From 15cd91c71a57a0b84af620181a64b26d5aec8237 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Mon, 15 Oct 2018 12:17:21 +0200
Subject: Make all legacy security reports to use raw format

- This introduces and uses `:raw` format for all legacy reports,
  the ones that do not have yet proper parsers on Backend
- Raw format is needed to make Frontend be able to parse reports,
  without the need of decompressing,
- This also extends fixtures to seed security reports with database,
  even though parser code is part of EE
---
 db/fixtures/development/14_pipelines.rb | 75 ++++++++++++++++++++++++++++++++-
 1 file changed, 74 insertions(+), 1 deletion(-)

(limited to 'db')

diff --git a/db/fixtures/development/14_pipelines.rb b/db/fixtures/development/14_pipelines.rb
index 5535c4a14e5..5af77c49913 100644
--- a/db/fixtures/development/14_pipelines.rb
+++ b/db/fixtures/development/14_pipelines.rb
@@ -1,7 +1,7 @@
 require './spec/support/sidekiq'
 
 class Gitlab::Seeder::Pipelines
-  STAGES = %w[build test deploy notify]
+  STAGES = %w[build test security deploy notify]
   BUILDS = [
     # build stage
     { name: 'build:linux', stage: 'build', status: :success,
@@ -31,6 +31,16 @@ class Gitlab::Seeder::Pipelines
     { name: 'spinach:osx', stage: 'test', status: :failed, allow_failure: true,
       queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
 
+    # security stage
+    { name: 'dast', stage: 'security', status: :success,
+      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
+    { name: 'sast', stage: 'security', status: :success,
+      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
+    { name: 'dependency_scanning', stage: 'security', status: :success,
+      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
+    { name: 'container_scanning', stage: 'security', status: :success,
+      queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago },
+
     # deploy stage
     { name: 'staging', stage: 'deploy', environment: 'staging', status_event: :success,
       options: { environment: { action: 'start', on_stop: 'stop staging' } },
@@ -108,6 +118,11 @@ class Gitlab::Seeder::Pipelines
 
       setup_artifacts(build)
       setup_test_reports(build)
+      if build.ref == build.project.default_branch
+        setup_security_reports_file(build)
+      else
+        setup_security_reports_legacy_archive(build)
+      end
       setup_build_log(build)
 
       build.project.environments.
@@ -143,6 +158,55 @@ class Gitlab::Seeder::Pipelines
     end
   end
 
+  def setup_security_reports_file(build)
+    return unless build.stage == "security"
+
+    # we have two sources: master and feature-branch
+    branch_name = build.ref == build.project.default_branch ?
+      'master' : 'feature-branch'
+
+    artifacts_cache_file(security_reports_path(branch_name, build.name)) do |file|
+      build.job_artifacts.build(
+        project: build.project,
+        file_type: build.name,
+        file_format: :raw,
+        file: file)
+    end
+  end
+
+  def setup_security_reports_legacy_archive(build)
+    return unless build.stage == "security"
+
+    # we have two sources: master and feature-branch
+    branch_name = build.ref == build.project.default_branch ?
+      'master' : 'feature-branch'
+
+    artifacts_cache_file(security_reports_archive_path(branch_name)) do |file|
+      build.job_artifacts.build(
+        project: build.project,
+        file_type: :archive,
+        file_format: :zip,
+        file: file)
+    end
+
+    # assign dummy metadata
+    artifacts_cache_file(artifacts_metadata_path) do |file|
+      build.job_artifacts.build(
+        project: build.project,
+        file_type: :metadata,
+        file_format: :gzip,
+        file: file)
+    end
+
+    build.options = {
+      artifacts: {
+        paths: [
+          Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(build.name.to_sym)
+        ]
+      }
+    }
+  end
+
   def setup_build_log(build)
     if %w(running success failed).include?(build.status)
       build.trace.set(FFaker::Lorem.paragraphs(6).join("\n\n"))
@@ -190,6 +254,15 @@ class Gitlab::Seeder::Pipelines
     Rails.root + 'spec/fixtures/junit/junit.xml.gz'
   end
 
+  def security_reports_archive_path(branch)
+    Rails.root.join('spec', 'fixtures', 'security-reports', branch + '.zip')
+  end
+
+  def security_reports_path(branch, name)
+    file_name = Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(name.to_sym)
+    Rails.root.join('spec', 'fixtures', 'security-reports', branch, file_name)
+  end
+
   def artifacts_cache_file(file_path)
     file = Tempfile.new("artifacts")
     file.close
-- 
cgit v1.2.3