2021-01-03 14:25:43 +05:30
|
|
|
<script>
|
2021-02-22 17:27:13 +05:30
|
|
|
import { mapActions, mapGetters } from 'vuex';
|
|
|
|
|
import createFlash from '~/flash';
|
2021-03-11 19:13:27 +05:30
|
|
|
import { s__ } from '~/locale';
|
|
|
|
|
import ReportSection from '~/reports/components/report_section.vue';
|
|
|
|
|
import { ERROR, SLOT_SUCCESS, SLOT_LOADING, SLOT_ERROR } from '~/reports/constants';
|
|
|
|
|
import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
|
2021-02-22 17:27:13 +05:30
|
|
|
import HelpIcon from './components/help_icon.vue';
|
|
|
|
|
import SecurityReportDownloadDropdown from './components/security_report_download_dropdown.vue';
|
|
|
|
|
import SecuritySummary from './components/security_summary.vue';
|
|
|
|
|
import {
|
|
|
|
|
REPORT_TYPE_SAST,
|
|
|
|
|
REPORT_TYPE_SECRET_DETECTION,
|
|
|
|
|
reportTypeToSecurityReportTypeEnum,
|
|
|
|
|
} from './constants';
|
2021-10-27 15:23:28 +05:30
|
|
|
import securityReportMergeRequestDownloadPathsQuery from './graphql/queries/security_report_merge_request_download_paths.query.graphql';
|
2021-03-11 19:13:27 +05:30
|
|
|
import store from './store';
|
|
|
|
|
import { MODULE_SAST, MODULE_SECRET_DETECTION } from './store/constants';
|
2021-06-08 01:23:25 +05:30
|
|
|
import { extractSecurityReportArtifactsFromMergeRequest } from './utils';
|
2021-01-03 14:25:43 +05:30
|
|
|
|
|
|
|
|
export default {
|
2021-02-22 17:27:13 +05:30
|
|
|
store,
|
2021-01-03 14:25:43 +05:30
|
|
|
components: {
|
|
|
|
|
ReportSection,
|
2021-02-22 17:27:13 +05:30
|
|
|
HelpIcon,
|
|
|
|
|
SecurityReportDownloadDropdown,
|
|
|
|
|
SecuritySummary,
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
mixins: [glFeatureFlagsMixin()],
|
2021-01-03 14:25:43 +05:30
|
|
|
props: {
|
|
|
|
|
pipelineId: {
|
|
|
|
|
type: Number,
|
|
|
|
|
required: true,
|
|
|
|
|
},
|
|
|
|
|
projectId: {
|
|
|
|
|
type: Number,
|
|
|
|
|
required: true,
|
|
|
|
|
},
|
|
|
|
|
securityReportsDocsPath: {
|
|
|
|
|
type: String,
|
|
|
|
|
required: true,
|
|
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
discoverProjectSecurityPath: {
|
|
|
|
|
type: String,
|
|
|
|
|
required: false,
|
|
|
|
|
default: '',
|
|
|
|
|
},
|
|
|
|
|
sastComparisonPath: {
|
|
|
|
|
type: String,
|
|
|
|
|
required: false,
|
|
|
|
|
default: '',
|
|
|
|
|
},
|
2021-11-18 22:05:49 +05:30
|
|
|
secretDetectionComparisonPath: {
|
2021-02-22 17:27:13 +05:30
|
|
|
type: String,
|
|
|
|
|
required: false,
|
|
|
|
|
default: '',
|
|
|
|
|
},
|
|
|
|
|
targetProjectFullPath: {
|
|
|
|
|
type: String,
|
|
|
|
|
required: false,
|
|
|
|
|
default: '',
|
|
|
|
|
},
|
|
|
|
|
mrIid: {
|
|
|
|
|
type: Number,
|
|
|
|
|
required: false,
|
|
|
|
|
default: 0,
|
|
|
|
|
},
|
|
|
|
|
canDiscoverProjectSecurity: {
|
|
|
|
|
type: Boolean,
|
|
|
|
|
required: false,
|
|
|
|
|
default: false,
|
|
|
|
|
},
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
|
|
|
|
data() {
|
|
|
|
|
return {
|
2021-02-22 17:27:13 +05:30
|
|
|
availableSecurityReports: [],
|
|
|
|
|
canShowCounts: false,
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2021-02-22 17:27:13 +05:30
|
|
|
// When core_security_mr_widget_counts is not enabled, the
|
|
|
|
|
// error state is shown even when successfully loaded, since success
|
2021-01-03 14:25:43 +05:30
|
|
|
// state suggests that the security scans detected no security problems,
|
|
|
|
|
// which is not necessarily the case. A future iteration will actually
|
|
|
|
|
// check whether problems were found and display the appropriate status.
|
2021-02-22 17:27:13 +05:30
|
|
|
status: ERROR,
|
2021-01-03 14:25:43 +05:30
|
|
|
};
|
|
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
apollo: {
|
|
|
|
|
reportArtifacts: {
|
2021-06-08 01:23:25 +05:30
|
|
|
query: securityReportMergeRequestDownloadPathsQuery,
|
2021-02-22 17:27:13 +05:30
|
|
|
variables() {
|
|
|
|
|
return {
|
|
|
|
|
projectPath: this.targetProjectFullPath,
|
|
|
|
|
iid: String(this.mrIid),
|
|
|
|
|
reportTypes: this.$options.reportTypes.map(
|
2021-03-08 18:12:59 +05:30
|
|
|
(reportType) => reportTypeToSecurityReportTypeEnum[reportType],
|
2021-02-22 17:27:13 +05:30
|
|
|
),
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
update(data) {
|
2021-06-08 01:23:25 +05:30
|
|
|
return extractSecurityReportArtifactsFromMergeRequest(this.$options.reportTypes, data);
|
2021-02-22 17:27:13 +05:30
|
|
|
},
|
|
|
|
|
error(error) {
|
|
|
|
|
this.showError(error);
|
|
|
|
|
},
|
2022-04-04 11:22:00 +05:30
|
|
|
result({ loading, data }) {
|
|
|
|
|
if (loading || !data) {
|
2021-02-22 17:27:13 +05:30
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Query has completed, so populate the availableSecurityReports.
|
|
|
|
|
this.onCheckingAvailableSecurityReports(
|
|
|
|
|
this.reportArtifacts.map(({ reportType }) => reportType),
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
computed: {
|
|
|
|
|
...mapGetters(['groupedSummaryText', 'summaryStatus']),
|
|
|
|
|
hasSecurityReports() {
|
|
|
|
|
return this.availableSecurityReports.length > 0;
|
|
|
|
|
},
|
|
|
|
|
hasSastReports() {
|
|
|
|
|
return this.availableSecurityReports.includes(REPORT_TYPE_SAST);
|
|
|
|
|
},
|
|
|
|
|
hasSecretDetectionReports() {
|
|
|
|
|
return this.availableSecurityReports.includes(REPORT_TYPE_SECRET_DETECTION);
|
|
|
|
|
},
|
|
|
|
|
isLoadingReportArtifacts() {
|
|
|
|
|
return this.$apollo.queries.reportArtifacts.loading;
|
|
|
|
|
},
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
|
|
|
|
methods: {
|
2021-02-22 17:27:13 +05:30
|
|
|
...mapActions(MODULE_SAST, {
|
|
|
|
|
setSastDiffEndpoint: 'setDiffEndpoint',
|
|
|
|
|
fetchSastDiff: 'fetchDiff',
|
|
|
|
|
}),
|
|
|
|
|
...mapActions(MODULE_SECRET_DETECTION, {
|
|
|
|
|
setSecretDetectionDiffEndpoint: 'setDiffEndpoint',
|
|
|
|
|
fetchSecretDetectionDiff: 'fetchDiff',
|
|
|
|
|
}),
|
|
|
|
|
fetchCounts() {
|
|
|
|
|
if (!this.glFeatures.coreSecurityMrWidgetCounts) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (this.sastComparisonPath && this.hasSastReports) {
|
|
|
|
|
this.setSastDiffEndpoint(this.sastComparisonPath);
|
|
|
|
|
this.fetchSastDiff();
|
|
|
|
|
this.canShowCounts = true;
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-18 22:05:49 +05:30
|
|
|
if (this.secretDetectionComparisonPath && this.hasSecretDetectionReports) {
|
|
|
|
|
this.setSecretDetectionDiffEndpoint(this.secretDetectionComparisonPath);
|
2021-02-22 17:27:13 +05:30
|
|
|
this.fetchSecretDetectionDiff();
|
|
|
|
|
this.canShowCounts = true;
|
|
|
|
|
}
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
onCheckingAvailableSecurityReports(availableSecurityReports) {
|
|
|
|
|
this.availableSecurityReports = availableSecurityReports;
|
|
|
|
|
this.fetchCounts();
|
|
|
|
|
},
|
|
|
|
|
showError(error) {
|
|
|
|
|
createFlash({
|
|
|
|
|
message: this.$options.i18n.apiError,
|
|
|
|
|
captureError: true,
|
|
|
|
|
error,
|
|
|
|
|
});
|
|
|
|
|
},
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
reportTypes: [REPORT_TYPE_SAST, REPORT_TYPE_SECRET_DETECTION],
|
2021-01-03 14:25:43 +05:30
|
|
|
i18n: {
|
|
|
|
|
apiError: s__(
|
|
|
|
|
'SecurityReports|Failed to get security report information. Please reload the page or try again later.',
|
|
|
|
|
),
|
2021-02-22 17:27:13 +05:30
|
|
|
scansHaveRun: s__('SecurityReports|Security scans have run'),
|
2021-01-03 14:25:43 +05:30
|
|
|
},
|
2021-02-22 17:27:13 +05:30
|
|
|
summarySlots: [SLOT_SUCCESS, SLOT_LOADING, SLOT_ERROR],
|
2021-01-03 14:25:43 +05:30
|
|
|
};
|
|
|
|
|
</script>
|
|
|
|
|
<template>
|
|
|
|
|
<report-section
|
2021-02-22 17:27:13 +05:30
|
|
|
v-if="canShowCounts"
|
|
|
|
|
:status="summaryStatus"
|
|
|
|
|
:has-issues="false"
|
|
|
|
|
class="mr-widget-border-top mr-report"
|
|
|
|
|
data-testid="security-mr-widget"
|
2021-04-29 21:17:54 +05:30
|
|
|
track-action="users_expanding_secure_security_report"
|
2021-02-22 17:27:13 +05:30
|
|
|
>
|
|
|
|
|
<template v-for="slot in $options.summarySlots" #[slot]>
|
|
|
|
|
<span :key="slot">
|
|
|
|
|
<security-summary :message="groupedSummaryText" />
|
|
|
|
|
|
|
|
|
|
<help-icon
|
2021-09-04 01:27:46 +05:30
|
|
|
class="gl-ml-3"
|
2021-02-22 17:27:13 +05:30
|
|
|
:help-path="securityReportsDocsPath"
|
|
|
|
|
:discover-project-security-path="discoverProjectSecurityPath"
|
|
|
|
|
/>
|
|
|
|
|
</span>
|
|
|
|
|
</template>
|
|
|
|
|
|
2021-03-11 19:13:27 +05:30
|
|
|
<template #action-buttons>
|
2021-02-22 17:27:13 +05:30
|
|
|
<security-report-download-dropdown
|
2021-09-30 23:02:18 +05:30
|
|
|
:text="s__('SecurityReports|Download results')"
|
2021-02-22 17:27:13 +05:30
|
|
|
:artifacts="reportArtifacts"
|
|
|
|
|
:loading="isLoadingReportArtifacts"
|
|
|
|
|
/>
|
|
|
|
|
</template>
|
|
|
|
|
</report-section>
|
|
|
|
|
|
|
|
|
|
<!-- TODO: Remove this section when removing core_security_mr_widget_counts
|
|
|
|
|
feature flag. See https://gitlab.com/gitlab-org/gitlab/-/issues/284097 -->
|
|
|
|
|
<report-section
|
|
|
|
|
v-else-if="hasSecurityReports"
|
2021-01-03 14:25:43 +05:30
|
|
|
:status="status"
|
|
|
|
|
:has-issues="false"
|
|
|
|
|
class="mr-widget-border-top mr-report"
|
|
|
|
|
data-testid="security-mr-widget"
|
2021-04-29 21:17:54 +05:30
|
|
|
track-action="users_expanding_secure_security_report"
|
2021-01-03 14:25:43 +05:30
|
|
|
>
|
|
|
|
|
<template #error>
|
2021-03-11 19:13:27 +05:30
|
|
|
{{ $options.i18n.scansHaveRun }}
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2021-02-22 17:27:13 +05:30
|
|
|
<help-icon
|
2021-09-04 01:27:46 +05:30
|
|
|
class="gl-ml-3"
|
2021-02-22 17:27:13 +05:30
|
|
|
:help-path="securityReportsDocsPath"
|
|
|
|
|
:discover-project-security-path="discoverProjectSecurityPath"
|
|
|
|
|
/>
|
|
|
|
|
</template>
|
|
|
|
|
|
2021-03-11 19:13:27 +05:30
|
|
|
<template #action-buttons>
|
2021-02-22 17:27:13 +05:30
|
|
|
<security-report-download-dropdown
|
2021-09-30 23:02:18 +05:30
|
|
|
:text="s__('SecurityReports|Download results')"
|
2021-02-22 17:27:13 +05:30
|
|
|
:artifacts="reportArtifacts"
|
|
|
|
|
:loading="isLoadingReportArtifacts"
|
|
|
|
|
/>
|
2021-01-03 14:25:43 +05:30
|
|
|
</template>
|
|
|
|
|
</report-section>
|
|
|
|
|
</template>
|
