Skip to content

Fix codequality mr diff report

Max Orefice requested to merge mo-fix-codequality-mr-diff-report into master

Ref: #327767 (closed)

What does this MR do?

This MR fixes a false/positive ~bug with our codequality_mr_diff report.

It refactors our current CreateCodeQualityMrDiffReportService and it's associated spec to make sure we only create a new artifact when new degradation have been introduced.

What problem does this MR solve?

After pipeline completion, we create a new codequality mr diff report and persist it as a PipelineArtifact.

With our current implementation, we don't know which lines introduced new degradation as we don't have a base report to compare with.

Why are we doing this?

In this example MR, we can see (not anymore as our feature flag has been disabled) several icons displayed on each files even though we don't see any new degradation introduced in our MR widget.

This happens because we don't create a diff report when creating our PipelineArtifact.

This MR fixes it by refactoring our current logic and generating a diff between a base and a head pipeline.

This implementation is based by leveraging an existing pattern discovered while working on the POC for coverage approval rule.

The groupstatic analysis team has been using it and it seems to be working well for them so I'm curious to try this out.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Max Orefice

Merge request reports