Merge branch 'remove-tmp-addition' into 'master'

Remove temporary change for switching CS fingerprint See merge request gitlab-org/gitlab!43691

Merge branch 'remove-tmp-addition' into 'master'
Remove temporary change for switching CS fingerprint See merge request gitlab-org/gitlab!43691
b91ce051 · Robert Speicher · ad7b1241 · bec511f2 · b91ce051 · b91ce051
Commit b91ce051 authored Sep 29, 2020 by Robert Speicher
3 changed files
--- a/ee/app/services/security/store_report_service.rb
+++ b/ee/app/services/security/store_report_service.rb
@@ -72,14 +72,10 @@ module Security
      }

      begin
-        if finding.location.respond_to?(:new_fingerprint)
-          create_or_update_vulnerability_finding(finding, create_params, find_params)
-        else
-          project
-            .vulnerability_findings
-            .create_with(create_params)
-            .find_or_create_by!(find_params)
-        end
+        project
+          .vulnerability_findings
+          .create_with(create_params)
+          .find_or_create_by!(find_params)
      rescue ActiveRecord::RecordNotUnique
        project.vulnerability_findings.find_by!(find_params)
      rescue ActiveRecord::RecordInvalid => e
@@ -87,25 +83,6 @@ module Security
      end
    end

-    # temporary, once existing data has updated it will be removed
-    # https://gitlab.com/gitlab-org/gitlab/-/issues/229594
-    def create_or_update_vulnerability_finding(finding, create_params, find_params)
-      existing_findings = project.vulnerability_findings
-      new_fingerprint = finding.location.new_fingerprint
-
-      new_find_params = find_params.merge(location_fingerprint: new_fingerprint)
-      finding = existing_findings.where(find_params)
-                                 .or(existing_findings.where(new_find_params)).first
-
-      if !finding.blank? && finding.location_fingerprint != new_fingerprint
-        finding.update_column(:location_fingerprint, new_fingerprint)
-      elsif finding.nil?
-        finding = existing_findings.create!(create_params.merge(new_find_params))
-      end
-
-      finding
-    end
-
    def update_vulnerability_scanner(finding)
      scanner = scanners_objects[finding.scanner.key]
      scanner.update!(finding.scanner.to_hash)

--- a/ee/changelogs/unreleased/remove-tmp-addition.yml
+++ b/ee/changelogs/unreleased/remove-tmp-addition.yml
+---
+title: Finish migration of Container Scanning fingerprints
+merge_request: 43691
+author:
+type: other
--- a/ee/spec/services/security/store_report_service_spec.rb
+++ b/ee/spec/services/security/store_report_service_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'

 RSpec.describe Security::StoreReportService, '#execute' do
-  let(:user) { create(:user) }
+  let_it_be(:user) { create(:user) }
  let(:artifact) { create(:ee_ci_job_artifact, report_type) }
  let(:project) { artifact.project }
  let(:pipeline) { artifact.job.pipeline }
@@ -55,33 +55,6 @@ RSpec.describe Security::StoreReportService, '#execute' do
      end
    end

-    context 'with container scanning vulnerabilities' do
-      let(:artifact) { create(:ee_ci_job_artifact, :container_scanning) }
-      let(:project) { artifact.project }
-      let(:pipeline) { artifact.job.pipeline }
-      let(:report) { pipeline.security_reports.get_report('container_scanning', artifact) }
-
-      it 'saves with new location' do
-        new_locations = report.findings.map(&:location).map(&:fingerprint)
-        expect(subject).to eq({ status: :success })
-        saved_locations = Vulnerabilities::Finding.all.map(&:location_fingerprint)
-        expect(new_locations).to match_array(saved_locations)
-      end
-
-      it 'updates existing location' do
-        allow_any_instance_of(described_class).to receive(:executed?).and_return(false)
-        expect(subject).to eq({ status: :success })
-
-        old_fingerprint = report.findings.first.location.fingerprint
-        new_fingerprint = report.findings.first.location.fingerprint
-        Vulnerabilities::Finding.first.update_column(:location_fingerprint, old_fingerprint)
-
-        described_class.new(pipeline, report).execute
-
-        expect(Vulnerabilities::Finding.first.location_fingerprint).to eq(new_fingerprint)
-      end
-    end
-
    context 'invalid data' do
      let(:artifact) { create(:ee_ci_job_artifact, :sast) }
      let(:finding_without_name) { build(:ci_reports_security_finding, name: nil) }
@@ -106,8 +79,8 @@ RSpec.describe Security::StoreReportService, '#execute' do
  end

  context 'with existing data from previous pipeline' do
-    let(:scanner) { create(:vulnerabilities_scanner, project: project, external_id: 'bandit', name: 'Bandit') }
-    let(:identifier) { create(:vulnerabilities_identifier, project: project, fingerprint: 'e6dd15eda2137be0034977a85b300a94a4f243a3') }
+    let(:scanner) { build(:vulnerabilities_scanner, project: project, external_id: 'bandit', name: 'Bandit') }
+    let(:identifier) { build(:vulnerabilities_identifier, project: project, fingerprint: 'e6dd15eda2137be0034977a85b300a94a4f243a3') }
    let!(:new_artifact) { create(:ee_ci_job_artifact, :sast, job: new_build) }
    let(:new_build) { create(:ci_build, pipeline: new_pipeline) }
    let(:new_pipeline) { create(:ci_pipeline, project: project) }