Set `latest_pipeline_id` and mark project as vulnerable first

Current `StoreReportService` can raise exception to prevent us from updating the `latest_pipeline_id` and marking the project as vulnerable therefore we need to update these even before running the store report service logic. Changelog: fixed EE: true

Set `latest_pipeline_id` and mark project as vulnerable first
Current `StoreReportService` can raise exception to prevent us from updating the `latest_pipeline_id` and marking the project as vulnerable therefore we need to update these even before running the store report service logic. Changelog: fixed EE: true
99055f4f · Mehmet Emin INAC · 2c58b606 · 99055f4f · 99055f4f
Commit 99055f4f authored Jul 29, 2021 by Mehmet Emin INAC
2 changed files
--- a/ee/app/services/security/store_reports_service.rb
+++ b/ee/app/services/security/store_reports_service.rb
@@ -10,9 +10,9 @@ module Security
    end
    def execute
-      store_reports
-      mark_project_as_vulnerable!
      set_latest_pipeline!
+      mark_project_as_vulnerable!
+      store_reports
      errors.any? ? error(full_errors) : success
    end

--- a/ee/spec/services/security/store_reports_service_spec.rb
+++ b/ee/spec/services/security/store_reports_service_spec.rb
@@ -41,6 +41,26 @@ RSpec.describe Security::StoreReportsService do
        expect { execute_service_object }.to change { project.reload.vulnerability_statistic&.latest_pipeline_id }.from(nil).to(pipeline.id)
      end
+      context 'when the StoreReportService raises an error' do
+        let(:error) { RuntimeError.new('foo') }
+        before do
+          allow_next_instance_of(Security::StoreReportService) do |service_object|
+            allow(service_object).to receive(:execute).and_raise(error)
+          end
+        end
+        it 'marks the project as vulnerable' do
+          expect { execute_service_object }.to raise_error(error)
+                                           .and change { project.reload.project_setting.has_vulnerabilities }.from(false).to(true)
+        end
+        it 'updates the `latest_pipeline_id` attribute of the associated `vulnerability_statistic` record' do
+          expect { execute_service_object }.to raise_error(error)
+                                           .and change { project.reload.vulnerability_statistic&.latest_pipeline_id }.from(nil).to(pipeline.id)
+        end
+      end
      context 'when StoreReportService returns an error for a report' do
        let(:reports) { Gitlab::Ci::Reports::Security::Reports.new(pipeline) }
        let(:sast_report) { reports.get_report('sast', sast_artifact) }