Add severity badge to security reports

- container scanning - dast - sast - Add conditional render of SeverityBadge in the case that severity doesn't exist - Remove fallback to priority for sast report badge as priority is what we used to display, but has been deprecated in favor of severity and is not long present - update snapshots for dast, sast, and container security to match new component structure that includes the severity badge on the MR security report - remove test that is a duplicate of one in security badge component - replace deprecated priority property with severity property

Add severity badge to security reports
- container scanning - dast - sast - Add conditional render of SeverityBadge in the case that severity doesn't exist - Remove fallback to priority for sast report badge as priority is what we used to display, but has been deprecated in favor of severity and is not long present - update snapshots for dast, sast, and container security to match new component structure that includes the severity badge on the MR security report - remove test that is a duplicate of one in security badge component - replace deprecated priority property with severity property
8f8b7cb8 · Alexander Turinske · 882763a5 · 8f8b7cb8 · 8f8b7cb8 · 8f8b7cb8
Commit 8f8b7cb8 authored Mar 09, 2020 by Alexander Turinske
10 changed files
--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/container_scanning_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/container_scanning_issue_body.vue
 <script>
 /**
 * Renders CONTAINER SCANNING body text
- * [priority]: [name] in [link]:[line]
+ * [severity-badge] [name] in [link]:[line]
 */
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
-import { humanize } from '~/lib/utils/text_utility';
+import SeverityBadge from './severity_badge.vue';

 export default {
  name: 'ContainerScanningIssueBody',
  components: {
    ModalOpenName,
+    SeverityBadge,
  },
  props: {
    issue: {
@@ -22,20 +23,12 @@ export default {
      required: true,
    },
  },
-  computed: {
-    severity() {
-      return this.issue.severity ? humanize(this.issue.severity) : null;
-    },
-  },
 };
 </script>
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      <template v-if="severity">
-        {{ severity }}:
-      </template>
-
+      <severity-badge v-if="issue.severity" class="d-inline-block" :severity="issue.severity" />
      <modal-open-name :issue="issue" :status="status" />
    </div>
  </div>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/dast_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/dast_issue_body.vue
 <script>
 /**
 * Renders DAST body text
- * [severity]: [name]
+ * [severity-badge] [name] in [link]:[line]
 */
-
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
+import SeverityBadge from './severity_badge.vue';

 export default {
  name: 'DastIssueBody',
  components: {
    ModalOpenName,
+    SeverityBadge,
  },
  props: {
    issue: {
@@ -27,8 +28,7 @@ export default {
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      {{ issue.severity }}:
-
+      <severity-badge v-if="issue.severity" class="d-inline-block" :severity="issue.severity" />
      <modal-open-name :issue="issue" :status="status" class="js-modal-dast" />
    </div>
  </div>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
 <script>
 /**
 * Renders SAST body text
- * [severity]: [name] in [link] : [line]
+ * [severity-badge] [name] in [link]:[line]
 */
 import ReportLink from '~/reports/components/report_link.vue';
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
-import { humanize } from '~/lib/utils/text_utility';
+import SeverityBadge from './severity_badge.vue';

 export default {
  name: 'SastIssueBody',
-
  components: {
    ReportLink,
    ModalOpenName,
+    SeverityBadge,
  },
-
  props: {
    issue: {
      type: Object,
@@ -26,25 +25,14 @@ export default {
      required: true,
    },
  },
-
-  computed: {
-    title() {
-      const { severity, priority } = this.issue;
-      if (severity) {
-        return humanize(severity);
-      }
-      return priority;
-    },
-  },
 };
 </script>
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      {{ title }}:
+      <severity-badge v-if="issue.severity" class="d-inline-block" :severity="issue.severity" />
      <modal-open-name :issue="issue" :status="status" />
    </div>
-
    <report-link v-if="issue.path" :issue="issue" />
  </div>
 </template>
--- a/ee/changelogs/unreleased/199145-add-severity-badge-to-MR-report.yml
+++ b/ee/changelogs/unreleased/199145-add-severity-badge-to-MR-report.yml
 ---
 title: Add severity badge to security reports
 merge_request: 26715
-author: Alexander Turinske
-type: added
+author:
+type: changed
--- a/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/container_scanning_issue_body_spec.js.snap
+++ b/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/container_scanning_issue_body_spec.js.snap
@@ -7,8 +7,10 @@ exports[`Container Scanning Issue Body matches snapshot 1`] = `
  <div
    class="report-block-list-issue-description-text"
  >
-    
-      Low:
+    <severity-badge-stub
+      class="d-inline-block"
+      severity="Low"
+    />
     
