Merge branch 'refactor-test-reports' into 'master'

Refactor test reports

See merge request gitlab-org/gitlab-ee!7827

app/controllers/projects/artifacts_controller.rb

@@ -10,7 +10,7 @@ class Projects::ArtifactsController < Projects::ApplicationController
   before_action :authorize_update_build!, only: [:keep]
   before_action :extract_ref_name_and_path
   before_action :set_request_format, only: [:file]
-  before_action :validate_artifacts!
+  before_action :validate_artifacts!, except: [:download]
   before_action :entry, only: [:file]
 
   def download
@@ -102,7 +102,7 @@ class Projects::ArtifactsController < Projects::ApplicationController
   # rubocop: enable CodeReuse/ActiveRecord
 
   def artifacts_file
-    @artifacts_file ||= build.artifacts_file_for_type(params[:file_type] || :archive)
+    @artifacts_file ||= build&.artifacts_file_for_type(params[:file_type] || :archive)
   end
 
   def entry

app/controllers/projects/build_artifacts_controller.rb

@@ -6,7 +6,7 @@ class Projects::BuildArtifactsController < Projects::ApplicationController
 
   before_action :authorize_read_build!
   before_action :extract_ref_name_and_path
-  before_action :validate_artifacts!
+  before_action :validate_artifacts!, except: [:download]
 
   def download
     redirect_to download_project_job_artifacts_path(project, job)

ee/app/helpers/ee/gitlab_routing_helper.rb

@@ -29,37 +29,6 @@ module EE
       group_epic_path(entity.group, entity, *args)
     end
 
-    def sast_artifact_url(pipeline)
-      raw_project_build_artifacts_url(pipeline.project,
-                                      pipeline.sast_artifact,
-                                      path: Ci::Build::SAST_FILE)
-    end
-
-    def dependency_scanning_artifact_url(pipeline)
-      raw_project_build_artifacts_url(pipeline.project,
-                                      pipeline.dependency_scanning_artifact,
-                                      path: Ci::Build::DEPENDENCY_SCANNING_FILE)
-    end
-
-    # sast_container_artifact_url is deprecated and replaced with container_scanning_artifact_url (#5778)
-    def sast_container_artifact_url(pipeline)
-      raw_project_build_artifacts_url(pipeline.project,
-                                      pipeline.sast_container_artifact,
-                                      path: Ci::Build::SAST_CONTAINER_FILE)
-    end
-
-    def container_scanning_artifact_url(pipeline)
-      raw_project_build_artifacts_url(pipeline.project,
-                                      pipeline.container_scanning_artifact,
-                                      path: Ci::Build::CONTAINER_SCANNING_FILE)
-    end
-
-    def dast_artifact_url(pipeline)
-      raw_project_build_artifacts_url(pipeline.project,
-                                      pipeline.dast_artifact,
-                                      path: Ci::Build::DAST_FILE)
-    end
-
     def license_management_artifact_url(pipeline)
       raw_project_build_artifacts_url(pipeline.project,
                                       pipeline.license_management_artifact,

ee/app/helpers/ee/projects_helper.rb

@@ -148,21 +148,12 @@ module EE
           can_create_issue: "false"
         }
       else
-        # Handle old job and artifact names for container scanning
-        sast_container_head_path = if pipeline.expose_sast_container_data?
-                                     sast_container_artifact_url(pipeline)
-                                   elsif pipeline.expose_container_scanning_data?
-                                     container_scanning_artifact_url(pipeline)
-                                   else
-                                     nil
-                                   end
-
         {
           head_blob_path: project_blob_path(project, pipeline.sha),
-          sast_head_path: pipeline.expose_sast_data? ? sast_artifact_url(pipeline) : nil,
-          dependency_scanning_head_path: pipeline.expose_dependency_scanning_data? ? dependency_scanning_artifact_url(pipeline) : nil,
-          dast_head_path: pipeline.expose_dast_data? ? dast_artifact_url(pipeline) : nil,
-          sast_container_head_path: sast_container_head_path,
+          sast_head_path: pipeline.downloadable_path_for_report_type(:sast),
+          dependency_scanning_head_path: pipeline.downloadable_path_for_report_type(:dependency_scanning),
+          dast_head_path: pipeline.downloadable_path_for_report_type(:dast),
+          sast_container_head_path: pipeline.downloadable_path_for_report_type(:container_scanning),
           vulnerability_feedback_path: project_vulnerability_feedback_index_path(project),
           pipeline_id: pipeline.id,
           vulnerability_feedback_help_path: help_page_path("user/project/merge_requests/index", anchor: "interacting-with-security-reports-ultimate"),

ee/app/models/ee/ci/build.rb

@@ -7,14 +7,8 @@ module EE
     module Build
       extend ActiveSupport::Concern
 
