Skip to content
Snippets Groups Projects
Verified Commit 34ac5fe8 authored by Zamir Martins's avatar Zamir Martins :speech_balloon:
Browse files

Simplify scanner logic for security reports

related to scan finding rules.

EE: true
Changelog: changed
parent 7ec97574
No related branches found
No related tags found
1 merge request!91712Simplify scanner logic for security reports
......@@ -24,7 +24,6 @@ class ApprovalProjectRule < ApplicationRecord
}
scope :report_approver_without_scan_finding, -> { report_approver.where.not(report_type: :scan_finding) }
scope :distinct_scanners, -> { scan_finding.select(:scanners).distinct }
alias_method :code_owner, :code_owner?
......
......@@ -25,15 +25,6 @@ def active_scan_result_policies
def scan_result_policies
policy_by_type(:scan_result_policy)
end
def uniq_scanners
return [] if project.blank?
distinct_scanners = approval_rules.distinct_scanners
return [] if distinct_scanners.none?
distinct_scanners.pluck(:scanners).flatten.uniq
end
end
end
end
......@@ -7,7 +7,6 @@ class SyncReportsToApprovalRulesService < ::BaseService
MEMOIZATIONS = %i(
policy_configuration
policy_rule_reports
policy_rule_scanners
).freeze
def initialize(pipeline)
......@@ -65,13 +64,7 @@ def sync_scan_finding
def policy_rule_reports
strong_memoize(:policy_rule_reports) do
policy_rule_scanners ? pipeline.security_reports(report_types: policy_rule_scanners) : []
end
end
def policy_rule_scanners
strong_memoize(:policy_rule_scanners) do
policy_configuration&.uniq_scanners
pipeline.security_reports
end
end
......
......@@ -347,44 +347,4 @@
end
end
end
describe '.distinct_scanners scope' do
subject { described_class.distinct_scanners }
before do
create(:approval_project_rule, type, scanners: ['dast'])
end
context 'with scan_finding approval rules' do
let(:type) { :scan_finding }
it { is_expected.to be_present }
context 'with duplicated scanners' do
before do
create(:approval_project_rule, :scan_finding, scanners: ['dast'])
end
it 'returns only one record' do
expect(subject.count).to be 1
end
end
context 'without duplicated scanners' do
before do
create(:approval_project_rule, :scan_finding, scanners: ['sast'])
end
it 'returns both records' do
expect(subject.count).to be 2
end
end
end
context 'without scan_finding approval rules' do
let(:type) { :license_scanning }
it { is_expected.to be_empty }
end
end
end
......@@ -580,35 +580,6 @@
end
end
describe '#uniq_scanners' do
let(:project) { security_orchestration_policy_configuration.project }
subject { security_orchestration_policy_configuration.uniq_scanners }
context 'with approval rules' do
context 'when policy configuration is configured for project' do
before do
create(:approval_project_rule, :scan_finding, scanners: %w(dast sast), project: project)
create(:approval_project_rule, :scan_finding, scanners: %w(dast container_scanning), project: project)
end
it { is_expected.to contain_exactly('dast', 'sast', 'container_scanning') }
end
context 'when policy configuration is configured for namespace' do
let(:security_orchestration_policy_configuration) do
create(:security_orchestration_policy_configuration, :namespace, security_policy_management_project: security_policy_management_project)
end
it { is_expected.to be_empty }
end
end
context 'without approval rules' do
it { is_expected.to be_empty }
end
end
describe '#project?' do
subject { security_orchestration_policy_configuration.project? }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment