Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f5a3bca6
Commit
f5a3bca6
authored
Oct 27, 2021
by
Brian Williams
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use coerce_with to downcase inputs
parent
ce4e4d0f
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
8 additions
and
50 deletions
+8
-50
ee/app/services/vulnerabilities/create_service_base.rb
ee/app/services/vulnerabilities/create_service_base.rb
+2
-10
ee/app/services/vulnerabilities/starboard_vulnerability_create_service.rb
...vulnerabilities/starboard_vulnerability_create_service.rb
+0
-1
ee/lib/ee/api/internal/kubernetes.rb
ee/lib/ee/api/internal/kubernetes.rb
+2
-2
ee/spec/requests/api/internal/kubernetes_spec.rb
ee/spec/requests/api/internal/kubernetes_spec.rb
+2
-2
ee/spec/services/vulnerabilities/manually_create_service_spec.rb
.../services/vulnerabilities/manually_create_service_spec.rb
+0
-21
ee/spec/services/vulnerabilities/starboard_vulnerability_create_service_spec.rb
...rabilities/starboard_vulnerability_create_service_spec.rb
+2
-14
No files found.
ee/app/services/vulnerabilities/create_service_base.rb
View file @
f5a3bca6
...
...
@@ -30,26 +30,18 @@ module Vulnerabilities
GENERIC_REPORT_TYPE
end
def
sanitize_enums
(
vulnerability_hash
)
vulnerability_hash
def
initialize_vulnerability
(
vulnerability_hash
)
attributes
=
vulnerability_hash
.
slice
(
*
%i[
description
state
severity
confidence
]
)
.
transform_values
(
&
:downcase
)
end
def
initialize_vulnerability
(
vulnerability_hash
)
attributes
=
vulnerability_hash
.
slice
(
*
%i[
detected_at
confirmed_at
resolved_at
dismissed_at
]
)
.
merge
(
sanitize_enums
(
vulnerability_hash
))
.
merge
(
project:
@project
,
author:
@author
,
...
...
ee/app/services/vulnerabilities/starboard_vulnerability_create_service.rb
View file @
f5a3bca6
...
...
@@ -72,7 +72,6 @@ module Vulnerabilities
def
initialize_vulnerability
(
vulnerability_hash
)
vulnerability_hash
[
:state
]
=
:detected
vulnerability_hash
[
:title
]
=
vulnerability_hash
[
:name
]
super
(
vulnerability_hash
)
end
end
...
...
ee/lib/ee/api/internal/kubernetes.rb
View file @
f5a3bca6
...
...
@@ -62,8 +62,8 @@ module EE
params
do
requires
:vulnerability
,
type:
Hash
,
desc:
'Vulnerability details matching the `vulnerability` object on the security report schema'
do
requires
:name
,
type:
String
requires
:severity
,
type:
String
requires
:confidence
,
type:
String
requires
:severity
,
type:
String
,
coerce_with:
->
(
s
)
{
s
.
downcase
}
requires
:confidence
,
type:
String
,
coerce_with:
->
(
c
)
{
c
.
downcase
}
requires
:location
,
type:
Hash
do
requires
:image
,
type:
String
...
...
ee/spec/requests/api/internal/kubernetes_spec.rb
View file @
f5a3bca6
...
...
@@ -232,8 +232,8 @@ RSpec.describe API::Internal::Kubernetes do
{
vulnerability:
{
name:
'CVE-123-4567 in libc'
,
severity:
'
h
igh'
,
confidence:
'
u
nknown'
,
severity:
'
H
igh'
,
confidence:
'
U
nknown'
,
location:
{
image:
'index.docker.io/library/nginx:latest'
,
kubernetes_resource:
{
...
...
ee/spec/services/vulnerabilities/manually_create_service_spec.rb
View file @
f5a3bca6
...
...
@@ -252,27 +252,6 @@ RSpec.describe Vulnerabilities::ManuallyCreateService do
expect
(
subject
.
message
).
to
match
(
/confirmed_at can only be set/
)
end
end
context
'with capitalized enum fields'
do
let
(
:params
)
do
{
vulnerability:
{
name:
"Test vulnerability"
,
state:
"Detected"
,
severity:
"Unknown"
,
confidence:
"Unknown"
,
identifiers:
[
identifier_attributes
],
scanner:
scanner_attributes
}
}
end
it
'does not raise an exception'
do
expect
{
subject
}.
not_to
raise_error
expect
(
subject
.
success?
).
to
be_truthy
end
end
end
context
'with invalid parameters'
do
...
...
ee/spec/services/vulnerabilities/starboard_vulnerability_create_service_spec.rb
View file @
f5a3bca6
...
...
@@ -6,16 +6,14 @@ RSpec.describe Vulnerabilities::StarboardVulnerabilityCreateService do
let
(
:agent
)
{
create
(
:cluster_agent
)
}
let
(
:project
)
{
agent
.
project
}
let
(
:user
)
{
agent
.
created_by_user
}
let
(
:severity
)
{
'high'
}
let
(
:confidence
)
{
'unknown'
}
let
(
:params
)
do
{
vulnerability:
{
name:
'CVE-123-4567 in libc'
,
message:
'Vulnerability message'
,
description:
'Vulnerability description'
,
severity:
severity
,
confidence:
confidence
,
severity:
'high'
,
confidence:
'unknown'
,
location:
{
kubernetes_resource:
{
namespace:
'production'
,
...
...
@@ -75,16 +73,6 @@ RSpec.describe Vulnerabilities::StarboardVulnerabilityCreateService do
expect
(
scanner
.
name
).
to
eq
(
params
.
dig
(
:scanner
,
:name
))
expect
(
scanner
.
vendor
).
to
eq
(
params
.
dig
(
:scanner
,
:vendor
,
:name
))
end
context
'with capitalized enums'
do
let
(
:severity
)
{
'High'
}
let
(
:confidence
)
{
'Unknown'
}
it
'does not raise exception'
do
expect
{
subject
}.
not_to
raise_error
expect
(
subject
.
success?
).
to
be_truthy
end
end
end
context
'with feature disabled'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment