Fix security report schema validation logic

Previously, if there was only one report for a report type, that report was not being validated because of a bug in the logic. Changelog: fixed EE: true

Fix security report schema validation logic
Previously, if there was only one report for a report type, that report was not being validated because of a bug in the logic. Changelog: fixed EE: true
262b2371 · Mehmet Emin INAC · 16a9ff55 · 262b2371 · 262b2371
Commit 262b2371 authored Nov 18, 2021 by Mehmet Emin INAC
2 changed files
--- a/ee/app/services/security/store_grouped_scans_service.rb
+++ b/ee/app/services/security/store_grouped_scans_service.rb
@@ -43,14 +43,18 @@ module Security
    end
    def sorted_artifacts
-      @sorted_artifacts ||= artifacts.sort do |a, b|
+      @sorted_artifacts ||= artifacts.each(&method(:prepare_report_for)).sort do |a, b|
-        report_a = a.security_report(validate: true)
+        report_a = a.security_report
-        report_b = b.security_report(validate: true)
+        report_b = b.security_report
        report_a.primary_scanner_order_to(report_b)
      end
    end
+    def prepare_report_for(artifact)
+      artifact.security_report(validate: true)
+    end
    def store_scan_for(artifact, deduplicate)
      StoreScanService.execute(artifact, known_keys, deduplicate)
    ensure

--- a/ee/spec/services/security/store_grouped_scans_service_spec.rb
+++ b/ee/spec/services/security/store_grouped_scans_service_spec.rb
@@ -69,14 +69,26 @@ RSpec.describe Security::StoreGroupedScansService do
          allow(artifact_3).to receive(:security_report).and_return(mock_report)
        end
+        context 'when there is only one report' do
+          let(:artifacts) { [artifact_1] }
+          it 'accesses the validated security report' do
+            store_scan_group
+            expect(artifact_1).to have_received(:security_report).with(validate: true).once
+          end
+        end
+        context 'when there are more than one reports' do
          it 'accesses the validated security reports' do
            store_scan_group
            expect(artifact_1).to have_received(:security_report).with(validate: true).once
-          expect(artifact_2).to have_received(:security_report).with(validate: true).twice
+            expect(artifact_2).to have_received(:security_report).with(validate: true).once
            expect(artifact_3).to have_received(:security_report).with(validate: true).once
          end
        end
+      end
      context 'when the artifacts are not dependency_scanning' do
        it 'calls the Security::StoreScanService with ordered artifacts' do