The finder interface uses a job types array for clarity

ee/app/finders/security/jobs_finder.rb

@@ -5,13 +5,9 @@
 # Used to find jobs (builds) that are for Secure products, SAST, DAST, Dependency Scanning and Container Scanning.
 #
 # Arguments:
-#   pipeline:              only jobs for the specified pipeline will be found
 #   params:
-#     all:                 boolean, include jobs for all secure job types. Takes precedence over other options.
-#     sast:                boolean, include jobs for SAST
-#     dast:                boolean, include jobs for DAST
-#     container_scanning:  boolean, include jobs for Container Scanning
-#     dependency_scanning: boolean, include jobs for Dependency Scanning
+#     pipeline:              required, only jobs for the specified pipeline will be found
+#     job_types:             required, array of job types that should be returned, defaults to all job types
 
 module Security
   class JobsFinder
@@ -19,42 +15,36 @@ module Security
 
     JOB_TYPES = [:sast, :dast, :dependency_scanning, :container_scanning].freeze
 
-    def initialize(pipeline, params = { all: true })
+    def initialize(pipeline:, job_types: JOB_TYPES)
       @pipeline = pipeline
-      @params = params
+      @job_types = job_types
     end
 
     def execute
-      return [] if job_types_for_processing.empty?
+      return [] if @job_types.empty?
 
       if Feature.enabled?(:ci_build_metadata_config)
-        find_jobs(job_types_for_processing)
+        find_jobs
       else
-        find_jobs_legacy(job_types_for_processing)
+        find_jobs_legacy
       end
     end
 
     private
 
-    def job_types_for_processing
-      return JOB_TYPES if @params[:all]
-
-      JOB_TYPES.select { |job_type| @params[job_type] }
-    end
-
-    def find_jobs(job_types)
-      @pipeline.builds.with_secure_reports_from_config_options(job_types)
+    def find_jobs
+      @pipeline.builds.with_secure_reports_from_config_options(@job_types)
     end
 
-    def find_jobs_legacy(job_types)
+    def find_jobs_legacy
       # the query doesn't guarantee accuracy, so we verify it here
-      legacy_jobs_query(job_types) do |job|
-        job_types.find { |job_type| job.options.dig(:artifacts, :reports, job_type) }
+      legacy_jobs_query do |job|
+        @job_types.find { |job_type| job.options.dig(:artifacts, :reports, job_type) }
       end
     end
 
-    def legacy_jobs_query(job_types)
-      job_types.map do |job_type|
+    def legacy_jobs_query
+      @job_types.map do |job_type|
         @pipeline.builds.with_secure_reports_from_options(job_type)
       end.reduce(&:or)
     end

ee/spec/finders/security/jobs_finder_spec.rb

@@ -4,7 +4,7 @@ require 'spec_helper'
 
 describe Security::JobsFinder do
   let(:pipeline) { create(:ci_pipeline) }
-  let(:finder) { described_class.new(pipeline) }
+  let(:finder) { described_class.new(pipeline: pipeline, job_types: ::Security::JobsFinder::JOB_TYPES) }
 
   describe '#execute' do
     subject { finder.execute }
@@ -53,7 +53,7 @@ describe Security::JobsFinder do
       context 'searching for all types takes precedence over excluding specific types' do
         let!(:build) { create(:ci_build, :dast, pipeline: pipeline) }
 
-        let(:finder) { described_class.new(pipeline, all: true, dast: false) }
+        let(:finder) { described_class.new(pipeline: pipeline, job_types: [:dast]) }
 
         it { is_expected.to eq([build]) }
       end
@@ -99,7 +99,7 @@ describe Security::JobsFinder do
         let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
         let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
 
-        let(:finder) { described_class.new(pipeline, { sast: true, container_scanning: true }) }
+        let(:finder) { described_class.new(pipeline: pipeline, job_types: [:sast, :container_scanning]) }
 
         it 'returns only those requested' do
           is_expected.to include(sast_build)
@@ -183,7 +183,7 @@ describe Security::JobsFinder do
         let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
         let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
 
-        let(:finder) { described_class.new(pipeline, { sast: true, container_scanning: true }) }
+        let(:finder) { described_class.new(pipeline: pipeline, job_types: [:sast, :container_scanning]) }
 
         it 'returns only those requested' do
           is_expected.to include(sast_build)