Merge branch 'dz-sec-report-base-head' into 'master'

Add head+base report for sast container and dast See merge request gitlab-org/gitlab-ee!5001

Merge branch 'dz-sec-report-base-head' into 'master'
Add head+base report for sast container and dast See merge request gitlab-org/gitlab-ee!5001
e206ec0c · Phil Hughes · 51aff7ab · 186ab901 · e206ec0c · e206ec0c
Commit e206ec0c authored Mar 19, 2018 by Phil Hughes
6 changed files
--- a/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
+++ b/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
@@ -240,10 +240,10 @@ export default {
    },

    fetchDockerReport() {
-      const { path } = this.mr.sastContainer;
+      const { head_path } = this.mr.sastContainer;
      this.isLoadingDocker = true;

-      this.service.fetchReport(path)
+      this.service.fetchReport(head_path)
        .then((data) => {
          this.mr.setDockerReport(data);
          this.isLoadingDocker = false;
@@ -257,7 +257,7 @@ export default {
    fetchDastReport() {
      this.isLoadingDast = true;

-      this.service.fetchReport(this.mr.dast.path)
+      this.service.fetchReport(this.mr.dast.head_path)
        .then((data) => {
          this.mr.setDastReport(data);
          this.isLoadingDast = false;

--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -16,11 +16,15 @@ module EE
      delegate :performance_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
      delegate :sast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
      delegate :sast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :sast_container_artifact, to: :head_pipeline, allow_nil: true
-      delegate :dast_artifact, to: :head_pipeline, allow_nil: true
+      delegate :sast_container_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
+      delegate :sast_container_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
+      delegate :dast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
+      delegate :dast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
      delegate :sha, to: :head_pipeline, prefix: :head_pipeline, allow_nil: true
      delegate :sha, to: :base_pipeline, prefix: :base_pipeline, allow_nil: true
      delegate :has_sast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
+      delegate :has_sast_container_data?, to: :base_pipeline, prefix: :base, allow_nil: true
+      delegate :has_dast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
      delegate :expose_sast_data?, to: :head_pipeline, allow_nil: true
      delegate :expose_sast_container_data?, to: :head_pipeline, allow_nil: true
      delegate :expose_dast_data?, to: :head_pipeline, allow_nil: true

--- a/ee/app/serializers/ee/merge_request_widget_entity.rb
+++ b/ee/app/serializers/ee/merge_request_widget_entity.rb
@@ -48,7 +48,7 @@ module EE
                                          path: Ci::Build::SAST_FILE)
        end

-        expose :base_path, if: -> (mr, _) { mr.base_has_sast_data? && can?(current_user, :read_build, mr.base_sast_artifact)} do |merge_request|
+        expose :base_path, if: -> (mr, _) { mr.base_has_sast_data? && can?(current_user, :read_build, mr.base_sast_artifact) } do |merge_request|
          raw_project_build_artifacts_url(merge_request.target_project,
                                          merge_request.base_sast_artifact,
                                          path: Ci::Build::SAST_FILE)
@@ -56,17 +56,29 @@ module EE
      end

      expose :sast_container, if: -> (mr, _) { mr.expose_sast_container_data? } do
-        expose :path, if: -> (mr, _) { can?(current_user, :read_build, mr.sast_container_artifact) } do |merge_request|
+        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_sast_container_artifact) } do |merge_request|
          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.sast_container_artifact,
+                                          merge_request.head_sast_container_artifact,
+                                          path: Ci::Build::SAST_CONTAINER_FILE)
+        end
+
+        expose :base_path, if: -> (mr, _) { mr.base_has_sast_container_data? && can?(current_user, :read_build, mr.base_sast_container_artifact) } do |merge_request|
+          raw_project_build_artifacts_url(merge_request.target_project,
+                                          merge_request.base_sast_container_artifact,
                                          path: Ci::Build::SAST_CONTAINER_FILE)
        end
      end

      expose :dast, if: -> (mr, _) { mr.expose_dast_data? } do
-        expose :path, if: -> (mr, _) { can?(current_user, :read_build, mr.dast_artifact) } do |merge_request|
+        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_dast_artifact) } do |merge_request|
          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.dast_artifact,
+                                          merge_request.head_dast_artifact,
+                                          path: Ci::Build::DAST_FILE)
+        end
+
+        expose :base_path, if: -> (mr, _) { mr.base_has_dast_data? && can?(current_user, :read_build, mr.base_dast_artifact) } do |merge_request|
+          raw_project_build_artifacts_url(merge_request.target_project,
+                                          merge_request.base_dast_artifact,
                                          path: Ci::Build::DAST_FILE)
        end
      end

