Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-08-31 21:12:55 +00:00
parent febc637ca9
commit 915ce2e092
27 changed files with 304 additions and 89 deletions

View File

@ -8,6 +8,11 @@ module Mutations
include Mutations::ResolvesGroup
description 'These settings can be adjusted by the group Owner or Maintainer. However, in GitLab 16.0, we ' \
'will be limiting this to the Owner role. ' \
'[GitLab-#364441](https://gitlab.com/gitlab-org/gitlab/-/issues/364441) proposes making ' \
'this change to match the permissions level in the user interface.'
authorize :admin_dependency_proxy
argument :group_path,

View File

@ -1,8 +0,0 @@
---
name: s3_omit_multipart_urls
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85306
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/359718
milestone: '14.10'
type: development
group: group::package
default_enabled: true

View File

@ -1,8 +1,7 @@
---
name: detect_cross_database_modification
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/73316
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/344620
milestone: '14.5'
type: development
type: ops
group: group::sharding
default_enabled: false

View File

@ -1,8 +1,7 @@
---
name: query_analyzer_gitlab_schema_metrics
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/73839
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/345034
milestone: '14.5'
type: development
type: ops
group: group::sharding
default_enabled: false

View File

@ -0,0 +1,11 @@
---
table_name: sbom_vulnerable_component_versions
classes:
- Sbom::VulnerableComponentVersion
feature_categories:
- container_scanning
- dependency_scanning
- license_compliance
description: Stores information about vulnerable SBoM components
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95622
milestone: '15.4'

View File

@ -0,0 +1,11 @@
---
table_name: vulnerability_advisories
classes:
- Vulnerabilities::Advisory
feature_categories:
- container_scanning
- dependency_scanning
- license_compliance
description: Stores vulnerability advisories
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95622
milestone: '15.4'

View File

@ -0,0 +1,25 @@
# frozen_string_literal: true
class CreateVulnerabilityAdvisories < Gitlab::Database::Migration[2.0]
def change
create_table :vulnerability_advisories, id: false do |t|
t.uuid :uuid, null: false
t.timestamps_with_timezone null: false
t.primary_key :id
t.date :created_date, null: false
t.date :published_date, null: false
t.text :description, limit: 2048
t.text :title, limit: 2048
t.text :component_name, limit: 2048
t.text :solution, limit: 2048
t.text :not_impacted, limit: 2048
t.text :cvss_v2, limit: 128
t.text :cvss_v3, limit: 128
t.text :affected_range, limit: 32
t.text :identifiers, array: true, default: []
t.text :fixed_versions, array: true, default: []
t.text :urls, array: true, default: []
t.text :links, array: true, default: []
end
end
end

View File

@ -0,0 +1,18 @@
# frozen_string_literal: true
class CreateSbomVulnerableComponentVersions < Gitlab::Database::Migration[2.0]
ADVISORY_INDEX_NAME = "index_vulnerable_component_versions_on_vulnerability_advisory"
SBOM_COMPONENT_INDEX_NAME = "index_vulnerable_component_versions_on_sbom_component_version"
def change
create_table :sbom_vulnerable_component_versions do |t|
t.references :vulnerability_advisory,
index: { name: ADVISORY_INDEX_NAME }
t.references :sbom_component_version,
index: { name: SBOM_COMPONENT_INDEX_NAME }
t.timestamps_with_timezone null: false
end
end
end

View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
class AddVulnerabilityAdvisoryForeignKeyToSbomVulnerableComponentVersions < Gitlab::Database::Migration[2.0]
SOURCE_TABLE = :sbom_vulnerable_component_versions
TARGET_TABLE = :vulnerability_advisories
COLUMN = :vulnerability_advisory_id
disable_ddl_transaction!
def up
add_concurrent_foreign_key SOURCE_TABLE, TARGET_TABLE, column: COLUMN, on_delete: :cascade
end
def down
with_lock_retries do
remove_foreign_key SOURCE_TABLE, column: COLUMN
end
end
end

