Failure on qa/specs/features/ee/browser_ui/secure/create_merge_request_with_secure_spec.rb:70

• https://ops.gitlab.net/gitlab-org/quality/staging/-/jobs/732375
• Similar to previous issue: #32634 (closed)

 1) Secure Security Reports in a Merge Request displays the Security reports in the merge request
     Failure/Error: expect(mergerequest).to have_total_vulnerability_count_of(total_vuln_count)
       expected #has_total_vulnerability_count_of?(49) to return true, got false
     # ./qa/specs/features/ee/browser_ui/secure/create_merge_request_with_secure_spec.rb:73:in `block (4 levels) in <module:QA>'
     # ./qa/scenario/actable.rb:16:in `perform'
     # ./qa/specs/features/ee/browser_ui/secure/create_merge_request_with_secure_spec.rb:71:in `block (3 levels) in <module:QA>'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:123:in `block in run'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:110:in `loop'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:110:in `run'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec_ext/rspec_ext.rb:12:in `run_with_retry'
     # ./spec/spec_helper.rb:68:in `block (2 levels) in <top (required)>'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:123:in `block in run'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:110:in `loop'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:110:in `run'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec_ext/rspec_ext.rb:12:in `run_with_retry'
     # /usr/local/bundle/gems/rspec-retry-0.6.1/lib/rspec/retry.rb:37:in `block (2 levels) in setup'
     # ./qa/specs/runner.rb:69:in `perform'
     # ./qa/scenario/template.rb:10:in `block in perform'
     # ./qa/scenario/template.rb:8:in `tap'
     # ./qa/scenario/template.rb:8:in `perform'
     # ./qa/scenario/template.rb:33:in `perform'
     # ./qa/scenario/template.rb:10:in `block in perform'
     # ./qa/scenario/template.rb:8:in `tap'
     # ./qa/scenario/template.rb:8:in `perform'
     # ./qa/scenario/bootable.rb:28:in `launch!'

UPDATED: test uses a fixture so number of vulnerabilities is not changing Likely this kind of check will always be flaky as new vulnerabilities are discovered and libraries are updated. It may make more sense to check that we are displaying the message and disregard the actual vulnerability count that we are currently passing in as a parameter in:

qa/qa/ee/page/merge_request/show.rb within the methods:

• has_total_vulnerability_count_of?(expected)
• has_sast_vulnerability_count_of?(expected)
• has_dependency_vulnerability_count_of?(expected)
• has_container_vulnerability_count_of?(expected)
• has_dast_vulnerability_count_of?(expected)

All of these methods are somewhat flaky because the underlying libraries can report different values over time.