Merge branch 'update-dast-report-examples' into 'master'

Update DAST reports to include Common Report Format fields Closes #14053 See merge request gitlab-org/gitlab!21014

Merge branch 'update-dast-report-examples' into 'master'
Update DAST reports to include Common Report Format fields Closes #14053 See merge request gitlab-org/gitlab!21014
e8063d6f · Michael Kozono · e7ffb1aa · 37db7102 · e8063d6f · e8063d6f
Commit e8063d6f authored Dec 05, 2019 by Michael Kozono
6 changed files
--- a/ee/spec/fixtures/security_reports/feature-branch/gl-dast-report.json
+++ b/ee/spec/fixtures/security_reports/feature-branch/gl-dast-report.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report-low-severity.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report-low-severity.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report-multiple-sites.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report-multiple-sites.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report.json
--- a/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
@@ -21,7 +21,7 @@ describe Gitlab::Ci::Parsers::Security::Dast do
          :last_occurrence_path,
          :last_occurrence_severity,
          :last_occurrence_confidence) do
-      :dast                 | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/start.mvc' | 'info' | 'low'
+      :dast                 | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/plugins/bootstrap/css/bootstrap.min.css' | 'info' | 'low'
      :dast_multiple_sites  | 25 | 15 | 1 | 'https://goat:8080' | 'GET' | '/WebGoat/registration' | 'high' | 'medium'
      :dast_deprecated      | 2 | 3 | 1 | 'http://bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io' | 'GET' | '/' | 'low' | 'medium'
    end

--- a/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
@@ -15,7 +15,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
  end

  describe '#format_vulnerability' do
-    let(:instance) { file_vulnerability['instances'][1] }
+    let(:instance) { file_vulnerability['instances'][0] }
    let(:hostname) { 'http://goat:8080' }
    let(:sanitized_desc) { file_vulnerability['desc'].gsub('<p>', '').gsub('</p>', '') }
    let(:sanitized_solution) { file_vulnerability['solution'].gsub('<p>', '').gsub('</p>', '') }
@@ -53,7 +53,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
                                             'url'   => "http://projects.webappsec.org/w/page/13246974/Threat%20Classification%20Reference%20Grid"
                                           })
      expect(data['location']).to eq({
-                                       'param' => nil,
+                                       'param' => '',
                                       'method' => 'GET',
                                       'hostname' => hostname,
                                       'path' => '/WebGoat/login'