Commit f4a467ab authored by Tanya Pazitny's avatar Tanya Pazitny

Merge branch 'zm-secure-vulns-qa' into 'master'

Refactor vulnerability requirements

Closes #34437 and #36106

See merge request gitlab-org/gitlab!20024
parents 8ac95c08 f8384dd6
......@@ -153,24 +153,26 @@ module QA
def resolve_vulnerability_with_mr(name)
expand_vulnerability_report
click_vulnerability(name)
previous_page = page.current_url
click_element :resolve_split_button
wait(reload: false) do
has_no_element?(:resolve_split_button)
wait(max: 15, reload: false) do
page.current_url != previous_page
end
end
def has_vulnerability_report?(timeout: 60)
wait(reload: true, max: timeout, interval: 1) do
finished_loading?
has_element?(:vulnerability_report_grouped, wait: 1)
has_element?(:vulnerability_report_grouped, wait: 10)
end
find_element(:vulnerability_report_grouped).has_no_content?("is loading")
end
def has_total_vulnerability_count_of?(expected)
def has_vulnerability_count?
# Match text cut off in order to find both "1 vulnerability" and "X vulnerabilities"
find_element(:vulnerability_report_grouped).has_content?(/Security scanning detected #{expected}( new)? vulnerabilit/)
find_element(:vulnerability_report_grouped).has_content?(/Security scanning detected/)
end
def has_sast_vulnerability_count_of?(expected)
......
......@@ -5,7 +5,6 @@ require 'pathname'
module QA
context 'Secure', :docker do
describe 'Security Reports in a Merge Request' do
let(:total_vuln_count) { 49 }
let(:sast_vuln_count) { 33 }
let(:dependency_scan_vuln_count) { 4 }
let(:container_scan_vuln_count) { 8 }
......@@ -70,7 +69,7 @@ module QA
it 'displays the Security reports in the merge request' do
Page::MergeRequest::Show.perform do |mergerequest|
expect(mergerequest).to have_vulnerability_report(timeout: 60)
expect(mergerequest).to have_total_vulnerability_count_of(total_vuln_count)
expect(mergerequest).to have_vulnerability_count
mergerequest.expand_vulnerability_report
......@@ -84,8 +83,8 @@ module QA
it 'can create an auto-remediation MR' do
Page::MergeRequest::Show.perform do |mergerequest|
vuln_name = "Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js"
expect(mergerequest).to have_vulnerability_report(timeout: 60)
# Context changes as resolve method created new MR
mergerequest.resolve_vulnerability_with_mr vuln_name
expect(mergerequest).to have_title vuln_name
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment