Skip to content

Add Security::IssueResult class

Mayra Cabrera requested to merge add-security-issue-result into master

What does this MR do?

Introduces Security::IssueResult class. This one is similar to Security::MergeResult and it's going to be used to build the slack attachments for MergeRequestBatchMerger output.

This class is used on !927 (merged) to report the results, in the following way:

class MergeRequestsBatchMerger
 def initialize(client)
   @client = client
   @result = IssueResult.new
 end

 def execute
  # Fetches security issues
  issues.each do |issue|
    next unless issue.merge_requests_ready?

    @result.processed << issue

    invalid_merge_requests = # .... 

    if invalid_merge_requests.any?
      @result.invalid << issue
      # ...
    else
      merge_in_batches(issue.merge_requests, issue.iid)
    end

    notify_result
  end

  private

  def merge_in_batches(merge_requests, security_issue_iid)
   # ... 
   to_merge.each do |merge_request|
     merged_mr = client.accept_merge_request(
       # More code here
      )
   end

    next if merged_mr.respond_to?(:merge_commit_sha) && merged_mr.merge_commit_sha
    # `merged_mr` was not merged for some reason (perhaps conflicts), so we add mark it as pending.

    @result.pending[security_issue_iid] << merge_request
  end

  def notify_result
    slack_attachments = result.slack_attachments

    Slack::ChatopsNotification.security_issues_processed(slack_attachments)
   end
end

You can see the full implementation on !927 (merged)

Related to https://gitlab.com/gitlab-org/release-tools/-/issues/369

Edited by Mayra Cabrera

Merge request reports