Update DAST reports to include additional fields

JSON Keys are in alphabetical order Arrays are sorted Added Common Report Format fields

Update DAST reports to include additional fields
JSON Keys are in alphabetical order Arrays are sorted Added Common Report Format fields
37db7102 · Cameron Swords · f88ed9ed · 37db7102 · 37db7102 · 37db7102
Commit 37db7102 authored Dec 04, 2019 by Cameron Swords
6 changed files
--- a/ee/spec/fixtures/security_reports/feature-branch/gl-dast-report.json
+++ b/ee/spec/fixtures/security_reports/feature-branch/gl-dast-report.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report-low-severity.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report-low-severity.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report-multiple-sites.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report-multiple-sites.json
--- a/ee/spec/fixtures/security_reports/master/gl-dast-report.json
+++ b/ee/spec/fixtures/security_reports/master/gl-dast-report.json
--- a/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
@@ -21,7 +21,7 @@ describe Gitlab::Ci::Parsers::Security::Dast do
          :last_occurrence_path,
          :last_occurrence_severity,
          :last_occurrence_confidence) do
-      :dast                 | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/start.mvc' | 'info' | 'low'
+      :dast                 | 24 | 15 | 1 | 'http://goat:8080' | 'GET' | '/WebGoat/plugins/bootstrap/css/bootstrap.min.css' | 'info' | 'low'
      :dast_multiple_sites  | 25 | 15 | 1 | 'https://goat:8080' | 'GET' | '/WebGoat/registration' | 'high' | 'medium'
      :dast_deprecated      | 2 | 3 | 1 | 'http://bikebilly-spring-auto-devops-review-feature-br-3y2gpb.35.192.176.43.xip.io' | 'GET' | '/' | 'low' | 'medium'
    end

--- a/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/formatters/dast_spec.rb
@@ -15,7 +15,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
  end

  describe '#format_vulnerability' do
-    let(:instance) { file_vulnerability['instances'][1] }
+    let(:instance) { file_vulnerability['instances'][0] }
    let(:hostname) { 'http://goat:8080' }
    let(:sanitized_desc) { file_vulnerability['desc'].gsub('<p>', '').gsub('</p>', '') }
    let(:sanitized_solution) { file_vulnerability['solution'].gsub('<p>', '').gsub('</p>', '') }
@@ -53,7 +53,7 @@ describe Gitlab::Ci::Parsers::Security::Formatters::Dast do
                                             'url'   => "http://projects.webappsec.org/w/page/13246974/Threat%20Classification%20Reference%20Grid"
                                           })
      expect(data['location']).to eq({
-                                       'param' => nil,
+                                       'param' => '',
                                       'method' => 'GET',
                                       'hostname' => hostname,
                                       'path' => '/WebGoat/login'