View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
class AddSbomComponentVersionForeignKeyToSbomVulnerableComponentVersions < Gitlab::Database::Migration[2.0]
SOURCE_TABLE = :sbom_vulnerable_component_versions
TARGET_TABLE = :sbom_component_versions
COLUMN = :sbom_component_version_id
disable_ddl_transaction!
def up
add_concurrent_foreign_key SOURCE_TABLE, TARGET_TABLE, column: COLUMN, on_delete: :cascade
end
def down
with_lock_retries do
remove_foreign_key SOURCE_TABLE, column: COLUMN
end
end
end

View File

@ -0,0 +1 @@
8494a4a9c708ddfc63d86891b83f01c0883d8b88ebea2177980780a381d74704

View File

@ -0,0 +1 @@
47dcd45d2b9c35c4e3ca707d54a983e8321dd86b2b66d4bccca9001884bc6d13

View File

@ -0,0 +1 @@
5819791e71e9118680e24eceef92364c78ed51dda375db9902f693147ddd9765

View File

@ -0,0 +1 @@
1e0109c4e1a0512864f3ed16d0a9bc82b40b5c6fb1586acaffe18191821df18f

View File

@ -20856,6 +20856,23 @@ CREATE SEQUENCE sbom_sources_id_seq
ALTER SEQUENCE sbom_sources_id_seq OWNED BY sbom_sources.id;
CREATE TABLE sbom_vulnerable_component_versions (
id bigint NOT NULL,
vulnerability_advisory_id bigint,
sbom_component_version_id bigint,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL
);
CREATE SEQUENCE sbom_vulnerable_component_versions_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER SEQUENCE sbom_vulnerable_component_versions_id_seq OWNED BY sbom_vulnerable_component_versions.id;
CREATE TABLE schema_migrations (
version character varying NOT NULL,
finished_at timestamp with time zone DEFAULT now()
@ -22285,6 +22302,44 @@ CREATE SEQUENCE vulnerabilities_id_seq
ALTER SEQUENCE vulnerabilities_id_seq OWNED BY vulnerabilities.id;
CREATE TABLE vulnerability_advisories (
uuid uuid NOT NULL,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
id bigint NOT NULL,
created_date date NOT NULL,
published_date date NOT NULL,
description text,
title text,
component_name text,
solution text,
not_impacted text,
cvss_v2 text,
cvss_v3 text,
affected_range text,
identifiers text[] DEFAULT '{}'::text[],
fixed_versions text[] DEFAULT '{}'::text[],
urls text[] DEFAULT '{}'::text[],
links text[] DEFAULT '{}'::text[],
CONSTRAINT check_3ab0544d19 CHECK ((char_length(title) <= 2048)),
CONSTRAINT check_3b57023409 CHECK ((char_length(affected_range) <= 32)),
CONSTRAINT check_4d5cd7be9c CHECK ((char_length(component_name) <= 2048)),
CONSTRAINT check_962f256a51 CHECK ((char_length(solution) <= 2048)),
CONSTRAINT check_aae93955fb CHECK ((char_length(cvss_v3) <= 128)),
CONSTRAINT check_b8a17497f3 CHECK ((char_length(cvss_v2) <= 128)),
CONSTRAINT check_c05a35f418 CHECK ((char_length(not_impacted) <= 2048)),
CONSTRAINT check_ff9f6483b6 CHECK ((char_length(description) <= 2048))
);
CREATE SEQUENCE vulnerability_advisories_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER SEQUENCE vulnerability_advisories_id_seq OWNED BY vulnerability_advisories.id;
CREATE TABLE vulnerability_exports (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
@ -23829,6 +23884,8 @@ ALTER TABLE ONLY sbom_occurrences ALTER COLUMN id SET DEFAULT nextval('sbom_occu
ALTER TABLE ONLY sbom_sources ALTER COLUMN id SET DEFAULT nextval('sbom_sources_id_seq'::regclass);
ALTER TABLE ONLY sbom_vulnerable_component_versions ALTER COLUMN id SET DEFAULT nextval('sbom_vulnerable_component_versions_id_seq'::regclass);
ALTER TABLE ONLY scim_identities ALTER COLUMN id SET DEFAULT nextval('scim_identities_id_seq'::regclass);
ALTER TABLE ONLY scim_oauth_access_tokens ALTER COLUMN id SET DEFAULT nextval('scim_oauth_access_tokens_id_seq'::regclass);
@ -23949,6 +24006,8 @@ ALTER TABLE ONLY users_statistics ALTER COLUMN id SET DEFAULT nextval('users_sta
ALTER TABLE ONLY vulnerabilities ALTER COLUMN id SET DEFAULT nextval('vulnerabilities_id_seq'::regclass);
ALTER TABLE ONLY vulnerability_advisories ALTER COLUMN id SET DEFAULT nextval('vulnerability_advisories_id_seq'::regclass);
ALTER TABLE ONLY vulnerability_exports ALTER COLUMN id SET DEFAULT nextval('vulnerability_exports_id_seq'::regclass);
ALTER TABLE ONLY vulnerability_external_issue_links ALTER COLUMN id SET DEFAULT nextval('vulnerability_external_issue_links_id_seq'::regclass);
@ -26049,6 +26108,9 @@ ALTER TABLE ONLY sbom_occurrences
ALTER TABLE ONLY sbom_sources
ADD CONSTRAINT sbom_sources_pkey PRIMARY KEY (id);
ALTER TABLE ONLY sbom_vulnerable_component_versions
ADD CONSTRAINT sbom_vulnerable_component_versions_pkey PRIMARY KEY (id);
ALTER TABLE ONLY schema_migrations
ADD CONSTRAINT schema_migrations_pkey PRIMARY KEY (version);
@ -26265,6 +26327,9 @@ ALTER TABLE ONLY verification_codes
ALTER TABLE ONLY vulnerabilities
ADD CONSTRAINT vulnerabilities_pkey PRIMARY KEY (id);
ALTER TABLE ONLY vulnerability_advisories
ADD CONSTRAINT vulnerability_advisories_pkey PRIMARY KEY (id);
ALTER TABLE ONLY vulnerability_exports
ADD CONSTRAINT vulnerability_exports_pkey PRIMARY KEY (id);
@ -30522,6 +30587,10 @@ CREATE UNIQUE INDEX index_vulnerability_statistics_on_unique_project_id ON vulne
CREATE UNIQUE INDEX index_vulnerability_user_mentions_on_note_id ON vulnerability_user_mentions USING btree (note_id) WHERE (note_id IS NOT NULL);
CREATE INDEX index_vulnerable_component_versions_on_sbom_component_version ON sbom_vulnerable_component_versions USING btree (sbom_component_version_id);
CREATE INDEX index_vulnerable_component_versions_on_vulnerability_advisory ON sbom_vulnerable_component_versions USING btree (vulnerability_advisory_id);
CREATE UNIQUE INDEX index_vulns_user_mentions_on_vulnerability_id ON vulnerability_user_mentions USING btree (vulnerability_id) WHERE (note_id IS NULL);
CREATE UNIQUE INDEX index_vulns_user_mentions_on_vulnerability_id_and_note_id ON vulnerability_user_mentions USING btree (vulnerability_id, note_id);
@ -32520,6 +32589,9 @@ ALTER TABLE ONLY requirements_management_test_reports
ALTER TABLE ONLY issues
ADD CONSTRAINT fk_899c8f3231 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY sbom_vulnerable_component_versions
ADD CONSTRAINT fk_8a2a1197f9 FOREIGN KEY (sbom_component_version_id) REFERENCES sbom_component_versions(id) ON DELETE CASCADE;
ALTER TABLE ONLY protected_branch_merge_access_levels
ADD CONSTRAINT fk_8a3072ccb3 FOREIGN KEY (protected_branch_id) REFERENCES protected_branches(id) ON DELETE CASCADE;
@ -32820,6 +32892,9 @@ ALTER TABLE ONLY lists
ALTER TABLE ONLY agent_activity_events
ADD CONSTRAINT fk_d6f785c9fc FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL;
ALTER TABLE ONLY sbom_vulnerable_component_versions
ADD CONSTRAINT fk_d720a1959a FOREIGN KEY (vulnerability_advisory_id) REFERENCES vulnerability_advisories(id) ON DELETE CASCADE;
ALTER TABLE ONLY metrics_users_starred_dashboards
ADD CONSTRAINT fk_d76a2b9a8c FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;

View File

@ -5119,6 +5119,8 @@ Input type: `UpdateDependencyProxyImageTtlGroupPolicyInput`
### `Mutation.updateDependencyProxySettings`
These settings can be adjusted by the group Owner or Maintainer. However, in GitLab 16.0, we will be limiting this to the Owner role. [GitLab-#364441](https://gitlab.com/gitlab-org/gitlab/-/issues/364441) proposes making this change to match the permissions level in the user interface.
Input type: `UpdateDependencyProxySettingsInput`
#### Arguments

View File

@ -269,6 +269,13 @@ Use title case for the GitLab Container Registry.
Do not use **currently** when talking about the product or its features. The documentation describes the product as it is today.
([Vale](../testing.md#vale) rule: [`CurrentStatus.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/CurrentStatus.yml))
## default branch
Use **default branch** to refer generically to the primary branch in the repository.
Users can set the default branch by using a UI setting.
For examples that use the default branch, use `main` instead of [`master`](#master).
## Dependency Proxy
Use title case for the GitLab Dependency Proxy.
@ -648,7 +655,8 @@ Do not use **manpower**. Use words like **workforce** or **GitLab team members**
## master
Do not use **master**. Options are **primary** or **main**. ([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml))
Do not use `master`. Use `main` when you need a sample [default branch name](#default-branch).
([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml))
## may, might

View File

@ -488,8 +488,8 @@ the risk. End-users interact with this field, whereas GitLab automatically proce
##### Identifiers
The `identifiers` array describes the detected vulnerability. An identifier object's `type` and
`value` fields are used to tell if two identifiers are the same. The user interface uses the
object's `name` and `url` fields to display the identifier.
`value` fields are used to [tell if two identifiers are the same](../../user/application_security/vulnerability_report/pipeline.md#deduplication-process).
The user interface uses the object's `name` and `url` fields to display the identifier.
We recommend that you use the identifiers the GitLab scanners already define:
@ -510,11 +510,9 @@ new generic identifiers to if needed. Analyzers may also produce vendor-specific
identifiers, which don't belong in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common).
The first item of the `identifiers` array is called the
[primary identifier](../../user/application_security/terminology/index.md#primary-identifier).
The primary identifier is particularly important, because it is used to
[primary identifier](../../user/application_security/terminology/index.md#primary-identifier), and
it is used to
[track vulnerabilities](#tracking-and-merging-vulnerabilities) as new commits are pushed to the repository.
Identifiers are also used to [merge duplicate vulnerabilities](#tracking-and-merging-vulnerabilities)
reported for the same commit, except for `CWE` and `WASC`.
Not all vulnerabilities have CVEs, and a CVE can be identified multiple times. As a result, a CVE
isn't a stable identifier and you shouldn't assume it as such when tracking vulnerabilities.
@ -666,11 +664,14 @@ Users may give feedback on a vulnerability:
GitLab tracks vulnerabilities so that user feedback is not lost
when new Git commits are pushed to the repository.
Vulnerabilities are tracked using a combination of three attributes:
Vulnerabilities are tracked using a
[`UUIDv5`](https://gitlab.com/gitlab-org/gitlab/-/blob/1272957c4a55e616569721febccb685c056ca1e4/ee/app/models/vulnerabilities/finding.rb#L364-368)
digest, which is generated by a `SHA-1` hash of four attributes:
- [Report type](#category)
- [Location fingerprint](#location)
- [Primary identifier](#identifiers)
- [Location fingerprint](#location)
- Project ID
Right now, GitLab cannot track a vulnerability if its location changes
as new Git commits are pushed, and this results in user feedback being lost.
@ -678,12 +679,7 @@ For instance, user feedback on a SAST vulnerability is lost
if the affected file is renamed or the affected line moves down.
This is addressed in [issue #7586](https://gitlab.com/gitlab-org/gitlab/-/issues/7586).
In some cases, the multiple scans executed in the same CI pipeline result in duplicates
that are automatically merged using the vulnerability location and identifiers.
Two vulnerabilities are considered to be the same if they share the same [location fingerprint](#location)
and at least one [identifier](#identifiers). Two identifiers are the same if they share the same `type` and `id`.
CWE and WASC identifiers are not considered because they describe categories of vulnerability flaws,
but not specific security flaws.
See also [deduplication process](../../user/application_security/vulnerability_report/pipeline.md#deduplication-process).
##### Severity and confidence

