diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-30 12:08:12 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-30 12:08:12 +0300 |
| commit | df2358a5f7a8fe32285ac62054314287fb871e49 (patch) | |
| tree | 7f4da32a9df0128f82d415cfab38577a2ca438fb /lib/gitlab/ci/parsers | |
| parent | 9e83c35c6aecec7543d24d9386bd4821c97e5310 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/ci/parsers')
| -rw-r--r-- | lib/gitlab/ci/parsers/security/validators/schema_validator.rb | 67 |
1 files changed, 64 insertions, 3 deletions
diff --git a/lib/gitlab/ci/parsers/security/validators/schema_validator.rb b/lib/gitlab/ci/parsers/security/validators/schema_validator.rb index 0ab1a128052..88853ea4fb6 100644 --- a/lib/gitlab/ci/parsers/security/validators/schema_validator.rb +++ b/lib/gitlab/ci/parsers/security/validators/schema_validator.rb @@ -87,19 +87,80 @@ module Gitlab end def initialize(report_type, report_data, report_version = nil) - @report_type = report_type + @report_type = report_type&.to_sym @report_data = report_data @report_version = report_version + @errors = [] + @warnings = [] + + populate_errors + populate_warnings end def valid? errors.empty? end - def errors - @errors ||= schema.validate(report_data).map { |error| JSONSchemer::Errors.pretty(error) } + def populate_errors + if Feature.enabled?(:enforce_security_report_validation) + @errors += schema.validate(report_data).map { |error| JSONSchemer::Errors.pretty(error) } + else + @warnings += schema.validate(report_data).map { |error| JSONSchemer::Errors.pretty(error) } + end + end + + def populate_warnings + add_deprecated_report_version_message if report_uses_deprecated_schema_version? + add_unsupported_report_version_message if !report_uses_supported_schema_version? && !report_uses_deprecated_schema_version? + end + + def add_deprecated_report_version_message + message = "Version #{report_version} for report type #{report_type} has been deprecated, supported versions for this report type are: #{supported_schema_versions}" + add_message_as(level: :warning, message: message) end + def add_unsupported_report_version_message + if Feature.enabled?(:enforce_security_report_validation) + handle_unsupported_report_version(treat_as: :error) + else + handle_unsupported_report_version(treat_as: :warning) + end + end + + def report_uses_deprecated_schema_version? + DEPRECATED_VERSIONS[report_type].include?(report_version) + end + + def report_uses_supported_schema_version? + SUPPORTED_VERSIONS[report_type].include?(report_version) + end + + def handle_unsupported_report_version(treat_as:) + if report_version.nil? + message = "Report version not provided, #{report_type} report type supports versions: #{supported_schema_versions}" + add_message_as(level: treat_as, message: message) + else + message = "Version #{report_version} for report type #{report_type} is unsupported, supported versions for this report type are: #{supported_schema_versions}" + end + + add_message_as(level: treat_as, message: message) + end + + def supported_schema_versions + SUPPORTED_VERSIONS[report_type].join(", ") + end + + def add_message_as(level:, message:) + case level + when :error + @errors << message + when :warning + @warnings << message + end + end + + attr_reader :errors, :warnings + private attr_reader :report_type, :report_data, :report_version |