From 39e49bee4ac67d7bdcc0a56fc828fceb3192c6af Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Mon, 21 Mar 2022 21:08:16 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .../concerns/sensitive_serializable_hash.rb | 7 - .../service_usage_data.html.haml | 4 +- ...ensitive_fields_from_serializable_hash.yml | 8 - .../show_report_validation_warnings.yml | 8 - config/webpack.config.js | 5 +- ...211043_add_index_to_vulnerability_reads.rb | 23 +++ db/schema_migrations/20220315211043 | 1 + db/structure.sql | 2 + doc/api/merge_request_approvals.md | 90 +++++++- doc/ci/variables/predefined_variables.md | 2 +- doc/development/chatops_on_gitlabcom.md | 1 + doc/user/clusters/agent/gitops.md | 16 ++ doc/user/project/issues/managing_issues.md | 2 +- lib/gitlab/ci/parsers/security/common.rb | 31 ++- package.json | 2 +- .../gitlab/ci/parsers/security/common_spec.rb | 192 ++++++------------ .../sensitive_serializable_hash_spec.rb | 10 - yarn.lock | 14 +- 18 files changed, 218 insertions(+), 200 deletions(-) delete mode 100644 config/feature_flags/development/prevent_sensitive_fields_from_serializable_hash.yml delete mode 100644 config/feature_flags/development/show_report_validation_warnings.yml create mode 100644 db/post_migrate/20220315211043_add_index_to_vulnerability_reads.rb create mode 100644 db/schema_migrations/20220315211043 diff --git a/app/models/concerns/sensitive_serializable_hash.rb b/app/models/concerns/sensitive_serializable_hash.rb index 725ec60e9b6..94451fcd2c2 100644 --- a/app/models/concerns/sensitive_serializable_hash.rb +++ b/app/models/concerns/sensitive_serializable_hash.rb @@ -19,7 +19,6 @@ module SensitiveSerializableHash # In general, prefer NOT to use serializable_hash / to_json / as_json in favor # of serializers / entities instead which has an allowlist of attributes def serializable_hash(options = nil) - return super unless prevent_sensitive_fields_from_serializable_hash? return super if options && options[:unsafe_serialization_hash] options = options.try(:dup) || {} @@ -37,10 +36,4 @@ module SensitiveSerializableHash super(options) end - - private - - def prevent_sensitive_fields_from_serializable_hash? - Feature.enabled?(:prevent_sensitive_fields_from_serializable_hash, default_enabled: :yaml) - end end diff --git a/app/views/admin/application_settings/service_usage_data.html.haml b/app/views/admin/application_settings/service_usage_data.html.haml index d9825183d88..394d8726ee8 100644 --- a/app/views/admin/application_settings/service_usage_data.html.haml +++ b/app/views/admin/application_settings/service_usage_data.html.haml @@ -8,9 +8,9 @@ %h3= name %button.gl-button.btn.btn-default.js-payload-preview-trigger{ type: 'button', data: { payload_selector: ".#{payload_class}" } } - .gl-spinner.js-spinner.gl-display-none.gl-mr-2 + = gl_loading_icon(css_class: 'js-spinner gl-display-none gl-mr-2') .js-text.gl-display-inline= _('Preview payload') %button.gl-button.btn.btn-default.js-payload-download-trigger{ type: 'button', data: { endpoint: usage_data_admin_application_settings_path(format: :json) } } - .gl-spinner.js-spinner.gl-display-none.gl-mr-2 + = gl_loading_icon(css_class: 'js-spinner gl-display-none gl-mr-2') .js-text.d-inline= _('Download payload') %pre.js-syntax-highlight.code.highlight.gl-mt-2.gl-display-none{ class: payload_class, data: { endpoint: usage_data_admin_application_settings_path(format: :html) } } diff --git a/config/feature_flags/development/prevent_sensitive_fields_from_serializable_hash.yml b/config/feature_flags/development/prevent_sensitive_fields_from_serializable_hash.yml deleted file mode 100644 index 7bcbe6b79c2..00000000000 --- a/config/feature_flags/development/prevent_sensitive_fields_from_serializable_hash.