From e1872b6c76a179691d43a532ccfa67ca1ff9568b Mon Sep 17 00:00:00 2001
From: Will Meek <wmeek@gitlab.com>
Date: Tue, 24 Sep 2024 13:51:25 +0100
Subject: [PATCH] Update CVS spec, remove check for old vulnerability

Also remove unneccessary fixtures
---
 .../fixtures/secure_cvs_files/.gitlab-ci.yml  | 11 -----
 .../ee/fixtures/secure_cvs_files/gl-sbom.json | 45 -------------------
 .../13_secure/cvs_dependency_scanning_spec.rb | 13 ------
 3 files changed, 69 deletions(-)
 delete mode 100644 qa/qa/ee/fixtures/secure_cvs_files/gl-sbom.json

diff --git a/qa/qa/ee/fixtures/secure_cvs_files/.gitlab-ci.yml b/qa/qa/ee/fixtures/secure_cvs_files/.gitlab-ci.yml
index 08b37204bab76..54508262dbe47 100644
--- a/qa/qa/ee/fixtures/secure_cvs_files/.gitlab-ci.yml
+++ b/qa/qa/ee/fixtures/secure_cvs_files/.gitlab-ci.yml
@@ -1,13 +1,2 @@
 include:
   - template: Security/Dependency-Scanning.gitlab-ci.yml
-
-gemnasium-dependency_scanning:
-  rules:
-    - when: always
-  artifacts:
-    paths:
-      - gl-sbom.json
-      - gl-dependency-scanning-report.json
-    reports:
-      cyclonedx: gl-sbom.json
-      dependency_scanning: gl-dependency-scanning-report.json
diff --git a/qa/qa/ee/fixtures/secure_cvs_files/gl-sbom.json b/qa/qa/ee/fixtures/secure_cvs_files/gl-sbom.json
deleted file mode 100644
index a5993fa405cd8..0000000000000
--- a/qa/qa/ee/fixtures/secure_cvs_files/gl-sbom.json
+++ /dev/null
@@ -1,45 +0,0 @@
-{
-  "bomFormat": "CycloneDX",
-  "specVersion": "1.4",
-  "serialNumber": "urn:uuid:b9b7822a-19fb-4087-b690-88273bb93f76",
-  "version": 1,
-  "metadata": {
-    "timestamp": "2024-04-23T06:54:54Z",
-    "tools": [
-      {
-        "vendor": "GitLab",
-        "name": "Gemnasium",
-        "version": "5.0.0-rc3"
-      }
-    ],
-    "authors": [
-      {
-        "name": "GitLab",
-        "email": "support@gitlab.com"
-      }
-    ],
-    "properties": [
-      {
-        "name": "gitlab:dependency_scanning:input_file:path",
-        "value": "Gemfile.lock"
-      },
-      {
-        "name": "gitlab:dependency_scanning:package_manager:name",
-        "value": "bundler"
-      },
-      {
-        "name": "gitlab:meta:schema_version",
-        "value": "1"
-      }
-    ]
-  },
-  "components": [
-    {
-      "name": "RedCloth",
-      "version": "2.0.0",
-      "purl": "pkg:gem/RedCloth@2.0.0",
-      "type": "library",
-      "bom-ref": "pkg:gem/RedCloth@2.0.0"
-    }
-  ]
-}
diff --git a/qa/qa/specs/features/ee/browser_ui/13_secure/cvs_dependency_scanning_spec.rb b/qa/qa/specs/features/ee/browser_ui/13_secure/cvs_dependency_scanning_spec.rb
index 1fccc7375d799..2cd15b685c3e9 100644
--- a/qa/qa/specs/features/ee/browser_ui/13_secure/cvs_dependency_scanning_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/13_secure/cvs_dependency_scanning_spec.rb
@@ -76,17 +76,6 @@ def create_file_actions
                   'Gemf.lock'
                 )
               )
-            },
-            {
-              action: 'create',
-              file_path: 'gl-sbom.json',
-              content: File.read(
-                File.join(
-                  EE::Runtime::Path.fixtures_path,
-                  'secure_cvs_files',
-                  'gl-sbom.json'
-                )
-              )
             }
           ]
         end
@@ -111,8 +100,6 @@ def verify_vulnerabilities
               vulnerability_list.has_vulnerability?(description: 'Arbitrary test vulnerability')
             end
 
-            expect(vulnerability_list).not_to have_vulnerability(description: 'Outdated test vulnerability')
-
             vulnerability_list.click_vulnerability(description: 'Arbitrary test vulnerability')
           end
 
-- 
GitLab