Validate generated report using security report JSON schema (!193) · Merge requests · GitLab.org / security-products / ci-templates

Adam Cohen requested to merge validate-generated-report-using-json-schema into master Jan 22, 2021

What does this MR do?

This MR builds upon a previous MR Ensure keys match when comparing reports which was reverted in !189 (merged) because it caused many QA jobs to fail which would have required updating a large number of expectation files. Instead of updating all the necessary expectation files, it was decided here that it would be better to check the generated reports to ensure they pass a JSON schema validation rather than a strict key-equality comparison.

This MR also adds an rspec test spec/compare_reports_spec.rb to make it easier to verify that the code functions as expected.

What are the relevant issue numbers?

gitlab-org/gitlab#244829 (closed)

Does this MR meet the acceptance criteria?

Tests added for this feature/bug
- Test is successful for flawfinder project which is missing id key from expected report
- Test is successful and warning is printed when actual report is missing a required start_time field

Edited Nov 19, 2021 by Adam Cohen

Validate generated report using security report JSON schema

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports