1 files changed, 37 insertions, 0 deletions

diff --git a/app/models/concerns/vulnerability_finding_helpers.rb b/app/models/concerns/vulnerability_finding_helpers.rb
index 7f96b3901f1..4cf36f83857 100644
--- a/app/models/concerns/vulnerability_finding_helpers.rb
+++ b/app/models/concerns/vulnerability_finding_helpers.rb
@@ -42,4 +42,41 @@ module VulnerabilityFindingHelpers
       )
     end
   end
+
+  def build_vulnerability_finding(security_finding)
+    report_finding = report_finding_for(security_finding)
+    return Vulnerabilities::Finding.new unless report_finding
+
+    finding_data = report_finding.to_hash.except(:compare_key, :identifiers, :location, :scanner, :links, :signatures,
+                                                 :flags, :evidence)
+    identifiers = report_finding.identifiers.map do |identifier|
+      Vulnerabilities::Identifier.new(identifier.to_hash)
+    end
+    signatures = report_finding.signatures.map do |signature|
+      Vulnerabilities::FindingSignature.new(signature.to_hash)
+    end
+    evidence = Vulnerabilities::Finding::Evidence.new(data: report_finding.evidence.data) if report_finding.evidence
+
+    Vulnerabilities::Finding.new(finding_data).tap do |finding|
+      finding.location_fingerprint = report_finding.location.fingerprint
+      finding.vulnerability = vulnerability_for(security_finding.uuid)
+      finding.project = project
+      finding.sha = pipeline.sha
+      finding.scanner = security_finding.scanner
+      finding.finding_evidence = evidence
+
+      if calculate_false_positive?
+        finding.vulnerability_flags = report_finding.flags.map do |flag|
+          Vulnerabilities::Flag.new(flag)
+        end
+      end
+
+      finding.identifiers = identifiers
+      finding.signatures = signatures
+    end
+  end
+
+  def calculate_false_positive?
+    project.licensed_feature_available?(:sast_fp_reduction)
+  end
 end