Commit befbd1f4 authored by James Fargher's avatar James Fargher

Merge branch '205302-update-model-and-finder-tests' into 'master'

Support 'license_scanning' in model tests

See merge request gitlab-org/gitlab!27828
parents c036703a eaa6119c
...@@ -96,13 +96,13 @@ FactoryBot.define do ...@@ -96,13 +96,13 @@ FactoryBot.define do
end end
end end
trait :license_management_feature_branch do trait :license_scanning_feature_branch do
after(:build) do |build| after(:build) do |build|
build.job_artifacts << create(:ee_ci_job_artifact, :license_management_feature_branch, job: build) build.job_artifacts << create(:ee_ci_job_artifact, :license_scanning_feature_branch, job: build)
end end
end end
trait :corrupted_license_management_report do trait :corrupted_license_scanning_report do
after(:build) do |build| after(:build) do |build|
build.job_artifacts << create(:ee_ci_job_artifact, :license_scan, :with_corrupted_data, job: build) build.job_artifacts << create(:ee_ci_job_artifact, :license_scan, :with_corrupted_data, job: build)
end end
......
...@@ -159,13 +159,13 @@ FactoryBot.define do ...@@ -159,13 +159,13 @@ FactoryBot.define do
end end
end end
trait :license_management_feature_branch do trait :license_scanning_feature_branch do
file_type { :license_management } file_type { :license_scanning }
file_format { :raw } file_format { :raw }
after(:build) do |artifact, _| after(:build) do |artifact, _|
artifact.file = fixture_file_upload( artifact.file = fixture_file_upload(
Rails.root.join('ee/spec/fixtures/security_reports/feature-branch/gl-license-management-report.json'), 'application/json') Rails.root.join('ee/spec/fixtures/security_reports/feature-branch/gl-license-scanning-report.json'), 'application/json')
end end
end end
...@@ -300,7 +300,7 @@ FactoryBot.define do ...@@ -300,7 +300,7 @@ FactoryBot.define do
end end
trait :license_scan do trait :license_scan do
file_type { :license_management } file_type { :license_scanning }
file_format { :raw } file_format { :raw }
end end
......
...@@ -69,7 +69,7 @@ FactoryBot.define do ...@@ -69,7 +69,7 @@ FactoryBot.define do
status { :success } status { :success }
after(:build) do |pipeline, evaluator| after(:build) do |pipeline, evaluator|
pipeline.builds << build(:ee_ci_build, :license_management_feature_branch, pipeline: pipeline, project: pipeline.project) pipeline.builds << build(:ee_ci_build, :license_scanning_feature_branch, pipeline: pipeline, project: pipeline.project)
end end
end end
...@@ -77,7 +77,7 @@ FactoryBot.define do ...@@ -77,7 +77,7 @@ FactoryBot.define do
status { :success } status { :success }
after(:build) do |pipeline, evaluator| after(:build) do |pipeline, evaluator|
pipeline.builds << build(:ee_ci_build, :corrupted_license_management_report, pipeline: pipeline, project: pipeline.project) pipeline.builds << build(:ee_ci_build, :corrupted_license_scanning_report, pipeline: pipeline, project: pipeline.project)
end end
end end
......
...@@ -29,7 +29,7 @@ describe 'EE > Projects > Licenses > Maintainer views policies', :js do ...@@ -29,7 +29,7 @@ describe 'EE > Projects > Licenses > Maintainer views policies', :js do
let_it_be(:mit) { create(:software_license, :mit) } let_it_be(:mit) { create(:software_license, :mit) }
let_it_be(:mit_policy) { create(:software_license_policy, :denied, software_license: mit, project: project) } let_it_be(:mit_policy) { create(:software_license_policy, :denied, software_license: mit, project: project) }
let_it_be(:pipeline) { create(:ee_ci_pipeline, project: project, builds: [create(:ee_ci_build, :license_scan_v2, :success)]) } let_it_be(:pipeline) { create(:ee_ci_pipeline, project: project, builds: [create(:ee_ci_build, :license_scan_v2, :success)]) }
let(:report) { JSON.parse(fixture_file('security_reports/gl-license-management-report-v2.json', dir: 'ee')) } let(:report) { JSON.parse(fixture_file('security_reports/gl-license-scanning-report-v2.json', dir: 'ee')) }
let(:known_licenses) { report['licenses'].find_all { |license| license['url'].present? } } let(:known_licenses) { report['licenses'].find_all { |license| license['url'].present? } }
it 'displays licenses detected in the most recent scan report' do it 'displays licenses detected in the most recent scan report' do
......
