Commit c324301e authored by Zamir Martins's avatar Zamir Martins Committed by Markus Koller

Expose security scanners in MR approval rules API

Return scanners when querying rules, and allow setting scanners
when creating or updating rules.

Changelog: added
EE: true
parent 070d28f0
......@@ -12,6 +12,7 @@ module API
optional :users, as: :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
end
params :update_project_approval_rule do
......@@ -22,6 +23,7 @@ module API
optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
end
params :delete_project_approval_rule do
......
......@@ -9,6 +9,7 @@ module EE
# To be removed in https://gitlab.com/gitlab-org/gitlab/issues/13574.
class ProjectApprovalSettingRule < ProjectApprovalRule
expose :approvers, using: ::API::Entities::UserBasic, override: true
expose :scanners, override: true
end
end
end
......
......@@ -33,6 +33,12 @@
"type": "object",
"properties": {}
}
},
"scanners":{
"type": "array",
"items": {
"type": "string"
}
}
},
"additionalProperties": false
......
......@@ -72,6 +72,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do
end
end
end
context 'with valid scanners' do
let(:scanners) { ['sast'] }
it 'returns 201 status' do
expect do
post api(url, current_user), params: params.merge({ scanners: scanners })
end.to change { project.approval_rules.count}.from(0).to(1)
expect(response).to have_gitlab_http_status(:created)
expect(project.approval_rules.first.scanners).to eql(scanners)
end
end
end
end
......@@ -98,6 +110,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
end
end
context 'with valid scanners' do
let(:scanners) { ['sast'] }
it 'returns 200 status' do
expect do
put api(url, current_user), params: { scanners: scanners }
end.to change { approval_rule.reload.scanners.count }.from(::Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.count).to(scanners.count)
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'when approver already exists' do
before do
approval_rule.users << approver
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment