Commit f92722ac authored by Phil Hughes's avatar Phil Hughes

Merge branch '4310-security-reports-break-utils' into 'master'

Break utils functions for security issues

See merge request gitlab-org/gitlab-ee!5064
parents 4f41e81d ef93144b
import CEMergeRequestStore from '~/vue_merge_request_widget/stores/mr_widget_store'; import CEMergeRequestStore from '~/vue_merge_request_widget/stores/mr_widget_store';
import { import {
parseIssues, parseCodeclimateMetrics,
filterByKey, filterByKey,
setSastContainerReport, setSastContainerReport,
setSastReport, setSastReport,
...@@ -114,8 +114,8 @@ export default class MergeRequestStore extends CEMergeRequestStore { ...@@ -114,8 +114,8 @@ export default class MergeRequestStore extends CEMergeRequestStore {
} }
compareCodeclimateMetrics(headIssues, baseIssues, headBlobPath, baseBlobPath) { compareCodeclimateMetrics(headIssues, baseIssues, headBlobPath, baseBlobPath) {
const parsedHeadIssues = parseIssues(headIssues, headBlobPath); const parsedHeadIssues = parseCodeclimateMetrics(headIssues, headBlobPath);
const parsedBaseIssues = parseIssues(baseIssues, baseBlobPath); const parsedBaseIssues = parseCodeclimateMetrics(baseIssues, baseBlobPath);
this.codeclimateMetrics.newIssues = filterByKey( this.codeclimateMetrics.newIssues = filterByKey(
parsedHeadIssues, parsedHeadIssues,
......
import { stripHtml } from '~/lib/utils/text_utility'; import { stripHtml } from '~/lib/utils/text_utility';
/** export const parseCodeclimateMetrics = (issues = [], path = '') =>
* Parses SAST and Codeclimate Issues into a common and reusable format issues.map(issue => {
* to reuse the same vue component. const parsedIssue = {
* [ ...issue,
* { name: issue.description,
* name: String, };
* priority: String,
* fingerprint: String, if (issue.location) {
* path: String, let parseCodeQualityUrl;
* line: Number,
* urlPath: String if (issue.location.path) {
* } parseCodeQualityUrl = `${path}/${issue.location.path}`;
* ] parsedIssue.path = issue.location.path;
* @param {array} issues
* @return {array} if (issue.location.lines && issue.location.lines.begin) {
*/ parsedIssue.line = issue.location.lines.begin;
export const parseIssues = (issues = [], path = '') => issues.map((issue) => { parseCodeQualityUrl += `#L${issue.location.lines.begin}`;
const parsedIssue = { }
name: issue.description || issue.message, parsedIssue.urlPath = parseCodeQualityUrl;
...issue, }
};
// code quality
if (issue.location) {
let parseCodeQualityUrl;
if (issue.location.path) {
parseCodeQualityUrl = `${path}/${issue.location.path}`;
parsedIssue.path = issue.location.path;
}
if (issue.location.lines && issue.location.lines.begin) {
parsedIssue.line = issue.location.lines.begin;
parseCodeQualityUrl += `#L${issue.location.lines.begin}`;
} }
parsedIssue.urlPath = parseCodeQualityUrl; return parsedIssue;
});
// security
} else if (issue.file) { /**
let parsedSecurityUrl = `${path}/${issue.file}`; * Maps SAST & Dependency scanning issues:
parsedIssue.path = issue.file; * { tool: String, message: String, url: String , cve: String ,
* file: String , solution: String, priority: String }
if (issue.line) { * to contain:
parsedSecurityUrl += `#L${issue.line}`; * { name: String, path: String, line: String, urlPath: String, priority: String }
} * @param {Array} issues
parsedIssue.urlPath = parsedSecurityUrl; * @param {String} path
} */
export const parseSastIssues = (issues = [], path = '') =>
return parsedIssue; issues.map(issue =>
}); Object.assign({}, issue, {
name: issue.message,
path: issue.file,
urlPath: issue.line
? `${path}/${issue.file}#L${issue.line}`
: `${path}/${issue.file}`,
}),
);
/** /**
* Compares two arrays by the given key and returns the difference * Compares two arrays by the given key and returns the difference
...@@ -105,8 +98,8 @@ export const setSastReport = (data = {}) => { ...@@ -105,8 +98,8 @@ export const setSastReport = (data = {}) => {
if (data.base) { if (data.base) {
const filterKey = 'cve'; const filterKey = 'cve';
const parsedHead = parseIssues(data.head, data.headBlobPath); const parsedHead = parseSastIssues(data.head, data.headBlobPath);
const parsedBase = parseIssues(data.base, data.baseBlobPath); const parsedBase = parseSastIssues(data.base, data.baseBlobPath);
securityReport.newIssues = filterByKey( securityReport.newIssues = filterByKey(
parsedHead, parsedHead,
...@@ -126,7 +119,7 @@ export const setSastReport = (data = {}) => { ...@@ -126,7 +119,7 @@ export const setSastReport = (data = {}) => {
filterKey, filterKey,
); );
} else { } else {
securityReport.newIssues = parseIssues(data.head, data.headBlobPath); securityReport.newIssues = parseSastIssues(data.head, data.headBlobPath);
} }
return securityReport; return securityReport;
......
---
title: Breaks utils function to parse codeclimate and sast into separate functions
merge_request:
author:
type: other
import { import {
parseIssues, parseSastIssues,
parseCodeclimateMetrics,
parseSastContainer, parseSastContainer,
setSastReport, setSastReport,
setDastReport, setDastReport,
...@@ -19,16 +20,20 @@ import { ...@@ -19,16 +20,20 @@ import {
} from '../mock_data'; } from '../mock_data';
describe('security reports utils', () => { describe('security reports utils', () => {
describe('parseIssues', () => { describe('parseSastIssues', () => {
it('should parse the received issues', () => { it('should parse the received issues', () => {
const codequality = parseIssues(baseIssues, 'path')[0]; const security = parseSastIssues(sastIssues, 'path')[0];
expect(security.name).toEqual(sastIssues[0].message);
expect(security.path).toEqual(sastIssues[0].file);
});
});
describe('parseCodeclimateMetrics', () => {
it('should parse the received issues', () => {
const codequality = parseCodeclimateMetrics(baseIssues, 'path')[0];
expect(codequality.name).toEqual(baseIssues[0].check_name); expect(codequality.name).toEqual(baseIssues[0].check_name);
expect(codequality.path).toEqual(baseIssues[0].location.path); expect(codequality.path).toEqual(baseIssues[0].location.path);
expect(codequality.line).toEqual(baseIssues[0].location.lines.begin); expect(codequality.line).toEqual(baseIssues[0].location.lines.begin);
const security = parseIssues(sastIssues, 'path')[0];
expect(security.name).toEqual(sastIssues[0].message);
expect(security.path).toEqual(sastIssues[0].file);
}); });
}); });
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment