diff options
Diffstat (limited to 'db/fixtures/development/14_pipelines.rb')
| -rw-r--r-- | db/fixtures/development/14_pipelines.rb | 75 |
1 files changed, 74 insertions, 1 deletions
diff --git a/db/fixtures/development/14_pipelines.rb b/db/fixtures/development/14_pipelines.rb index 5535c4a14e5..5af77c49913 100644 --- a/db/fixtures/development/14_pipelines.rb +++ b/db/fixtures/development/14_pipelines.rb @@ -1,7 +1,7 @@ require './spec/support/sidekiq' class Gitlab::Seeder::Pipelines - STAGES = %w[build test deploy notify] + STAGES = %w[build test security deploy notify] BUILDS = [ # build stage { name: 'build:linux', stage: 'build', status: :success, @@ -31,6 +31,16 @@ class Gitlab::Seeder::Pipelines { name: 'spinach:osx', stage: 'test', status: :failed, allow_failure: true, queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago }, + # security stage + { name: 'dast', stage: 'security', status: :success, + queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago }, + { name: 'sast', stage: 'security', status: :success, + queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago }, + { name: 'dependency_scanning', stage: 'security', status: :success, + queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago }, + { name: 'container_scanning', stage: 'security', status: :success, + queued_at: 8.hour.ago, started_at: 8.hour.ago, finished_at: 7.hour.ago }, + # deploy stage { name: 'staging', stage: 'deploy', environment: 'staging', status_event: :success, options: { environment: { action: 'start', on_stop: 'stop staging' } }, @@ -108,6 +118,11 @@ class Gitlab::Seeder::Pipelines setup_artifacts(build) setup_test_reports(build) + if build.ref == build.project.default_branch + setup_security_reports_file(build) + else + setup_security_reports_legacy_archive(build) + end setup_build_log(build) build.project.environments. @@ -143,6 +158,55 @@ class Gitlab::Seeder::Pipelines end end + def setup_security_reports_file(build) + return unless build.stage == "security" + + # we have two sources: master and feature-branch + branch_name = build.ref == build.project.default_branch ? + 'master' : 'feature-branch' + + artifacts_cache_file(security_reports_path(branch_name, build.name)) do |file| + build.job_artifacts.build( + project: build.project, + file_type: build.name, + file_format: :raw, + file: file) + end + end + + def setup_security_reports_legacy_archive(build) + return unless build.stage == "security" + + # we have two sources: master and feature-branch + branch_name = build.ref == build.project.default_branch ? + 'master' : 'feature-branch' + + artifacts_cache_file(security_reports_archive_path(branch_name)) do |file| + build.job_artifacts.build( + project: build.project, + file_type: :archive, + file_format: :zip, + file: file) + end + + # assign dummy metadata + artifacts_cache_file(artifacts_metadata_path) do |file| + build.job_artifacts.build( + project: build.project, + file_type: :metadata, + file_format: :gzip, + file: file) + end + + build.options = { + artifacts: { + paths: [ + Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(build.name.to_sym) + ] + } + } + end + def setup_build_log(build) if %w(running success failed).include?(build.status) build.trace.set(FFaker::Lorem.paragraphs(6).join("\n\n")) @@ -190,6 +254,15 @@ class Gitlab::Seeder::Pipelines Rails.root + 'spec/fixtures/junit/junit.xml.gz' end + def security_reports_archive_path(branch) + Rails.root.join('spec', 'fixtures', 'security-reports', branch + '.zip') + end + + def security_reports_path(branch, name) + file_name = Ci::JobArtifact::DEFAULT_FILE_NAMES.fetch(name.to_sym) + Rails.root.join('spec', 'fixtures', 'security-reports', branch, file_name) + end + def artifacts_cache_file(file_path) file = Tempfile.new("artifacts") file.close |