...@@ -6,25 +6,19 @@ describe Security::LicenseManagementJobsFinder do ...@@ -6,25 +6,19 @@ describe Security::LicenseManagementJobsFinder do
it_behaves_like ::Security::JobsFinder, described_class.allowed_job_types it_behaves_like ::Security::JobsFinder, described_class.allowed_job_types
describe "#execute" do describe "#execute" do
let(:pipeline) { create(:ci_pipeline) }
let(:finder) { described_class.new(pipeline: pipeline) }
subject { finder.execute } subject { finder.execute }
context 'with multiple secure builds' do let(:pipeline) { create(:ci_pipeline) }
let!(:sast_build) { create(:ci_build, :sast, pipeline: pipeline) } let(:finder) { described_class.new(pipeline: pipeline) }
let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
let!(:license_management_build) { create(:ci_build, :license_management, pipeline: pipeline) }
it 'returns only the license_management jobs' do let!(:sast_build) { create(:ci_build, :sast, pipeline: pipeline) }
is_expected.to include(license_management_build) let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
let!(:license_scanning_build) { create(:ci_build, :license_scanning, pipeline: pipeline) }
let!(:license_management_build) { create(:ci_build, :license_management, pipeline: pipeline) }
is_expected.not_to include(container_scanning_build) it 'returns only the license_scanning jobs' do
is_expected.not_to include(dast_build) is_expected.to contain_exactly(license_scanning_build, license_management_build)
is_expected.not_to include(sast_build)
end
end end
end end
end end
...@@ -42,7 +42,7 @@ describe Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning do ...@@ -42,7 +42,7 @@ describe Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning do
end end
context 'when parsing a valid v1.1 report' do context 'when parsing a valid v1.1 report' do
let(:v1_1_data) { fixture_file('security_reports/gl-license-management-report-v1.1.json', dir: 'ee') } let(:v1_1_data) { fixture_file('security_reports/gl-license-scanning-report-v1.1.json', dir: 'ee') }
before do before do
subject.parse!(v1_1_data, report) subject.parse!(v1_1_data, report)
...@@ -74,7 +74,7 @@ describe Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning do ...@@ -74,7 +74,7 @@ describe Gitlab::Ci::Parsers::LicenseCompliance::LicenseScanning do
end end
context 'when parsing a valid v2 report' do context 'when parsing a valid v2 report' do
let(:v2_data) { fixture_file('security_reports/gl-license-management-report-v2.json', dir: 'ee') } let(:v2_data) { fixture_file('security_reports/gl-license-scanning-report-v2.json', dir: 'ee') }
before do before do
subject.parse!(v2_data, report) subject.parse!(v2_data, report)
......
...@@ -279,7 +279,7 @@ describe Gitlab::Ci::Reports::LicenseScanning::Report do ...@@ -279,7 +279,7 @@ describe Gitlab::Ci::Reports::LicenseScanning::Report do
context 'when parsing a v2 report' do context 'when parsing a v2 report' do
subject { described_class.parse_from(v2_json) } subject { described_class.parse_from(v2_json) }
let(:v2_json) { fixture_file('security_reports/gl-license-management-report-v2.json', dir: 'ee') } let(:v2_json) { fixture_file('security_reports/gl-license-scanning-report-v2.json', dir: 'ee') }
it { expect(subject.version).to eql('2.0') } it { expect(subject.version).to eql('2.0') }
it { expect(subject.licenses.count).to eq(3) } it { expect(subject.licenses.count).to eq(3) }
......
