Skip to content

Exclude other report types from scan readiness check

What does this MR do and why?

If a single build has reports from two different scan types, they will block each other if any of the scans are still processing when scan results are requested. This change fixes the issue by adding a missing by_scan_types predicate when querying the security scans.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

  1. Clone this project and push it to gdk (this will automatically create the project):

    git clone git@gitlab.com:gitlab-org/govern/threat-insights-demos/verification-projects/issue-568889.git
    cd issue-568889
    git remote add gdk ssh://git@<gdk_hostname>:2222/<user>/issue-568889.git
    git push -u gdk main
    git checkout feature
    git push -u gdk feature
  2. Run a pipeline on main

  3. Open a merge request merging feature into main

  4. The merge request widget should show results once reports are done processing. Before, it would load indefinitely... sometimes... if both report types are processed when the MR widget requests go through, it will work.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Brian Williams

Merge request reports

Loading