-      DEPENDENCY_SCANNING_FILE = 'gl-dependency-scanning-report.json'.freeze
       LICENSE_MANAGEMENT_FILE = 'gl-license-management-report.json'.freeze
-      SAST_FILE = 'gl-sast-report.json'.freeze
       PERFORMANCE_FILE = 'performance.json'.freeze
-      # SAST_CONTAINER_FILE is deprecated and replaced with CONTAINER_SCANNING_FILE (#5778)
-      SAST_CONTAINER_FILE = 'gl-sast-container-report.json'.freeze
-      CONTAINER_SCANNING_FILE = 'gl-container-scanning-report.json'.freeze
-      DAST_FILE = 'gl-dast-report.json'.freeze
 
       prepended do
         after_save :stick_build_if_status_changed
@@ -36,37 +30,11 @@ module EE
           has_artifact?(PERFORMANCE_FILE)
       end
 
-      def has_sast_json?
-        name_in?('sast') &&
-          has_artifact?(SAST_FILE)
-      end
-
-      def has_dependency_scanning_json?
-        name_in?('dependency_scanning') &&
-          has_artifact?(DEPENDENCY_SCANNING_FILE)
-      end
-
       def has_license_management_json?
         name_in?('license_management') &&
           has_artifact?(LICENSE_MANAGEMENT_FILE)
       end
 
-      # has_sast_container_json? is deprecated and replaced with has_container_scanning_json? (#5778)
-      def has_sast_container_json?
-        name_in?(%w[sast:container container_scanning]) &&
-          has_artifact?(SAST_CONTAINER_FILE)
-      end
-
-      def has_container_scanning_json?
-        name_in?(%w[sast:container container_scanning]) &&
-          has_artifact?(CONTAINER_SCANNING_FILE)
-      end
-
-      def has_dast_json?
-        name_in?('dast') &&
-          has_artifact?(DAST_FILE)
-      end
-
       def log_geo_deleted_event
         # It is not needed to generate a Geo deleted event
         # since Legacy Artifacts are migrated to multi-build artifacts

ee/app/models/ee/ci/pipeline.rb

@@ -17,6 +17,16 @@ module EE
           joins(:artifacts).where(ci_builds: { name: %w[sast dependency_scanning sast:container container_scanning dast] })
         }
 
+        # This structure describes feature levels
+        # to access the file types for given reports
+        LEGACY_REPORT_LICENSED_FEATURES = {
+          codequality: nil,
+          sast: :sast,
+          dependency_scanning: :dependency_scanning,
+          container_scanning: :sast_container,
+          dast: :dast
+        }.freeze
+
         # Deprecated, to be removed in 12.0
         # A hash of Ci::JobArtifact file_types
         # With mapping to the legacy job names,
@@ -25,15 +35,39 @@ module EE
           codequality: {
             names: %w(codeclimate codequality code_quality),
             files: %w(codeclimate.json gl-code-quality-report.json)
+          },
+          sast: {
+            names: %w(deploy sast),
+            files: %w(gl-sast-report.json)
+          },
+          dependency_scanning: {
+            names: %w(dependency_scanning),
+            files: %w(gl-dependency-scanning-report.json)
+          },
+          container_scanning: {
+            names: %w(sast:container container_scanning),
+            files: %w(gl-sast-container-report.json gl-container-scanning-report.json)
+          },
+          dast: {
+            names: %w(dast),
+            files: %w(gl-dast-report.json)
           }
         }.freeze
       end
 
-      def artifact_for_file_type(file_type)
+      def any_report_artifact_for_type(file_type)
+        report_artifact_for_file_type(file_type) || legacy_report_artifact_for_file_type(file_type)
+      end
+
+      def report_artifact_for_file_type(file_type)
+        return unless available_licensed_report_type?(file_type)
+
         job_artifacts.where(file_type: ::Ci::JobArtifact.file_types[file_type]).last
       end
 
       def legacy_report_artifact_for_file_type(file_type)
+        return unless available_licensed_report_type?(file_type)
+
         legacy_names = LEGACY_REPORT_FORMATS[file_type]
         return unless legacy_names
 
@@ -53,106 +87,35 @@ module EE
         @performance_artifact ||= artifacts_with_files.find(&:has_performance_json?)
       end
 
-      def sast_artifact
-        @sast_artifact ||= artifacts_with_files.find(&:has_sast_json?)
-      end
-
-      def dependency_scanning_artifact
-        @dependency_scanning_artifact ||= artifacts_with_files.find(&:has_dependency_scanning_json?)
-      end
-
       def license_management_artifact
         @license_management_artifact ||= artifacts_with_files.find(&:has_license_management_json?)
       end
 
-      # sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
-      def sast_container_artifact
-        @sast_container_artifact ||= artifacts_with_files.find(&:has_sast_container_json?)
-      end
-
-      def container_scanning_artifact
-        @container_scanning_artifact ||= artifacts_with_files.find(&:has_container_scanning_json?)
-      end
-
-      def dast_artifact
-        @dast_artifact ||= artifacts_with_files.find(&:has_dast_json?)
-      end
-
-      def has_sast_data?
-        sast_artifact&.success?
-      end
-
-      def has_dependency_scanning_data?
-        dependency_scanning_artifact&.success?
-      end
-
       def has_license_management_data?
         license_management_artifact&.success?
       end
 
-      # has_sast_container_data? is deprecated and replaced with has_container_scanning_data? (#5778)
-      def has_sast_container_data?
-        sast_container_artifact&.success?
-      end
-
-      def has_container_scanning_data?
-        container_scanning_artifact&.success?
-      end
-
-      def has_dast_data?
-        dast_artifact&.success?
-      end
-
       def has_performance_data?
         performance_artifact&.success?
       end
 
-      def expose_sast_data?
-        project.feature_available?(:sast) &&
-          has_sast_data?
-      end
-
-      def expose_dependency_scanning_data?
-        project.feature_available?(:dependency_scanning) &&
-          has_dependency_scanning_data?
-      end
-
       def expose_license_management_data?
         project.feature_available?(:license_management) &&
           has_license_management_data?
       end
 
-      # expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778)
-      def expose_sast_container_data?
-        project.feature_available?(:sast_container) &&
-          has_sast_container_data?
-      end
-
-      def expose_container_scanning_data?
-        project.feature_available?(:sast_container) &&
-          has_container_scanning_data?
-      end
-
-      def expose_dast_data?
-        project.feature_available?(:dast) &&
-          has_dast_data?
-      end
-
       def expose_performance_data?
         project.feature_available?(:merge_request_performance_metrics) &&
           has_performance_data?
       end
 
-      def expose_security_dashboard?
-        expose_sast_data? ||
-          expose_dependency_scanning_data? ||
-          expose_dast_data? ||
-          expose_sast_container_data? ||
-          expose_container_scanning_data?
-      end
-
       private
 
+      def available_licensed_report_type?(file_type)
+        feature_name = LEGACY_REPORT_LICENSED_FEATURES.fetch(file_type)
+        feature_name.nil? || project.feature_available?(feature_name)
+      end
+
       def artifacts_with_files
         @artifacts_with_files ||= artifacts.includes(:job_artifacts_metadata, :job_artifacts_archive).to_a
       end

ee/app/models/ee/merge_request.rb

@@ -13,35 +13,12 @@ module EE
 
       delegate :performance_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
       delegate :performance_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :sast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
-      delegate :sast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :dependency_scanning_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
-      delegate :dependency_scanning_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
       delegate :license_management_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
       delegate :license_management_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      # sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
-      delegate :sast_container_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
-      delegate :sast_container_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :container_scanning_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
-      delegate :container_scanning_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :dast_artifact, to: :head_pipeline, prefix: :head, allow_nil: true
-      delegate :dast_artifact, to: :base_pipeline, prefix: :base, allow_nil: true
       delegate :sha, to: :head_pipeline, prefix: :head_pipeline, allow_nil: true
       delegate :sha, to: :base_pipeline, prefix: :base_pipeline, allow_nil: true
-      delegate :has_sast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :has_dependency_scanning_data?, to: :base_pipeline, prefix: :base, allow_nil: true
       delegate :has_license_management_data?, to: :base_pipeline, prefix: :base, allow_nil: true
-      # has_sast_container_data? is deprecated and replaced with has_container_scanning_data? (#5778)
-      delegate :has_sast_container_data?, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :has_container_scanning_data?, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :has_dast_data?, to: :base_pipeline, prefix: :base, allow_nil: true
-      delegate :expose_sast_data?, to: :head_pipeline, allow_nil: true
-      delegate :expose_dependency_scanning_data?, to: :head_pipeline, allow_nil: true
       delegate :expose_license_management_data?, to: :head_pipeline, allow_nil: true
-      # expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778)
-      delegate :expose_sast_container_data?, to: :head_pipeline, allow_nil: true
-      delegate :expose_container_scanning_data?, to: :head_pipeline, allow_nil: true
-      delegate :expose_dast_data?, to: :head_pipeline, allow_nil: true
       delegate :merge_requests_author_approval?, to: :target_project, allow_nil: true
 
       participant :participant_approvers

ee/app/presenters/ee/ci/pipeline_presenter.rb

@@ -6,10 +6,17 @@ module EE
         size_limit_exceeded: 'Pipeline size limit exceeded!'
       }.freeze
 
-      def downloadable_url_for_report_type(file_type)
-        if (job_artifact = artifact_for_file_type(file_type)) &&
+      def expose_security_dashboard?
+        any_report_artifact_for_type(:sast) ||
+          any_report_artifact_for_type(:dependency_scanning) ||
+          any_report_artifact_for_type(:dast) ||
+          any_report_artifact_for_type(:container_scanning)
+      end
+
+      def downloadable_path_for_report_type(file_type)
+        if (job_artifact = report_artifact_for_file_type(file_type)) &&
             can?(current_user, :read_build, job_artifact.job)
-          return download_project_build_artifacts_url(
+          return download_project_job_artifacts_path(
             job_artifact.project,
             job_artifact.job,
             file_type: file_type)
@@ -17,7 +24,7 @@ module EE
 
         if (build_artifact = legacy_report_artifact_for_file_type(file_type)) &&
             can?(current_user, :read_build, build_artifact.build)
-          return raw_project_build_artifacts_url(
+          return raw_project_job_artifacts_path(
             build_artifact.build.project,
             build_artifact.build,
             path: build_artifact.path)

ee/app/serializers/ee/merge_request_widget_entity.rb

@@ -16,13 +16,13 @@ module EE
         end
       end
 
-      expose :codeclimate, if: -> (mr, _) { head_pipeline_downloadable_url_for_report_type(:codequality) } do
+      expose :codeclimate, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:codequality) } do
         expose :head_path do |merge_request|
-          head_pipeline_downloadable_url_for_report_type(:codequality)
+          head_pipeline_downloadable_path_for_report_type(:codequality)
         end
 
         expose :base_path do |merge_request|
-          base_pipeline_downloadable_url_for_report_type(:codequality)
+          base_pipeline_downloadable_path_for_report_type(:codequality)
         end
       end
 
@@ -40,31 +40,23 @@ module EE
         end
       end
 
-      expose :sast, if: -> (mr, _) { mr.expose_sast_data? } do
-        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_sast_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.head_sast_artifact,
-                                          path: Ci::Build::SAST_FILE)
+      expose :sast, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:sast) } do
+        expose :head_path do |merge_request|
+          head_pipeline_downloadable_path_for_report_type(:sast)
         end
 
-        expose :base_path, if: -> (mr, _) { mr.base_has_sast_data? && can?(current_user, :read_build, mr.base_sast_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.target_project,
-                                          merge_request.base_sast_artifact,
-                                          path: Ci::Build::SAST_FILE)
+        expose :base_path do |merge_request|
+          base_pipeline_downloadable_path_for_report_type(:sast)
         end
       end
 
-      expose :dependency_scanning, if: -> (mr, _) { mr.expose_dependency_scanning_data? } do
-        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_dependency_scanning_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.head_dependency_scanning_artifact,
-                                          path: Ci::Build::DEPENDENCY_SCANNING_FILE)
+      expose :dependency_scanning, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:dependency_scanning) } do
+        expose :head_path do |merge_request|
+          head_pipeline_downloadable_path_for_report_type(:dependency_scanning)
         end
 
-        expose :base_path, if: -> (mr, _) { mr.base_has_dependency_scanning_data? && can?(current_user, :read_build, mr.base_dependency_scanning_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.target_project,
-                                          merge_request.base_dependency_scanning_artifact,
-                                          path: Ci::Build::DEPENDENCY_SCANNING_FILE)
+        expose :base_path do |merge_request|
+          base_pipeline_downloadable_path_for_report_type(:dependency_scanning)
         end
       end
 
@@ -98,47 +90,23 @@ module EE
         end
       end
 
-      # expose_sast_container_data? is deprecated and replaced with expose_container_scanning_data? (#5778)
-      expose :sast_container, if: -> (mr, _) { mr.expose_sast_container_data? } do
-        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_sast_container_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.head_sast_container_artifact,
-                                          path: Ci::Build::SAST_CONTAINER_FILE)
-        end
-
-        expose :base_path, if: -> (mr, _) { mr.base_has_sast_container_data? && can?(current_user, :read_build, mr.base_sast_container_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.target_project,
-                                          merge_request.base_sast_container_artifact,
-                                          path: Ci::Build::SAST_CONTAINER_FILE)
-        end
-      end
-
-      # We still expose it as `sast_container` to keep compatibility with Frontend (#5778)
-      expose :sast_container, if: -> (mr, _) { mr.expose_container_scanning_data? } do
-        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_container_scanning_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.head_container_scanning_artifact,
-                                          path: Ci::Build::CONTAINER_SCANNING_FILE)
+      expose :sast_container, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:container_scanning) } do
+        expose :head_path do |merge_request|
+          head_pipeline_downloadable_path_for_report_type(:container_scanning)
         end
 
