From 20fb8b088f1de6b80794b29ca4167ee04908a924 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Zaj=C4=85c?= <mzajac@gitlab.com>
Date: Mon, 25 Jan 2021 13:49:15 +0100
Subject: [PATCH] Refactor UpdateVulnerabilityConfidence spec

With https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52182 we
banned `attributes_for` in migration specs. This refactors one of the
offending migrations.
---
 .../update_vulnerability_confidence_spec.rb   | 35 ++++++++++++++-----
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/ee/spec/lib/ee/gitlab/background_migration/update_vulnerability_confidence_spec.rb b/ee/spec/lib/ee/gitlab/background_migration/update_vulnerability_confidence_spec.rb
index 71ed56359a18c..9d2bd041bad95 100644
--- a/ee/spec/lib/ee/gitlab/background_migration/update_vulnerability_confidence_spec.rb
+++ b/ee/spec/lib/ee/gitlab/background_migration/update_vulnerability_confidence_spec.rb
@@ -36,21 +36,40 @@
   end
 
   def container_scanning_vuln_params(primary_identifier_id)
-    attrs = attributes_for(:vulnerabilities_finding) # rubocop: disable RSpec/FactoriesInMigrationSpecs
-
+    uuid = SecureRandom.uuid
     {
-      severity: 2,
+      severity: 0,
       confidence: 5,
       report_type: 2,
       project_id: 123,
       scanner_id: 6,
       primary_identifier_id: primary_identifier_id,
-      project_fingerprint: attrs[:project_fingerprint],
-      location_fingerprint: attrs[:location_fingerprint],
-      uuid: attrs[:uuid],
-      name: attrs[:name],
+      project_fingerprint: SecureRandom.hex(20),
+      location_fingerprint: Digest::SHA1.hexdigest(SecureRandom.hex(10)),
+      uuid: uuid,
+      name: "Vulnerability Finding #{uuid}",
       metadata_version: '1.3',
-      raw_metadata: attrs[:raw_metadata]
+      raw_metadata: raw_metadata
     }
   end
+
+  def raw_metadata
+    { "description" => "The cipher does not provide data integrity update 1",
+     "message" => "The cipher does not provide data integrity",
+     "cve" => "818bf5dacb291e15d9e6dc3c5ac32178:CIPHER",
+     "solution" => "GCM mode introduces an HMAC into the resulting encrypted data, providing integrity of the result.",
+     "location" => { "file" => "maven/src/main/java/com/gitlab/security_products/tests/App.java", "start_line" => 29, "end_line" => 29, "class" => "com.gitlab.security_products.tests.App", "method" => "insecureCypher" },
+     "links" => [{ "name" => "Cipher does not check for integrity first?", "url" => "https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first" }],
+     "assets" => [{ "type" => "postman", "name" => "Test Postman Collection", "url" => "http://localhost/test.collection" }],
+     "evidence" =>
+      { "summary" => "Credit card detected",
+       "request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => nil },
+       "response" => { "headers" => [{ "name" => "Content-Length", "value" => "0" }], "reason_phrase" => "OK", "status_code" => 200, "body" => nil },
+       "source" => { "id" => "assert:Response Body Analysis", "name" => "Response Body Analysis", "url" => "htpp://hostname/documentation" },
+       "supporting_messages" =>
+        [{ "name" => "Origional", "request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => "" } },
+         { "name" => "Recorded",
+          "request" => { "headers" => [{ "name" => "Accept", "value" => "*/*" }], "method" => "GET", "url" => "http://goat:8080/WebGoat/logout", "body" => "" },
+          "response" => { "headers" => [{ "name" => "Content-Length", "value" => "0" }], "reason_phrase" => "OK", "status_code" => 200, "body" => "" } }] } }
+  end
 end
-- 
GitLab