Commit 25eb8288 authored by Matthias Käppler's avatar Matthias Käppler

Merge branch 'nicolasdular/record-sast-onboardin-progress' into 'master'

Record onboarding action for SAST

See merge request gitlab-org/gitlab!52328
parents 120c7235 9c52b084
......@@ -10,8 +10,19 @@ module Security
::Ci::Pipeline.find_by(id: pipeline_id).try do |pipeline|
break unless pipeline.can_store_security_reports?
record_onboarding_progress(pipeline)
Security::StoreScansService.execute(pipeline)
end
end
private
def record_onboarding_progress(pipeline)
# We only record SAST scans since it's a Free feature and available to all users
return unless pipeline.security_scans.sast.any?
OnboardingProgressService.new(pipeline.project.namespace).execute(action: :security_scan_enabled)
end
end
end
......@@ -4,11 +4,11 @@ require 'spec_helper'
RSpec.describe Security::StoreScansWorker do
let_it_be(:sast_scan) { create(:security_scan, scan_type: :sast) }
let_it_be(:sast_pipeline) { sast_scan.pipeline }
let_it_be(:sast_build) { sast_pipeline.security_scans.sast.last&.build }
let_it_be(:pipeline) { sast_scan.pipeline }
let_it_be(:sast_build) { pipeline.security_scans.sast.last&.build }
describe '#perform' do
subject(:run_worker) { described_class.new.perform(sast_pipeline.id) }
subject(:run_worker) { described_class.new.perform(pipeline.id) }
before do
allow(Security::StoreScansService).to receive(:execute)
......@@ -25,6 +25,8 @@ RSpec.describe Security::StoreScansWorker do
expect(Security::StoreScansService).not_to have_received(:execute)
end
it_behaves_like 'does not record an onboarding progress action'
end
context 'when security reports can be stored for the pipeline' do
......@@ -35,6 +37,18 @@ RSpec.describe Security::StoreScansWorker do
expect(Security::StoreScansService).to have_received(:execute)
end
it_behaves_like 'records an onboarding progress action', :security_scan_enabled do
let(:namespace) { pipeline.project.namespace }
end
context 'dast scan' do
let_it_be(:dast_scan) { create(:security_scan, scan_type: :dast) }
let_it_be(:pipeline) { dast_scan.pipeline }
let_it_be(:dast_build) { pipeline.security_scans.dast.last&.build }
it_behaves_like 'does not record an onboarding progress action'
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment