drop unneeded FindingMap identifiers shim

ee/app/services/security/ingestion/finding_map.rb

@@ -35,20 +35,7 @@ def initialize(security_finding, report_finding)
       def identifiers
         return @identifiers if defined?(@identifiers)
 
-        @identifiers = report_finding.identifiers.first(Vulnerabilities::Finding::MAX_NUMBER_OF_IDENTIFIERS)
-
-        # By default, the primary_identifier is the first identifier, but in certain
-        # cases we wish to reprioritize a secondary identifier to allow
-        # a scanner to "takeover" the previous finding
-        deprecated_types = DEFER_TO_IDENTIFIERS_FOR.fetch(@identifiers.first.external_type, {})
-        idx = deprecated_types.any? && @identifiers.find_index { |identifier| deprecated_types.keys.include?(identifier.external_type) }
-
-        if idx
-          identifier = @identifiers.delete_at(idx)
-          @identifiers.unshift(identifier)
-        end
-
-        @identifiers
+        report_finding.identifiers.first(Vulnerabilities::Finding::MAX_NUMBER_OF_IDENTIFIERS)
       end
 
       def set_identifier_ids_by(fingerprint_id_map)

ee/spec/services/security/ingestion/finding_map_spec.rb

@@ -15,30 +15,9 @@
   end
 
   describe '#identifiers' do
-    let(:semgrep_identifier) { build(:ci_reports_security_identifier, :semgrep) }
-    let(:report_finding) { build(:ci_reports_security_finding, identifiers: [identifier, semgrep_identifier]) }
-
     subject { finding_map.identifiers }
 
-    it { is_expected.to eq([identifier, semgrep_identifier]) }
-
-    context 'when prioritized identifier is present' do
-      let(:bandit_identifier) { build(:ci_reports_security_identifier, :bandit) }
-      let(:report_finding) { build(:ci_reports_security_finding, identifiers: [semgrep_identifier, bandit_identifier]) }
-
-      it 'defaults to prioritized identifier' do
-        expect(subject).to eq([bandit_identifier, semgrep_identifier])
-      end
-
-      context 'when multiple identifiers are deprecated' do
-        let(:eslint_identifier) { build(:ci_reports_security_identifier, :eslint) }
-        let(:report_finding) { build(:ci_reports_security_finding, identifiers: [semgrep_identifier, bandit_identifier, eslint_identifier]) }
-
-        it 'prioritizes the first matching' do
-          expect(subject).to eq([bandit_identifier, semgrep_identifier, eslint_identifier])
-        end
-      end
-    end
+    it { is_expected.to eq([identifier]) }
   end
 
   describe '#set_identifier_ids_by' do

ee/spec/workers/store_security_reports_worker_spec.rb

@@ -90,11 +90,10 @@
       before do
         stub_licensed_features(
           sast: true,
-          security_dashboard: true, #useless
-          vulnerability_finding_signatures: false
+          vulnerability_finding_signatures: false # if signatures are enabled during transition this wont work
         )
-        pipeline.update(user: build1.user)
-        pipeline2.update(user: build2.user)
+        pipeline.update!(user: build1.user)
+        pipeline2.update!(user: build2.user)
       end
 
       it 'takes over existing findings' do

lib/gitlab/ci/reports/security/finding.rb

@@ -98,7 +98,7 @@ def primary_identifier
             # By default, the primary_identifier is the first identifier, but in certain
             # cases we wish to reprioritize a secondary identifier to allow
             # a scanner to "takeover" the previous finding
-            deprecated_types = DEFER_TO_IDENTIFIERS_FOR[identifiers.first.external_type]
+            deprecated_types = DEFER_TO_IDENTIFIERS_FOR[identifiers.first&.external_type]
             idx = deprecated_types && identifiers.find_index { |identifier| deprecated_types.include?(identifier.external_type) } || 0
 
             @primary_identifier = identifiers[idx]