...@@ -203,8 +203,22 @@ describe Ci::Build do ...@@ -203,8 +203,22 @@ describe Ci::Build do
it { expect(license_scanning_report.licenses.count).to eq(0) } it { expect(license_scanning_report.licenses.count).to eq(0) }
context 'when build has a license management report' do context 'when build has a license scanning report' do
context 'when there is a license scanning report' do context 'when there is a new type report' do
before do
create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project)
end
it 'parses blobs and add the results to the report' do
expect { subject }.not_to raise_error
expect(license_scanning_report.licenses.count).to eq(4)
expect(license_scanning_report.licenses.map(&:name)).to contain_exactly("Apache 2.0", "MIT", "New BSD", "unknown")
expect(license_scanning_report.licenses.find { |x| x.name == 'MIT' }.dependencies.count).to eq(52)
end
end
context 'when there is an old type report' do
before do before do
create(:ee_ci_job_artifact, :license_management, job: job, project: job.project) create(:ee_ci_job_artifact, :license_management, job: job, project: job.project)
end end
...@@ -218,7 +232,7 @@ describe Ci::Build do ...@@ -218,7 +232,7 @@ describe Ci::Build do
end end
end end
context 'when there is a corrupted license management report' do context 'when there is a corrupted report' do
before do before do
create(:ee_ci_job_artifact, :license_scan, :with_corrupted_data, job: job, project: job.project) create(:ee_ci_job_artifact, :license_scan, :with_corrupted_data, job: job, project: job.project)
end end
...@@ -231,7 +245,7 @@ describe Ci::Build do ...@@ -231,7 +245,7 @@ describe Ci::Build do
context 'when Feature flag is disabled for License Scanning reports parsing' do context 'when Feature flag is disabled for License Scanning reports parsing' do
before do before do
stub_feature_flags(parse_license_management_reports: false) stub_feature_flags(parse_license_management_reports: false)
create(:ee_ci_job_artifact, :license_management, job: job, project: job.project) create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project)
end end
it 'does NOT parse license scanning report' do it 'does NOT parse license scanning report' do
...@@ -241,10 +255,10 @@ describe Ci::Build do ...@@ -241,10 +255,10 @@ describe Ci::Build do
end end
end end
context 'when the license management feature is disabled' do context 'when the license scanning feature is disabled' do
before do before do
stub_licensed_features(license_scanning: false) stub_licensed_features(license_scanning: false)
create(:ee_ci_job_artifact, :license_management, job: job, project: job.project) create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project)
end end
it 'does NOT parse license scanning report' do it 'does NOT parse license scanning report' do
...@@ -289,7 +303,7 @@ describe Ci::Build do ...@@ -289,7 +303,7 @@ describe Ci::Build do
end end
describe '#collect_licenses_for_dependency_list!' do describe '#collect_licenses_for_dependency_list!' do
let!(:lm_artifact) { create(:ee_ci_job_artifact, :license_management, job: job, project: job.project) } let!(:license_scan_artifact) { create(:ee_ci_job_artifact, :license_scanning, job: job, project: job.project) }
let(:dependency_list_report) { Gitlab::Ci::Reports::DependencyList::Report.new } let(:dependency_list_report) { Gitlab::Ci::Reports::DependencyList::Report.new }
let(:dependency) { build(:dependency, :nokogiri) } let(:dependency) { build(:dependency, :nokogiri) }
...@@ -378,7 +392,7 @@ describe Ci::Build do ...@@ -378,7 +392,7 @@ describe Ci::Build do
describe ".license_scan" do describe ".license_scan" do
it 'returns only license artifacts' do it 'returns only license artifacts' do
create(:ci_build, job_artifacts: [create(:ci_job_artifact, :zip)]) create(:ci_build, job_artifacts: [create(:ci_job_artifact, :zip)])
build_with_license_scan = create(:ci_build, job_artifacts: [create(:ci_job_artifact, file_type: :license_management, file_format: :raw)]) build_with_license_scan = create(:ci_build, job_artifacts: [create(:ci_job_artifact, file_type: :license_scanning, file_format: :raw)])
expect(described_class.license_scan).to contain_exactly(build_with_license_scan) expect(described_class.license_scan).to contain_exactly(build_with_license_scan)
end end
......
