Merge branch 'enable-autodevops-for-jihu' into 'master'

Enable AutoDevops for JiHu See merge request gitlab-org/gitlab!65397

Merge branch 'enable-autodevops-for-jihu' into 'master'
Enable AutoDevops for JiHu See merge request gitlab-org/gitlab!65397
f83c54a7 · Lin Jen-Shin · 1ae5bb20 · 31fc849a · f83c54a7 · f83c54a7
Commit f83c54a7 authored Jul 08, 2021 by Lin Jen-Shin
8 changed files
--- a/ee/spec/lib/ee/gitlab/ci/config_spec.rb
+++ b/ee/spec/lib/ee/gitlab/ci/config_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'

 RSpec.describe Gitlab::Ci::Config do
+  include Ci::TemplateHelpers
+
  let_it_be(:ci_yml) do
    <<-EOS
    sample_job:
@@ -129,7 +131,7 @@ RSpec.describe Gitlab::Ci::Config do
                  variables: {
                    DAST_AUTH_URL: dast_site_profile.auth_url,
                    DAST_VERSION: 1,
-                    SECURE_ANALYZERS_PREFIX: 'registry.gitlab.com/gitlab-org/security-products/analyzers',
+                    SECURE_ANALYZERS_PREFIX: secure_analyzers_prefix,
                    DAST_WEBSITE: dast_site_profile.dast_site.url,
                    DAST_FULL_SCAN_ENABLED: 'false',
                    DAST_USE_AJAX_SPIDER: 'false',

--- a/ee/spec/lib/gitlab/ci/config/security_orchestration_policies/processor_spec.rb
+++ b/ee/spec/lib/gitlab/ci/config/security_orchestration_policies/processor_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'

 RSpec.describe Gitlab::Ci::Config::SecurityOrchestrationPolicies::Processor do
+  include Ci::TemplateHelpers
+
  subject { described_class.new(config, project, ref, source).perform }

  let_it_be(:config) { { image: 'ruby:3.0.1' } }
@@ -131,7 +133,7 @@ RSpec.describe Gitlab::Ci::Config::SecurityOrchestrationPolicies::Processor do
                variables: {
                  DAST_AUTH_URL: dast_site_profile.auth_url,
                  DAST_VERSION: 1,
-                  SECURE_ANALYZERS_PREFIX: 'registry.gitlab.com/gitlab-org/security-products/analyzers',
+                  SECURE_ANALYZERS_PREFIX: secure_analyzers_prefix,
                  DAST_WEBSITE: dast_site_profile.dast_site.url,
                  DAST_FULL_SCAN_ENABLED: 'false',
                  DAST_USE_AJAX_SPIDER: 'false',

--- a/ee/spec/services/ci/run_dast_scan_service_spec.rb
+++ b/ee/spec/services/ci/run_dast_scan_service_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'

 RSpec.describe Ci::RunDastScanService do
+  include Ci::TemplateHelpers
+
  let_it_be(:user) { create(:user) }
  let_it_be(:project) { create(:project, :repository, creator: user) }
  let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
@@ -156,7 +158,7 @@ RSpec.describe Ci::RunDastScanService do
            public: true
          }, {
            key: 'SECURE_ANALYZERS_PREFIX',
-            value: 'registry.gitlab.com/gitlab-org/security-products/analyzers',
+            value: secure_analyzers_prefix,
            public: true
          }
        ]

--- a/ee/spec/services/security/security_orchestration_policies/on_demand_scan_pipeline_configuration_service_spec.rb
+++ b/ee/spec/services/security/security_orchestration_policies/on_demand_scan_pipeline_configuration_service_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'

 RSpec.describe Security::SecurityOrchestrationPolicies::OnDemandScanPipelineConfigurationService do
+  include Ci::TemplateHelpers
+
  describe '#execute' do
    let_it_be_with_reload(:project) { create(:project, :repository) }

@@ -70,7 +72,7 @@ RSpec.describe Security::SecurityOrchestrationPolicies::OnDemandScanPipelineConf
            DAST_USE_AJAX_SPIDER: 'false',
            DAST_VERSION: 1,
            DAST_WEBSITE: site_profile.dast_site.url,
-            SECURE_ANALYZERS_PREFIX: 'registry.gitlab.com/gitlab-org/security-products/analyzers'
+            SECURE_ANALYZERS_PREFIX: secure_analyzers_prefix
          },
          allow_failure: true,
          script: ['/analyze'],

--- a/lib/gitlab/template/gitlab_ci_yml_template.rb
+++ b/lib/gitlab/template/gitlab_ci_yml_template.rb
@@ -92,4 +92,4 @@ module Gitlab
  end
 end

-Gitlab::Template::GitlabCiYmlTemplate.prepend_mod_with('Gitlab::Template::GitlabCiYmlTemplate')
+Gitlab::Template::GitlabCiYmlTemplate.prepend_mod
--- a/spec/graphql/types/project_type_spec.rb
+++ b/spec/graphql/types/project_type_spec.rb
@@ -4,6 +4,7 @@ require 'spec_helper'

 RSpec.describe GitlabSchema.types['Project'] do
  include GraphqlHelpers
+  include Ci::TemplateHelpers

  specify { expect(described_class).to expose_permissions_using(Types::PermissionTypes::Project) }

