Merge branch '4922-add-vulnerability-path' into 'master'

Add missing paths to EE environment serializer See merge request gitlab-org/gitlab-ee!7228

Merge branch '4922-add-vulnerability-path' into 'master'
Add missing paths to EE environment serializer See merge request gitlab-org/gitlab-ee!7228
7b9dcc9a · Dmitriy Zaporozhets · 766514a8 · 6af21fa9 · 7b9dcc9a · 7b9dcc9a
Commit 7b9dcc9a authored Sep 05, 2018 by Dmitriy Zaporozhets
3 changed files
--- a/ee/app/serializers/ee/environment_entity.rb
+++ b/ee/app/serializers/ee/environment_entity.rb
@@ -8,7 +8,11 @@ module EE
        logs_project_environment_path(environment.project, environment)
      end

-      expose :secure_artifacts do
+      expose :security_reports do
+        expose :has_security_reports do |environment|
+          has_security_reports?
+        end
+
        expose :sast_path, if: -> (*) { environment.last_pipeline&.expose_sast_data? } do |environment|
          raw_project_build_artifacts_url(environment.project,
                                          environment.last_pipeline.sast_artifact,
@@ -32,6 +36,14 @@ module EE
                                          environment.last_pipeline.container_scanning_artifact,
                                          path: Ci::Build::CONTAINER_SCANNING_FILE)
        end
+
+        expose :vulnerability_feedback_path, if: -> (*) { has_security_reports? } do |environment|
+          project_vulnerability_feedback_index_path(environment.project)
+        end
+
+        expose :pipeline_security_path, if: -> (*) { has_security_reports? } do |environment|
+          security_project_pipeline_path(environment.project, environment.last_pipeline)
+        end
      end
    end

@@ -40,5 +52,9 @@ module EE
    def can_read_pod_logs?
      can?(current_user, :read_pod_logs, environment.project)
    end
+
+    def has_security_reports?
+      environment.last_pipeline&.expose_security_dashboard? || false
+    end
  end
 end
--- a/ee/spec/fixtures/api/schemas/environment.json
+++ b/ee/spec/fixtures/api/schemas/environment.json
@@ -9,7 +9,7 @@
        "environment_path",
        "created_at",
        "updated_at",
-        "secure_artifacts"
+        "security_reports"
    ],
    "properties": {
        "id": {
@@ -70,20 +70,29 @@
        "can_stop": {
            "type": "boolean"
        },
-        "secure_artifacts": {
+        "security_reports": {
            "type": "object",
            "additionalProperties": false,
            "properties": {
-                "sast": {
-                    "type": "integer"
+                "has_security_reports": {
+                    "type": "boolean"
                },
-                "dast": {
+                "sast_path": {
                    "type": "string"
                },
-                "container_scanning": {
+                "dast_path": {
                    "type": "string"
                },
-                "dependency_scanning": {
+                "container_scanning_path": {
+                    "type": "string"
+                },
+                "dependency_scanning_path": {
+                    "type": "string"
+                },
+                "vulnerability_feedback_path": {
+                    "type": "string"
+                },
+                "pipeline_security_path": {
                    "type": "string"
                }
            }

--- a/ee/spec/serializers/ee/environment_entity_spec.rb
+++ b/ee/spec/serializers/ee/environment_entity_spec.rb
@@ -33,13 +33,15 @@ describe EnvironmentEntity do
    it_behaves_like 'protected environments access', false
  end

-  describe 'secure_artifacts hash' do
+  describe 'security_reports hash' do
    it 'is present' do
-      expect(entity.as_json.include?(:secure_artifacts)).to eq(true)
+      expect(entity.as_json.include?(:security_reports)).to eq(true)
    end

-    it 'is empty' do
-      expect(entity.as_json[:secure_artifacts].size).to eq(0)
+    it 'value :has_security_reports is false' do
+      expect(entity.as_json[:security_reports].size).to eq(1)
+      expect(entity.as_json[:security_reports]).to include(:has_security_reports)
+      expect(entity.as_json[:security_reports][:has_security_reports]).to eq(false)
    end
  end

@@ -48,10 +50,10 @@ describe EnvironmentEntity do
    let(:deployable) { create(:ci_build, :success, pipeline: pipeline) }

    jobs_parameters = [
-        { name: 'sast', filename: 'gl-sast-report.json' },
-        { name: 'dast', filename: 'gl-dast-report.json' },
-        { name: 'container_scanning', filename: 'gl-container-scanning-report.json' },
-        { name: 'dependency_scanning', filename: 'gl-dependency-scanning-report.json' }
+      { name: 'sast', filename: Ci::Build::SAST_FILE },
+      { name: 'dast', filename: Ci::Build::DAST_FILE },
+      { name: 'container_scanning', filename: Ci::Build::CONTAINER_SCANNING_FILE },
+      { name: 'dependency_scanning', filename: Ci::Build::DEPENDENCY_SCANNING_FILE }
    ]

    before do
@@ -73,23 +75,34 @@ describe EnvironmentEntity do
              }
            }))
      end
+
+      allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
    end

-    describe 'secure_artifacts hash' do
+    describe 'security_reports hash' do
      it 'contains the reports' do
-        allow_any_instance_of(LegacyArtifactUploader).to receive(:exists?).and_return(true)
+        expect(entity.as_json[:security_reports]).to include(:sast_path)
+        expect(entity.as_json[:security_reports]).to include(:dast_path)
+        expect(entity.as_json[:security_reports]).to include(:container_scanning_path)
+        expect(entity.as_json[:security_reports]).to include(:dependency_scanning_path)
+
+        expect(entity.as_json[:security_reports][:sast_path]).to end_with(Ci::Build::SAST_FILE)
+        expect(entity.as_json[:security_reports][:dast_path]).to end_with(Ci::Build::DAST_FILE)
+        expect(entity.as_json[:security_reports][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
+        expect(entity.as_json[:security_reports][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
+      end

-        expect(entity.as_json[:secure_artifacts].size).to eq(4)
+      it 'value :has_security_reports is true' do
+        expect(entity.as_json[:security_reports]).to include(:has_security_reports)
+        expect(entity.as_json[:security_reports][:has_security_reports]).to eq(true)
+      end

-        expect(entity.as_json[:secure_artifacts]).to include(:sast_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:dast_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:container_scanning_path)
-        expect(entity.as_json[:secure_artifacts]).to include(:dependency_scanning_path)
+      it 'contains link to latest pipeline' do
+        expect(entity.as_json[:security_reports]).to include(:pipeline_security_path)
+      end

-        expect(entity.as_json[:secure_artifacts][:sast_path]).to end_with(Ci::Build::SAST_FILE)
-        expect(entity.as_json[:secure_artifacts][:dast_path]).to end_with(Ci::Build::DAST_FILE)
-        expect(entity.as_json[:secure_artifacts][:container_scanning_path]).to end_with(Ci::Build::CONTAINER_SCANNING_FILE)
-        expect(entity.as_json[:secure_artifacts][:dependency_scanning_path]).to end_with(Ci::Build::DEPENDENCY_SCANNING_FILE)
+      it 'contains link to vulnerability feedback' do
+        expect(entity.as_json[:security_reports]).to include(:vulnerability_feedback_path)
      end
    end
  end