From 34ac5fe80490f9ab45a068304b6004f83e584a94 Mon Sep 17 00:00:00 2001
From: Zamir Martins Filho <zfilho@gitlab.com>
Date: Mon, 4 Jul 2022 16:35:00 -0400
Subject: [PATCH] Simplify scanner logic for security reports

related to scan finding rules.

EE: true
Changelog: changed
---
 ee/app/models/approval_project_rule.rb        |  1 -
 .../concerns/security/scan_result_policy.rb   |  9 -----
 .../sync_reports_to_approval_rules_service.rb |  9 +----
 ee/spec/models/approval_project_rule_spec.rb  | 40 -------------------
 ...orchestration_policy_configuration_spec.rb | 29 --------------
 5 files changed, 1 insertion(+), 87 deletions(-)

diff --git a/ee/app/models/approval_project_rule.rb b/ee/app/models/approval_project_rule.rb
index daee9e60d06f555d..d09ad3e1960588e3 100644
--- a/ee/app/models/approval_project_rule.rb
+++ b/ee/app/models/approval_project_rule.rb
@@ -24,7 +24,6 @@ class ApprovalProjectRule < ApplicationRecord
   }
 
   scope :report_approver_without_scan_finding, -> { report_approver.where.not(report_type: :scan_finding) }
-  scope :distinct_scanners, -> { scan_finding.select(:scanners).distinct }
 
   alias_method :code_owner, :code_owner?
 
diff --git a/ee/app/models/concerns/security/scan_result_policy.rb b/ee/app/models/concerns/security/scan_result_policy.rb
index 35f3aed678ae857e..bc8f3519f66a990e 100644
--- a/ee/app/models/concerns/security/scan_result_policy.rb
+++ b/ee/app/models/concerns/security/scan_result_policy.rb
@@ -25,15 +25,6 @@ def active_scan_result_policies
       def scan_result_policies
         policy_by_type(:scan_result_policy)
       end
-
-      def uniq_scanners
-        return [] if project.blank?
-
-        distinct_scanners = approval_rules.distinct_scanners
-        return [] if distinct_scanners.none?
-
-        distinct_scanners.pluck(:scanners).flatten.uniq
-      end
     end
   end
 end
diff --git a/ee/app/services/ci/sync_reports_to_approval_rules_service.rb b/ee/app/services/ci/sync_reports_to_approval_rules_service.rb
index 43f9779849125a46..ffbdd77b33d9a60c 100644
--- a/ee/app/services/ci/sync_reports_to_approval_rules_service.rb
+++ b/ee/app/services/ci/sync_reports_to_approval_rules_service.rb
@@ -7,7 +7,6 @@ class SyncReportsToApprovalRulesService < ::BaseService
     MEMOIZATIONS = %i(
       policy_configuration
       policy_rule_reports
-      policy_rule_scanners
     ).freeze
 
     def initialize(pipeline)
@@ -65,13 +64,7 @@ def sync_scan_finding
 
     def policy_rule_reports
       strong_memoize(:policy_rule_reports) do
-        policy_rule_scanners ? pipeline.security_reports(report_types: policy_rule_scanners) : []
-      end
-    end
-
-    def policy_rule_scanners
-      strong_memoize(:policy_rule_scanners) do
-        policy_configuration&.uniq_scanners
+        pipeline.security_reports
       end
     end
 
diff --git a/ee/spec/models/approval_project_rule_spec.rb b/ee/spec/models/approval_project_rule_spec.rb
index 4f53348976ebd52b..33d93ac5d39d6f11 100644
--- a/ee/spec/models/approval_project_rule_spec.rb
+++ b/ee/spec/models/approval_project_rule_spec.rb
@@ -347,44 +347,4 @@
       end
     end
   end
-
-  describe '.distinct_scanners scope' do
-    subject { described_class.distinct_scanners }
-
-    before do
-      create(:approval_project_rule, type, scanners: ['dast'])
-    end
-
-    context 'with scan_finding approval rules' do
-      let(:type) { :scan_finding }
-
-      it { is_expected.to be_present }
-
-      context 'with duplicated scanners' do
-        before do
-          create(:approval_project_rule, :scan_finding, scanners: ['dast'])
-        end
-
-        it 'returns only one record' do
-          expect(subject.count).to be 1
-        end
-      end
-
-      context 'without duplicated scanners' do
-        before do
-          create(:approval_project_rule, :scan_finding, scanners: ['sast'])
-        end
-
-        it 'returns both records' do
-          expect(subject.count).to be 2
-        end
-      end
-    end
-
-    context 'without scan_finding approval rules' do
-      let(:type) { :license_scanning }
-
-      it { is_expected.to be_empty }
-    end
-  end
 end
diff --git a/ee/spec/models/security/orchestration_policy_configuration_spec.rb b/ee/spec/models/security/orchestration_policy_configuration_spec.rb
index db2a8d3a71d50737..3f1aa7434d60b28c 100644
--- a/ee/spec/models/security/orchestration_policy_configuration_spec.rb
+++ b/ee/spec/models/security/orchestration_policy_configuration_spec.rb
@@ -580,35 +580,6 @@
     end
   end
 
-  describe '#uniq_scanners' do
-    let(:project) { security_orchestration_policy_configuration.project }
-
-    subject { security_orchestration_policy_configuration.uniq_scanners }
-
-    context 'with approval rules' do
-      context 'when policy configuration is configured for project' do
-        before do
-          create(:approval_project_rule, :scan_finding, scanners: %w(dast sast), project: project)
-          create(:approval_project_rule, :scan_finding, scanners: %w(dast container_scanning), project: project)
-        end
-
-        it { is_expected.to contain_exactly('dast', 'sast', 'container_scanning') }
-      end
-
-      context 'when policy configuration is configured for namespace' do
-        let(:security_orchestration_policy_configuration) do
-          create(:security_orchestration_policy_configuration, :namespace, security_policy_management_project: security_policy_management_project)
-        end
-
-        it { is_expected.to be_empty }
-      end
-    end
-
-    context 'without approval rules' do
-      it { is_expected.to be_empty }
-    end
-  end
-
   describe '#project?' do
     subject { security_orchestration_policy_configuration.project? }
 
-- 
GitLab