@@ -103,15 +104,14 @@ RSpec.describe GitlabSchema.types['Project'] do
    subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }

    it "returns the project's sast configuration for global variables" do
-      secure_analyzers_prefix = subject.dig('data', 'project', 'sastCiConfiguration', 'global', 'nodes').first
-      expect(secure_analyzers_prefix['type']).to eq('string')
-      expect(secure_analyzers_prefix['field']).to eq('SECURE_ANALYZERS_PREFIX')
-      expect(secure_analyzers_prefix['label']).to eq('Image prefix')
-      expect(secure_analyzers_prefix['defaultValue'])
-        .to eq('registry.gitlab.com/gitlab-org/security-products/analyzers')
-      expect(secure_analyzers_prefix['value']).to eq('registry.gitlab.com/gitlab-org/security-products/analyzers')
-      expect(secure_analyzers_prefix['size']).to eq('LARGE')
-      expect(secure_analyzers_prefix['options']).to be_nil
+      secure_analyzers = subject.dig('data', 'project', 'sastCiConfiguration', 'global', 'nodes').first
+      expect(secure_analyzers['type']).to eq('string')
+      expect(secure_analyzers['field']).to eq('SECURE_ANALYZERS_PREFIX')
+      expect(secure_analyzers['label']).to eq('Image prefix')
+      expect(secure_analyzers['defaultValue']).to eq(secure_analyzers_prefix)
+      expect(secure_analyzers['value']).to eq(secure_analyzers_prefix)
+      expect(secure_analyzers['size']).to eq('LARGE')
+      expect(secure_analyzers['options']).to be_nil
    end

    it "returns the project's sast configuration for pipeline variables" do

--- a/spec/services/security/ci_configuration/sast_parser_service_spec.rb
+++ b/spec/services/security/ci_configuration/sast_parser_service_spec.rb
@@ -3,11 +3,13 @@
 require 'spec_helper'

 RSpec.describe Security::CiConfiguration::SastParserService do
+  include Ci::TemplateHelpers
+
  describe '#configuration' do
    include_context 'read ci configuration for sast enabled project'

    let(:configuration) { described_class.new(project).configuration }
-    let(:secure_analyzers_prefix) { configuration['global'][0] }
+    let(:secure_analyzers) { configuration['global'][0] }
    let(:sast_excluded_paths) { configuration['global'][1] }
    let(:sast_pipeline_stage) { configuration['pipeline'][0] }
    let(:sast_search_max_depth) { configuration['pipeline'][1] }
@@ -16,7 +18,7 @@ RSpec.describe Security::CiConfiguration::SastParserService do
    let(:sast_brakeman_level) { brakeman['variables'][0] }

    it 'parses the configuration for SAST' do
-      expect(secure_analyzers_prefix['default_value']).to eql('registry.gitlab.com/gitlab-org/security-products/analyzers')
+      expect(secure_analyzers['default_value']).to eql(secure_analyzers_prefix)
      expect(sast_excluded_paths['default_value']).to eql('spec, test, tests, tmp')
      expect(sast_pipeline_stage['default_value']).to eql('test')
      expect(sast_search_max_depth['default_value']).to eql('4')
@@ -28,7 +30,7 @@ RSpec.describe Security::CiConfiguration::SastParserService do
      context 'when .gitlab-ci.yml is present' do
        it 'populates the current values from the file' do
          allow(project.repository).to receive(:blob_data_at).and_return(gitlab_ci_yml_content)
-          expect(secure_analyzers_prefix['value']).to eql('registry.gitlab.com/gitlab-org/security-products/analyzers2')
+          expect(secure_analyzers['value']).to eql("registry.gitlab.com/gitlab-org/security-products/analyzers2")
          expect(sast_excluded_paths['value']).to eql('spec, executables')
          expect(sast_pipeline_stage['value']).to eql('our_custom_security_stage')
          expect(sast_search_max_depth['value']).to eql('8')
@@ -50,7 +52,7 @@ RSpec.describe Security::CiConfiguration::SastParserService do
      context 'when .gitlab-ci.yml is absent' do
        it 'populates the current values with the default values' do
          allow(project.repository).to receive(:blob_data_at).and_return(nil)
-          expect(secure_analyzers_prefix['value']).to eql('registry.gitlab.com/gitlab-org/security-products/analyzers')
+          expect(secure_analyzers['value']).to eql(secure_analyzers_prefix)
          expect(sast_excluded_paths['value']).to eql('spec, test, tests, tmp')
          expect(sast_pipeline_stage['value']).to eql('test')
          expect(sast_search_max_depth['value']).to eql('4')
@@ -67,7 +69,7 @@ RSpec.describe Security::CiConfiguration::SastParserService do
        end

        it 'populates the current values with the default values' do
-          expect(secure_analyzers_prefix['value']).to eql('registry.gitlab.com/gitlab-org/security-products/analyzers')
+          expect(secure_analyzers['value']).to eql(secure_analyzers_prefix)
          expect(sast_excluded_paths['value']).to eql('spec, test, tests, tmp')
          expect(sast_pipeline_stage['value']).to eql('test')
          expect(sast_search_max_depth['value']).to eql('4')

--- a/spec/support/helpers/ci/template_helpers.rb
+++ b/spec/support/helpers/ci/template_helpers.rb
+# frozen_string_literal: true
+
+module Ci
+  module TemplateHelpers
+    def secure_analyzers_prefix
+      'registry.gitlab.com/gitlab-org/security-products/analyzers'
+    end
+  end
+end
+
+Ci::TemplateHelpers.prepend_mod