NotImplementedError: No URL builder defined for #<Vulnerabilities::Finding id: nil, created_at: nil, updated_at: nil, ... (#327480) · Issues · GitLab.org / GitLab

NotImplementedError: No URL builder defined for #<Vulnerabilities::Finding id: nil, created_at: nil, updated_at: nil, ...

https://sentry.gitlab.net/gitlab/gitlabcom/issues/2494517/?referrer=gitlab_plugin

NotImplementedError: No URL builder defined for #<Vulnerabilities::Finding id: nil, created_at: nil, updated_at: nil, severity: "critical", confidence: "unknown", report_type: "container_scanning", project_id: 24698270, scanner_id: 82395, primary_identifier_id: nil, project_fingerprint: "0a8ee456f3dc40ee8a323949513926aa0c66e69f", location_fingerprint: "d384bd7e05c6eaaae9f7277a2f48e52db4427115", uuid: "30db43bf-1c6b-5bf5-aeba-122f0b620c23", name: "CVE-2019-12735 in vim", metadata_version: "3.0.0", raw_metadata: "{\"id\":\"0a4673e59a6364e5d58b4b1171c162f748099f82f0f...", vulnerability_id: 6689516, details: {}, description: nil, message: nil, solution: nil, cve: nil, location: nil>
  gitlab/url_builder.rb:52:in `build'
    raise NotImplementedError.new("No URL builder defined for #{object.inspect}")
  ee/gitlab/url_builder.rb:23:in `build'
    super
  ee/gitlab_routing_helper.rb:39:in `vulnerability_url'
    ::Gitlab::UrlBuilder.build(vulnerability)
  /opt/gitlab/embedded/service/gitlab-rails/ee/app/views/vulnerabilities/jira_issue_description.md.erb:52:in `_ee_app_views_vulnerabilities_jira_issue_description_md_erb__420782625384277365_34261980'
    <%= _("See vulnerability %{vulnerability_link} for any Remediation details.".html_safe) % { vulnerability_link: "[#{vulnerability.id}|#{vulnerability_url(vulnerability)}]" } %>
  action_view/base.rb:274:in `_run'
    send(method, locals, buffer, &block)
...
(191 additional frame(s) were not displayed)

Implementation plan

backend Create a new view file similar to the jira_issue_description.md.erb for the unpersisted findings with the back reference to the pipeline instead of the vulnerability and use that one in VulnerabilityPresenter#jira_issue_description method if the vulnerability is not persisted.

Pseudo implementation

diff --git a/ee/app/presenters/vulnerability_presenter.rb b/ee/app/presenters/vulnerability_presenter.rb
index 51f3745a90a..8276f587e4a 100644
--- a/ee/app/presenters/vulnerability_presenter.rb
+++ b/ee/app/presenters/vulnerability_presenter.rb
@@ -47,7 +47,7 @@ def scan

   def jira_issue_description
     ApplicationController.render(
-      template: 'vulnerabilities/jira_issue_description.md.erb',
+      template: jira_template,
       locals: { vulnerability: self }
     )
   end
@@ -58,6 +58,10 @@ def description

   private

+  def jira_template
+    id.present? ? 'vulnerabilities/jira_issue_description.md.erb' : 'vulnerabilities/jira_issue_description_for_findings.md.erb'
+  end
+
   def location_link_for(path)
     return location_text unless path

Edited Apr 19, 2021 by Mehmet Emin INAC