Merge branch '333513-fix-flaky-dependency-list-test' into 'master'

Fix flaky dependency list test See merge request gitlab-org/gitlab!64388

Merge branch '333513-fix-flaky-dependency-list-test' into 'master'
d2580206 · Matthias Käppler · 11731870 · 754a3368 · d2580206
Commit d2580206 authored 3 years ago by Matthias Käppler
--- a/ee/spec/services/security/dependency_list_service_spec.rb
+++ b/ee/spec/services/security/dependency_list_service_spec.rb
@@ -134,6 +134,13 @@
        end
  
        context('when the sort_dependency_vulnerabilities feature flag is false') do
+          # overwrite the existing findings so we can re-create the original test
+          let_it_be(:pipeline) { create(:ee_ci_pipeline, :with_dependency_list_report) }
+          let_it_be(:nokogiri_finding) { create(:vulnerabilities_finding, :detected, :with_dependency_scanning_metadata, :with_pipeline) }
+          let_it_be(:nokogiri_pipeline) { create(:vulnerabilities_finding_pipeline, finding: nokogiri_finding, pipeline: pipeline) }
+          let_it_be(:other_finding) { create(:vulnerabilities_finding, :detected, :with_dependency_scanning_metadata, package: 'saml2-js', file: 'yarn/yarn.lock', version: '1.5.0', raw_severity: 'Unknown') }
+          let_it_be(:other_pipeline) { create(:vulnerabilities_finding_pipeline, finding: other_finding, pipeline: pipeline) }
+
          before do
            stub_feature_flags(sort_dependency_vulnerabilities: false)
          end
@@ -148,15 +155,8 @@
              }
            end
  
-            expect(dependencies).to match([{ name: "saml2-js", vulnerabilities: match_array(%w(unknown medium critical)) },
-                                           { name: "nokogiri", vulnerabilities: ["high"] }])
-          end
-
-          it 'returns array of data with package vulnerabilities sorted in ascending order' do
-            saml2js_dependency = subject.find { |dep| dep[:name] == 'saml2-js' }
-            saml2js_severities = saml2js_dependency[:vulnerabilities].map {|v| v[:severity] }
-
-            expect(saml2js_severities).to match_array(%w(unknown medium critical))
+            expect(dependencies).to eq([{ name: "saml2-js", vulnerabilities: ["unknown"] },
+                                        { name: "nokogiri", vulnerabilities: ["high"] }])
          end
        end
      end