Commit e991f597 authored by Avielle Wolfe's avatar Avielle Wolfe Committed by Jarka Košanová

Add security reports to downloadable types

This will allow users to download security reports as pipeline
artifacts.

https://gitlab.com/gitlab-org/gitlab/-/issues/23847
parent 0b90507d
......@@ -87,8 +87,12 @@ module Ci
scope :unstarted, ->() { where(runner_id: nil) }
scope :ignore_failures, ->() { where(allow_failure: false) }
scope :with_artifacts_archive, ->() do
where('EXISTS (?)', Ci::JobArtifact.select(1).where('ci_builds.id = ci_job_artifacts.job_id').archive)
scope :with_downloadable_artifacts, ->() do
where('EXISTS (?)',
Ci::JobArtifact.select(1)
.where('ci_builds.id = ci_job_artifacts.job_id')
.where(file_type: Ci::JobArtifact::DOWNLOADABLE_TYPES)
)
end
scope :with_existing_job_artifacts, ->(query) do
......@@ -130,8 +134,8 @@ module Ci
.includes(:metadata, :job_artifacts_metadata)
end
scope :with_artifacts_not_expired, ->() { with_artifacts_archive.where('artifacts_expire_at IS NULL OR artifacts_expire_at > ?', Time.now) }
scope :with_expired_artifacts, ->() { with_artifacts_archive.where('artifacts_expire_at < ?', Time.now) }
scope :with_artifacts_not_expired, ->() { with_downloadable_artifacts.where('artifacts_expire_at IS NULL OR artifacts_expire_at > ?', Time.now) }
scope :with_expired_artifacts, ->() { with_downloadable_artifacts.where('artifacts_expire_at < ?', Time.now) }
scope :last_month, ->() { where('created_at > ?', Date.today - 1.month) }
scope :manual_actions, ->() { where(when: :manual, status: COMPLETED_STATUSES + %i[manual]) }
scope :scheduled_actions, ->() { where(when: :delayed, status: COMPLETED_STATUSES + %i[scheduled]) }
......
......@@ -70,6 +70,24 @@ module Ci
terraform: :raw
}.freeze
DOWNLOADABLE_TYPES = %w[
accessibility
archive
cobertura
codequality
container_scanning
dast
dependency_scanning
dotenv
junit
license_management
license_scanning
lsif
metrics
performance
sast
].freeze
TYPE_AND_FORMAT_PAIRS = INTERNAL_TYPES.merge(REPORT_TYPES).freeze
# This is required since we cannot add a default to the database
......
......@@ -788,7 +788,7 @@ module Ci
end
def find_job_with_archive_artifacts(name)
builds.latest.with_artifacts_archive.find_by_name(name)
builds.latest.with_downloadable_artifacts.find_by_name(name)
end
def latest_builds_with_artifacts
......
......@@ -840,7 +840,7 @@ class Project < ApplicationRecord
latest_pipeline = ci_pipelines.latest_successful_for_ref(ref)
return unless latest_pipeline
latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
latest_pipeline.builds.latest.with_downloadable_artifacts.find_by(name: job_name)
end
def latest_successful_build_for_sha(job_name, sha)
......@@ -849,7 +849,7 @@ class Project < ApplicationRecord
latest_pipeline = ci_pipelines.latest_successful_for_sha(sha)
return unless latest_pipeline
latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
latest_pipeline.builds.latest.with_downloadable_artifacts.find_by(name: job_name)
end
def latest_successful_build_for_ref!(job_name, ref = default_branch)
......
---
title: Make report-type artifacts available for download
merge_request: 31513
author:
type: added
......@@ -450,13 +450,13 @@ If you need to manually remove job artifacts associated with multiple jobs while
```ruby
project = Project.find_by_full_path('path/to/project')
builds_with_artifacts = project.builds.with_artifacts_archive
builds_with_artifacts = project.builds.with_downloadable_artifacts
```
To select all jobs with artifacts across the entire GitLab instance:
```ruby
builds_with_artifacts = Ci::Build.with_artifacts_archive
builds_with_artifacts = Ci::Build.with_downloadable_artifacts
```
1. Delete job artifacts older than a specific date:
......
......@@ -578,10 +578,10 @@ The Latest version of these steps can be found in the [job artifacts documentati
### SELECTING THE BUILDS TO CLEAR
# For a single project:
project = Project.find_by_full_path('')
builds_with_artifacts = project.builds.with_artifacts_archive
builds_with_artifacts = project.builds.with_downloadable_artifacts
# Instance-wide:
builds_with_artifacts = Ci::Build.with_artifacts_archive
builds_with_artifacts = Ci::Build.with_downloadable_artifacts
# Prior to 10.6 the above lines would be:
# builds_with_artifacts = project.builds.with_artifacts
......
......@@ -106,10 +106,10 @@ describe Ci::Build do
end
end
describe '.with_artifacts_archive' do
subject { described_class.with_artifacts_archive }
describe '.with_downloadable_artifacts' do
subject { described_class.with_downloadable_artifacts }
context 'when job does not have an archive' do
context 'when job does not have a downloadable artifact' do
let!(:job) { create(:ci_build) }
it 'does not return the job' do
......@@ -117,15 +117,23 @@ describe Ci::Build do
end
end
context 'when job has a job artifact archive' do
let!(:job) { create(:ci_build, :artifacts) }
::Ci::JobArtifact::DOWNLOADABLE_TYPES.each do |type|
context "when job has a #{type} artifact" do
it 'returns the job' do
job = create(:ci_build)
create(
:ci_job_artifact,
file_format: ::Ci::JobArtifact::TYPE_AND_FORMAT_PAIRS[type.to_sym],
file_type: type,
job: job
)
is_expected.to include(job)
end
end
end
context 'when job has a job artifact trace' do
context 'when job has a non-downloadable artifact' do
let!(:job) { create(:ci_build, :trace_artifact) }
it 'does not return the job' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment