Refactor Security::PipelineVulnerabilitiesFinder to return a relation instead of an array

Summary

In line with the deprecation of Kaminari.paginate_array in favor of Kaminari.paginate, the Also, the depending API::VulnerabilityFindings::vulnerability_occurrences_by has to be changed to return an ActiveRecord::Relation.

This cannot be achieved without refactoring the Security::PipelineVulnerabilitiesFinder to return an ActiveRecord::Relation as well. Also, the rest of the Security::PipelineVulnerabilitiesFinder usages need to be check to continue working as expected after changing the finder return value.

Improvements

Benefits of this refactoring are expressed in the Kaminari.paginate_array deprecation issue.

Risks

Current usages of Security::PipelineVulnerabilitiesFinder that may break if not properly wired up to its new return value:

Ci::CompareContainerScanningReportsService
Ci::CompareDependencyScanningReportsService
`Ci::CompareSastReportsService
API::VulnerabilityFindings

Involved components

ee/app/finders/security/pipeline_vulnerabilities_finder.rb
ee/app/services/ci/compare_container_scanning_reports_service.rb
ee/app/services/ci/compare_dependency_scanning_reports_service.rb
ee/app/services/ci/compare_sast_reports_service.rb
ee/lib/api/vulnerability_findings.rb

Edited Feb 20, 2020 by Lucas Charles