Adds a method for the cve_issue
What does this MR do and why?
Implements a new method into the Security::ImplementationIssue to return
the respective Security::CveIssue
. To search the Cve issue a finder
class was created to:
- First fetch the associated canonical issue.
- Then, search for a cve issue across the security and canonical issues. 1. If one is found on security then it is retrieved, if not, then the search continues to canonical.
- If a cve_issue is found on canonical, then it is returned.
- If no issue is found on security or canonical nothing is retrieved.
The cve_issue
created on the Security::ImplementationIssue
calls the
finder and returns an instance of Security::CvesIssue
.
Related to gitlab-com/gl-infra/delivery#19710 (closed)
Testing
I performed a manual test with the security issues associated with the tracking issue. Ids were modified to prevent leaking any confidential details:
[1] pry(main)> issues = ReleaseTools::Security::IssueCrawler.new.related_security_issues
=> [#<ReleaseTools::Security::ImplementationIssue:0x0000000111782b90
@iid=111,
]
[2] pry(main)> issues.count
=> 3
[3] pry(main)> cve_issues = []
=> []
[4] pry(main)> issues.each do |issue|
[4] pry(main)* cve = issue.cves_issue
[4] pry(main)* cve_issues << cve if cve.present?
[4] pry(main)* end
....
[5] pry(main)> cve_issues.count
=> 3
Author Check-list
- [-] Has documentation been updated?
Edited by Mayra Cabrera