Commit 262b2371 authored by Mehmet Emin INAC's avatar Mehmet Emin INAC

Fix security report schema validation logic

Previously, if there was only one report for a report type, that report
was not being validated because of a bug in the logic.

Changelog: fixed
EE: true
parent 16a9ff55
......@@ -43,14 +43,18 @@ module Security
end
def sorted_artifacts
@sorted_artifacts ||= artifacts.sort do |a, b|
report_a = a.security_report(validate: true)
report_b = b.security_report(validate: true)
@sorted_artifacts ||= artifacts.each(&method(:prepare_report_for)).sort do |a, b|
report_a = a.security_report
report_b = b.security_report
report_a.primary_scanner_order_to(report_b)
end
end
def prepare_report_for(artifact)
artifact.security_report(validate: true)
end
def store_scan_for(artifact, deduplicate)
StoreScanService.execute(artifact, known_keys, deduplicate)
ensure
......
......@@ -69,14 +69,26 @@ RSpec.describe Security::StoreGroupedScansService do
allow(artifact_3).to receive(:security_report).and_return(mock_report)
end
context 'when there is only one report' do
let(:artifacts) { [artifact_1] }
it 'accesses the validated security report' do
store_scan_group
expect(artifact_1).to have_received(:security_report).with(validate: true).once
end
end
context 'when there are more than one reports' do
it 'accesses the validated security reports' do
store_scan_group
expect(artifact_1).to have_received(:security_report).with(validate: true).once
expect(artifact_2).to have_received(:security_report).with(validate: true).twice
expect(artifact_2).to have_received(:security_report).with(validate: true).once
expect(artifact_3).to have_received(:security_report).with(validate: true).once
end
end
end
context 'when the artifacts are not dependency_scanning' do
it 'calls the Security::StoreScanService with ordered artifacts' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment