Empty Dependency list even if dependency_scanning job is set up

Summary

If dependency_scanning job is set up, but there are some problems with pipeline, dependency list page status can be flaky: for some periods of time users can see a message that Dependency list is empty and they need to set up dependency_scanning job first.

Steps to reproduce

This issue is flaky, sometimes it reproduced on https://gitlab.com/gitlab-org/gitlab when the master is broken.

  • go to Security & Compliance -> Dependency list

What is the current bug behavior?

Message introducing Dependency List is displayed

What is the expected correct behavior?

Dependency list page displays last successfully generated report

Relevant logs and/or screenshots

Screenshot_2019-10-08_22.50.15

Output of checks

This bug happens on GitLab.com

Possible fixes

the reason for this behavior is needed to be investigated further but possibly the problem is how we fetch the report. We fetch it for a pipeline

project.all_pipelines.latest_successful_for_ref(project.default_branch)

Possibly, latest_successful_for_ref is not the best choise for this query.