Cache API fuzzing scan profiles

In order to avoid the performance load of making a web request every time the `project.apiFuzzingCiConfiguration.scanProfiles` field is fetched, we cache the profiles in Redis.

Cache API fuzzing scan profiles
In order to avoid the performance load of making a web request every time the `project.apiFuzzingCiConfiguration.scanProfiles` field is fetched, we cache the profiles in Redis.
95bdac18 · Avielle Wolfe · 8cfe7d61 · 95bdac18 · 95bdac18
Commit 95bdac18 authored Mar 12, 2021 by Avielle Wolfe
2 changed files
--- a/ee/app/models/app_sec/fuzzing/api/ci_configuration.rb
+++ b/ee/app/models/app_sec/fuzzing/api/ci_configuration.rb
@@ -7,13 +7,14 @@ module AppSec
        PROFILES_DEFINITION_FILE = 'https://gitlab.com/gitlab-org/security-products/analyzers' \
          '/api-fuzzing/-/raw/master/gitlab-api-fuzzing-config.yml'
        SCAN_MODES = [:har, :openapi, :postman].freeze
+        SCAN_PROFILES_CACHE_KEY = 'app_sec:fuzzing:api:scan_profiles'

        def initialize(project:)
          @project = project
        end

        def scan_profiles
-          fetch_scan_profiles.map do |profile|
+          scan_profiles_data.map do |profile|
            next unless ScanProfile::NAMES.include?(profile[:Name])

            ScanProfile.new(
@@ -28,6 +29,12 @@ module AppSec

        attr_reader :project

+        def scan_profiles_data
+          Rails.cache.fetch(SCAN_PROFILES_CACHE_KEY, expires_in: 1.hour) do
+            fetch_scan_profiles
+          end
+        end
+
        def fetch_scan_profiles
          response = Gitlab::HTTP.try_get(PROFILES_DEFINITION_FILE)


--- a/ee/spec/models/app_sec/fuzzing/api/ci_configuration_spec.rb
+++ b/ee/spec/models/app_sec/fuzzing/api/ci_configuration_spec.rb
@@ -18,6 +18,17 @@ RSpec.describe AppSec::Fuzzing::Api::CiConfiguration do
        expect(profiles.first.name).to eq('Quick-10')
      end

+      it 'caches the response' do
+        profiles_yaml = [{ Name: 'Quick-10' }]
+        allow(Rails.cache).to receive(:fetch).and_return(profiles_yaml)
+
+        profiles = described_class.new(project: double(Project)).scan_profiles
+
+        expect(profiles.first.name).to eq('Quick-10')
+        expect(Rails.cache).to have_received(:fetch)
+          .with(described_class::SCAN_PROFILES_CACHE_KEY, expires_in: 1.hour)
+      end
+
      context 'when the response includes unknown scan profiles' do
        it 'excludes them from the returned profiles' do
          profiles_yaml = YAML.dump(Profiles: [{ Name: 'UNKNOWN!' }])