Commit 99055f4f authored by Mehmet Emin INAC's avatar Mehmet Emin INAC

Set `latest_pipeline_id` and mark project as vulnerable first

Current `StoreReportService` can raise exception to prevent us from
updating the `latest_pipeline_id` and marking the project as vulnerable
therefore we need to update these even before running the store report
service logic.

Changelog: fixed
EE: true
parent 2c58b606
...@@ -10,9 +10,9 @@ module Security ...@@ -10,9 +10,9 @@ module Security
end end
def execute def execute
store_reports
mark_project_as_vulnerable!
set_latest_pipeline! set_latest_pipeline!
mark_project_as_vulnerable!
store_reports
errors.any? ? error(full_errors) : success errors.any? ? error(full_errors) : success
end end
......
...@@ -41,6 +41,26 @@ RSpec.describe Security::StoreReportsService do ...@@ -41,6 +41,26 @@ RSpec.describe Security::StoreReportsService do
expect { execute_service_object }.to change { project.reload.vulnerability_statistic&.latest_pipeline_id }.from(nil).to(pipeline.id) expect { execute_service_object }.to change { project.reload.vulnerability_statistic&.latest_pipeline_id }.from(nil).to(pipeline.id)
end end
context 'when the StoreReportService raises an error' do
let(:error) { RuntimeError.new('foo') }
before do
allow_next_instance_of(Security::StoreReportService) do |service_object|
allow(service_object).to receive(:execute).and_raise(error)
end
end
it 'marks the project as vulnerable' do
expect { execute_service_object }.to raise_error(error)
.and change { project.reload.project_setting.has_vulnerabilities }.from(false).to(true)
end
it 'updates the `latest_pipeline_id` attribute of the associated `vulnerability_statistic` record' do
expect { execute_service_object }.to raise_error(error)
.and change { project.reload.vulnerability_statistic&.latest_pipeline_id }.from(nil).to(pipeline.id)
end
end
context 'when StoreReportService returns an error for a report' do context 'when StoreReportService returns an error for a report' do
let(:reports) { Gitlab::Ci::Reports::Security::Reports.new(pipeline) } let(:reports) { Gitlab::Ci::Reports::Security::Reports.new(pipeline) }
let(:sast_report) { reports.get_report('sast', sast_artifact) } let(:sast_report) { reports.get_report('sast', sast_artifact) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment