Update pipeline when vulnerability dismissal feedback is created

e2a74490 · Alan (Maciej) Paruszewski · Stan Hu · 8ba7dfae · e2a74490 · e2a74490
Commit e2a74490 authored Oct 26, 2020 by Alan (Maciej) Paruszewski Committed by Stan Hu Oct 26, 2020
7 changed files
--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/actions.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/actions.js
@@ -370,6 +370,7 @@ export const revertDismissVulnerability = ({ state, dispatch }) => {
        ...state.modal.vulnerability,
        isDismissed: false,
        dismissalFeedback: null,
+        dismissal_feedback: null,
      };

      dispatch('receiveDismissVulnerability', updatedIssue);

--- a/ee/app/models/vulnerabilities/feedback.rb
+++ b/ee/app/models/vulnerabilities/feedback.rb
@@ -34,6 +34,9 @@ module Vulnerabilities
      preload(:author, :comment_author, :project, :issue, :merge_request, :pipeline)
    end

+    after_save :touch_pipeline, if: :for_dismissal?
+    after_destroy :touch_pipeline, if: :for_dismissal?
+
    # TODO remove once filtered data has been cleaned
    def self.only_valid_feedback
      pipeline = Ci::Pipeline.arel_table
@@ -83,5 +86,9 @@ module Vulnerabilities
        project_fingerprint: project_fingerprint
      }
    end
+
+    def touch_pipeline
+      pipeline&.touch
+    end
  end
 end
--- a/ee/app/services/vulnerabilities/dismiss_service.rb
+++ b/ee/app/services/vulnerabilities/dismiss_service.rb
@@ -39,7 +39,8 @@ module Vulnerabilities
        category: finding.report_type,
        feedback_type: 'dismissal',
        project_fingerprint: finding.project_fingerprint,
-        comment: @comment
+        comment: @comment,
+        pipeline: @project.latest_pipeline_with_security_reports(only_successful: true)
      }
    end


--- a/ee/changelogs/unreleased/254228-save-pipeline-when-creating-dismissal-feedback.yml
+++ b/ee/changelogs/unreleased/254228-save-pipeline-when-creating-dismissal-feedback.yml
+---
+title: Update pipeline when vulnerability dismissal feedback is created
+merge_request: 45954
+author:
+type: fixed
--- a/ee/spec/frontend/vue_shared/security_reports/store/actions_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/actions_spec.js
@@ -94,6 +94,7 @@ const createNonDismissedVulnerability = options =>
    ...options,
    isDismissed: false,
    dismissalFeedback: null,
+    dismissal_feedback: null,
  });

 const createDismissedVulnerability = options =>

--- a/ee/spec/services/vulnerabilities/dismiss_service_spec.rb
+++ b/ee/spec/services/vulnerabilities/dismiss_service_spec.rb
@@ -11,6 +11,8 @@ RSpec.describe Vulnerabilities::DismissService do

  let_it_be(:user) { create(:user) }
  let(:project) { create(:project) } # cannot use let_it_be here: caching causes problems with permission-related tests
+  let!(:pipeline) { create(:ci_pipeline, :success, project: project) }
+  let!(:build) { create(:ee_ci_build, :sast, pipeline: pipeline) }
  let(:vulnerability) { create(:vulnerability, :with_findings, project: project) }
  let(:service) { described_class.new(user, vulnerability) }

@@ -46,7 +48,7 @@ RSpec.describe Vulnerabilities::DismissService do
              have_attributes(state: 'dismissed', dismissed_by: user, dismissed_at: be_like_time(Time.current)))
            expect(vulnerability.findings).to all have_vulnerability_dismissal_feedback
            expect(vulnerability.findings.map(&:dismissal_feedback)).to(
-              all(have_attributes(comment: comment, comment_author: user, comment_timestamp: be_like_time(Time.current))))
+              all(have_attributes(comment: comment, comment_author: user, comment_timestamp: be_like_time(Time.current), pipeline_id: pipeline.id)))
          end
        end
      end

--- a/ee/spec/services/vulnerability_feedback/create_service_spec.rb
+++ b/ee/spec/services/vulnerability_feedback/create_service_spec.rb
@@ -60,6 +60,10 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
        expect(feedback.merge_request).to be_nil
      end

+      it 'touches pipeline related to feedback' do
+        expect { result }.to change { pipeline.reload.updated_at }
+      end
+
      context 'when feedback params has a comment' do
        it 'sets the comment attributes' do
          feedback = result[:vulnerability_feedback]