Commit ae2fd1df authored by Sam Beckham's avatar Sam Beckham Committed by Mike Greiling

Fixes issues with the security reports migration

- Adds `scope=all` to the reports query to ensure we return dismissed
reports.
- Fixes capitalization issues with severity and confidence.
parent 8cf91a90
---
title: Fixes issues with the security reports migration
merge_request: 17519
author:
type: fixed
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
*/ */
import ReportLink from '~/reports/components/report_link.vue'; import ReportLink from '~/reports/components/report_link.vue';
import ModalOpenName from '~/reports/components/modal_open_name.vue'; import ModalOpenName from '~/reports/components/modal_open_name.vue';
import { humanize } from '~/lib/utils/text_utility';
export default { export default {
name: 'SastContainerIssueBody', name: 'SastContainerIssueBody',
...@@ -23,14 +24,19 @@ export default { ...@@ -23,14 +24,19 @@ export default {
required: true, required: true,
}, },
}, },
computed: {
severity() {
return this.issue.severity ? humanize(this.issue.severity) : null;
},
},
}; };
</script> </script>
<template> <template>
<div class="report-block-list-issue-description prepend-top-5 append-bottom-5"> <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
<div class="report-block-list-issue-description-text"> <div class="report-block-list-issue-description-text">
<template v-if="issue.severity" <template v-if="severity">
>{{ issue.severity }}:</template {{ severity }}:
> </template>
<modal-open-name :issue="issue" :status="status" /> <modal-open-name :issue="issue" :status="status" />
</div> </div>
......
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
*/ */
import ReportLink from '~/reports/components/report_link.vue'; import ReportLink from '~/reports/components/report_link.vue';
import ModalOpenName from '~/reports/components/modal_open_name.vue'; import ModalOpenName from '~/reports/components/modal_open_name.vue';
import { humanize } from '~/lib/utils/text_utility';
export default { export default {
name: 'SastIssueBody', name: 'SastIssueBody',
...@@ -25,24 +26,29 @@ export default { ...@@ -25,24 +26,29 @@ export default {
required: true, required: true,
}, },
}, },
computed: {
title() {
const { severity, confidence, priority } = this.issue;
if (severity) {
if (confidence) {
return `${humanize(severity)} (${humanize(confidence)})`;
}
return humanize(severity);
} else if (confidence) {
return `(${humanize(confidence)})`;
}
return priority;
},
},
}; };
</script> </script>
<template> <template>
<div class="report-block-list-issue-description prepend-top-5 append-bottom-5"> <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
<div class="report-block-list-issue-description-text"> <div class="report-block-list-issue-description-text">
<template v-if="issue.severity && issue.confidence"> {{ title }}:
{{ issue.severity }} ({{ issue.confidence }}):
</template>
<template v-else-if="issue.severity">
{{ issue.severity }}:
</template>
<template v-else-if="issue.confidence">
({{ issue.confidence }}):
</template>
<template v-else-if="issue.priority"
>{{ issue.priority }}:</template
>
<modal-open-name :issue="issue" :status="status" /> <modal-open-name :issue="issue" :status="status" />
</div> </div>
......
...@@ -11,7 +11,7 @@ module Ci ...@@ -11,7 +11,7 @@ module Ci
end end
def get_report(pipeline) def get_report(pipeline)
Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[container_scanning] }).execute Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[container_scanning], scope: 'all' }).execute
end end
end end
end end
...@@ -11,7 +11,7 @@ module Ci ...@@ -11,7 +11,7 @@ module Ci
end end
def get_report(pipeline) def get_report(pipeline)
Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning] }).execute Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[dependency_scanning], scope: 'all' }).execute
end end
end end
end end
...@@ -11,7 +11,7 @@ module Ci ...@@ -11,7 +11,7 @@ module Ci
end end
def get_report(pipeline) def get_report(pipeline)
Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[sast] }).execute Security::PipelineVulnerabilitiesFinder.new(pipeline: pipeline, params: { report_type: %w[sast], scope: 'all' }).execute
end end
end end
end end
...@@ -19,8 +19,8 @@ describe('sast issue body', () => { ...@@ -19,8 +19,8 @@ describe('sast issue body', () => {
tool: 'bundler_audit', tool: 'bundler_audit',
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00', url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00',
urlPath: '/Gemfile.lock', urlPath: '/Gemfile.lock',
severity: 'Medium', severity: 'medium',
confidence: 'Low', confidence: 'low',
}; };
const status = STATUS_FAILED; const status = STATUS_FAILED;
...@@ -36,9 +36,7 @@ describe('sast issue body', () => { ...@@ -36,9 +36,7 @@ describe('sast issue body', () => {
status, status,
}); });
expect(vm.$el.textContent.trim()).toContain( expect(vm.$el.textContent.trim()).toContain('Medium (Low):');
`${sastIssue.severity} (${sastIssue.confidence}):`,
);
}); });
}); });
...@@ -51,7 +49,7 @@ describe('sast issue body', () => { ...@@ -51,7 +49,7 @@ describe('sast issue body', () => {
status, status,
}); });
expect(vm.$el.textContent.trim()).toContain(`${issueCopy.severity}:`); expect(vm.$el.textContent.trim()).toContain('Medium:');
}); });
}); });
...@@ -64,7 +62,7 @@ describe('sast issue body', () => { ...@@ -64,7 +62,7 @@ describe('sast issue body', () => {
status, status,
}); });
expect(vm.$el.textContent.trim()).toContain(`(${issueCopy.confidence}):`); expect(vm.$el.textContent.trim()).toContain('(Low):');
}); });
}); });
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment