@ RSpec.describe VulnerabilityExports::Exporters::CsvService do
      expect(csv[0]['Scanner Name']).to eq vulnerability.finding_scanner_name
      expect(csv[0]['Status']).to eq vulnerability.state
      expect(csv[0]['Vulnerability']).to eq vulnerability.title
-      expect(csv[0]['Details']).to eq vulnerability.description
+      expect(csv[0]['Details']).to eq vulnerability.finding_description
      expect(csv[0]['Additional Info']).to eq vulnerability.finding_message
      expect(csv[0]['Severity']).to eq vulnerability.severity
      expect(csv[0]['CVE']).to eq vulnerability.finding_cve