...@@ -250,14 +250,9 @@ describe Ci::Pipeline do ...@@ -250,14 +250,9 @@ describe Ci::Pipeline do
stub_licensed_features(license_scanning: true) stub_licensed_features(license_scanning: true)
end end
context 'when pipeline has multiple builds with license management reports' do context 'when pipeline has multiple builds with license scanning reports' do
let!(:build_1) { create(:ci_build, :success, name: 'license_management', pipeline: pipeline, project: project) } let!(:build_1) { create(:ee_ci_build, :success, :license_scanning, pipeline: pipeline, project: project) }
let!(:build_2) { create(:ci_build, :success, name: 'license_management2', pipeline: pipeline, project: project) } let!(:build_2) { create(:ee_ci_build, :success, :license_scanning_feature_branch, pipeline: pipeline, project: project) }
before do
create(:ee_ci_job_artifact, :license_management, job: build_1, project: project)
create(:ee_ci_job_artifact, :license_management_feature_branch, job: build_2, project: project)
end
it 'returns a license scanning report with collected data' do it 'returns a license scanning report with collected data' do
expect(subject.licenses.count).to eq(5) expect(subject.licenses.count).to eq(5)
...@@ -265,8 +260,10 @@ describe Ci::Pipeline do ...@@ -265,8 +260,10 @@ describe Ci::Pipeline do
end end
context 'when builds are retried' do context 'when builds are retried' do
let!(:build_1) { create(:ci_build, :retried, :success, name: 'license_management', pipeline: pipeline, project: project) } before do
let!(:build_2) { create(:ci_build, :retried, :success, name: 'license_management2', pipeline: pipeline, project: project) } build_1.update(retried: true)
build_2.update(retried: true)
end
it 'does not take retried builds into account' do it 'does not take retried builds into account' do
expect(subject.licenses).to be_empty expect(subject.licenses).to be_empty
...@@ -274,7 +271,7 @@ describe Ci::Pipeline do ...@@ -274,7 +271,7 @@ describe Ci::Pipeline do
end end
end end
context 'when pipeline does not have any builds with license management reports' do context 'when pipeline does not have any builds with license scanning reports' do
it 'returns an empty license scanning report' do it 'returns an empty license scanning report' do
expect(subject.licenses).to be_empty expect(subject.licenses).to be_empty
end end
...@@ -289,10 +286,8 @@ describe Ci::Pipeline do ...@@ -289,10 +286,8 @@ describe Ci::Pipeline do
end end
context 'when pipeline has a build with dependency list reports' do context 'when pipeline has a build with dependency list reports' do
let!(:build) { create(:ci_build, :success, name: 'dependency_list', pipeline: pipeline, project: project) } let!(:build) { create(:ee_ci_build, :success, :dependency_list, pipeline: pipeline, project: project) }
let!(:artifact) { create(:ee_ci_job_artifact, :dependency_list, job: build, project: project) } let!(:build2) { create(:ee_ci_build, :success, :license_scanning, pipeline: pipeline, project: project) }
let!(:build2) { create(:ci_build, :success, name: 'license_management', pipeline: pipeline, project: project) }
let!(:artifact2) { create(:ee_ci_job_artifact, :license_management, job: build, project: project) }
it 'returns a dependency list report with collected data' do it 'returns a dependency list report with collected data' do
expect(subject.dependencies.count).to eq(21) expect(subject.dependencies.count).to eq(21)
...@@ -301,8 +296,9 @@ describe Ci::Pipeline do ...@@ -301,8 +296,9 @@ describe Ci::Pipeline do
end end
context 'when builds are retried' do context 'when builds are retried' do
let!(:build) { create(:ci_build, :retried, :success, name: 'dependency_list', pipeline: pipeline, project: project) } before do
let!(:artifact) { create(:ee_ci_job_artifact, :dependency_list, job: build, project: project) } build.update(retried: true)
end
it 'does not take retried builds into account' do it 'does not take retried builds into account' do
expect(subject.dependencies).to be_empty expect(subject.dependencies).to be_empty
......
...@@ -43,13 +43,13 @@ RSpec.describe SCA::LicenseCompliance do ...@@ -43,13 +43,13 @@ RSpec.describe SCA::LicenseCompliance do
context "when the license scan job has not finished" do context "when the license scan job has not finished" do
let(:builds) { [create(:ci_build, :running, job_artifacts: [artifact])] } let(:builds) { [create(:ci_build, :running, job_artifacts: [artifact])] }
let(:artifact) { create(:ci_job_artifact, file_type: :license_management, file_format: :raw) } let(:artifact) { create(:ci_job_artifact, file_type: :license_scanning, file_format: :raw) }
it { expect(subject.policies).to be_empty } it { expect(subject.policies).to be_empty }
end end
context "when the license scan produces a poorly formatted report" do context "when the license scan produces a poorly formatted report" do
let(:builds) { [create(:ee_ci_build, :running, :corrupted_license_management_report)] } let(:builds) { [create(:ee_ci_build, :running, :corrupted_license_scanning_report)] }
it { expect(subject.policies).to be_empty } it { expect(subject.policies).to be_empty }
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment