Resolve "Empty Dependency list even if dependency_scanning job is set up"

e12970a0 · Tetiana Chupryna · Sean McGivern · 0de1ed4e · e12970a0 · e12970a0
Commit e12970a0 authored Nov 06, 2019 by Tetiana Chupryna Committed by Sean McGivern Nov 06, 2019
6 changed files
--- a/ee/app/models/ee/project.rb
+++ b/ee/app/models/ee/project.rb
@@ -196,6 +196,10 @@ module EE
        all_pipelines.newest_first(ref: default_branch).with_legacy_security_reports.first
    end

+    def latest_pipeline_with_reports(reports)
+      all_pipelines.newest_first(ref: default_branch).with_reports(reports).take
+    end
+
    def environments_for_scope(scope)
      quoted_scope = ::Gitlab::SQL::Glob.q(scope)


--- a/ee/app/services/security/report_fetch_service.rb
+++ b/ee/app/services/security/report_fetch_service.rb
@@ -2,17 +2,17 @@

 module Security
  class ReportFetchService
+    include Gitlab::Utils::StrongMemoize
+
    def initialize(project, artifact)
      @project = project
      @artifact = artifact
    end

-    def self.pipeline_for(project)
-      project.all_pipelines.latest_successful_for_ref(project.default_branch)
-    end
-
    def pipeline
-      @pipeline ||= self.class.pipeline_for(project)
+      strong_memoize(:pipeline) do
+        project.latest_pipeline_with_reports(artifact)
+      end
    end

    def build

--- a/ee/changelogs/unreleased/33698-dependency-list-unstable.yml
+++ b/ee/changelogs/unreleased/33698-dependency-list-unstable.yml
+---
+title: Fix Dependency List is empty if last pipeline is retried
+merge_request: 19241
+author:
+type: fixed
--- a/ee/lib/api/dependencies.rb
+++ b/ee/lib/api/dependencies.rb
@@ -4,7 +4,7 @@ module API
  class Dependencies < Grape::API
    helpers do
      def dependencies_by(params)
-        pipeline = ::Security::ReportFetchService.pipeline_for(user_project)
+        pipeline = ::Security::ReportFetchService.new(user_project, ::Ci::JobArtifact.dependency_list_reports).pipeline

        return [] unless pipeline


--- a/ee/spec/models/project_spec.rb
+++ b/ee/spec/models/project_spec.rb
@@ -1417,6 +1417,31 @@ describe Project do
    end
  end

+  describe '#latest_pipeline_with_reports' do
+    let(:project) { create(:project) }
+    let!(:pipeline_1) { create(:ee_ci_pipeline, :with_sast_report, project: project) }
+    let!(:pipeline_2) { create(:ee_ci_pipeline, :with_sast_report, project: project) }
+    let!(:pipeline_3) { create(:ee_ci_pipeline, :with_dependency_scanning_report, project: project) }
+
+    subject { project.latest_pipeline_with_reports(reports) }
+
+    context 'when reports are found' do
+      let(:reports) { ::Ci::JobArtifact.sast_reports }
+
+      it "returns the latest pipeline with reports of right type" do
+        is_expected.to eq(pipeline_2)
+      end
+    end
+
+    context 'when reports are not found' do
+      let(:reports) { ::Ci::JobArtifact.metrics_reports }
+
+      it 'returns nothing' do
+        is_expected.to be_nil
+      end
+    end
+  end
+
  describe '#protected_environment_by_name' do
    let(:project) { create(:project) }


--- a/ee/spec/services/security/report_fetch_service_spec.rb
+++ b/ee/spec/services/security/report_fetch_service_spec.rb
@@ -8,20 +8,6 @@ describe Security::ReportFetchService do
  let(:service) { described_class.new(project, artifact) }
  let(:artifact) { ::Ci::JobArtifact.dependency_list_reports }

-  describe '.pipeline_for' do
-    subject { described_class.pipeline_for(project) }
-
-    context 'with found pipeline' do
-      let!(:pipeline) { create(:ee_ci_pipeline, :with_dependency_list_report, project: project) }
-
-      it { is_expected.to eq(pipeline) }
-    end
-
-    context 'without any pipelines' do
-      it { is_expected.to be_nil }
-    end
-  end
-
  describe '#pipeline' do
    subject { service.pipeline }