View File

@ -1074,7 +1074,7 @@ Most tests for Elasticsearch logic relate to:
There are some exceptions, such as checking for structural changes rather than individual records in an index.
The `:elastic_with_delete_by_query` trait was added to reduce run time for pipelines by creating and deleting indices
The `:elastic_delete_by_query` trait was added to reduce run time for pipelines by creating and deleting indices
at the start and end of each context only. The [Elasticsearch DeleteByQuery API](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-delete-by-query.html)
is used to delete data in all indices in between examples to ensure a clean index.

View File

@ -24,7 +24,7 @@ When you publish a Terraform Module, if it does not exist, it is created.
Prerequisites:
- A package with the same name and version must not already exist.
- A package with the same name and version must not already exist in the top-level namespace.
- Your project and group names must not include a dot (`.`). For example, `source = "gitlab.example.com/my.group/project.name"`.
- You must [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope.

View File

@ -479,6 +479,7 @@ sbom_components: :gitlab_main
sbom_occurrences: :gitlab_main
sbom_component_versions: :gitlab_main
sbom_sources: :gitlab_main
sbom_vulnerable_component_versions: :gitlab_main
schema_migrations: :gitlab_internal
scim_identities: :gitlab_main
scim_oauth_access_tokens: :gitlab_main
@ -549,6 +550,7 @@ user_statuses: :gitlab_main
user_synced_attributes_metadata: :gitlab_main
verification_codes: :gitlab_main
vulnerabilities: :gitlab_main
vulnerability_advisories: :gitlab_main
vulnerability_exports: :gitlab_main
vulnerability_external_issue_links: :gitlab_main
vulnerability_feedback: :gitlab_main

View File

@ -14,7 +14,7 @@ module Gitlab
class << self
def enabled?
::Feature::FlipperFeature.table_exists? &&
Feature.enabled?(:query_analyzer_gitlab_schema_metrics)
Feature.enabled?(:query_analyzer_gitlab_schema_metrics, type: :ops)
end
def analyze(parsed)

View File

@ -33,7 +33,7 @@ module Gitlab
def self.enabled?
::Feature::FlipperFeature.table_exists? &&
Feature.enabled?(:detect_cross_database_modification)
Feature.enabled?(:detect_cross_database_modification, type: :ops)
end
def self.requires_tracking?(parsed)

View File

@ -206,7 +206,7 @@ module ObjectStorage
def requires_multipart_upload?
return false unless config.aws?
return false if use_workhorse_s3_client? && Feature.enabled?(:s3_omit_multipart_urls)
return false if use_workhorse_s3_client?
!has_length
end

