Commit e9304fbf authored by Alan Paruszewski's avatar Alan Paruszewski

Add status column for vulnerability export

This adds to First Class Vulnerability Export new
column Status with current State of the Vulnerability
parent ff3e506f
...@@ -22,6 +22,7 @@ module VulnerabilityExports ...@@ -22,6 +22,7 @@ module VulnerabilityExports
{ {
'Scanner Type' => 'report_type', 'Scanner Type' => 'report_type',
'Scanner Name' => 'finding_scanner_name', 'Scanner Name' => 'finding_scanner_name',
'Status' => 'state',
'Vulnerability' => 'title', 'Vulnerability' => 'title',
'Details' => 'description', 'Details' => 'description',
'Additional Info' => -> (vulnerability) { vulnerability.finding_metadata&.fetch('message', nil) }, 'Additional Info' => -> (vulnerability) { vulnerability.finding_metadata&.fetch('message', nil) },
......
Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE
container_scanning,Clair,CVE-2017-16997 in glibc,,CVE-2017-16997 in glibc,critical,CVE-2017-16997 container_scanning,Clair,detected,CVE-2017-16997 in glibc,,CVE-2017-16997 in glibc,critical,CVE-2017-16997
container_scanning,Clair,CVE-2017-18269 in glibc,,CVE-2017-18269 in glibc,critical,CVE-2017-18269 container_scanning,Clair,detected,CVE-2017-18269 in glibc,,CVE-2017-18269 in glibc,critical,CVE-2017-18269
container_scanning,Clair,CVE-2018-1000001 in glibc,,CVE-2018-1000001 in glibc,high,CVE-2018-1000001 container_scanning,Clair,detected,CVE-2018-1000001 in glibc,,CVE-2018-1000001 in glibc,high,CVE-2018-1000001
container_scanning,Clair,CVE-2016-10228 in glibc,,CVE-2016-10228 in glibc,medium,CVE-2016-10228 container_scanning,Clair,detected,CVE-2016-10228 in glibc,,CVE-2016-10228 in glibc,medium,CVE-2016-10228
container_scanning,Clair,CVE-2010-4052 in glibc,,CVE-2010-4052 in glibc,low,CVE-2010-4052 container_scanning,Clair,detected,CVE-2010-4052 in glibc,,CVE-2010-4052 in glibc,low,CVE-2010-4052
container_scanning,Clair,CVE-2018-18520 in elfutils,,CVE-2018-18520 in elfutils,low,CVE-2018-18520 container_scanning,Clair,detected,CVE-2018-18520 in elfutils,,CVE-2018-18520 in elfutils,low,CVE-2018-18520
container_scanning,Clair,CVE-2018-16869 in nettle,,CVE-2018-16869 in nettle,unknown,CVE-2018-16869 container_scanning,Clair,detected,CVE-2018-16869 in nettle,,CVE-2018-16869 in nettle,unknown,CVE-2018-16869
dependency_scanning,Gemnasium,Regular Expression Denial of Service in debug,,Regular Expression Denial of Service in debug,unknown,yarn.lock:debug:gemnasium:37283ed4-0380-40d7-ada7-2d994afcc62a dependency_scanning,Gemnasium,detected,Regular Expression Denial of Service in debug,,Regular Expression Denial of Service in debug,unknown,yarn.lock:debug:gemnasium:37283ed4-0380-40d7-ada7-2d994afcc62a
dependency_scanning,Gemnasium,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,unknown,yarn.lock:saml2-js:gemnasium:9952e574-7b5b-46fa-a270-aeb694198a98 dependency_scanning,Gemnasium,detected,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,,Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js,unknown,yarn.lock:saml2-js:gemnasium:9952e574-7b5b-46fa-a270-aeb694198a98
sast,Find Security Bugs,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,818bf5dacb291e15d9e6dc3c5ac32178:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:47 sast,Find Security Bugs,detected,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,818bf5dacb291e15d9e6dc3c5ac32178:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:47
sast,Find Security Bugs,Cipher with no integrity,,Cipher with no integrity,medium,e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY:src/main/java/com/gitlab/security_products/tests/App.java:29 sast,Find Security Bugs,detected,Cipher with no integrity,,Cipher with no integrity,medium,e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY:src/main/java/com/gitlab/security_products/tests/App.java:29
sast,Find Security Bugs,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:41 sast,Find Security Bugs,detected,Predictable pseudorandom number generator,,Predictable pseudorandom number generator,medium,e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM:src/main/java/com/gitlab/security_products/tests/App.java:41
sast,Find Security Bugs,ECB mode is insecure,,ECB mode is insecure,medium,ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:src/main/java/com/gitlab/security_products/tests/App.java:29 sast,Find Security Bugs,detected,ECB mode is insecure,,ECB mode is insecure,medium,ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE:src/main/java/com/gitlab/security_products/tests/App.java:29
...@@ -177,7 +177,7 @@ describe API::VulnerabilityExports do ...@@ -177,7 +177,7 @@ describe API::VulnerabilityExports do
download_vulnerability_export download_vulnerability_export
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
expect(response.body).to include 'Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE' expect(response.body).to include 'Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE'
expect(response.headers['Poll-Interval']).to be_blank expect(response.headers['Poll-Interval']).to be_blank
end end
end end
......
...@@ -23,14 +23,15 @@ describe VulnerabilityExports::ExportCsvService do ...@@ -23,14 +23,15 @@ describe VulnerabilityExports::ExportCsvService do
end end
it 'includes the columns required for import' do it 'includes the columns required for import' do
expect(csv.headers).to include('Scanner Type', 'Scanner Name', 'Vulnerability', 'Details', 'Additional Info', expect(csv.headers).to include('Scanner Type', 'Scanner Name', 'Status', 'Vulnerability', 'Details',
'Severity', 'CVE') 'Additional Info', 'Severity', 'CVE')
end end
it 'includes proper values for each column type' do it 'includes proper values for each column type' do
aggregate_failures do aggregate_failures do
expect(csv[0]['Scanner Type']).to eq vulnerability.report_type expect(csv[0]['Scanner Type']).to eq vulnerability.report_type
expect(csv[0]['Scanner Name']).to eq vulnerability.finding_scanner_name expect(csv[0]['Scanner Name']).to eq vulnerability.finding_scanner_name
expect(csv[0]['Status']).to eq vulnerability.state
expect(csv[0]['Vulnerability']).to eq vulnerability.title expect(csv[0]['Vulnerability']).to eq vulnerability.title
expect(csv[0]['Details']).to eq vulnerability.description expect(csv[0]['Details']).to eq vulnerability.description
expect(csv[0]['Additional Info']).to eq vulnerability.finding_metadata['message'] expect(csv[0]['Additional Info']).to eq vulnerability.finding_metadata['message']
......
...@@ -31,7 +31,7 @@ RSpec.describe VulnerabilityExports::ExportWorker, type: :worker do ...@@ -31,7 +31,7 @@ RSpec.describe VulnerabilityExports::ExportWorker, type: :worker do
subject subject
vulnerability_export.reload vulnerability_export.reload
expect(vulnerability_export).to be_finished expect(vulnerability_export).to be_finished
expect(vulnerability_export.file.read).to include('Scanner Type,Scanner Name,Vulnerability,Details,Additional Info,Severity,CVE') expect(vulnerability_export.file.read).to include('Scanner Type,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE')
end end
it 'schedules job to delete export in 1 hour' do it 'schedules job to delete export in 1 hour' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment