diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 20:02:30 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 20:02:30 +0000 |
| commit | 41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch) | |
| tree | 9c8d89a8624828992f06d892cd2f43818ff5dcc8 /spec/factories/ci | |
| parent | 0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff) | |
| download | gitlab-ce-41fe97390ceddf945f3d967b8fdb3de4c66b7dea.tar.gz | |
Add latest changes from gitlab-org/gitlab@14-9-stable-eev14.9.0-rc42
Diffstat (limited to 'spec/factories/ci')
| -rw-r--r-- | spec/factories/ci/reports/security/evidence.rb | 60 | ||||
| -rw-r--r-- | spec/factories/ci/reports/security/findings.rb | 49 |
2 files changed, 108 insertions, 1 deletions
diff --git a/spec/factories/ci/reports/security/evidence.rb b/spec/factories/ci/reports/security/evidence.rb new file mode 100644 index 00000000000..ed744644447 --- /dev/null +++ b/spec/factories/ci/reports/security/evidence.rb @@ -0,0 +1,60 @@ +# frozen_string_literal: true + +FactoryBot.define do + factory :ci_reports_security_evidence, class: '::Gitlab::Ci::Reports::Security::Evidence' do + data do + { + summary: 'Credit card detected', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: nil + }, + response: { + headers: [{ name: 'Content-Length', value: '0' }], + reason_phrase: 'OK', + status_code: 200, + body: nil + }, + source: { + id: 'assert:Response Body Analysis', + name: 'Response Body Analysis', + url: 'htpp://hostname/documentation' + }, + supporting_messages: [ + { + name: 'Origional', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: '' + } + }, + { + name: 'Recorded', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: '' + }, + response: { + headers: [{ name: 'Content-Length', value: '0' }], + reason_phrase: 'OK', + status_code: 200, + body: '' + } + } + ] + } + end + + skip_create + + initialize_with do + ::Gitlab::Ci::Reports::Security::Evidence.new(**attributes) + end + end +end diff --git a/spec/factories/ci/reports/security/findings.rb b/spec/factories/ci/reports/security/findings.rb index 8a39fce971f..78c11210f97 100644 --- a/spec/factories/ci/reports/security/findings.rb +++ b/spec/factories/ci/reports/security/findings.rb @@ -6,6 +6,7 @@ FactoryBot.define do confidence { :medium } identifiers { Array.new(1) { association(:ci_reports_security_identifier) } } location factory: :ci_reports_security_locations_sast + evidence factory: :ci_reports_security_evidence metadata_version { 'sast:1.0' } name { 'Cipher with no integrity' } report_type { :sast } @@ -25,7 +26,53 @@ FactoryBot.define do name: "Cipher does not check for integrity first?", url: "https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first" } - ] + ], + evidence: { + summary: 'Credit card detected', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: nil + }, + response: { + headers: [{ name: 'Content-Length', value: '0' }], + reason_phrase: 'OK', + status_code: 200, + body: nil + }, + source: { + id: 'assert:Response Body Analysis', + name: 'Response Body Analysis', + url: 'htpp://hostname/documentation' + }, + supporting_messages: [ + { + name: 'Origional', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: '' + } + }, + { + name: 'Recorded', + request: { + headers: [{ name: 'Accept', value: '*/*' }], + method: 'GET', + url: 'http://goat:8080/WebGoat/logout', + body: '' + }, + response: { + headers: [{ name: 'Content-Length', value: '0' }], + reason_phrase: 'OK', + status_code: 200, + body: '' + } + } + ] + } }.deep_stringify_keys end scanner factory: :ci_reports_security_scanner |