Commit 59cee0e7 authored by Markus Koller's avatar Markus Koller

Merge branch 'expose_scanners_and_add_on_create_and_save' into 'master'

Expose security scanners in regards to approval

See merge request gitlab-org/gitlab!66116
parents dcfe24e8 c324301e
...@@ -12,6 +12,7 @@ module API ...@@ -12,6 +12,7 @@ module API
optional :users, as: :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule' optional :users, as: :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule' optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule' optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
end end
params :update_project_approval_rule do params :update_project_approval_rule do
...@@ -22,6 +23,7 @@ module API ...@@ -22,6 +23,7 @@ module API
optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule' optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule' optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed' optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
end end
params :delete_project_approval_rule do params :delete_project_approval_rule do
......
...@@ -9,6 +9,7 @@ module EE ...@@ -9,6 +9,7 @@ module EE
# To be removed in https://gitlab.com/gitlab-org/gitlab/issues/13574. # To be removed in https://gitlab.com/gitlab-org/gitlab/issues/13574.
class ProjectApprovalSettingRule < ProjectApprovalRule class ProjectApprovalSettingRule < ProjectApprovalRule
expose :approvers, using: ::API::Entities::UserBasic, override: true expose :approvers, using: ::API::Entities::UserBasic, override: true
expose :scanners, override: true
end end
end end
end end
......
...@@ -33,6 +33,12 @@ ...@@ -33,6 +33,12 @@
"type": "object", "type": "object",
"properties": {} "properties": {}
} }
},
"scanners":{
"type": "array",
"items": {
"type": "string"
}
} }
}, },
"additionalProperties": false "additionalProperties": false
......
...@@ -72,6 +72,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do ...@@ -72,6 +72,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do
end end
end end
end end
context 'with valid scanners' do
let(:scanners) { ['sast'] }
it 'returns 201 status' do
expect do
post api(url, current_user), params: params.merge({ scanners: scanners })
end.to change { project.approval_rules.count}.from(0).to(1)
expect(response).to have_gitlab_http_status(:created)
expect(project.approval_rules.first.scanners).to eql(scanners)
end
end
end end
end end
...@@ -98,6 +110,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do ...@@ -98,6 +110,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
end end
end end
context 'with valid scanners' do
let(:scanners) { ['sast'] }
it 'returns 200 status' do
expect do
put api(url, current_user), params: { scanners: scanners }
end.to change { approval_rule.reload.scanners.count }.from(::Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.count).to(scanners.count)
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'when approver already exists' do context 'when approver already exists' do
before do before do
approval_rule.users << approver approval_rule.users << approver
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment