Return ids of created vulnerabilities with SBOM scanning

Changelog: changed EE: true

Return ids of created vulnerabilities with SBOM scanning
e279a1f8 · Olivier Gonzalez · 71840599 · e279a1f8 · e279a1f8
--- a/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb
+++ b/ee/lib/gitlab/vulnerability_scanning/advisory_utils.rb
@@ -55,6 +55,8 @@ def create_vulnerabilities(findings)
        else
          log_error(response.payload[:error], project_ids_with_upsert: project_ids_with_upsert)
        end
+
+        response.payload[:vulnerability_ids] || []
      end

      def log_success(project_ids_with_upsert:)

--- a/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb
+++ b/ee/spec/lib/gitlab/vulnerability_scanning/advisory_utils_spec.rb
@@ -152,14 +152,19 @@

    let(:finding_map) { create(:vs_finding_map, pipeline: pipeline) }

-    it 'creates new vulnerabilities' do
+    it 'creates new vulnerabilities and returns their id' do
      expect(Gitlab::AppJsonLogger).to receive(:debug)
        .with(
          message: "Successfully created vulnerabilities on advisory ingestion",
          project_ids_with_upsert: [pipeline.project.id])
        .once

-      expect { create_vulnerabilities }.to change { Vulnerability.count }.by(1)
+      expect do
+        created_ids = create_vulnerabilities
+        expect(created_ids).to be_an(Array)
+          .and all(be_a(Integer))
+          .and be_present
+      end.to change { Vulnerability.count }.by(1)
    end

    context 'when exception is raised' do
@@ -175,7 +180,10 @@
           project_ids_with_upsert: [])
         .once

-        expect { create_vulnerabilities }.not_to change { Vulnerability.count }
+        expect do
+          created_ids = create_vulnerabilities
+          expect(created_ids).to eq([])
+        end.not_to change { Vulnerability.count }
      end
    end
  end