Use License Scanning Artifact Scanner class in License Compliance page
What does this MR do and why?
Describe in detail what your merge request does and why.
This MR decouples the LicensesController
class from license scanning reports. It removes the direct dependency it had on finding the latest pipeline with reports and instead uses the new ::Gitlab::LicenseScanning
scannner class to fetch the latest valid pipeline. This also required some changes to the SCA::LicenseCompliance
class so that it no longer grabbed the report from the pipeline and instead grabbed the report from the initialized scanner.
method | description |
---|---|
#has_data? |
Evaluates if the scanner had license scanning data. In terms of the artifact scanner, it will evaluate to true if there was a job that returns a license_scanning report. For the SBoM scanner, this may materialize as having SBoM generator jobs. |
#data_available? |
Evaluates if the scanner has completed "scanning". In terms of artifact scanning, this is determined if the pipeline with the license scanning report has a status of success . |
As an added benefit, the #has_license_scanning_reports
method was no longer used and as a resulted removed as well!
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #378085 (closed)