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: prevent_sensitive_fields_from_serializable_hash -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/81773 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353878 -milestone: '14.9' -type: development -group: group::sharding -default_enabled: false diff --git a/config/feature_flags/development/show_report_validation_warnings.yml b/config/feature_flags/development/show_report_validation_warnings.yml deleted file mode 100644 index 551d432a928..00000000000 --- a/config/feature_flags/development/show_report_validation_warnings.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: show_report_validation_warnings -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80930 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353125 -milestone: '14.9' -type: development -group: group::threat insights -default_enabled: true diff --git a/config/webpack.config.js b/config/webpack.config.js index 360c5be05d4..4cc490362ad 100644 --- a/config/webpack.config.js +++ b/config/webpack.config.js @@ -702,7 +702,10 @@ module.exports = { const incrementalCompilerMiddleware = incrementalCompiler.createMiddleware(devServer); if (incrementalCompilerMiddleware) { - middlewares.unshift(incrementalCompilerMiddleware); + middlewares.unshift({ + name: 'incremental-compiler', + middleware: incrementalCompilerMiddleware, + }); } return middlewares; diff --git a/db/post_migrate/20220315211043_add_index_to_vulnerability_reads.rb b/db/post_migrate/20220315211043_add_index_to_vulnerability_reads.rb new file mode 100644 index 00000000000..9fe78fb0a4e --- /dev/null +++ b/db/post_migrate/20220315211043_add_index_to_vulnerability_reads.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +class AddIndexToVulnerabilityReads < Gitlab::Database::Migration[1.0] + INDEX_NAME = 'index_vulnerability_reads_common_finder_query' + + disable_ddl_transaction! + + def up + add_concurrent_index( + :vulnerability_reads, + %i[project_id state report_type severity vulnerability_id], + name: INDEX_NAME, + order: { vulnerability_id: :desc } + ) + end + + def down + remove_concurrent_index_by_name( + :vulnerability_reads, + INDEX_NAME + ) + end +end diff --git a/db/schema_migrations/20220315211043 b/db/schema_migrations/20220315211043 new file mode 100644 index 00000000000..6fd80db768e --- /dev/null +++ b/db/schema_migrations/20220315211043 @@ -0,0 +1 @@ +ae734a1ae3555a237e427dbcc0ace6c461c50cf98bc1076ca59c90b603b88c29 \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 2ea0087c65a..06db98bf49d 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -29437,6 +29437,8 @@ CREATE UNIQUE INDEX index_vulnerability_occurrences_on_uuid ON vulnerability_occ CREATE INDEX index_vulnerability_occurrences_on_vulnerability_id ON vulnerability_occurrences USING btree (vulnerability_id); +CREATE INDEX index_vulnerability_reads_common_finder_query ON vulnerability_reads USING btree (project_id, state, report_type, severity, vulnerability_id DESC); + CREATE INDEX index_vulnerability_reads_on_cluster_agent_id ON vulnerability_reads USING btree (cluster_agent_id) WHERE (report_type = 7); CREATE INDEX index_vulnerability_reads_on_location_image ON vulnerability_reads USING btree (location_image) WHERE (report_type = ANY (ARRAY[2, 7])); diff --git a/doc/api/merge_request_approvals.md b/doc/api/merge_request_approvals.md index e569abd323e..b51b55f037e 100644 --- a/doc/api/merge_request_approvals.md +++ b/doc/api/merge_request_approvals.md @@ -776,6 +776,82 @@ GET /projects/:id/merge_requests/:merge_request_iid/approval_rules ] ``` +### Get a single merge request level rule + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82767) in GitLab 14.10. + +You can request information about a single merge request approval rule using the following endpoint: + +```plaintext +GET /projects/:id/merge_requests/:merge_request_iid/approval_rules/:approval_rule_id +``` + +**Parameters:** + +| Attribute | Type | Required | Description | +|---------------------|---------|----------|------------------------------------------------------------------------------| +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding). | +| `merge_request_iid` | integer | yes | The IID of a merge request. | +| `approval_rule_id` | integer | yes | The ID of an approval rule. | + +```json +{ + "id": 1, + "name": "security", + "rule_type": "regular", + "eligible_approvers": [ + { + "id": 5, + "name": "John Doe", + "username": "jdoe", + "state": "active", + "avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon", + "web_url": "http://localhost/jdoe" + }, + { + "id": 50, + "name": "Group Member 1", + "username": "group_member_1", + "state": "active", + "avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon", + "web_url": "http://localhost/group_member_1" + } + ], + "approvals_required": 3, + "source_rule": null, + "users": [ + { + "id": 5, + "name": "John Doe", + "username": "jdoe", + "state": "active", + "avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon", + "web_url": "http://localhost/jdoe" + } + ], + "groups": [ + { + "id": 5, + "name": "group1", + "path": "group1", + "description": "", + "visibility": "public", + "lfs_enabled": false, + "avatar_url": null, + "web_url": "http://localhost/groups/group1", + "request_access_enabled": false, + "full_name": "group1", + "full_path": "group1", + "parent_id": null, + "ldap_cn": null, + "ldap_access": null + } + ], + "contains_hidden_groups": false, + "overridden": false +} +``` + ### Create merge request level rule > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11877) in GitLab 12.3. @@ -881,13 +957,13 @@ These are system generated rules. | Attribute | Type | Required | Description | |----------------------|---------|----------|------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | -| `merge_request_iid` | integer | yes | The ID of MR | -| `approval_rule_id` | integer | yes | The ID of a approval rule | -| `name` | string | yes | The name of the approval rule | -| `approvals_required` | integer | yes | The number of required approvals for this rule | -| `user_ids` | Array | no | The ids of users as approvers | -| `group_ids` | Array | no | The ids of groups as approvers | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding). | +| `merge_request_iid` | integer | yes | The IID of a merge request. | +| `approval_rule_id` | integer | yes | The ID of an approval rule. | +| `name` | string | yes | The name of the approval rule. | +| `approvals_required` | integer | yes | The number of required approvals for this rule. | +| `user_ids` | Array | no | The IDs of users as approvers. | +| `group_ids` | Array | no | The IDs of groups as approvers. | ```json { diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md index 0f3461b3674..b3a0cae7810 100644 --- a/doc/ci/variables/predefined_variables.md +++ b/doc/ci/variables/predefined_variables.md @@ -105,7 +105,7 @@ There are also a number of [variables you can use to configure runner behavior]( | `CI_RUNNER_EXECUTABLE_ARCH` | all | 10.6 | The OS/architecture of the GitLab Runner executable. Might not be the same as the environment of the executor. | | `CI_RUNNER_ID` | 8.10 | 0.5 | The unique ID of the runner being used. | | `CI_RUNNER_REVISION` | all | 10.6 | The revision of the runner running the job. | -| `CI_RUNNER_SHORT_TOKEN` | all | 12.3 | First eight characters of the runner's token used to authenticate new job requests. Used as the runner's unique ID. | +| `CI_RUNNER_SHORT_TOKEN` | all | 12.3 | The runner's unique ID, used to authenticate new job requests. In [GitLab 14.9](https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/2251) and later, the token contains a prefix, and the first 17 characters are used. Prior to 14.9, the first eight characters are used. | | `CI_RUNNER_TAGS` | 8.10 | 0.5 | A comma-separated list of the runner tags. | | `CI_RUNNER_VERSION` | all | 10.6 | The version of the GitLab Runner running the job. | | `CI_SERVER_HOST` | 12.1 | all | The host of the GitLab instance URL, without protocol or port. For example `gitlab.example.com`. | diff --git a/doc/development/chatops_on_gitlabcom.md b/doc/development/chatops_on_gitlabcom.md index 26fcf520393..e18fcb0061b 100644 --- a/doc/development/chatops_on_gitlabcom.md +++ b/doc/development/chatops_on_gitlabcom.md @@ -25,6 +25,7 @@ To request access to ChatOps on GitLab.com: - The same username you use on GitLab.com. You may have to choose a different username later. - Clicking the **Sign in with Google** button to sign in with your GitLab.com email address. + - Clicking the **Sign in with Okta** button to sign in with Okta. 1. Confirm that your username in [Internal GitLab for Operations](https://ops.gitlab.net/) is the same as your username in [GitLab.com](https://gitlab.com/). If the usernames diff --git a/doc/user/clusters/agent/gitops.md b/doc/user/clusters/agent/gitops.md index 8f0e2255121..363747d3d9c 100644 --- a/doc/user/clusters/agent/gitops.md +++ b/doc/user/clusters/agent/gitops.md @@ -90,6 +90,22 @@ gitops: | `prune_propagation_policy` | The deletion propagation policy that [should be used for pruning](https://github.com/kubernetes/apimachinery/blob/44113beed5d39f1b261a12ec398a356e02358307/pkg/apis/meta/v1/types.go#L456-L470). Can be: `orphan`, `background`, or `foreground`. Default is `foreground`. | | `inventory_policy` | Determines whether an inventory object can take over objects that belong to another inventory object or don't belong to any inventory object. This is done by determining if the apply/prune operation can go through for a resource based on comparison of the `inventory-id` value in the package and the `owning-inventory` annotation (`config.k8s.io/owning-inventory`) [in the live object](https://github.com/kubernetes-sigs/cli-utils/blob/d6968048dcd80b1c7b55d9e4f31fc25f71c9b490/pkg/inventory/policy.go#L12-L66). Can be: `must_match`, `adopt_if_no_inventory`, or `adopt_all`. Default is `must_match`. | +## GitOps annotations + +The GitLab agent for Kubernetes has annotations you can use to: + +- **Sort resources**: Apply or delete resources in a specific order. +- **Use apply-time mutation**: Dynamically substitute fields from one resource configuration to another. + +The agent has [default sorting](https://github.com/kubernetes-sigs/cli-utils/blob/d7d63f4b62897f584ca9e02b6faf4d2f327a9b09/pkg/ordering/sort.go#L74), +but with annotations, you can fine-tune the order and apply time-value injection. + +To provide the GitOps functionality, the GitLab agent for Kubernetes uses the [`cli-utils` library](https://github.com/kubernetes-sigs/cli-utils/), +a Kubernetes SIG project. You can read more about the available annotations in the [`cli-utils` documentation](https://github.com/kubernetes-sigs/cli-utils/blob/master/README.md#apply-sort-ordering). + +- [Learn more about apply sort ordering](https://github.com/kubernetes-sigs/cli-utils#apply-sort-ordering). +- [Learn more about apply-time mutation](https://github.com/kubernetes-sigs/cli-utils#apply-time-mutation). + ## Additional resources The following documentation and examples can help you get started with a GitOps workflow. diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md index 58591129d97..4508ef30ac5 100644 --- a/doc/user/project/issues/managing_issues.md +++ b/doc/user/project/issues/managing_issues.md @@ -342,7 +342,7 @@ To do it: issues.each do |issue| if issue.state != "closed" && issue.moved_to.nil? - Issues::MoveService.new(project, admin_user).execute(issue, target_project) + Issues::MoveService.new(project: project, current_user: admin_user).execute(issue, target_project) else puts "issue with id: #{issue.id} and title: #{issue.title} was not moved" end diff --git a/lib/gitlab/ci/parsers/security/common.rb b/lib/gitlab/ci/parsers/security/common.rb index 7baae2f53d7..2d8a182e808 100644 --- a/lib/gitlab/ci/parsers/security/common.rb +++ b/lib/gitlab/ci/parsers/security/common.rb @@ -43,26 +43,25 @@ module Gitlab attr_reader :json_data, :report, :validate def valid? - if Feature.enabled?