Merge branch '197494-add-status-column-to-export-vulnerability-findings' into 'master'

Add status column for export vulnerability findings See merge request gitlab-org/gitlab!27935

Merge branch '197494-add-status-column-to-export-vulnerability-findings' into 'master'
Add status column for export vulnerability findings See merge request gitlab-org/gitlab!27935
056b69fd · Jarka Košanová · 999e875e · e9304fbf · 056b69fd · 056b69fd
Commit 056b69fd authored Mar 26, 2020 by Jarka Košanová
5 changed files
--- a/ee/app/services/vulnerability_exports/export_csv_service.rb
+++ b/ee/app/services/vulnerability_exports/export_csv_service.rb
@@ -22,6 +22,7 @@ module VulnerabilityExports
      {
        'Scanner Type' => 'report_type',
        'Scanner Name' => 'finding_scanner_name',
+        'Status' => 'state',
        'Vulnerability' => 'title',
        'Details' => 'description',
        'Additional Info' => -> (vulnerability) { vulnerability.finding_metadata&.fetch('message', nil) },

--- a/ee/spec/fixtures/vulnerabilities/exports/root-security-reports_vulnerabilities_2020-03-12T1235.csv
+++ b/ee/spec/fixtures/vulnerabilities/exports/root-security-reports_vulnerabilities_2020-03-12T1235.csv
-Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE
-container_scanning,Clair,CVE-2017-16997 in glibc,,CVE-2017-16997 in glibc,critical,CVE-2017-16997
-container_scanning,Clair,CVE-2017-18269 in glibc,,CVE-2017-18269 in glibc,critical,CVE-2017-18269
-container_scanning,Clair,CVE-2018-1000001 in glibc,,CVE-2018-1000001 in glibc,high,CVE-2018-1000001
-container_scanning,Clair,CVE-2016-10228 in glibc,,CVE-2016-10228 in glibc,medium,CVE-2016-10228
-container_scanning,Clair,CVE-2010-4052 in glibc,,CVE-2010-4052 in glibc,low,CVE-2010-4052
-container_scanning,Clair,CVE-2018-18520 in elfutils,,CVE-2018-18520 in elfutils,low,CVE-2018-18520
-container_scanning,Clair,CVE-2018-16869 in nettle,,CVE-2018-16869 in nettle,unknown,CVE-2018-16869
-dependency_scanning,Gemnasium,Regular Expression Denial of Service in debug,,Regular Expression Denial of Service in debug,unknown,yarn.lock:debug:gemnasium:37283ed4-0380-40d7-ada7-2d994afcc62a
-dependency_scanning,Gemnasium,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,unknown,yarn.lock:saml2-js:gemnasium:9952e574-7b5b-46fa-a270-aeb694198a98
-sast,Find Security Bugs,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,818bf5dacb291e15d9e6dc3c5ac32178:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:47
-sast,Find Security Bugs,Cipher with no integrity,,Cipher with no integrity,medium,e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY:src/main/java/com/gitlab/security_products/tests/App.java:29
-sast,Find Security Bugs,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:41
-sast,Find Security Bugs,ECB mode is insecure,,ECB mode is insecure,medium,ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:src/main/java/com/gitlab/security_products/tests/App.java:29
+Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE
+container_scanning,Clair,detected,CVE-2017-16997 in glibc,,CVE-2017-16997 in glibc,critical,CVE-2017-16997
+container_scanning,Clair,detected,CVE-2017-18269 in glibc,,CVE-2017-18269 in glibc,critical,CVE-2017-18269
+container_scanning,Clair,detected,CVE-2018-1000001 in glibc,,CVE-2018-1000001 in glibc,high,CVE-2018-1000001
+container_scanning,Clair,detected,CVE-2016-10228 in glibc,,CVE-2016-10228 in glibc,medium,CVE-2016-10228
+container_scanning,Clair,detected,CVE-2010-4052 in glibc,,CVE-2010-4052 in glibc,low,CVE-2010-4052
+container_scanning,Clair,detected,CVE-2018-18520 in elfutils,,CVE-2018-18520 in elfutils,low,CVE-2018-18520
+container_scanning,Clair,detected,CVE-2018-16869 in nettle,,CVE-2018-16869 in nettle,unknown,CVE-2018-16869
+dependency_scanning,Gemnasium,detected,Regular Expression Denial of Service in debug,,Regular Expression Denial of Service in debug,unknown,yarn.lock:debug:gemnasium:37283ed4-0380-40d7-ada7-2d994afcc62a
+dependency_scanning,Gemnasium,detected,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,unknown,yarn.lock:saml2-js:gemnasium:9952e574-7b5b-46fa-a270-aeb694198a98
+sast,Find Security Bugs,detected,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,818bf5dacb291e15d9e6dc3c5ac32178:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:47
+sast,Find Security Bugs,detected,Cipher with no integrity,,Cipher with no integrity,medium,e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY:src/main/java/com/gitlab/security_products/tests/App.java:29
+sast,Find Security Bugs,detected,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:41
+sast,Find Security Bugs,detected,ECB mode is insecure,,ECB mode is insecure,medium,ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:src/main/java/com/gitlab/security_products/tests/App.java:29
--- a/ee/spec/requests/api/vulnerability_exports_spec.rb
+++ b/ee/spec/requests/api/vulnerability_exports_spec.rb
@@ -177,7 +177,7 @@ describe API::VulnerabilityExports do
          download_vulnerability_export

          expect(response).to have_gitlab_http_status(:ok)
-          expect(response.body).to include 'Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE'
+          expect(response.body).to include 'Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE'
          expect(response.headers['Poll-Interval']).to be_blank
        end
      end

--- a/ee/spec/services/vulnerability_exports/export_csv_service_spec.rb
+++ b/ee/spec/services/vulnerability_exports/export_csv_service_spec.rb
@@ -23,14 +23,15 @@ describe VulnerabilityExports::ExportCsvService do
  end

  it 'includes the columns required for import' do
-    expect(csv.headers).to include('Scanner Type', 'Scanner Name', 'Vulnerability', 'Details', 'Additional Info',
-                                    'Severity', 'CVE')
+    expect(csv.headers).to include('Scanner Type', 'Scanner Name', 'Status', 'Vulnerability', 'Details',
+                                   'Additional Info', 'Severity', 'CVE')
  end

  it 'includes proper values for each column type' do
    aggregate_failures do
      expect(csv[0]['Scanner Type']).to eq vulnerability.report_type
      expect(csv[0]['Scanner Name']).to eq vulnerability.finding_scanner_name
+      expect(csv[0]['Status']).to eq vulnerability.state
      expect(csv[0]['Vulnerability']).to eq vulnerability.title
      expect(csv[0]['Details']).to eq vulnerability.description
      expect(csv[0]['Additional Info']).to eq vulnerability.finding_metadata['message']

--- a/ee/spec/workers/vulnerability_exports/export_worker_spec.rb
+++ b/ee/spec/workers/vulnerability_exports/export_worker_spec.rb
@@ -31,7 +31,7 @@ RSpec.describe VulnerabilityExports::ExportWorker, type: :worker do
            subject
            vulnerability_export.reload
            expect(vulnerability_export).to be_finished
-            expect(vulnerability_export.file.read).to include('Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE')
+            expect(vulnerability_export.file.read).to include('Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE')
          end

          it 'schedules job to delete export in 1 hour' do