Draft: Add QA scripts for job integration tests
What does this MR do?
Add Ruby scripts to be used in job integration tests in place of the compare_reports.sh
Shell script. They are based on rspec and the shared examples for security reports.
These Ruby scripts have many dependencies, similar to the image spec running in the image test
job. In the future, they'll come with a Docker image where all the dependencies are met.
This sits on top of !212 (merged).
This has been tested manually:
% DS_REPORT_URL="https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium/-/raw/master/qa/expect/go-modules/gl-dependency-scanning-report.json" bundle exec scripts/dependency-scanning-qa.rb
......
Finished in 1.03 seconds (files took 0.33959 seconds to load)
6 examples, 0 failures
% SAST_REPORT_URL="https://gitlab.com/gitlab-org/security-products/analyzers/bandit/-/raw/master/qa/expect/python-pip/gl-sast-report.json" bundle exec scripts/sast-qa.rb
......
Finished in 1.01 seconds (files took 0.2171 seconds to load)
6 examples, 0 failures
% SECRET_DETECTION_REPORT_URL="https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/raw/master/qa/expect/secrets/gl-secret-detection-report.json" bundle exec scripts/secret-detection-qa.rb
......
Finished in 0.70991 seconds (files took 0.33846 seconds to load)
6 examples, 0 failures
What are the relevant issue numbers?
gitlab-org/gitlab#299038 (closed)
Does this MR meet the acceptance criteria?
Changelog entry added-
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
/cc @theoretick
Edited by Fabien Catteau