summaryrefslogtreecommitdiff
path: root/app/validators
diff options
context:
space:
mode:
Diffstat (limited to 'app/validators')
-rw-r--r--app/validators/addressable_url_validator.rb6
-rw-r--r--app/validators/array_members_validator.rb21
-rw-r--r--app/validators/json_schemas/build_metadata_secrets.json30
-rw-r--r--app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json153
4 files changed, 207 insertions, 3 deletions
diff --git a/app/validators/addressable_url_validator.rb b/app/validators/addressable_url_validator.rb
index 99f503c3f06..9fa99903e36 100644
--- a/app/validators/addressable_url_validator.rb
+++ b/app/validators/addressable_url_validator.rb
@@ -95,9 +95,9 @@ class AddressableUrlValidator < ActiveModel::EachValidator
end
def current_options
- options.map do |option, value|
- [option, value.is_a?(Proc) ? value.call(record) : value]
- end.to_h
+ options.transform_values do |value|
+ value.is_a?(Proc) ? value.call(record) : value
+ end
end
def blocker_args
diff --git a/app/validators/array_members_validator.rb b/app/validators/array_members_validator.rb
new file mode 100644
index 00000000000..c5d3d25b4d9
--- /dev/null
+++ b/app/validators/array_members_validator.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# ArrayMembersValidator
+#
+# Custom validator that checks if validated
+# attribute contains non empty array, which every
+# element is an instances of :member_class
+#
+# Example:
+#
+# class Config::Root < ActiveRecord::Base
+# validates :nodes, member_class: Config::Node
+# end
+#
+class ArrayMembersValidator < ActiveModel::EachValidator
+ def validate_each(record, attribute, value)
+ if !value.is_a?(Array) || value.empty? || value.any? { |child| !child.instance_of?(options[:member_class]) }
+ record.errors.add(attribute, _("should be an array of %{object_name} objects") % { object_name: options.fetch(:object_name, attribute) })
+ end
+ end
+end
diff --git a/app/validators/json_schemas/build_metadata_secrets.json b/app/validators/json_schemas/build_metadata_secrets.json
new file mode 100644
index 00000000000..e745a266777
--- /dev/null
+++ b/app/validators/json_schemas/build_metadata_secrets.json
@@ -0,0 +1,30 @@
+{
+ "description": "CI builds metadata secrets",
+ "type": "object",
+ "patternProperties": {
+ ".*": {
+ "type": "object",
+ "patternProperties": {
+ "^vault$": {
+ "type": "object",
+ "required": ["path", "field", "engine"],
+ "properties": {
+ "path": { "type": "string" },
+ "field": { "type": "string" },
+ "engine": {
+ "type": "object",
+ "required": ["name", "path"],
+ "properties": {
+ "path": { "type": "string" },
+ "name": { "type": "string" }
+ },
+ "additionalProperties": false
+ }
+ },
+ "additionalProperties": false
+ }
+ },
+ "additionalProperties": false
+ }
+ }
+}
diff --git a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
new file mode 100644
index 00000000000..1154a4c45b8
--- /dev/null
+++ b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
@@ -0,0 +1,153 @@
+{
+ "global": [
+ {
+ "field" : "SECURE_ANALYZERS_PREFIX",
+ "label" : "Image prefix",
+ "type": "string",
+ "default_value": "registry.gitlab.com/gitlab-org/security-products/analyzers",
+ "value": ""
+ },
+ {
+ "field" : "SAST_EXCLUDED_PATHS",
+ "label" : "Excluded Paths",
+ "type": "string",
+ "default_value": "spec, test, tests, tmp",
+ "value": ""
+ },
+ {
+ "field" : "SECURE_ANALYZER_IMAGE_TAG",
+ "label" : "Image tag",
+ "type": "string",
+ "options": [],
+ "default_value": "2",
+ "value": ""
+ },
+ {
+ "field" : "SAST_DISABLED",
+ "label" : "Disable SAST",
+ "type": "options",
+ "options": [
+ {
+ "value" :"true",
+ "label" : "true (disables SAST)"
+ },
+ {
+ "value":"false",
+ "label":"false (enables SAST)"
+ }
+ ],
+ "default_value": "false",
+ "value": ""
+ }
+ ],
+ "pipeline": [
+ {
+ "field" : "stage",
+ "label" : "Stage",
+ "type": "dropdown",
+ "options": [
+ {
+ "value" :"test",
+ "label" : "test"
+ },
+ {
+ "value":"build",
+ "label":"build"
+ }
+ ],
+ "default_value": "test",
+ "value": ""
+ },
+ {
+ "field" : "allow_failure",
+ "label" : "Allow Failure",
+ "type": "options",
+ "options": [
+ {
+ "value" :"true",
+ "label" : "Allows pipeline failure"
+ },
+ {
+ "value": "false",
+ "label": "Does not allow pipeline failure"
+ }
+ ],
+ "default_value": "true",
+ "value": ""
+ },
+ {
+ "field" : "rules",
+ "label" : "Rules",
+ "type": "multiline",
+ "default_value": "",
+ "value": ""
+ }
+ ],
+ "analyzers": [
+ {
+ "name": "brakeman",
+ "label": "Brakeman",
+ "enabled" : true
+ },
+ {
+ "name": "bandit",
+ "label": "Bandit",
+ "enabled" : true
+ },
+ {
+ "name": "eslint",
+ "label": "ESLint",
+ "enabled" : true
+ },
+ {
+ "name": "flawfinder",
+ "label": "Flawfinder",
+ "enabled" : true
+ },
+ {
+ "name": "kubesec",
+ "label": "kubesec",
+ "enabled" : true
+ },
+ {
+ "name": "nodejsscan",
+ "label": "Node.js Scan",
+ "enabled" : true
+ },
+ {
+ "name": "gosec",
+ "label": "Golang Security Checker",
+ "enabled" : true
+ },
+ {
+ "name": "phpcs-security-audit",
+ "label": "PHP Security Audit",
+ "enabled" : true
+ },
+ {
+ "name": "pmd-apex",
+ "label": "PMD APEX",
+ "enabled" : true
+ },
+ {
+ "name": "security-code-scan",
+ "label": "Security Code Scan",
+ "enabled" : true
+ },
+ {
+ "name": "sobelow",
+ "label": "Sobelow",
+ "enabled" : true
+ },
+ {
+ "name": "spotbugs",
+ "label": "Spotbugs",
+ "enabled" : true
+ },
+ {
+ "name": "secrets",
+ "label": "Secrets",
+ "enabled" : true
+ }
+ ]
+}
View Lorry Controller Status