Skip to content

G
gitlab-ce
Commit d8d3a8b1 authored by Cameron Swords's avatar Cameron Swords
Browse files
Options

The finder interface uses a job types array for clarity

parent abecec10
Hide whitespace changes
Inline Side-by-side
Showing with 18 additions and 28 deletions
ee/app/finders/security/jobs_finder.rb
View file @ d8d3a8b1
...@@ -5,13 +5,9 @@ ...@@ -5,13 +5,9 @@
# Used to find jobs (builds) that are for Secure products, SAST, DAST, Dependency Scanning and Container Scanning. # Used to find jobs (builds) that are for Secure products, SAST, DAST, Dependency Scanning and Container Scanning.
# #
# Arguments: # Arguments:
# pipeline: only jobs for the specified pipeline will be found
# params: # params:
# all: boolean, include jobs for all secure job types. Takes precedence over other options. # pipeline: required, only jobs for the specified pipeline will be found
# sast: boolean, include jobs for SAST # job_types: required, array of job types that should be returned, defaults to all job types
# dast: boolean, include jobs for DAST
# container_scanning: boolean, include jobs for Container Scanning
# dependency_scanning: boolean, include jobs for Dependency Scanning
module Security module Security
class JobsFinder class JobsFinder
...@@ -19,42 +15,36 @@ module Security ...@@ -19,42 +15,36 @@ module Security
JOB_TYPES = [:sast, :dast, :dependency_scanning, :container_scanning].freeze JOB_TYPES = [:sast, :dast, :dependency_scanning, :container_scanning].freeze
def initialize(pipeline, params = { all: true }) def initialize(pipeline:, job_types: JOB_TYPES)
@pipeline = pipeline @pipeline = pipeline
@params = params @job_types = job_types
end end
def execute def execute
return [] if job_types_for_processing.empty? return [] if @job_types.empty?
if Feature.enabled?(:ci_build_metadata_config) if Feature.enabled?(:ci_build_metadata_config)
find_jobs(job_types_for_processing) find_jobs
else else
find_jobs_legacy(job_types_for_processing) find_jobs_legacy
end end
end end
private private
def job_types_for_processing def find_jobs
return JOB_TYPES if @params[:all] @pipeline.builds.with_secure_reports_from_config_options(@job_types)
JOB_TYPES.select { |job_type| @params[job_type] }
end
def find_jobs(job_types)
@pipeline.builds.with_secure_reports_from_config_options(job_types)
end end
def find_jobs_legacy(job_types) def find_jobs_legacy
# the query doesn't guarantee accuracy, so we verify it here # the query doesn't guarantee accuracy, so we verify it here
legacy_jobs_query(job_types) do |job| legacy_jobs_query do |job|
job_types.find { |job_type| job.options.dig(:artifacts, :reports, job_type) } @job_types.find { |job_type| job.options.dig(:artifacts, :reports, job_type) }
end end
end end
def legacy_jobs_query(job_types) def legacy_jobs_query
job_types.map do |job_type| @job_types.map do |job_type|
@pipeline.builds.with_secure_reports_from_options(job_type) @pipeline.builds.with_secure_reports_from_options(job_type)
end.reduce(&:or) end.reduce(&:or)
end end
......
ee/spec/finders/security/jobs_finder_spec.rb
View file @ d8d3a8b1
...@@ -4,7 +4,7 @@ require 'spec_helper' ...@@ -4,7 +4,7 @@ require 'spec_helper'
describe Security::JobsFinder do describe Security::JobsFinder do
let(:pipeline) { create(:ci_pipeline) } let(:pipeline) { create(:ci_pipeline) }
let(:finder) { described_class.new(pipeline) } let(:finder) { described_class.new(pipeline: pipeline, job_types: ::Security::JobsFinder::JOB_TYPES) }
describe '#execute' do describe '#execute' do
subject { finder.execute } subject { finder.execute }
...@@ -53,7 +53,7 @@ describe Security::JobsFinder do ...@@ -53,7 +53,7 @@ describe Security::JobsFinder do
context 'searching for all types takes precedence over excluding specific types' do context 'searching for all types takes precedence over excluding specific types' do
let!(:build) { create(:ci_build, :dast, pipeline: pipeline) } let!(:build) { create(:ci_build, :dast, pipeline: pipeline) }
let(:finder) { described_class.new(pipeline, all: true, dast: false) } let(:finder) { described_class.new(pipeline: pipeline, job_types: [:dast]) }
it { is_expected.to eq([build]) } it { is_expected.to eq([build]) }
end end
...@@ -99,7 +99,7 @@ describe Security::JobsFinder do ...@@ -99,7 +99,7 @@ describe Security::JobsFinder do
let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) } let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) } let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
let(:finder) { described_class.new(pipeline, { sast: true, container_scanning: true }) } let(:finder) { described_class.new(pipeline: pipeline, job_types: [:sast, :container_scanning]) }
it 'returns only those requested' do it 'returns only those requested' do
is_expected.to include(sast_build) is_expected.to include(sast_build)
...@@ -183,7 +183,7 @@ describe Security::JobsFinder do ...@@ -183,7 +183,7 @@ describe Security::JobsFinder do
let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) } let!(:container_scanning_build) { create(:ci_build, :container_scanning, pipeline: pipeline) }
let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) } let!(:dast_build) { create(:ci_build, :dast, pipeline: pipeline) }
let(:finder) { described_class.new(pipeline, { sast: true, container_scanning: true }) } let(:finder) { described_class.new(pipeline: pipeline, job_types: [:sast, :container_scanning]) }
it 'returns only those requested' do it 'returns only those requested' do
is_expected.to include(sast_build) is_expected.to include(sast_build)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7