-        expose :base_path, if: -> (mr, _) { mr.base_has_container_scanning_data? && can?(current_user, :read_build, mr.base_container_scanning_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.target_project,
-                                          merge_request.base_container_scanning_artifact,
-                                          path: Ci::Build::CONTAINER_SCANNING_FILE)
+        expose :base_path do |merge_request|
+          base_pipeline_downloadable_path_for_report_type(:container_scanning)
         end
       end
 
-      expose :dast, if: -> (mr, _) { mr.expose_dast_data? } do
-        expose :head_path, if: -> (mr, _) { can?(current_user, :read_build, mr.head_dast_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.source_project,
-                                          merge_request.head_dast_artifact,
-                                          path: Ci::Build::DAST_FILE)
+      expose :dast, if: -> (mr, _) { head_pipeline_downloadable_path_for_report_type(:dast) } do
+        expose :head_path do |merge_request|
+          head_pipeline_downloadable_path_for_report_type(:dast)
         end
 
-        expose :base_path, if: -> (mr, _) { mr.base_has_dast_data? && can?(current_user, :read_build, mr.base_dast_artifact) } do |merge_request|
-          raw_project_build_artifacts_url(merge_request.target_project,
-                                          merge_request.base_dast_artifact,
-                                          path: Ci::Build::DAST_FILE)
+        expose :base_path do |merge_request|
+          base_pipeline_downloadable_path_for_report_type(:dast)
         end
       end
 
@@ -170,12 +138,14 @@ module EE
 
     private
 
-    def head_pipeline_downloadable_url_for_report_type(file_type)
-      object.head_pipeline&.present(current_user: current_user)&.downloadable_url_for_report_type(file_type)
+    def head_pipeline_downloadable_path_for_report_type(file_type)
+      object.head_pipeline&.present(current_user: current_user)
+        &.downloadable_path_for_report_type(file_type)
     end
 
-    def base_pipeline_downloadable_url_for_report_type(file_type)
-      object.base_pipeline&.present(current_user: current_user)&.downloadable_url_for_report_type(file_type)
+    def base_pipeline_downloadable_path_for_report_type(file_type)
+      object.base_pipeline&.present(current_user: current_user)
+        &.downloadable_path_for_report_type(file_type)
     end
   end
 end

ee/app/views/projects/pipelines/_tabs_content.html.haml

 - pipeline = local_assigns.fetch(:pipeline)
 - project = local_assigns.fetch(:project)
 
-- sast_endpoint = pipeline.expose_sast_data? ? sast_artifact_url(pipeline) : nil
-- dependency_scanning_endpoint = pipeline.expose_dependency_scanning_data? ? dependency_scanning_artifact_url(pipeline) : nil
-- dast_endpoint = pipeline.expose_dast_data? ? dast_artifact_url(pipeline) : nil
-- sast_container_endpoint = pipeline.expose_sast_container_data? ? sast_container_artifact_url(pipeline) : pipeline.expose_container_scanning_data? ? container_scanning_artifact_url(pipeline) : nil
+- sast_endpoint = pipeline.downloadable_path_for_report_type(:sast)
+- dependency_scanning_endpoint = pipeline.downloadable_path_for_report_type(:dependency_scanning)
+- dast_endpoint = pipeline.downloadable_path_for_report_type(:dast)
+- sast_container_endpoint = pipeline.downloadable_path_for_report_type(:container_scanning)
 - blob_path = project_blob_path(project, pipeline.sha)
 - license_management_settings_path = can?(current_user, :admin_software_license_policy, project) ? license_management_settings_path(project) : nil
 

ee/changelogs/unreleased/refactor-test-reports.yml

+---
+title: Refactor test reports to use new artifact architecture.
+merge_request: 7827
+author:
+type: changed

ee/spec/controllers/projects/pipelines_controller_spec.rb

@@ -23,7 +23,7 @@ describe Projects::PipelinesController do
           pipeline: pipeline,
           options: {
             artifacts: {
-              paths: [Ci::Build::SAST_FILE]
+              paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
             }
           }
         )

ee/spec/controllers/projects/security/dashboard_controller_spec.rb

@@ -23,7 +23,7 @@ describe Projects::Security::DashboardController do
         pipeline: pipeline_1,
         options: {
           artifacts: {
-            paths: [Ci::Build::SAST_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
           }
         }
       )

ee/spec/features/projects/pipelines/pipeline_spec.rb

@@ -26,7 +26,7 @@ describe 'Pipeline', :js do
           pipeline: pipeline,
           options: {
             artifacts: {
-              paths: [Ci::Build::SAST_FILE]
+              paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
             }
           }
         )

