Merge branch '4310-security-reports-break-utils' into 'master'

Break utils functions for security issues

See merge request gitlab-org/gitlab-ee!5064

ee/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js

 import CEMergeRequestStore from '~/vue_merge_request_widget/stores/mr_widget_store';
 import {
-  parseIssues,
+  parseCodeclimateMetrics,
   filterByKey,
   setSastContainerReport,
   setSastReport,
@@ -114,8 +114,8 @@ export default class MergeRequestStore extends CEMergeRequestStore {
   }
 
   compareCodeclimateMetrics(headIssues, baseIssues, headBlobPath, baseBlobPath) {
-    const parsedHeadIssues = parseIssues(headIssues, headBlobPath);
-    const parsedBaseIssues = parseIssues(baseIssues, baseBlobPath);
+    const parsedHeadIssues = parseCodeclimateMetrics(headIssues, headBlobPath);
+    const parsedBaseIssues = parseCodeclimateMetrics(baseIssues, baseBlobPath);
 
     this.codeclimateMetrics.newIssues = filterByKey(
       parsedHeadIssues,

ee/app/assets/javascripts/vue_shared/security_reports/helpers/utils.js

 import { stripHtml } from '~/lib/utils/text_utility';
 
-/**
- * Parses SAST and Codeclimate Issues into a common and reusable format
- * to reuse the same vue component.
- * [
- *   {
- *     name: String,
- *     priority: String,
- *     fingerprint: String,
- *     path: String,
- *     line: Number,
- *     urlPath: String
- *   }
- * ]
- * @param {array} issues
- * @return {array}
- */
-export const parseIssues = (issues = [], path = '') => issues.map((issue) => {
-  const parsedIssue = {
-    name: issue.description || issue.message,
-    ...issue,
-  };
-
-  // code quality
-  if (issue.location) {
-    let parseCodeQualityUrl;
-
-    if (issue.location.path) {
-      parseCodeQualityUrl = `${path}/${issue.location.path}`;
-      parsedIssue.path = issue.location.path;
-    }
-
-    if (issue.location.lines && issue.location.lines.begin) {
-      parsedIssue.line = issue.location.lines.begin;
-      parseCodeQualityUrl += `#L${issue.location.lines.begin}`;
+export const parseCodeclimateMetrics = (issues = [], path = '') =>
+  issues.map(issue => {
+    const parsedIssue = {
+      ...issue,
+      name: issue.description,
+    };
+
+    if (issue.location) {
+      let parseCodeQualityUrl;
+
+      if (issue.location.path) {
+        parseCodeQualityUrl = `${path}/${issue.location.path}`;
+        parsedIssue.path = issue.location.path;
+
+        if (issue.location.lines && issue.location.lines.begin) {
+          parsedIssue.line = issue.location.lines.begin;
+          parseCodeQualityUrl += `#L${issue.location.lines.begin}`;
+        }
+        parsedIssue.urlPath = parseCodeQualityUrl;
+      }
     }
 
-    parsedIssue.urlPath = parseCodeQualityUrl;
-
-  // security
-  } else if (issue.file) {
-    let parsedSecurityUrl = `${path}/${issue.file}`;
-    parsedIssue.path = issue.file;
-
-    if (issue.line) {
-      parsedSecurityUrl += `#L${issue.line}`;
-    }
-    parsedIssue.urlPath = parsedSecurityUrl;
-  }
-
-  return parsedIssue;
-});
+    return parsedIssue;
+  });
+
+  /**
+ * Maps SAST & Dependency scanning issues:
+ * { tool: String, message: String, url: String , cve: String ,
+ * file: String , solution: String, priority: String }
+ * to contain:
+ * { name: String, path: String, line: String, urlPath: String, priority: String }
+ * @param {Array} issues
+ * @param {String} path
+ */
+export const parseSastIssues = (issues = [], path = '') =>
+issues.map(issue =>
+  Object.assign({}, issue, {
+    name: issue.message,
+    path: issue.file,
+    urlPath: issue.line
+      ? `${path}/${issue.file}#L${issue.line}`
+      : `${path}/${issue.file}`,
+  }),
+);
 
 /**
  * Compares two arrays by the given key and returns the difference
@@ -105,8 +98,8 @@ export const setSastReport = (data = {}) => {
 
   if (data.base) {
     const filterKey = 'cve';
-    const parsedHead = parseIssues(data.head, data.headBlobPath);
-    const parsedBase = parseIssues(data.base, data.baseBlobPath);
+    const parsedHead = parseSastIssues(data.head, data.headBlobPath);
+    const parsedBase = parseSastIssues(data.base, data.baseBlobPath);
 
     securityReport.newIssues = filterByKey(
       parsedHead,
@@ -126,7 +119,7 @@ export const setSastReport = (data = {}) => {
       filterKey,
     );
   } else {
-    securityReport.newIssues = parseIssues(data.head, data.headBlobPath);
+    securityReport.newIssues = parseSastIssues(data.head, data.headBlobPath);
   }
 
   return securityReport;

ee/changelogs/unreleased/4310-security-reports-break-utils.yml

+---
+title: Breaks utils function to parse codeclimate and sast into separate functions
+merge_request:
+author:
+type: other

spec/javascripts/vue_shared/security_reports/helpers/utils_spec.js

 import {
-  parseIssues,
+  parseSastIssues,
+  parseCodeclimateMetrics,
   parseSastContainer,
   setSastReport,
   setDastReport,
@@ -19,16 +20,20 @@ import {
 } from '../mock_data';
 
 describe('security reports utils', () => {
-  describe('parseIssues', () => {
+  describe('parseSastIssues', () => {
     it('should parse the received issues', () => {
-      const codequality = parseIssues(baseIssues, 'path')[0];
+      const security = parseSastIssues(sastIssues, 'path')[0];
+      expect(security.name).toEqual(sastIssues[0].message);
+      expect(security.path).toEqual(sastIssues[0].file);
+    });
+  });
+
+  describe('parseCodeclimateMetrics', () => {
+    it('should parse the received issues', () => {
+      const codequality = parseCodeclimateMetrics(baseIssues, 'path')[0];
       expect(codequality.name).toEqual(baseIssues[0].check_name);
       expect(codequality.path).toEqual(baseIssues[0].location.path);
       expect(codequality.line).toEqual(baseIssues[0].location.lines.begin);
-
-      const security = parseIssues(sastIssues, 'path')[0];
-      expect(security.name).toEqual(sastIssues[0].message);
-      expect(security.path).toEqual(sastIssues[0].file);
     });
   });