debian-mirror-gitlab/lib/gitlab/ci/reports/security/reports.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

46 lines
1.5 KiB
Ruby
Raw Normal View History

2021-10-27 15:23:28 +05:30
# frozen_string_literal: true
module Gitlab
module Ci
module Reports
module Security
class Reports
attr_reader :reports, :pipeline
delegate :each, :empty?, to: :reports
def initialize(pipeline)
@reports = {}
@pipeline = pipeline
end
def get_report(report_type, report_artifact)
reports[report_type] ||= Report.new(report_type, pipeline, report_artifact.created_at)
end
def findings
reports.values.flat_map(&:findings)
end
2021-12-11 22:18:48 +05:30
def violates_default_policy_against?(target_reports, vulnerabilities_allowed, severity_levels, vulnerability_states, report_types = [])
unsafe_findings_count(target_reports, severity_levels, vulnerability_states, report_types) > vulnerabilities_allowed
2021-10-27 15:23:28 +05:30
end
2021-12-11 22:18:48 +05:30
def unsafe_findings_uuids(severity_levels, report_types)
findings.select { |finding| finding.unsafe?(severity_levels, report_types) }.map(&:uuid)
2021-10-27 15:23:28 +05:30
end
2021-12-11 22:18:48 +05:30
private
def unsafe_findings_count(target_reports, severity_levels, vulnerability_states, report_types)
new_uuids = unsafe_findings_uuids(severity_levels, report_types) - target_reports&.unsafe_findings_uuids(severity_levels, report_types).to_a
new_uuids.count
2021-10-27 15:23:28 +05:30
end
end
end
end
end
end
2021-12-11 22:18:48 +05:30
Gitlab::Ci::Reports::Security::Reports.prepend_mod_with('Gitlab::Ci::Reports::Security::Reports')