ee/spec/models/ci/build_spec.rb

@@ -120,30 +120,9 @@ describe Ci::Build do
       filename: Ci::Build::PERFORMANCE_FILE,
       job_names: %w[performance deploy]
     },
-    has_sast_json?: {
-      filename: Ci::Build::SAST_FILE,
-      job_names: %w[sast]
-    },
-    has_dependency_scanning_json?: {
-      filename: Ci::Build::DEPENDENCY_SCANNING_FILE,
-      job_names: %w[dependency_scanning]
-    },
     has_license_management_json?: {
       filename: Ci::Build::LICENSE_MANAGEMENT_FILE,
       job_names: %w[license_management]
-    },
-    # has_sast_container_json? is deprecated and replaced with has_container_scanning_json (#5778)
-    has_sast_container_json?: {
-      filename: Ci::Build::SAST_CONTAINER_FILE,
-      job_names: %w[sast:container container_scanning]
-    },
-    has_container_scanning_json?: {
-      filename: Ci::Build::CONTAINER_SCANNING_FILE,
-      job_names: %w[sast:container container_scanning]
-    },
-    has_dast_json?: {
-      filename: Ci::Build::DAST_FILE,
-      job_names: %w[dast]
     }
   }
 

ee/spec/models/ci/pipeline_spec.rb

@@ -20,15 +20,7 @@ describe Ci::Pipeline do
 
   PIPELINE_ARTIFACTS_METHODS = [
     { method: :performance_artifact, options: [Ci::Build::PERFORMANCE_FILE, 'performance'] },
-    { method: :sast_artifact, options: [Ci::Build::SAST_FILE, 'sast'] },
-    { method: :dependency_scanning_artifact, options: [Ci::Build::DEPENDENCY_SCANNING_FILE, 'dependency_scanning'] },
-    { method: :license_management_artifact, options: [Ci::Build::LICENSE_MANAGEMENT_FILE, 'license_management'] },
-    # sast_container_artifact is deprecated and replaced with container_scanning_artifact (#5778)
-    { method: :sast_container_artifact, options: [Ci::Build::SAST_CONTAINER_FILE, 'sast:container'] },
-    { method: :sast_container_artifact, options: [Ci::Build::SAST_CONTAINER_FILE, 'container_scanning'] },
-    { method: :container_scanning_artifact, options: [Ci::Build::CONTAINER_SCANNING_FILE, 'sast:container'] },
-    { method: :container_scanning_artifact, options: [Ci::Build::CONTAINER_SCANNING_FILE, 'container_scanning'] },
-    { method: :dast_artifact, options: [Ci::Build::DAST_FILE, 'dast'] }
+    { method: :license_management_artifact, options: [Ci::Build::LICENSE_MANAGEMENT_FILE, 'license_management'] }
   ].freeze
 
   PIPELINE_ARTIFACTS_METHODS.each do |method_test|
@@ -64,7 +56,7 @@ describe Ci::Pipeline do
     end
   end
 
-  %w(sast dependency_scanning dast performance sast_container container_scanning).each do |type|
+  %w(performance license_management).each do |type|
     method = "has_#{type}_data?"
 
     describe "##{method}" do
@@ -78,7 +70,7 @@ describe Ci::Pipeline do
     end
   end
 
-  %w(sast dependency_scanning dast performance sast_container container_scanning).each do |type|
+  %w(performance license_management).each do |type|
     method = "expose_#{type}_data?"
 
     describe "##{method}" do
@@ -107,7 +99,7 @@ describe Ci::Pipeline do
         pipeline: pipeline_1,
         options: {
           artifacts: {
-            paths: [Ci::Build::SAST_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
           }
         }
       )
@@ -119,7 +111,7 @@ describe Ci::Pipeline do
         pipeline: pipeline_2,
         options: {
           artifacts: {
-            paths: [Ci::Build::DEPENDENCY_SCANNING_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:dependency_scanning]]
           }
         }
       )
@@ -131,7 +123,7 @@ describe Ci::Pipeline do
         pipeline: pipeline_3,
         options: {
           artifacts: {
-            paths: [Ci::Build::CONTAINER_SCANNING_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:container_scanning]]
           }
         }
       )
@@ -143,7 +135,7 @@ describe Ci::Pipeline do
         pipeline: pipeline_4,
         options: {
           artifacts: {
-            paths: [Ci::Build::DAST_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:dast]]
           }
         }
       )
@@ -152,12 +144,7 @@ describe Ci::Pipeline do
         :success,
         :artifacts,
         name: 'foobar',
-        pipeline: pipeline_5,
-        options: {
-          artifacts: {
-            paths: ['foobar-report.json']
-          }
-        }
+        pipeline: pipeline_5
       )
     end
 
@@ -166,12 +153,12 @@ describe Ci::Pipeline do
     end
   end
 
-  describe '#artifact_for_file_type' do
+  describe '#report_artifact_for_file_type' do
     let(:file_type) { :codequality }
     let!(:build) { create(:ci_build, pipeline: pipeline) }
     let!(:artifact) { create(:ci_job_artifact, :codequality, job: build) }
 
