Suggested Solution - Auto-fix MRs - backend
This is a sub-issue for #216027 (closed)
We need to create auto-fix MR if the setting for auto-fix is enabled:
Implementation plan
- Register the bot user
GitLab-security-bot
that will author auto-fix MRs.- When registering the bot, we should set a status that will make it clear that it's system bot:
:robot: System user bot
- When registering the bot, we should set a status that will make it clear that it's system bot:
- Make
GitLab-security-bot
's profile link available to the frontend (HAML). - Automatically create remediation MRs assigned to
GitLab-security-bot
and labelled withgitlab-vulnerability-auto-fix
whenever an available solution is detected for a given vulnerability. - Notify the users that MRs were created via an alert/flash message (
picture e.
).
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.
Edited by 🤖 GitLab Bot 🤖