Merge branch 'fix-security-master-conflict' into 'master'

Fix the automatic merge conflict

See merge request gitlab-org/security/gitlab!1639

app/models/concerns/enums/ci/pipeline.rb

@@ -37,7 +37,8 @@ module Enums
           merge_request_event: 10,
           external_pull_request_event: 11,
           parent_pipeline: 12,
-          ondemand_dast_scan: 13
+          ondemand_dast_scan: 13,
+          ondemand_dast_validation: 14
         }
       end
 
@@ -48,8 +49,10 @@ module Enums
       #   parent pipeline. It's up to the parent to affect the ref CI status
       # - when an ondemand_dast_scan pipeline runs it is for testing purpose and should
       #   not affect the ref CI status.
+      # - when an ondemand_dast_validation pipeline runs it is for validating a DAST site
+      #   profile and should not affect the ref CI status.
       def self.dangling_sources
-        sources.slice(:webide, :parent_pipeline, :ondemand_dast_scan)
+        sources.slice(:webide, :parent_pipeline, :ondemand_dast_scan, :ondemand_dast_validation)
       end
 
       # CI sources are those pipeline events that affect the CI status of the ref

ee/app/services/app_sec/dast/site_validations/runner_service.rb

@@ -8,7 +8,7 @@ module AppSec
           return ServiceResponse.error(message: _('Insufficient permissions')) unless allowed?
 
           service = Ci::CreatePipelineService.new(project, current_user, ref: project.default_branch_or_main)
-          result = service.execute(:ondemand_dast_scan, content: ci_configuration.to_yaml, variables_attributes: dast_site_validation_variables)
+          result = service.execute(:ondemand_dast_validation, content: ci_configuration.to_yaml, variables_attributes: dast_site_validation_variables)
 
           if result.success?
             ServiceResponse.success(payload: dast_site_validation)

ee/spec/services/app_sec/dast/site_validations/runner_service_spec.rb

@@ -39,8 +39,10 @@ RSpec.describe AppSec::Dast::SiteValidations::RunnerService do
         expect(subject).to have_attributes(status: :success, payload: dast_site_validation)
       end
 
-      it 'creates a ci_pipeline with ci_pipeline_variables' do
+      it 'creates a ci_pipeline with an appropriate source', :aggregate_failures do
         expect { subject }.to change { Ci::Pipeline.count }.by(1)
+
+        expect(Ci::Pipeline.last.source).to eq('ondemand_dast_validation')
       end
 
       it 'makes the correct variables available to the ci_build' do

lib/gitlab/ci/pipeline/chain/command.rb

@@ -107,10 +107,6 @@ module Gitlab
               .increment(reason: (reason || :unknown_failure).to_s)
           end
 
-          def dangling_build?
-            %i[ondemand_dast_scan webide].include?(source)
-          end
-
           private
 
           # Verifies that origin_ref is a fully qualified tag reference (refs/tags/<tag-name>)

spec/lib/gitlab/ci/pipeline/chain/command_spec.rb

@@ -295,31 +295,6 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Command do
     end
   end
 
-  describe '#dangling_build?' do
-    let(:project) { create(:project, :repository) }
-    let(:command) { described_class.new(project: project, source: source) }
-
-    subject { command.dangling_build? }
-
-    context 'when source is :webide' do
-      let(:source) { :webide }
-
-      it { is_expected.to eq(true) }
-    end
-
-    context 'when source is :ondemand_dast_scan' do
-      let(:source) { :ondemand_dast_scan }
-
-      it { is_expected.to eq(true) }
-    end
-
-    context 'when source something else' do
-      let(:source) { :web }
-
-      it { is_expected.to eq(false) }
-    end
-  end
-
   describe '#creates_child_pipeline?' do
     let(:command) { described_class.new(bridge: bridge) }