-    subject { pipeline.artifact_for_file_type(file_type) }
+    subject { pipeline.report_artifact_for_file_type(file_type) }
 
     it 'returns the artifact' do
       expect(subject).to eq(artifact)
@@ -221,12 +208,12 @@ describe Ci::Pipeline do
     end
 
     it 'does not perform extra queries when calling pipeline artifacts methods after the first' do
-      create_build('sast', Ci::Build::SAST_FILE)
-      create_build('dependency_scanning', 'gl-dependency-scanning-report.json')
+      create_build('performance', 'performance.json')
+      create_build('license_management', 'gl-license-management-report.json')
 
-      pipeline.sast_artifact
+      pipeline.performance_artifact
 
-      expect { pipeline.dependency_scanning_artifact }.not_to exceed_query_limit(0)
+      expect { pipeline.license_management_artifact }.not_to exceed_query_limit(0)
     end
   end
 end

ee/spec/models/merge_request_spec.rb

@@ -63,11 +63,26 @@ describe MergeRequest do
     end
   end
 
-  %w(sast dast sast_container container_scanning).each do |type|
-    it { is_expected.to delegate_method(:"expose_#{type}_data?").to(:head_pipeline) }
-    it { is_expected.to delegate_method(:"has_#{type}_data?").to(:base_pipeline).with_prefix(:base) }
-    it { is_expected.to delegate_method(:"#{type}_artifact").to(:head_pipeline).with_prefix(:head) }
-    it { is_expected.to delegate_method(:"#{type}_artifact").to(:base_pipeline).with_prefix(:base) }
+  describe '#base_license_management_artifact' do
+    before do
+      allow(subject.base_pipeline).to receive(:license_management_artifact)
+        .and_return(1)
+    end
+
+    it 'delegates to merge request diff' do
+      expect(subject.base_license_management_artifact).to eq(1)
+    end
+  end
+
+  describe '#head_license_management_artifact' do
+    before do
+      allow(subject.head_pipeline).to receive(:license_management_artifact)
+        .and_return(1)
+    end
+
+    it 'delegates to merge request diff' do
+      expect(subject.head_license_management_artifact).to eq(1)
+    end
   end
 
   describe '#expose_performance_data?' do
@@ -86,4 +101,15 @@ describe MergeRequest do
       it { expect(subject.expose_performance_data?).to be_falsey }
     end
   end
+
+  describe '#expose_license_management_data?' do
+    before do
+      allow(subject.head_pipeline).to receive(:expose_license_management_data?)
+        .and_return(1)
+    end
+
+    it 'delegates to merge request diff' do
+      expect(subject.expose_license_management_data?).to eq(1)
+    end
+  end
 end

ee/spec/models/project_spec.rb

@@ -1541,7 +1541,7 @@ describe Project do
         pipeline: pipeline_1,
         options: {
           artifacts: {
-            paths: [Ci::Build::SAST_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
           }
         }
       )
@@ -1553,7 +1553,7 @@ describe Project do
         pipeline: pipeline_2,
         options: {
           artifacts: {
-            paths: [Ci::Build::SAST_FILE]
+            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
           }
         }
       )

ee/spec/serializers/merge_request_widget_entity_spec.rb

@@ -26,42 +26,59 @@ describe MergeRequestWidgetEntity do
     expect(subject.as_json[:blob_path]).to include(:head_path)
   end
 
-  describe 'codeclimate' do
-    before do
-      allow(merge_request).to receive_messages(
-        base_pipeline: pipeline,
-        head_pipeline: pipeline
-      )
+  it 'sets approvals_before_merge to 0 if nil' do
+    expect(subject.as_json[:approvals_before_merge]).to eq(0)
+  end
+
+  describe 'test report artifacts' do
+    using RSpec::Parameterized::TableSyntax
+
+    where(:json_entry, :artifact_type) do
+      :codeclimate         | :codequality
+      :sast                | :sast
+      :dependency_scanning | :dependency_scanning
+      :sast_container      | :container_scanning
+      :dast                | :dast
     end
 
-    context 'with codeclimate data' do
+    with_them do
       before do
-        job = create(:ci_build, pipeline: pipeline)
-        create(:ci_job_artifact, :codequality, job: job)
-      end
-
-      it 'has codeclimate data entry' do
-        expect(subject.as_json).to include(:codeclimate)
+        allow(merge_request).to receive_messages(
+          base_pipeline: pipeline,
+          head_pipeline: pipeline
+        )
       end
-    end
 
