Automatic merge of gitlab-org/gitlab master

52f44519 · 🤖 GitLab Bot 🤖 · 02674e9f · 8a854655 · 52f44519 · 52f44519
Commit 52f44519 authored 2 years ago by 🤖 GitLab Bot 🤖
--- a/ee/app/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected.rb
+++ b/ee/app/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected.rb
@@ -5,6 +5,8 @@ module Ingestion
    module Tasks
      class IngestVulnerabilities
        class MarkResolvedAsDetected < AbstractTask
+          include Gitlab::Utils::StrongMemoize
+
          def execute
            mark_as_resolved

@@ -15,16 +17,36 @@ def execute

          # rubocop:disable CodeReuse/ActiveRecord
          def mark_as_resolved
-            ::Vulnerability
-              .resolved
-              .where(id: resolved_vulnerabilities_ids)
-              .update_all(state: ::Vulnerability.states[:detected])
+            ApplicationRecord.transaction do
+              create_state_transitions(resolved_vulnerabilities_ids)
+
+              ::Vulnerability
+                .resolved
+                .where(id: resolved_vulnerabilities_ids)
+                .update_all(state: ::Vulnerability.states[:detected])
+            end
          end

          def resolved_vulnerabilities_ids
-            ::Vulnerability.resolved.select(:id).where(id: finding_maps.map(&:vulnerability_id))
+            strong_memoize(:resolved_vulnerabilities_ids) do
+              ::Vulnerability.resolved.select(:id).where(id: finding_maps.map(&:vulnerability_id))
+            end
          end
          # rubocop:enable CodeReuse/ActiveRecord
+
+          def create_state_transitions(vulnerability_ids)
+            vulnerability_ids.each do |vulnerability_id|
+              create_state_transition_for(vulnerability_id)
+            end
+          end
+
+          def create_state_transition_for(vulnerability_id)
+            ::Vulnerabilities::StateTransition.create!(
+              vulnerability: vulnerability_id,
+              from_state: ::Vulnerability.states[:resolved],
+              to_state: ::Vulnerability.states[:detected]
+            )
+          end
        end
      end
    end

--- a/ee/spec/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected_spec.rb
+++ b/ee/spec/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected_spec.rb
@@ -37,4 +37,11 @@
      .and not_change { existing_vulnerability.reload.state }
      .from("detected")
  end
+
+  it 'creates state transiotion entry for each vulnerability' do
+    expect { mark_resolved_as_detected }.to change { ::Vulnerabilities::StateTransition.count }
+      .from(0)
+      .to(1)
+    expect(::Vulnerabilities::StateTransition.last.vulnerability_id).to eq(resolved_vulnerability.id)
+  end
 end