diff --git a/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb b/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb
index 4842153d846b6244b23560c4f2663f5bd5801144..ad8e61489c2a74cb4b868a55956ab5ecff75d02c 100644
--- a/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb
+++ b/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb
@@ -55,6 +55,8 @@ def create_vulnerabilities(findings)
else
log_error(response.payload[:error], project_ids_with_upsert: project_ids_with_upsert)
end
+
+ response.payload[:vulnerability_ids] || []
end
def log_success(project_ids_with_upsert:)
diff --git a/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb b/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb
index 6a49945d353d611c5ff8db93553c242170425434..4a1cb780b92b48320f673b0e4c5d5b4a11f06695 100644
--- a/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb
+++ b/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb
@@ -152,14 +152,19 @@
let(:finding_map) { create(:vs_finding_map, pipeline: pipeline) }
- it 'creates new vulnerabilities' do
+ it 'creates new vulnerabilities and returns their id' do
expect(Gitlab::AppJsonLogger).to receive(:debug)
.with(
message: "Successfully created vulnerabilities on advisory ingestion",
project_ids_with_upsert: [pipeline.project.id])
.once
- expect { create_vulnerabilities }.to change { Vulnerability.count }.by(1)
+ expect do
+ created_ids = create_vulnerabilities
+ expect(created_ids).to be_an(Array)
+ .and all(be_a(Integer))
+ .and be_present
+ end.to change { Vulnerability.count }.by(1)
end
context 'when exception is raised' do
@@ -175,7 +180,10 @@
project_ids_with_upsert: [])
.once
- expect { create_vulnerabilities }.not_to change { Vulnerability.count }
+ expect do
+ created_ids = create_vulnerabilities
+ expect(created_ids).to eq([])
+ end.not_to change { Vulnerability.count }
end
end
end