Attempt reading schema file instead of a file named `#{report_version}` (!110886) · Merge requests · GitLab.org / GitLab

Michał Zając requested to merge 390154-reports-produced-by-dast-3-0-60-cannot-be-ingested-by-gitlab-15-4-0-ee into master Feb 02, 2023

What does this MR do and why?

Make Gitlab::Ci::Parsers::Security::Validators::SchemaValidator attempt reading the actual schema file located under ee/lib/ee/gitlab/ci/parsers/security/validators/schemas/#{report_version}/#{report-type}-report-format.json instead of a file named #{report_version}.

Related to #390154 (closed)

How to set up and validate locally

git checkout v15.4.0-ee
Grab report from #390154 (comment 1262264836)
Run the following script in Rails console

stub = OpenStruct.new(id: 1) # Alternatively you can pass in an existing Project but it's used only for logging purposes
validator = ::Gitlab::Ci::Parsers::Security::Validators::SchemaValidator.new('dast', JSON.parse(File.read("/path/to/report/pretty-gl-dast-report.json")), "15.0.2", project: stub)

It should return errors outlined in #390154 (comment 1262378754)
Switch to this branch
Rerun the script from step 2
No errors should be shown

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Feb 02, 2023 by Michał Zając

Attempt reading schema file instead of a file named `#{report_version}`

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports