Merge branch 'bwill/set-traversal-ids-and-archived-on-sbom-ingestion' into 'master'

Set `traversal_ids` and `archived` during Sbom ingestion See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144551 Merged-by: Mehmet Emin INAC <minac@gitlab.com> Approved-by: Zamir Martins <zfilho@gitlab.com> Approved-by: Mehmet Emin INAC <minac@gitlab.com> Reviewed-by: Zamir Martins <zfilho@gitlab.com> Co-authored-by: Brian Williams <bwilliams@gitlab.com>

Merge branch 'bwill/set-traversal-ids-and-archived-on-sbom-ingestion' into 'master'
7a1f3679 · Mehmet Emin INAC · GitLab · 63c4aed2 · 52a075c5 · 7a1f3679
--- a/ee/app/services/sbom/ingestion/tasks/base.rb
+++ b/ee/app/services/sbom/ingestion/tasks/base.rb
@@ -20,6 +20,8 @@ def execute
        private

        attr_reader :pipeline, :occurrence_maps
+
+        delegate :project, to: :pipeline, private: true
      end
    end
  end

--- a/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb
+++ b/ee/app/services/sbom/ingestion/tasks/ingest_occurrences.rb
@@ -23,7 +23,7 @@ def attributes
          occurrence_maps.uniq! { |occurrence_map| uuid(occurrence_map) }
          occurrence_maps.map do |occurrence_map|
            {
-              project_id: pipeline.project.id,
+              project_id: project.id,
              pipeline_id: pipeline.id,
              component_id: occurrence_map.component_id,
              component_version_id: occurrence_map.component_version_id,
@@ -36,9 +36,11 @@ def attributes
              licenses: licenses.fetch(occurrence_map.report_component, []),
              component_name: occurrence_map.name,
              highest_severity: occurrence_map.highest_severity,
-              vulnerability_count: occurrence_map.vulnerability_count
+              vulnerability_count: occurrence_map.vulnerability_count,
+              traversal_ids: project.namespace.traversal_ids,
+              archived: project.archived
            }.tap do |attrs|
-              if Feature.disabled?(:sbom_occurrences_vulnerabilities, pipeline.project)
+              if Feature.disabled?(:sbom_occurrences_vulnerabilities, project)
                attrs.except!(:vulnerability_count, :highest_severity)
              end
            end
@@ -50,13 +52,13 @@ def uuid(occurrence_map)
            :component_id,
            :component_version_id,
            :source_id
-          ).merge(project_id: pipeline.project.id)
+          ).merge(project_id: project.id)

          ::Sbom::OccurrenceUUID.generate(**uuid_attributes)
        end

        def licenses
-          Licenses.new(pipeline.project, occurrence_maps)
+          Licenses.new(project, occurrence_maps)
        end
        strong_memoize_attr :licenses


--- a/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb
+++ b/ee/spec/services/sbom/ingestion/tasks/ingest_occurrences_spec.rb
@@ -6,6 +6,7 @@
  describe '#execute' do
    let_it_be(:pipeline) { build(:ci_pipeline) }

+    let(:project) { pipeline.project }
    let(:occurrence_maps) { create_list(:sbom_occurrence_map, 4, :for_occurrence_ingestion) }

    subject(:ingest_occurrences) { described_class.execute(pipeline, occurrence_maps) }
@@ -41,7 +42,7 @@
      it 'sets the correct attributes for the occurrence' do
        ingest_occurrences
        expect(ingested_occurrence.attributes).to include(
-          'project_id' => pipeline.project.id,
+          'project_id' => project.id,
          'pipeline_id' => pipeline.id,
          'component_id' => occurrence_map.component_id,
          'component_version_id' => occurrence_map.component_version_id,
@@ -64,7 +65,9 @@
          ],
          'component_name' => occurrence_map.name,
          'vulnerability_count' => 1,
-          'highest_severity' => 'high'
+          'highest_severity' => 'high',
+          'traversal_ids' => project.namespace.traversal_ids,
+          'archived' => project.archived
        )
      end

@@ -109,7 +112,7 @@
          ingest_occurrences

          expect(ingested_occurrence.attributes).to include(
-            'project_id' => pipeline.project.id,
+            'project_id' => project.id,
            'pipeline_id' => pipeline.id,
            'component_id' => occurrence_map.component_id,
            'component_version_id' => occurrence_map.component_version_id,
@@ -131,7 +134,9 @@
            ],
            'component_name' => occurrence_map.name,
            'vulnerability_count' => 1,
-            'highest_severity' => 'high'
+            'highest_severity' => 'high',
+            'traversal_ids' => project.namespace.traversal_ids,
+            'archived' => project.archived
          )
        end
      end