-    context 'without codeclimate data' do
-      it 'does not have codeclimate data entry' do
-        expect(subject.as_json).not_to include(:codeclimate)
+      context 'when feature is available' do
+        before do
+          allow(pipeline).to receive(:available_licensed_report_type?).and_return(true)
+        end
+
+        context "with data" do
+          before do
+            job = create(:ci_build, pipeline: pipeline)
+            create(:ci_job_artifact, file_type: artifact_type, file_format: Ci::JobArtifact::TYPE_AND_FORMAT_PAIRS[artifact_type], job: job)
+          end
+
+          it "has data entry" do
+            expect(subject.as_json).to include(json_entry)
+          end
+        end
+
+        context "without data" do
+          it "does not have data entry" do
+            expect(subject.as_json).not_to include(json_entry)
+          end
+        end
       end
     end
   end
 
-  it 'sets approvals_before_merge to 0 if nil' do
-    expect(subject.as_json[:approvals_before_merge]).to eq(0)
-  end
-
   it 'has performance data' do
     build = create(:ci_build, name: 'job')
 
     allow(merge_request).to receive_messages(
       expose_performance_data?: true,
-      expose_security_dashboard?: false,
       base_performance_artifact: build,
       head_performance_artifact: build
     )
@@ -69,45 +86,12 @@ describe MergeRequestWidgetEntity do
     expect(subject.as_json).to include(:performance)
   end
 
-  it 'has sast data' do
-    build = create(:ci_build, name: 'sast', pipeline: pipeline)
-
-    allow(merge_request).to receive_messages(
-      expose_sast_data?: true,
-      expose_security_dashboard?: true,
-      base_has_sast_data?: true,
-      base_sast_artifact: build,
-      head_sast_artifact: build
-    )
-
-    expect(subject.as_json).to include(:sast)
-    expect(subject.as_json[:sast]).to include(:head_path)
-    expect(subject.as_json[:sast]).to include(:base_path)
-  end
-
-  it 'has dependency_scanning data' do
-    build = create(:ci_build, name: 'dependency_scanning', pipeline: pipeline)
-
-    allow(merge_request).to receive_messages(
-      expose_dependency_scanning_data?: true,
-      expose_security_dashboard?: true,
-      base_has_dependency_scanning_data?: true,
-      base_dependency_scanning_artifact: build,
-      head_dependency_scanning_artifact: build
-    )
-
-    expect(subject.as_json).to include(:dependency_scanning)
-    expect(subject.as_json[:dependency_scanning]).to include(:head_path)
-    expect(subject.as_json[:dependency_scanning]).to include(:base_path)
-  end
-
   describe '#license_management' do
     before do
       build = create(:ci_build, name: 'license_management', pipeline: pipeline)
 
       allow(merge_request).to receive_messages(
         expose_license_management_data?: true,
-        expose_security_dashboard?: false,
         base_has_license_management_data?: true,
         base_license_management_artifact: build,
         head_license_management_artifact: build,
@@ -143,55 +127,6 @@ describe MergeRequestWidgetEntity do
     end
   end
 
-  # methods for old artifact are deprecated and replaced with ones for the new name (#5779)
-  it 'has sast_container data (with old artifact name gl-sast-container-report.json)' do
-    build = create(:ci_build, name: 'container_scanning', pipeline: pipeline)
-
-    allow(merge_request).to receive_messages(
-      expose_sast_container_data?: true,
-      expose_security_dashboard?: true,
-      base_has_sast_container_data?: true,
-      base_sast_container_artifact: build,
-      head_sast_container_artifact: build
-    )
-
-    expect(subject.as_json).to include(:sast_container)
-    expect(subject.as_json[:sast_container]).to include(:head_path)
-    expect(subject.as_json[:sast_container]).to include(:base_path)
-  end
-
-  it 'has sast_container data (with new artifact name gl-container-scanning-report.json)' do
-    build = create(:ci_build, name: 'container_scanning', pipeline: pipeline)
-
-    allow(merge_request).to receive_messages(
-      expose_container_scanning_data?: true,
-      expose_security_dashboard?: true,
-      base_has_container_scanning_data?: true,
-      base_container_scanning_artifact: build,
-      head_container_scanning_artifact: build
-    )
-
-    expect(subject.as_json).to include(:sast_container)
-    expect(subject.as_json[:sast_container]).to include(:head_path)
-    expect(subject.as_json[:sast_container]).to include(:base_path)
-  end
-
-  it 'has dast data' do
-    build = create(:ci_build, name: 'dast', pipeline: pipeline)
-
-    allow(merge_request).to receive_messages(
-      expose_dast_data?: true,
-      expose_security_dashboard?: true,
-      base_has_dast_data?: true,
-      base_dast_artifact: build,
-      head_dast_artifact: build
-    )
-
-    expect(subject.as_json).to include(:dast)
-    expect(subject.as_json[:dast]).to include(:head_path)
-    expect(subject.as_json[:dast]).to include(:base_path)
-  end
-
   it 'has vulnerability feedbacks path' do
     expect(subject.as_json).to include(:vulnerability_feedback_path)
   end