Skip to content

G
gitlab-ce
Commit c225cc3e authored by Dominic Bauer's avatar Dominic Bauer Committed by Andy Soiron
Browse files
Options

Respond with finding UUID when creating Starboard vulnerability

parent ece5fea4
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 2 deletions
doc/development/internal_api/index.md
View file @ c225cc3e
...@@ -507,7 +507,7 @@ curl --request POST --header "Gitlab-Kas-Api-Request: <JWT token>" \ ...@@ -507,7 +507,7 @@ curl --request POST --header "Gitlab-Kas-Api-Request: <JWT token>" \
Called from the GitLab Agent Server (`kas`) to create a security vulnerability Called from the GitLab Agent Server (`kas`) to create a security vulnerability
from a Starboard vulnerability report. This request is idempotent. Multiple requests with the same data from a Starboard vulnerability report. This request is idempotent. Multiple requests with the same data
create a single vulnerability. create a single vulnerability. The response contains the UUID of the created vulnerability finding.
| Attribute | Type | Required | Description | | Attribute | Type | Required | Description |
|:----------------|:-------|:---------|:------------| |:----------------|:-------|:---------|:------------|
...@@ -553,6 +553,14 @@ curl --request PUT --header "Gitlab-Kas-Api-Request: <JWT token>" \ ...@@ -553,6 +553,14 @@ curl --request PUT --header "Gitlab-Kas-Api-Request: <JWT token>" \
}' }'
``` ```
Example response:
```json
{
"uuid": "4773b2ee-5ba5-5e9f-b48c-5f7a17f0faac"
}
```
## Subscriptions ## Subscriptions
The subscriptions endpoint is used by [CustomersDot](https://gitlab.com/gitlab-org/customers-gitlab-com) (`customers.gitlab.com`) The subscriptions endpoint is used by [CustomersDot](https://gitlab.com/gitlab-org/customers-gitlab-com) (`customers.gitlab.com`)
......
ee/app/models/ee/vulnerability.rb
View file @ c225cc3e
...@@ -127,7 +127,7 @@ module EE ...@@ -127,7 +127,7 @@ module EE
joins(:findings).merge(Vulnerabilities::Finding.by_location_cluster_agent(agent_ids)) joins(:findings).merge(Vulnerabilities::Finding.by_location_cluster_agent(agent_ids))
end end
delegate :scanner_name, :scanner_external_id, :scanner_id, :metadata, :message, :description, :details, delegate :scanner_name, :scanner_external_id, :scanner_id, :metadata, :message, :description, :details, :uuid,
to: :finding, prefix: true, allow_nil: true to: :finding, prefix: true, allow_nil: true
delegate :default_branch, :name, to: :project, prefix: true, allow_nil: true delegate :default_branch, :name, to: :project, prefix: true, allow_nil: true
......
ee/lib/ee/api/internal/kubernetes.rb
View file @ c225cc3e
...@@ -120,6 +120,7 @@ module EE ...@@ -120,6 +120,7 @@ module EE
if result.success? if result.success?
status result.http_status status result.http_status
{ uuid: result.payload[:vulnerability].finding_uuid }
else else
render_api_error!(result.message, result.http_status) render_api_error!(result.message, result.http_status)
end end
......
ee/spec/requests/api/internal/kubernetes_spec.rb
View file @ c225cc3e
...@@ -276,6 +276,12 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -276,6 +276,12 @@ RSpec.describe API::Internal::Kubernetes do
expect(Vulnerability.all.first.finding.name).to eq(payload[:vulnerability][:name]) expect(Vulnerability.all.first.finding.name).to eq(payload[:vulnerability][:name])
end end
it "responds with the created vulnerability's UUID" do
send_request(params: payload)
expect(json_response).to match("uuid" => Vulnerability.last.finding.uuid)
end
context 'when payload is invalid' do context 'when payload is invalid' do
let(:payload) { { vulnerability: 'invalid' } } let(:payload) { { vulnerability: 'invalid' } }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7