--- a/ee/spec/models/merge_request_spec.rb
+++ b/ee/spec/models/merge_request_spec.rb
@@ -164,30 +164,11 @@ describe MergeRequest do
    end
  end

-  describe '#head_sast_artifact' do
-    it { is_expected.to delegate_method(:sast_artifact).to(:head_pipeline).with_prefix(:head) }
-  end
-
-  describe '#base_sast_artifact' do
-    it { is_expected.to delegate_method(:sast_artifact).to(:base_pipeline).with_prefix(:base) }
-  end
-
-  describe '#sast_container_artifact' do
-    it { is_expected.to delegate_method(:sast_container_artifact).to(:head_pipeline) }
-  end
-
-  describe '#dast_artifact' do
-    it { is_expected.to delegate_method(:dast_artifact).to(:head_pipeline) }
-  end
-
-  describe '#base_has_sast_data?' do
-    it { is_expected.to delegate_method(:has_sast_data?).to(:base_pipeline).with_prefix(:base) }
-  end
-
  %w(sast dast sast_container).each do |type|
-    method = "expose_#{type}_data?"
-
-    it { is_expected.to delegate_method(method.to_sym).to(:head_pipeline) }
+    it { is_expected.to delegate_method(:"expose_#{type}_data?").to(:head_pipeline) }
+    it { is_expected.to delegate_method(:"has_#{type}_data?").to(:base_pipeline).with_prefix(:base) }
+    it { is_expected.to delegate_method(:"#{type}_artifact").to(:head_pipeline).with_prefix(:head) }
+    it { is_expected.to delegate_method(:"#{type}_artifact").to(:base_pipeline).with_prefix(:base) }
  end

  describe '#expose_codeclimate_data?' do

--- a/ee/spec/serializers/merge_request_widget_entity_spec.rb
+++ b/ee/spec/serializers/merge_request_widget_entity_spec.rb
@@ -51,8 +51,25 @@ describe MergeRequestWidgetEntity do
    build = create(:ci_build, name: 'sast:image', pipeline: pipeline)

    allow(merge_request).to receive(:expose_sast_container_data?).and_return(true)
-    allow(merge_request).to receive(:sast_container_artifact).and_return(build)
+    allow(merge_request).to receive(:base_has_sast_container_data?).and_return(true)
+    allow(merge_request).to receive(:base_sast_container_artifact).and_return(build)
+    allow(merge_request).to receive(:head_sast_container_artifact).and_return(build)

    expect(subject.as_json).to include(:sast_container)
+    expect(subject.as_json[:sast_container]).to include(:head_path)
+    expect(subject.as_json[:sast_container]).to include(:base_path)
+  end
+
+  it 'has dast data' do
+    build = create(:ci_build, name: 'dast', pipeline: pipeline)
+
+    allow(merge_request).to receive(:expose_dast_data?).and_return(true)
+    allow(merge_request).to receive(:base_has_dast_data?).and_return(true)
+    allow(merge_request).to receive(:base_dast_artifact).and_return(build)
+    allow(merge_request).to receive(:head_dast_artifact).and_return(build)
+
+    expect(subject.as_json).to include(:dast)
+    expect(subject.as_json[:dast]).to include(:head_path)
+    expect(subject.as_json[:dast]).to include(:base_path)
  end
 end
--- a/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
+++ b/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
@@ -406,7 +406,7 @@ describe('ee merge request widget options', () => {
      gl.mrWidgetData = {
        ...mockData,
        sast_container: {
-          path: 'gl-sast-container.json',
+          head_path: 'gl-sast-container.json',
        },
      };

@@ -492,7 +492,7 @@ describe('ee merge request widget options', () => {
      gl.mrWidgetData = {
        ...mockData,
        dast: {
-          path: 'dast.json',
+          head_path: 'dast.json',
        },
      };