    <modal-open-name-stub
      issue="[object Object]"

--- a/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/dast_issue_body_spec.js.snap
+++ b/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/dast_issue_body_spec.js.snap
@@ -7,10 +7,11 @@ exports[`Dast Issue Body matches the snaphot 1`] = `
  <div
    class="report-block-list-issue-description-text"
  >
-    
-    Low:
-
-    
+    <severity-badge-stub
+      class="d-inline-block"
+      severity="Low"
+    />
+     
    <modal-open-name-stub
      class="js-modal-dast"
      issue="[object Object]"

--- a/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/sast_issue_body_spec.js.snap
+++ b/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/sast_issue_body_spec.js.snap
@@ -7,9 +7,11 @@ exports[`Sast Issue Body matches snapshot 1`] = `
  <div
    class="report-block-list-issue-description-text"
  >
-    
-    Medium:
-    
+    <severity-badge-stub
+      class="d-inline-block"
+      severity="Medium"
+    />
+     
    <modal-open-name-stub
      issue="[object Object]"
      status="failed"

--- a/ee/spec/frontend/vue_shared/security_reports/components/container_scanning_issue_body_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/components/container_scanning_issue_body_spec.js
 import { shallowMount } from '@vue/test-utils';
 import ContainerScanningIssueBody from 'ee/vue_shared/security_reports/components/container_scanning_issue_body.vue';
+import SeverityBadge from 'ee/vue_shared/security_reports/components/severity_badge.vue';

 describe('Container Scanning Issue Body', () => {
  let wrapper;

-  const createComponent = severity => {
+  const createComponent = (severity = undefined) => {
    wrapper = shallowMount(ContainerScanningIssueBody, {
      propsData: {
        issue: {
@@ -30,13 +31,13 @@ describe('Container Scanning Issue Body', () => {
    expect(wrapper.element).toMatchSnapshot();
  });

-  it('renders severity if present on issue', () => {
+  it('does show SeverityBadge if severity is present', () => {
    createComponent('Low');
-    expect(wrapper.find('.report-block-list-issue-description-text').text()).toBe('Low:');
+    expect(wrapper.find(SeverityBadge).props('severity')).toBe('Low');
  });

-  it('does not render  severity if not present on issue', () => {
+  it('does not show SeverityBadge if severity is not present', () => {
    createComponent();
-    expect(wrapper.find('.report-block-list-issue-description-text').text()).toBe('');
+    expect(wrapper.contains(SeverityBadge)).toBe(false);
  });
 });
--- a/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
 import { shallowMount } from '@vue/test-utils';
 import { STATUS_FAILED } from '~/reports/constants';
 import SastIssueBody from 'ee/vue_shared/security_reports/components/sast_issue_body.vue';
+import SeverityBadge from 'ee/vue_shared/security_reports/components/severity_badge.vue';
 import ReportLink from '~/reports/components/report_link.vue';

 describe('Sast Issue Body', () => {
  let wrapper;

-  const findDescriptionText = () => wrapper.find('.report-block-list-issue-description-text');
  const findReportLink = () => wrapper.find(ReportLink);

  const createComponent = issue => {
@@ -25,27 +25,23 @@ describe('Sast Issue Body', () => {

  it('matches snapshot', () => {
    createComponent({
-      severity: 'medium',
-      priority: 'high',
+      severity: 'Medium',
    });

    expect(wrapper.element).toMatchSnapshot();
  });

-  it('renders priority if no security are passed', () => {
+  it('does show SeverityBadge if severity is present', () => {
    createComponent({
-      priority: 'high',
+      severity: 'Medium',
    });

-    expect(findDescriptionText().text()).toBe('high:');
+    expect(wrapper.find(SeverityBadge).props('severity')).toBe('Medium');
  });

-  it('renders severity', () => {
-    createComponent({
-      severity: 'medium',
-    });
-
-    expect(findDescriptionText().text()).toBe('Medium:');
+  it('does not show SeverityBadge if severity is not present', () => {
+    createComponent({});
+    expect(wrapper.contains(SeverityBadge)).toBe(false);
  });

  it('does not render report link if no path is passed', () => {

--- a/ee/spec/frontend/vue_shared/security_reports/mock_data.js
+++ b/ee/spec/frontend/vue_shared/security_reports/mock_data.js
@@ -5,7 +5,7 @@ export const sastParsedIssues = [
    title: 'Arbitrary file existence disclosure in Action Pack',
    path: 'Gemfile.lock',
    line: 12,
-    priority: 'High',
+    severity: 'High',
    urlPath: 'foo/Gemfile.lock',
  },
 ];