diff --git a/ee/app/services/sbom/ingestion/tasks/base.rb b/ee/app/services/sbom/ingestion/tasks/base.rb
index 96b72e819052dfbf50af05053787e95108b46386..65e1f9d982cb9c830483a3d259715b15533b065b 100644
--- a/ee/app/services/sbom/ingestion/tasks/base.rb
+++ b/ee/app/services/sbom/ingestion/tasks/base.rb
@@ -20,6 +20,8 @@ def execute
private
attr_reader :pipeline, :occurrence_maps
+
+ delegate :project, to: :pipeline, private: true
end
end
end
diff --git a/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb b/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb
index 64a35e6e5f6ffc238f3aa21ebdb3e549cd2aedaf..0a421f2cd2e62da0527a7134e50863c8176f5fa0 100644
--- a/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb
+++ b/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb
@@ -23,7 +23,7 @@ def attributes
occurrence_maps.uniq! { |occurrence_map| uuid(occurrence_map) }
occurrence_maps.map do |occurrence_map|
{
- project_id: pipeline.project.id,
+ project_id: project.id,
pipeline_id: pipeline.id,
component_id: occurrence_map.component_id,
component_version_id: occurrence_map.component_version_id,
@@ -36,9 +36,11 @@ def attributes
licenses: licenses.fetch(occurrence_map.report_component, []),
component_name: occurrence_map.name,
highest_severity: occurrence_map.highest_severity,
- vulnerability_count: occurrence_map.vulnerability_count
+ vulnerability_count: occurrence_map.vulnerability_count,
+ traversal_ids: project.namespace.traversal_ids,
+ archived: project.archived
}.tap do |attrs|
- if Feature.disabled?(:sbom_occurrences_vulnerabilities, pipeline.project)
+ if Feature.disabled?(:sbom_occurrences_vulnerabilities, project)
attrs.except!(:vulnerability_count, :highest_severity)
end
end
@@ -50,13 +52,13 @@ def uuid(occurrence_map)
:component_id,
:component_version_id,
:source_id
- ).merge(project_id: pipeline.project.id)
+ ).merge(project_id: project.id)
::Sbom::OccurrenceUUID.generate(**uuid_attributes)
end
def licenses
- Licenses.new(pipeline.project, occurrence_maps)
+ Licenses.new(project, occurrence_maps)
end
strong_memoize_attr :licenses
diff --git a/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb b/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb
index 84b9269f8b55c57409270e12d2fa3e2581d485bd..c4395ee4204b5773dff5d636a5dc7a4f22248b4c 100644
--- a/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb
+++ b/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb
@@ -6,6 +6,7 @@
describe '#execute' do
let_it_be(:pipeline) { build(:ci_pipeline) }
+ let(:project) { pipeline.project }
let(:occurrence_maps) { create_list(:sbom_occurrence_map, 4, :for_occurrence_ingestion) }
subject(:ingest_occurrences) { described_class.execute(pipeline, occurrence_maps) }
@@ -41,7 +42,7 @@
it 'sets the correct attributes for the occurrence' do
ingest_occurrences
expect(ingested_occurrence.attributes).to include(
- 'project_id' => pipeline.project.id,
+ 'project_id' => project.id,
'pipeline_id' => pipeline.id,
'component_id' => occurrence_map.component_id,
'component_version_id' => occurrence_map.component_version_id,
@@ -64,7 +65,9 @@
],
'component_name' => occurrence_map.name,
'vulnerability_count' => 1,
- 'highest_severity' => 'high'
+ 'highest_severity' => 'high',
+ 'traversal_ids' => project.namespace.traversal_ids,
+ 'archived' => project.archived
)
end
@@ -109,7 +112,7 @@
ingest_occurrences
expect(ingested_occurrence.attributes).to include(
- 'project_id' => pipeline.project.id,
+ 'project_id' => project.id,
'pipeline_id' => pipeline.id,
'component_id' => occurrence_map.component_id,
'component_version_id' => occurrence_map.component_version_id,
@@ -131,7 +134,9 @@
],
'component_name' => occurrence_map.name,
'vulnerability_count' => 1,
- 'highest_severity' => 'high'
+ 'highest_severity' => 'high',
+ 'traversal_ids' => project.namespace.traversal_ids,
+ 'archived' => project.archived
)
end
end