View File

@ -342,84 +342,68 @@ RSpec.describe ObjectStorage::DirectUpload do
context 'when length is unknown' do
let(:has_length) { false }
context 'when s3_omit_multipart_urls feature flag is enabled' do
let(:consolidated_settings) { true }
it 'omits multipart URLs' do
expect(subject).not_to have_key(:MultipartUpload)
end
it_behaves_like 'a valid upload'
end
context 'when s3_omit_multipart_urls feature flag is disabled' do
it_behaves_like 'a valid S3 upload with multipart data' do
before do
stub_feature_flags(s3_omit_multipart_urls: false)
stub_object_storage_multipart_init(storage_url, "myUpload")
end
it_behaves_like 'a valid S3 upload with multipart data' do
before do
stub_object_storage_multipart_init(storage_url, "myUpload")
context 'when maximum upload size is 0' do
let(:maximum_size) { 0 }
it 'returns maximum number of parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(100)
end
context 'when maximum upload size is 0' do
let(:maximum_size) { 0 }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
end
it 'returns maximum number of parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(100)
end
context 'when maximum upload size is < 5 MB' do
let(:maximum_size) { 1024 }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
it 'returns only 1 part' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(1)
end
context 'when maximum upload size is < 5 MB' do
let(:maximum_size) { 1024 }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
end
it 'returns only 1 part' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(1)
end
context 'when maximum upload size is 10MB' do
let(:maximum_size) { 10.megabyte }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
it 'returns only 2 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(2)
end
context 'when maximum upload size is 10MB' do
let(:maximum_size) { 10.megabyte }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
end
it 'returns only 2 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(2)
end
context 'when maximum upload size is 12MB' do
let(:maximum_size) { 12.megabyte }
it 'part size is minimum, 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
it 'returns only 3 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(3)
end
context 'when maximum upload size is 12MB' do
let(:maximum_size) { 12.megabyte }
it 'part size is rounded-up to 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
end
it 'returns only 3 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(3)
end
context 'when maximum upload size is 49GB' do
let(:maximum_size) { 49.gigabyte }
it 'part size is rounded-up to 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(5.megabyte)
end
it 'returns maximum, 100 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(100)
end
context 'when maximum upload size is 49GB' do
let(:maximum_size) { 49.gigabyte }
it 'returns maximum, 100 parts' do
expect(subject[:MultipartUpload][:PartURLs].length).to eq(100)
end
it 'part size is rounded-up to 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(505.megabyte)
end
it 'part size is rounded-up to 5MB' do
expect(subject[:MultipartUpload][:PartSize]).to eq(505.megabyte)
end
end
end

View File

@ -0,0 +1,23 @@
# frozen_string_literal: true
require "spec_helper"
require_migration!
RSpec.describe AddVulnerabilityAdvisoryForeignKeyToSbomVulnerableComponentVersions do
let(:table) { described_class::SOURCE_TABLE }
let(:column) { described_class::COLUMN }
let(:foreign_key) { -> { described_class.new.foreign_keys_for(table, column).first } }
it "creates and drops the foreign key" do
reversible_migration do |migration|
migration.before -> do
expect(foreign_key.call).to be(nil)
end
migration.after -> do
expect(foreign_key.call).to have_attributes(column: column.to_s)
end
end
end
end

View File

@ -0,0 +1,23 @@
# frozen_string_literal: true
require "spec_helper"
require_migration!
RSpec.describe AddSbomComponentVersionForeignKeyToSbomVulnerableComponentVersions do
let(:table) { described_class::SOURCE_TABLE }
let(:column) { described_class::COLUMN }
let(:foreign_key) { -> { described_class.new.foreign_keys_for(table, column).first } }
it "creates and drops the foreign key" do
reversible_migration do |migration|
migration.before -> do
expect(foreign_key.call).to be(nil)
end
migration.after -> do
expect(foreign_key.call).to have_attributes(column: column.to_s)
end
end
end
end