Support report from child pipeline for MR reports - part 1
This issue is the first step to fully support MR report from child pipelines. #215725 (closed)
The following report types are not blocked by multiple report support, so they can be updated to read reports from child pipeline as the first iteration.
Report types with consistent method to fetch report and to trigger client request:
blocked? | report_type | method used to fetch report | method used to trigger client request | implementation issue |
---|---|---|---|---|
cobertura | latest_report_builds | latest_report_builds | #363301 (closed) | |
coverage_report | latest_report_builds | latest_report_builds | #363301 (closed) | |
junit | latest_report_builds | latest_report_builds | #363302 | |
|
codequality | latest_report_builds | latest_report_builds | #363303 |
accessibility | latest_report_builds | latest_report_builds | #363304 | |
terraform | latest_report_builds | latest_report_builds | #363306 | |
metrics | latest_report_builds | latest_report_builds | #363307 |
Report types with different method to fetch report and to trigger client request:
blocked? | report_type | method used to fetch report | method used to trigger client request |
---|---|---|---|
license_scanning | latest_report_builds | latest_report_artifacts | |
api_fuzzing | latest_report_builds | latest_report_artifacts | |
container_scanning | latest_report_builds | latest_report_artifacts | |
coverage_fuzzing | latest_report_builds | latest_report_artifacts | |
dast | latest_report_builds | latest_report_artifacts | |
dependency_scanning | latest_report_builds | latest_report_artifacts | |
sast | latest_report_builds | latest_report_artifacts | |
secret_detection | latest_report_builds | latest_report_artifacts |
Caveats:
Code quality MR widget might still be blocked by #335447.- Other than on the MR, the following reports (
junit
,code_quality
,license_scanning
) are used in a few other places that don't uselatest_report_builds
, so in those places, the reports from child pipeline would not be included. - Security dashboard is exposed based on
latest_report_artifacts
. So there could be situation where the MR shows the security reports from child pipeline, but the security dashboard is not exposed. - Projects::LicensesController uses a different method to query the report, so it would still not include the child pipeline report
Proposal
In order to ensure each report type feature remains working, we need to be consistent in both how we retrieve the report and how we decide whether to request the report endpoint on the frontend.
In the tables above, there are 2 groups of report types. The first cobertura
, coverage_report
, junit
, codequality
, accessibility
, terraform
, metrics
both uses #latest_report_builds
to trigger the frontend client request and to fetch the actual reports.
These reports are fetched for use in the Merge Request using latest_report_builds
. The proposed change is to update these to also fetch from builds in the descendant pipelines, sing Pipeline#build_in_self_and_descendants
http://gitlab.com/gitlab-org/gitlab/blob/512a0ae404956952cd91793e4e2cd6b278256170/app/models/ci/pipeline.rb#962-L964
Starting point:
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 788b96bf7c8..8303e5818aa 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -871,7 +871,7 @@ module Ci
end
def latest_report_builds(reports_scope = ::Ci::JobArtifact.with_reports)
- builds.latest.with_reports(reports_scope)
+ builds_in_hierarchy.with_reports(reports_scope)
end
def has_reports?(reports_scope)
For a more detailed proposal, see each report type's implementation issue.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.