Merge branch 'secure_specs_use_commit' into 'master'

Update the Secure E2E specs to use commit rather than projectpush

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/160711



Merged-by: Chloe Liu <yliu@gitlab.com>
Approved-by: Désirée Chevalier <dchevalier@gitlab.com>
Approved-by: Chloe Liu <yliu@gitlab.com>
Co-authored-by: Will Meek <wmeek@gitlab.com>

qa/qa/specs/features/ee/browser_ui/13_secure/enable_advanced_sast_spec.rb

@@ -48,18 +48,21 @@ module QA
 
     context 'when Advanced SAST is enabled' do
       it 'finds a vulnerability', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/471561' do
-        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = project
-          push.file_name = '.gitlab-ci.yml'
-          push.file_content = File.read(
-            File.join(
-              EE::Runtime::Path.fixtures_path, 'secure_advanced_sast_files',
-              '.gitlab-ci.yml'
-            )
-          )
-          push.commit_message = 'Commit .gitlab-ci.yml'
-          push.new_branch = false
-        end
+        create(:commit,
+          project: project,
+          branch: project.default_branch,
+          commit_message: 'Commit .gitlab-ci.yml',
+          actions: [
+            {
+              action: 'create',
+              file_path: '.gitlab-ci.yml',
+              content: File.read(
+                File.join(
+                  EE::Runtime::Path.fixtures_path, 'secure_advanced_sast_files',
+                  '.gitlab-ci.yml'
+                ))
+            }
+          ])
 
         Flow::Login.sign_in_unless_signed_in
         project.visit!

qa/qa/specs/features/ee/browser_ui/13_secure/enable_scanning_from_configuration_spec.rb

@@ -23,13 +23,12 @@ module QA
       let(:project) { create(:project, name: 'project-with-secure', description: 'Project with Secure') }
 
       before do
-        Resource::Repository::ProjectPush.fabricate! do |project_push|
-          project_push.project = project
-          project_push.commit_message = 'Create Secure compatible application to serve premade reports'
-          project_push.directory = Pathname.new(
+        build(:commit, project: project,
+          commit_message:  'Create Secure compatible application to serve premade reports') do |commit|
+          commit.add_directory(Pathname.new(
             EE::Runtime::Path.fixture('secure_scanning_enable_from_ui_files')
-          )
-        end
+          ))
+        end.fabricate_via_api!
 
         Flow::Login.sign_in_unless_signed_in
         project.visit!

qa/qa/specs/features/ee/browser_ui/13_secure/on_demand_dast_spec.rb

@@ -32,10 +32,16 @@ module QA
 
       before do
         webgoat.register!
-        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = test_project
-          push.file_name = '.gitlab-ci.yml'
-          push.file_content = <<~YML
+
+        create(:commit,
+          project: test_project,
+          branch: test_project.default_branch,
+          commit_message: 'Commit .gitlab-ci.yml',
+          actions: [
+            {
+              action: 'create',
+              file_path: '.gitlab-ci.yml',
+              content: <<~YML
             stages:          # List of stages for jobs, and their order of execution
               - build
 
@@ -43,10 +49,9 @@ module QA
               stage: build
               script:
                 - echo "Compiling the code..."
-          YML
-          push.commit_message = 'Commit .gitlab-ci.yml'
-          push.new_branch = false
-        end
+              YML
+            }
+          ])
 
         # observe pipeline creation
         Flow::Login.sign_in_unless_signed_in

qa/qa/specs/features/ee/browser_ui/13_secure/secret_push_protection_spec.rb

@@ -8,6 +8,7 @@ module QA
         create(:project, :with_readme, name: 'secret-push-project', description: 'Secret Push Protection Project')
       end
 
+      # In reverse so that the test itself does not flag up a secret detection issue
       let(:reverse_token_prefix) { 'taplg' }
       let(:test_token) { '-JUST20LETTERSANDNUMB' }