diff options
Diffstat (limited to 'spec/lib/gitlab/ci/reports/security')
-rw-r--r-- | spec/lib/gitlab/ci/reports/security/report_spec.rb | 22 | ||||
-rw-r--r-- | spec/lib/gitlab/ci/reports/security/reports_spec.rb | 21 |
2 files changed, 41 insertions, 2 deletions
diff --git a/spec/lib/gitlab/ci/reports/security/report_spec.rb b/spec/lib/gitlab/ci/reports/security/report_spec.rb index 5a85c3f19fc..a8b962ee970 100644 --- a/spec/lib/gitlab/ci/reports/security/report_spec.rb +++ b/spec/lib/gitlab/ci/reports/security/report_spec.rb @@ -221,4 +221,26 @@ RSpec.describe Gitlab::Ci::Reports::Security::Report do end end end + + describe '#has_signatures?' do + let(:finding) { create(:ci_reports_security_finding, signatures: signatures) } + + subject { report.has_signatures? } + + before do + report.add_finding(finding) + end + + context 'when the findings of the report does not have signatures' do + let(:signatures) { [] } + + it { is_expected.to be_falsey } + end + + context 'when the findings of the report have signatures' do + let(:signatures) { [instance_double(Gitlab::Ci::Reports::Security::FindingSignature)] } + + it { is_expected.to be_truthy } + end + end end diff --git a/spec/lib/gitlab/ci/reports/security/reports_spec.rb b/spec/lib/gitlab/ci/reports/security/reports_spec.rb index 9b1e02f1418..79eee642552 100644 --- a/spec/lib/gitlab/ci/reports/security/reports_spec.rb +++ b/spec/lib/gitlab/ci/reports/security/reports_spec.rb @@ -54,11 +54,12 @@ RSpec.describe Gitlab::Ci::Reports::Security::Reports do end describe "#violates_default_policy_against?" do - let(:high_severity_dast) { build(:ci_reports_security_finding, severity: 'high', report_type: :dast) } + let(:high_severity_dast) { build(:ci_reports_security_finding, severity: 'high', report_type: 'dast') } let(:vulnerabilities_allowed) { 0 } let(:severity_levels) { %w(critical high) } + let(:vulnerability_states) { %w(newly_detected)} - subject { security_reports.violates_default_policy_against?(target_reports, vulnerabilities_allowed, severity_levels) } + subject { security_reports.violates_default_policy_against?(target_reports, vulnerabilities_allowed, severity_levels, vulnerability_states) } before do security_reports.get_report('sast', artifact).add_finding(high_severity_dast) @@ -108,6 +109,22 @@ RSpec.describe Gitlab::Ci::Reports::Security::Reports do it { is_expected.to be(false) } end + + context 'with related report_types' do + let(:report_types) { %w(dast sast) } + + subject { security_reports.violates_default_policy_against?(target_reports, vulnerabilities_allowed, severity_levels, vulnerability_states, report_types) } + + it { is_expected.to be(true) } + end + + context 'with unrelated report_types' do + let(:report_types) { %w(dependency_scanning sast) } + + subject { security_reports.violates_default_policy_against?(target_reports, vulnerabilities_allowed, severity_levels, vulnerability_states, report_types) } + + it { is_expected.to be(false) } + end end end end |