Commit ca2241b2 authored by Dylan Griffith's avatar Dylan Griffith Committed by Alex Kalderimis

Remove unused method Finding.batch_count_by_project_and_severity

Usages for this scope appear to have been removed in
https://gitlab.com/gitlab-org/gitlab/-/commit/3e1bc4f3efc9f3db10af67092868163e209a72ad
.

This method is cross-joining between `ci_*` and non `ci_*` tables
and as such it will not be possible when `ci_*` tables are moved to a
separate database.
parent 0702fa6c
...@@ -142,29 +142,6 @@ module Vulnerabilities ...@@ -142,29 +142,6 @@ module Vulnerabilities
where('NOT EXISTS (?)', related_dismissal_feedback.select(1)) where('NOT EXISTS (?)', related_dismissal_feedback.select(1))
end end
def self.batch_count_by_project_and_severity(project_id, severity)
BatchLoader.for(project_id: project_id, severity: severity).batch(default_value: 0) do |items, loader|
project_ids = items.map { |i| i[:project_id] }.uniq
severities = items.map { |i| i[:severity] }.uniq
latest_pipelines = Ci::Pipeline
.where(project_id: project_ids)
.with_vulnerabilities
.latest_successful_ids_per_project
counts = for_pipelines(latest_pipelines)
.undismissed
.by_severities(severities)
.group(:project_id, :severity)
.count
counts.each do |(found_project_id, found_severity), count|
loader_key = { project_id: found_project_id, severity: found_severity }
loader.call(loader_key, count)
end
end
end
def feedback(feedback_type:) def feedback(feedback_type:)
load_feedback.find { |f| f.feedback_type == feedback_type } load_feedback.find { |f| f.feedback_type == feedback_type }
end end
......
...@@ -342,106 +342,6 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -342,106 +342,6 @@ RSpec.describe Vulnerabilities::Finding do
end end
end end
describe '.batch_count_by_project_and_severity' do
let(:pipeline) { create(:ci_pipeline, :success, project: project) }
let(:project) { create(:project) }
it 'fetches a vulnerability count for the given project and severity' do
create(:vulnerabilities_finding, pipelines: [pipeline], project: project, severity: :high)
count = described_class.batch_count_by_project_and_severity(project.id, 'high')
expect(count).to be(1)
end
it 'only returns vulnerabilities from the latest successful pipeline' do
old_pipeline = create(:ci_pipeline, :success, project: project)
latest_pipeline = create(:ci_pipeline, :success, project: project)
latest_failed_pipeline = create(:ci_pipeline, :failed, project: project)
create(:vulnerabilities_finding, pipelines: [old_pipeline], project: project, severity: :critical)
create(
:vulnerabilities_finding,
pipelines: [latest_failed_pipeline],
project: project,
severity: :critical
)
create_list(
:vulnerabilities_finding, 2,
pipelines: [latest_pipeline],
project: project,
severity: :critical
)
count = described_class.batch_count_by_project_and_severity(project.id, 'critical')
expect(count).to be(2)
end
it 'returns 0 when there are no vulnerabilities for that severity level' do
count = described_class.batch_count_by_project_and_severity(project.id, 'high')
expect(count).to be(0)
end
it 'batch loads the counts' do
projects = create_list(:project, 2)
projects.each do |project|
pipeline = create(:ci_pipeline, :success, project: project)
create(:vulnerabilities_finding, pipelines: [pipeline], project: project, severity: :high)
create(:vulnerabilities_finding, pipelines: [pipeline], project: project, severity: :low)
end
projects_and_severities = [
[projects.first, 'high'],
[projects.first, 'low'],
[projects.second, 'high'],
[projects.second, 'low']
]
counts = projects_and_severities.map do |(project, severity)|
described_class.batch_count_by_project_and_severity(project.id, severity)
end
expect { expect(counts).to all(be 1) }.not_to exceed_query_limit(1)
end
it 'does not include dismissed vulnerabilities in the counts' do
create(:vulnerabilities_finding, pipelines: [pipeline], project: project, severity: :high)
dismissed_vulnerability = create(:vulnerabilities_finding, pipelines: [pipeline], project: project, severity: :high)
create(
:vulnerability_feedback,
project: project,
project_fingerprint: dismissed_vulnerability.project_fingerprint,
feedback_type: :dismissal
)
count = described_class.batch_count_by_project_and_severity(project.id, 'high')
expect(count).to be(1)
end
it "does not overwrite one project's counts with another's" do
project1 = create(:project)
project2 = create(:project)
pipeline1 = create(:ci_pipeline, :success, project: project1)
pipeline2 = create(:ci_pipeline, :success, project: project2)
create(:vulnerabilities_finding, pipelines: [pipeline1], project: project1, severity: :critical)
create(:vulnerabilities_finding, pipelines: [pipeline2], project: project2, severity: :high)
project1_critical_count = described_class.batch_count_by_project_and_severity(project1.id, 'critical')
project1_high_count = described_class.batch_count_by_project_and_severity(project1.id, 'high')
project2_critical_count = described_class.batch_count_by_project_and_severity(project2.id, 'critical')
project2_high_count = described_class.batch_count_by_project_and_severity(project2.id, 'high')
expect(project1_critical_count).to be(1)
expect(project1_high_count).to be(0)
expect(project2_critical_count).to be(0)
expect(project2_high_count).to be(1)
end
end
describe '#false_positive?' do describe '#false_positive?' do
let_it_be(:finding) { create(:vulnerabilities_finding) } let_it_be(:finding) { create(:vulnerabilities_finding) }
let_it_be(:finding_with_fp) { create(:vulnerabilities_finding, vulnerability_flags: [create(:vulnerabilities_flag)]) } let_it_be(:finding_with_fp) { create(:vulnerabilities_finding, vulnerability_flags: [create(:vulnerabilities_flag)]) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment