diff options
Diffstat (limited to 'spec/lib/gitlab/ci/parsers/security/common_spec.rb')
-rw-r--r-- | spec/lib/gitlab/ci/parsers/security/common_spec.rb | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/spec/lib/gitlab/ci/parsers/security/common_spec.rb b/spec/lib/gitlab/ci/parsers/security/common_spec.rb index 6495d1f654b..297ef1f5bb9 100644 --- a/spec/lib/gitlab/ci/parsers/security/common_spec.rb +++ b/spec/lib/gitlab/ci/parsers/security/common_spec.rb @@ -16,7 +16,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do } end - where(vulnerability_finding_signatures_enabled: [true, false]) + where(signatures_enabled: [true, false]) with_them do let_it_be(:pipeline) { create(:ci_pipeline) } @@ -44,7 +44,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do let(:validator_class) { Gitlab::Ci::Parsers::Security::Validators::SchemaValidator } let(:data) { {}.merge(scanner_data) } let(:json_data) { data.to_json } - let(:parser) { described_class.new(json_data, report, vulnerability_finding_signatures_enabled, validate: validate) } + let(:parser) { described_class.new(json_data, report, signatures_enabled: signatures_enabled, validate: validate) } subject(:parse_report) { parser.parse! } @@ -191,7 +191,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do context 'report parsing' do before do - artifact.each_blob { |blob| described_class.parse!(blob, report, vulnerability_finding_signatures_enabled) } + artifact.each_blob { |blob| described_class.parse!(blob, report, signatures_enabled: signatures_enabled) } end describe 'parsing finding.name' do @@ -262,7 +262,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do describe 'top-level scanner' do it 'is the primary scanner' do expect(report.primary_scanner.external_id).to eq('gemnasium') - expect(report.primary_scanner.name).to eq('Gemnasium') + expect(report.primary_scanner.name).to eq('Gemnasium top-level') expect(report.primary_scanner.vendor).to eq('GitLab') expect(report.primary_scanner.version).to eq('2.18.0') end @@ -278,9 +278,17 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do describe 'parsing scanners' do subject(:scanner) { report.findings.first.scanner } - context 'when vendor is not missing in scanner' do - it 'returns scanner with parsed vendor value' do - expect(scanner.vendor).to eq('GitLab') + context 'when the report contains top-level scanner' do + it 'sets the scanner of finding as top-level scanner' do + expect(scanner.name).to eq('Gemnasium top-level') + end + end + + context 'when the report does not contain top-level scanner' do + let(:artifact) { build(:ci_job_artifact, :common_security_report_without_top_level_scanner) } + + it 'sets the scanner of finding as `vulnerabilities[].scanner`' do + expect(scanner.name).to eq('Gemnasium') end end end @@ -465,7 +473,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do finding = report.findings.first highest_signature = finding.signatures.max_by(&:priority) - identifiers = if vulnerability_finding_signatures_enabled + identifiers = if signatures_enabled "#{finding.report_type}-#{finding.primary_identifier.fingerprint}-#{highest_signature.signature_hex}-#{report.project_id}" else "#{finding.report_type}-#{finding.primary_identifier.fingerprint}-#{finding.location.fingerprint}-#{report.project_id}" |