Do not expose internal artifacts hash in build entityfix/gb/remove-invalid-build-details-exposure

2 files changed, 3 insertions, 6 deletions

diff --git a/app/serializers/build_details_entity.rb b/app/serializers/build_details_entity.rb
index 514c4c2e35f..0eddbaaaebf 100644
--- a/app/serializers/build_details_entity.rb
+++ b/app/serializers/build_details_entity.rb
@@ -1,18 +1,15 @@
 class BuildDetailsEntity < BuildEntity
   expose :coverage, :erased_at, :duration
   expose :tag_list, as: :tags
-
   expose :user, using: UserEntity
+  expose :runner, using: RunnerEntity
+  expose :pipeline, using: PipelineEntity
 
   expose :erased_by, if: -> (*) { build.erased? }, using: UserEntity
   expose :erase_path, if: -> (*) { build.erasable? && can?(current_user, :update_build, project) } do |build|
     erase_namespace_project_job_path(project.namespace, project, build)
   end
 
-  expose :artifacts, using: BuildArtifactEntity
-  expose :runner, using: RunnerEntity
-  expose :pipeline, using: PipelineEntity
-
   expose :merge_request, if: -> (*) { can?(current_user, :read_merge_request, build.merge_request) } do
     expose :iid do |build|
       build.merge_request.iid
diff --git a/spec/serializers/build_details_entity_spec.rb b/spec/serializers/build_details_entity_spec.rb
index e2511e8968c..396ba96e9b3 100644
--- a/spec/serializers/build_details_entity_spec.rb
+++ b/spec/serializers/build_details_entity_spec.rb
@@ -29,7 +29,7 @@ describe BuildDetailsEntity do
 
       it 'contains the needed key value pairs' do
         expect(subject).to include(:coverage, :erased_at, :duration)
-        expect(subject).to include(:artifacts, :runner, :pipeline)
+        expect(subject).to include(:runner, :pipeline)
         expect(subject).to include(:raw_path, :merge_request)
         expect(subject).to include(:new_issue_path)
       end