Commit 222a70a4 authored by Etienne Baqué's avatar Etienne Baqué

Merge branch '351522_use_uuid_as_primary_key_for_deduplication_logic' into 'master'

Deduplicate findings by comparing the UUIDs

See merge request gitlab-org/gitlab!79680
parents b083a6c3 179484a3
...@@ -361,6 +361,7 @@ RSpec.describe Gitlab::Ci::Reports::Security::Finding do ...@@ -361,6 +361,7 @@ RSpec.describe Gitlab::Ci::Reports::Security::Finding do
let(:finding) { build(:ci_reports_security_finding, identifiers: [identifier_1, identifier_2], location: location, vulnerability_finding_signatures_enabled: true, signatures: [signature]) } let(:finding) { build(:ci_reports_security_finding, identifiers: [identifier_1, identifier_2], location: location, vulnerability_finding_signatures_enabled: true, signatures: [signature]) }
let(:expected_keys) do let(:expected_keys) do
[ [
finding.uuid,
build(:ci_reports_security_finding_key, location_fingerprint: location.fingerprint, identifier_fingerprint: identifier_1.fingerprint), build(:ci_reports_security_finding_key, location_fingerprint: location.fingerprint, identifier_fingerprint: identifier_1.fingerprint),
build(:ci_reports_security_finding_key, location_fingerprint: location.fingerprint, identifier_fingerprint: identifier_2.fingerprint), build(:ci_reports_security_finding_key, location_fingerprint: location.fingerprint, identifier_fingerprint: identifier_2.fingerprint),
build(:ci_reports_security_finding_key, location_fingerprint: signature.signature_hex, identifier_fingerprint: identifier_1.fingerprint), build(:ci_reports_security_finding_key, location_fingerprint: signature.signature_hex, identifier_fingerprint: identifier_1.fingerprint),
......
...@@ -126,7 +126,7 @@ module Gitlab ...@@ -126,7 +126,7 @@ module Gitlab
location_fingerprints.map do |location_fingerprint| location_fingerprints.map do |location_fingerprint|
FindingKey.new(location_fingerprint: location_fingerprint, identifier_fingerprint: identifier.fingerprint) FindingKey.new(location_fingerprint: location_fingerprint, identifier_fingerprint: identifier.fingerprint)
end end
end end.push(uuid)
end end
def primary_identifier_fingerprint def primary_identifier_fingerprint
......
...@@ -11,6 +11,8 @@ module Gitlab ...@@ -11,6 +11,8 @@ module Gitlab
end end
def ==(other) def ==(other)
return false unless other.is_a?(self.class)
has_fingerprints? && other.has_fingerprints? && has_fingerprints? && other.has_fingerprints? &&
location_fingerprint == other.location_fingerprint && location_fingerprint == other.location_fingerprint &&
identifier_fingerprint == other.identifier_fingerprint identifier_fingerprint == other.identifier_fingerprint
......
...@@ -6,6 +6,7 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do ...@@ -6,6 +6,7 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do
using RSpec::Parameterized::TableSyntax using RSpec::Parameterized::TableSyntax
describe '#==' do describe '#==' do
context 'when the comparison is done between FindingKey instances' do
where(:location_fp_1, :location_fp_2, :identifier_fp_1, :identifier_fp_2, :equals?) do where(:location_fp_1, :location_fp_2, :identifier_fp_1, :identifier_fp_2, :equals?) do
nil | 'different location fp' | 'identifier fp' | 'different identifier fp' | false nil | 'different location fp' | 'identifier fp' | 'different identifier fp' | false
'location fp' | nil | 'identifier fp' | 'different identifier fp' | false 'location fp' | nil | 'identifier fp' | 'different identifier fp' | false
...@@ -38,4 +39,14 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do ...@@ -38,4 +39,14 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do
it { is_expected.to be(equals?) } it { is_expected.to be(equals?) }
end end
end end
context 'when the comparison is not done between FindingKey instances' do
let(:finding_key) { build(:ci_reports_security_finding_key) }
let(:uuid) { SecureRandom.uuid }
subject { finding_key == uuid }
it { is_expected.to be_falsey }
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment