# frozen_string_literal: true FactoryBot.define do factory :ci_job_artifact, class: 'Ci::JobArtifact' do job factory: :ci_build file_type { :archive } file_format { :zip } trait :expired do expire_at { Time.current.yesterday.change(minute: 9) } end trait :locked do locked { Ci::JobArtifact.lockeds[:artifacts_locked] } end trait :remote_store do file_store { JobArtifactUploader::Store::REMOTE } end after :build do |artifact| artifact.project ||= artifact.job.project artifact.job&.valid? end trait :raw do file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/trace/sample_trace'), 'text/plain') end end trait :zip do file_format { :zip } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/ci_build_artifacts.zip'), 'application/zip') end end trait :gzip do file_format { :gzip } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/ci_build_artifacts_metadata.gz'), 'application/x-gzip') end end trait :archive do file_type { :archive } file_format { :zip } transient do file { fixture_file_upload(Rails.root.join('spec/fixtures/ci_build_artifacts.zip'), 'application/zip') } end after(:build) do |artifact, evaluator| artifact.file = evaluator.file end end trait :legacy_archive do archive file_location { :legacy_path } end trait :metadata do file_type { :metadata } file_format { :gzip } transient do file { fixture_file_upload(Rails.root.join('spec/fixtures/ci_build_artifacts_metadata.gz'), 'application/x-gzip') } end after(:build) do |artifact, evaluator| artifact.file = evaluator.file end end trait :trace do file_type { :trace } file_format { :raw } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/trace/sample_trace'), 'text/plain') end end trait :unarchived_trace_artifact do file_type { :trace } file_format { :raw } after(:build) do |artifact, evaluator| file = double('file', path: '/path/to/job.log') artifact.file = file allow(artifact.file).to receive(:file).and_return(CarrierWave::SanitizedFile.new(file)) end end trait :junit do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit.xml.gz'), 'application/x-gzip') end end trait :junit_with_attachment do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_with_attachment.xml.gz'), 'application/x-gzip') end end trait :junit_with_duplicate_failed_test_names do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_with_duplicate_failed_test_names.xml.gz'), 'application/x-gzip') end end trait :junit_with_ant do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_ant.xml.gz'), 'application/x-gzip') end end trait :junit_with_three_testsuites do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_with_three_testsuites.xml.gz'), 'application/x-gzip') end end trait :junit_with_corrupted_data do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_with_corrupted_data.xml.gz'), 'application/x-gzip') end end trait :junit_with_three_failures do file_type { :junit } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/junit/junit_with_three_failures.xml.gz'), 'application/x-gzip') end end trait :accessibility do file_type { :accessibility } file_format { :raw } after(:build) do |artifact, _evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/accessibility/pa11y_with_errors.json'), 'application/json') end end trait :accessibility_with_invalid_url do file_type { :accessibility } file_format { :raw } after(:build) do |artifact, _evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/accessibility/pa11y_with_invalid_url.json'), 'application/json') end end trait :accessibility_without_errors do file_type { :accessibility } file_format { :raw } after(:build) do |artifact, _evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/accessibility/pa11y_without_errors.json'), 'application/json') end end trait :cobertura do file_type { :cobertura } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/cobertura/coverage.xml.gz'), 'application/x-gzip') end end trait :terraform do file_type { :terraform } file_format { :raw } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/terraform/tfplan.json'), 'application/json') end end trait :terraform_with_corrupted_data do file_type { :terraform } file_format { :raw } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/terraform/tfplan_with_corrupted_data.json'), 'application/json') end end trait :coverage_gocov_xml do file_type { :cobertura } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/cobertura/coverage_gocov_xml.xml.gz'), 'application/x-gzip') end end trait :coverage_with_paths_not_relative_to_project_root do file_type { :cobertura } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/cobertura/coverage_with_paths_not_relative_to_project_root.xml.gz'), 'application/x-gzip') end end trait :coverage_with_corrupted_data do file_type { :cobertura } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/cobertura/coverage_with_corrupted_data.xml.gz'), 'application/x-gzip') end end trait :codequality do file_type { :codequality } file_format { :raw } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/codequality/codeclimate.json'), 'application/json') end end trait :codequality_without_errors do file_type { :codequality } file_format { :raw } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/codequality/codeclimate_without_errors.json'), 'application/json') end end trait :sast do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report.json'), 'application/json') end end trait :sast_minimal do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-minimal.json'), 'application/json') end end # Bandit reports are correctly de-duplicated when ran in the same pipeline # as a corresponding semgrep report. # This report does not include signature tracking. trait :sast_bandit do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-bandit.json'), 'application/json') end end # Equivalent Semgrep report for :sast_bandit report. # This report includes signature tracking. trait :sast_semgrep_for_bandit do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-semgrep-for-bandit.json'), 'application/json') end end # Gosec reports are not correctly de-duplicated when ran in the same pipeline # as a corresponding semgrep report. # This report includes signature tracking. trait :sast_gosec do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-gosec.json'), 'application/json') end end # Equivalent Semgrep report for :sast_gosec report. # This report includes signature tracking. trait :sast_semgrep_for_gosec do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-semgrep-for-gosec.json'), 'application/json') end end # Equivalent Semgrep report for combined :sast_bandit and :sast_gosec reports. # This report includes signature tracking. trait :sast_semgrep_for_multiple_findings do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-report-semgrep-for-multiple-findings.json'), 'application/json') end end trait :common_security_report do file_format { :raw } file_type { :dependency_scanning } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-common-scanning-report.json'), 'application/json') end end trait :common_security_report_without_top_level_scanner do common_security_report after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-common-scanning-report-without-top-level-scanner.json'), 'application/json') end end trait :common_security_report_with_blank_names do file_format { :raw } file_type { :dependency_scanning } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-common-scanning-report-names.json'), 'application/json') end end trait :sast_with_corrupted_data do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/trace/sample_trace'), 'application/json') end end trait :sast_feature_branch do file_format { :raw } file_type { :sast } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/feature-branch/gl-sast-report.json'), 'application/json') end end trait :secret_detection_feature_branch do file_format { :raw } file_type { :secret_detection } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/feature-branch/gl-secret-detection-report.json'), 'application/json') end end trait :sast_with_missing_scanner do file_type { :sast } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-sast-missing-scanner.json'), 'application/json') end end trait :secret_detection do file_type { :secret_detection } file_format { :raw } after(:build) do |artifact, _| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/security_reports/master/gl-secret-detection-report.json'), 'application/json') end end trait :lsif do file_type { :lsif } file_format { :zip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/lsif.json.zip'), 'application/zip') end end trait :dotenv do file_type { :dotenv } file_format { :gzip } after(:build) do |artifact, evaluator| artifact.file = fixture_file_upload( Rails.root.join('spec/fixtures/build.env.gz'), 'application/x-gzip') end end trait :correct_checksum do after(:build) do |artifact, evaluator| artifact.file_sha256 = Digest::SHA256.file(artifact.file.path).hexdigest end end end end