Merge branch 'fix-sast-config-for-no-sast-pipelines' into 'master'

Fix SAST parser for no-sast pipelines See merge request gitlab-org/gitlab!63412

Merge branch 'fix-sast-config-for-no-sast-pipelines' into 'master'
Fix SAST parser for no-sast pipelines See merge request gitlab-org/gitlab!63412
bdf4b34b · Fabio Pitino · a8606a2a · 07c68983 · bdf4b34b · bdf4b34b
Commit bdf4b34b authored Jun 07, 2021 by Fabio Pitino
3 changed files
--- a/lib/gitlab/ci/yaml_processor/result.rb
+++ b/lib/gitlab/ci/yaml_processor/result.rb
@@ -112,7 +112,9 @@ module Gitlab
        end

        def yaml_variables_for(job_name)
-          job = jobs.fetch(job_name)
+          job = jobs[job_name]
+
+          return [] unless job

          Gitlab::Ci::Variables::Helpers.inherit_yaml_variables(
            from: root_variables,
@@ -122,9 +124,7 @@ module Gitlab
        end

        def stage_for(job_name)
-          job = jobs.fetch(job_name)
-
-          job[:stage]
+          jobs.dig(job_name, :stage)
        end

        private

--- a/spec/lib/gitlab/ci/yaml_processor/result_spec.rb
+++ b/spec/lib/gitlab/ci/yaml_processor/result_spec.rb
@@ -54,14 +54,22 @@ module Gitlab
            YAML
          end

-          subject(:yaml_variables_for) { result.yaml_variables_for(:job) }
+          let(:job_name) { :job }

-          it do
+          subject(:yaml_variables_for) { result.yaml_variables_for(job_name) }
+
+          it 'returns calculated variables with root and job variables' do
            is_expected.to match_array([
              { key: 'VAR1', value: 'value 11', public: true },
              { key: 'VAR2', value: 'value 2', public: true }
            ])
          end
+
+          context 'when an absent job is sent' do
+            let(:job_name) { :invalid_job }
+
+            it { is_expected.to eq([]) }
+          end
        end

        describe '#stage_for' do
@@ -72,10 +80,16 @@ module Gitlab
            YAML
          end

-          subject(:stage_for) { result.stage_for(:job) }
+          let(:job_name) { :job }
+
+          subject(:stage_for) { result.stage_for(job_name) }
+
+          it { is_expected.to eq('test') }
+
+          context 'when an absent job is sent' do
+            let(:job_name) { :invalid_job }

-          it do
-            is_expected.to eq('test')
+            it { is_expected.to be_nil }
          end
        end
      end

--- a/spec/services/security/ci_configuration/sast_parser_service_spec.rb
+++ b/spec/services/security/ci_configuration/sast_parser_service_spec.rb
@@ -67,6 +67,23 @@ RSpec.describe Security::CiConfiguration::SastParserService do
          expect(sast_brakeman_level['value']).to eql('1')
        end
      end
+
+      context 'when .gitlab-ci.yml does not include the sast job' do
+        before do
+          allow(project.repository).to receive(:blob_data_at).and_return(
+            File.read(Rails.root.join('spec/support/gitlab_stubs/gitlab_ci.yml'))
+          )
+        end
+
+        it 'populates the current values with the default values' do
+          expect(secure_analyzers_prefix['value']).to eql('registry.gitlab.com/gitlab-org/security-products/analyzers')
+          expect(sast_excluded_paths['value']).to eql('spec, test, tests, tmp')
+          expect(sast_pipeline_stage['value']).to eql('test')
+          expect(sast_search_max_depth['value']).to eql('4')
+          expect(brakeman['enabled']).to be(true)
+          expect(sast_brakeman_level['value']).to eql('1')
+        end
+      end
    end
  end
 end