Add security bot

ed2fe7d6 · Tetiana Chupryna · Igor Drozdov · 0fe59e92 · ed2fe7d6 · ed2fe7d6
Commit ed2fe7d6 authored Oct 14, 2020 by Tetiana Chupryna Committed by Igor Drozdov Oct 14, 2020
5 changed files
--- a/app/models/concerns/has_user_type.rb
+++ b/app/models/concerns/has_user_type.rb
@@ -11,10 +11,11 @@ module HasUserType
    service_user: 4,
    ghost: 5,
    project_bot: 6,
-    migration_bot: 7
+    migration_bot: 7,
+    security_bot: 8
  }.with_indifferent_access.freeze

-  BOT_USER_TYPES = %w[alert_bot project_bot support_bot visual_review_bot migration_bot].freeze
+  BOT_USER_TYPES = %w[alert_bot project_bot support_bot visual_review_bot migration_bot security_bot].freeze
  NON_INTERNAL_USER_TYPES = %w[human project_bot service_user].freeze
  INTERNAL_USER_TYPES = (USER_TYPES.keys - NON_INTERNAL_USER_TYPES).freeze


--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -690,6 +690,17 @@ class User < ApplicationRecord
      end
    end

+    def security_bot
+      email_pattern = "security-bot%s@#{Settings.gitlab.host}"
+
+      unique_internal(where(user_type: :security_bot), 'GitLab-Security-Bot', email_pattern) do |u|
+        u.bio = 'System bot that monitors detected vulnerabilities for solutions and creates merge requests with the fixes.'
+        u.name = 'GitLab Security Bot'
+        u.website_url = Gitlab::Routing.url_helpers.help_page_url('user/application_security/security_bot/index.md')
+        u.avatar = bot_avatar(image: 'security-bot.png')
+      end
+    end
+
    def support_bot
      email_pattern = "support%s@#{Settings.gitlab.host}"


--- a/changelogs/unreleased/215669-create-auto-fix-bot.yml
+++ b/changelogs/unreleased/215669-create-auto-fix-bot.yml
+---
+title: Add security bot
+merge_request: 43147
+author:
+type: added
--- a/spec/models/concerns/has_user_type_spec.rb
+++ b/spec/models/concerns/has_user_type_spec.rb
@@ -5,7 +5,7 @@ require 'spec_helper'
 RSpec.describe User do
  specify 'types consistency checks', :aggregate_failures do
    expect(described_class::USER_TYPES.keys)
-      .to match_array(%w[human ghost alert_bot project_bot support_bot service_user visual_review_bot migration_bot])
+      .to match_array(%w[human ghost alert_bot project_bot support_bot service_user security_bot visual_review_bot migration_bot])
    expect(described_class::USER_TYPES).to include(*described_class::BOT_USER_TYPES)
    expect(described_class::USER_TYPES).to include(*described_class::NON_INTERNAL_USER_TYPES)
    expect(described_class::USER_TYPES).to include(*described_class::INTERNAL_USER_TYPES)

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -4867,7 +4867,8 @@ RSpec.describe User do
            { state: 'blocked' },
            { user_type: :ghost },
            { user_type: :alert_bot },
-            { user_type: :support_bot }
+            { user_type: :support_bot },
+            { user_type: :security_bot }
          ]
        end

@@ -4922,6 +4923,7 @@ RSpec.describe User do
        'human'             | true
        'alert_bot'         | false
        'support_bot'       | false
+        'security_bot'      | false
      end

      with_them do
@@ -5033,9 +5035,11 @@ RSpec.describe User do
    it_behaves_like 'bot users', :alert_bot
    it_behaves_like 'bot users', :support_bot
    it_behaves_like 'bot users', :migration_bot
+    it_behaves_like 'bot users', :security_bot
    it_behaves_like 'bot users', :ghost

    it_behaves_like 'bot user avatars', :alert_bot, 'alert-bot.png'
    it_behaves_like 'bot user avatars', :support_bot, 'support-bot.png'
+    it_behaves_like 'bot user avatars', :security_bot, 'security-bot.png'
  end
 end