(:show_report_validation_warnings, default_enabled: :yaml) - # We want validation to happen regardless of VALIDATE_SCHEMA CI variable - schema_validation_passed = schema_validator.valid? + # We want validation to happen regardless of VALIDATE_SCHEMA + # CI variable. + # + # Previously it controlled BOTH validation and enforcement of + # schema validation result. + # + # After 15.0 we will enforce schema validation by default + # See: https://gitlab.com/groups/gitlab-org/-/epics/6968 + schema_validation_passed = schema_validator.valid? - if validate - schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed + if validate + schema_validator.errors.each { |error| report.add_error('Schema', error) } unless schema_validation_passed - schema_validation_passed - else - # We treat all schema validation errors as warnings - schema_validator.errors.each { |error| report.add_warning('Schema', error) } - - true - end + schema_validation_passed else - return true if !validate || schema_validator.valid? + # We treat all schema validation errors as warnings + schema_validator.errors.each { |error| report.add_warning('Schema', error) } - schema_validator.errors.each { |error| report.add_error('Schema', error) } - - false + true end end diff --git a/package.json b/package.json index 80aeb235b6b..2f43db5c86a 100644 --- a/package.json +++ b/package.json @@ -253,7 +253,7 @@ "webpack-dev-server": "4.7.4", "xhr-mock": "^2.5.1", "yarn-check-webpack-plugin": "^1.2.0", - "yarn-deduplicate": "^3.1.0" + "yarn-deduplicate": "^4.0.0" }, "blockedDependencies": { "bootstrap-vue": "https://docs.gitlab.com/ee/development/fe_guide/dependencies.html#bootstrapvue" diff --git a/spec/lib/gitlab/ci/parsers/security/common_spec.rb b/spec/lib/gitlab/ci/parsers/security/common_spec.rb index 1e96c717a4f..063fee077af 100644 --- a/spec/lib/gitlab/ci/parsers/security/common_spec.rb +++ b/spec/lib/gitlab/ci/parsers/security/common_spec.rb @@ -38,172 +38,102 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do allow(validator_class).to receive(:new).and_call_original end - context 'when show_report_validation_warnings is enabled' do + context 'when the validate flag is set to `false`' do + let(:validate) { false } + let(:valid?) { false } + let(:errors) { ['foo'] } + before do - stub_feature_flags(show_report_validation_warnings: true) + allow_next_instance_of(validator_class) do |instance| + allow(instance).to receive(:valid?).and_return(valid?) + allow(instance).to receive(:errors).and_return(errors) + end + + allow(parser).to receive_messages(create_scanner: true, create_scan: true) end - context 'when the validate flag is set to `false`' do - let(:validate) { false } - let(:valid?) { false } - let(:errors) { ['foo'] } + it 'instantiates the validator with correct params' do + parse_report - before do - allow_next_instance_of(validator_class) do |instance| - allow(instance).to receive(:valid?).and_return(valid?) - allow(instance).to receive(:errors).and_return(errors) - end + expect(validator_class).to have_received(:new).with(report.type, {}, report.version) + end - allow(parser).to receive_messages(create_scanner: true, create_scan: true) + context 'when the report data is not valid according to the schema' do + it 'adds warnings to the report' do + expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }]) end - it 'instantiates the validator with correct params' do + it 'keeps the execution flow as normal' do parse_report - expect(validator_class).to have_received(:new).with(report.type, {}, report.version) - end - - context 'when the report data is not valid according to the schema' do - it 'adds warnings to the report' do - expect { parse_report }.to change { report.warnings }.from([]).to([{ message: 'foo', type: 'Schema' }]) - end - - it 'keeps the execution flow as normal' do - parse_report - - expect(parser).to have_received(:create_scanner) - expect(parser).to have_received(:create_scan) - end - end - - context 'when the report data is valid according to the schema' do - let(:valid?) { true } - let(:errors) { [] } - - it 'does not add warnings to the report' do - expect { parse_report }.not_to change { report.errors } - end - - it 'keeps the execution flow as normal' do - parse_report - - expect(parser).to have_received(:create_scanner) - expect(parser).to have_received(:create_scan) - end + expect(parser).to have_received(:create_scanner) + expect(parser).to have_received(:create_scan) end end - context 'when the validate flag is set to `true`' do - let(:validate) { true } - let(:valid?) { false } - let(:errors) { ['foo'] } + context 'when the report data is valid according to the schema' do + let(:valid?) { true } + let(:errors) { [] } - before do - allow_next_instance_of(validator_class) do |instance| - allow(instance).to receive(:valid?).and_return(valid?) - allow(instance).to receive(:errors).and_return(errors) - end - - allow(parser).to receive_messages(create_scanner: true, create_scan: true) + it 'does not add warnings to the report' do + expect { parse_report }.not_to change { report.errors } end - it 'instantiates the validator with correct params' do + it 'keeps the execution flow as normal' do parse_report - expect(validator_class).to have_received(:new).with(report.type, {}, report.version) - end - - context 'when the report data is not valid according to the schema' do - it 'adds errors to the report' do - expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) - end - - it 'does not try to create report entities' do - parse_report - - expect(parser).not_to have_received(:create_scanner) - expect(parser).not_to have_received(:create_scan) - end - end - - context 'when the report data is valid according to the schema' do - let(:valid?) { true } - let(:errors) { [] } - - it 'does not add errors to the report' do - expect { parse_report }.not_to change { report.errors }.from([]) - end - - it 'keeps the execution flow as normal' do - parse_report - - expect(parser).to have_received(:create_scanner) - expect(parser).to have_received(:create_scan) - end + expect(parser).to have_received(:create_scanner) + expect(parser).to have_received(:create_scan) end end end - context 'when show_report_validation_warnings is disabled' do + context 'when the validate flag is set to `true`' do + let(:validate) { true } + let(:valid?) { false } + let(:errors) { ['foo'] } + before do - stub_feature_flags(show_report_validation_warnings: false) + allow_next_instance_of(validator_class) do |instance| + allow(instance).to receive(:valid?).and_return(valid?) + allow(instance).to receive(:errors).and_return(errors) + end + + allow(parser).to receive_messages(create_scanner: true, create_scan: true) end - context 'when the validate flag is set as `false`' do - let(:validate) { false } + it 'instantiates the validator with correct params' do + parse_report - it 'does not run the validation logic' do + expect(validator_class).to have_received(:new).with(report.type, {}, report.version) + end + + context 'when the report data is not valid according to the schema' do + it 'adds errors to the report' do + expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) + end + + it 'does not try to create report entities' do parse_report - expect(validator_class).not_to have_received(:new) + expect(parser).not_to have_received(:create_scanner) + expect(parser).not_to have_received(:create_scan) end end - context 'when the validate flag is set as `true`' do - let(:validate) { true } - let(:valid?) { false } + context 'when the report data is valid according to the schema' do + let(:valid?) { true } + let(:errors) { [] } - before do - allow_next_instance_of(validator_class) do |instance| - allow(instance).to receive(:valid?).and_return(valid?) - allow(instance).to receive(:errors).and_return(['foo']) - end - - allow(parser).to receive_messages(create_scanner: true, create_scan: true) + it 'does not add errors to the report' do + expect { parse_report }.not_to change { report.errors }.from([]) end - it 'instantiates the validator with correct params' do + it 'keeps the execution flow as normal' do parse_report - expect(validator_class).to have_received(:new).with(report.type, {}, report.version) - end - - context 'when the report data is not valid according to the schema' do - it 'adds errors to the report' do - expect { parse_report }.to change { report.errors }.from([]).to([{ message: 'foo', type: 'Schema' }]) - end - - it 'does not try to create report entities' do - parse_report - - expect(parser).not_to have_received(:create_scanner) - expect(parser).not_to have_received(:create_scan) - end - end - - context 'when the report data is valid according to the schema' do - let(:valid?) { true } - - it 'does not add errors to the report' do - expect { parse_report }.not_to change { report.errors }.from([]) - end - - it 'keeps the execution flow as normal' do - parse_report - - expect(parser).to have_received(:create_scanner) - expect(parser).to have_received(:create_scan) - end + expect(parser).to have_received(:create_scanner) + expect(parser).to have_received(:create_scan) end end end diff --git a/spec/models/concerns/sensitive_serializable_hash_spec.rb b/spec/models/concerns/sensitive_serializable_hash_spec.rb index 923f9e80c1f..c864ecb4eec 100644 --- a/spec/models/concerns/sensitive_serializable_hash_spec.rb +++ b/spec/models/concerns/sensitive_serializable_hash_spec.rb @@ -30,16 +30,6 @@ RSpec.describe SensitiveSerializableHash do expect(model.serializable_hash(unsafe_serialization_hash: true)).to include('super_secret') end end - - context 'when prevent_sensitive_fields_from_serializable_hash feature flag is disabled' do - before do - stub_feature_flags(prevent_sensitive_fields_from_serializable_hash: false) - end - - it 'includes the field in serializable_hash' do - expect(model.serializable_hash).to include('super_secret') - end - end end describe '#serializable_hash' do diff --git a/yarn.lock b/yarn.lock index fdf543d7c81..7f44eefbffc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3626,12 +3626,12 @@ commander@7, commander@^7.0.0: resolved "https://registry.yarnpkg.com/commander/-/commander-7.2.0.tgz#a36cb57d0b501ce108e4d20559a150a391d97ab7" integrity sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw== -commander@^6.0.0, commander@^6.1.0, commander@^6.2.0: +commander@^6.0.0, commander@^6.2.0: version "6.2.1" resolved "https://registry.yarnpkg.com/commander/-/commander-6.2.1.tgz#0792eb682dfbc325999bb2b84fddddba110ac73c" integrity sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA== -commander@~9.0.0: +commander@^9.0.0, commander@~9.0.0: version "9.0.0" resolved "https://registry.yarnpkg.com/commander/-/commander-9.0.0.tgz#86d58f24ee98126568936bd1d3574e0308a99a40" integrity sha512-JJfP2saEKbQqvW+FI93OYUB4ByV5cizMpFMiiJI8xDbBvQvSkIk0VvQdn1CZ8mqAO8Loq2h0gYTYtDFUZUeERw== @@ -12555,13 +12555,13 @@ yarn-check-webpack-plugin@^1.2.0: dependencies: chalk "^2.4.2" -yarn-deduplicate@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/yarn-deduplicate/-/yarn-deduplicate-3.1.0.tgz#3018d93e95f855f236a215b591fe8bc4bcabba3e" - integrity sha512-q2VZ6ThNzQpGfNpkPrkmV7x5HT9MOhCUsTxVTzyyZB0eSXz1NTodHn+r29DlLb+peKk8iXxzdUVhQG9pI7moFw== +yarn-deduplicate@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/yarn-deduplicate/-/yarn-deduplicate-4.0.0.tgz#0fcd11a83c2629ee41bc38a97d78fbd810c5825f" + integrity sha512-1sI617aM8WNplWA7O58peEq3gC14Ah/Ld55CF1aB2v4pTaxDpOgb+mTaWhIKzOCqJjwnaSqmYVrfgABUlc9bNA== dependencies: "@yarnpkg/lockfile" "^1.1.0" - commander "^6.1.0" + commander "^9.0.0" semver "^7.3.2" yn@3.1.1: