Add remediations field to PipelineSecurityReportFinding
Why are we doing this work
We want to add a remediations
field to the PipelineSecurityReportFinding
GraphQL type for use in the new security finding modals.
Example of new query:
query {
project(fullPath:"<project path>") {
pipeline(iid:"<pipeline iid>") {
securityReportFinding(uuid:"<uuid>") {
remediations {
summary
diff
}
}
}
}
}
Sample Response:
{
"data": {
"project": {
"pipeline": {
"securityReportFindings": {
"nodes": [
{
"remediations": [
{
"summary": "Upgrade apk-tools to 2.10.7-r0",
"diff": "ZGlmZiAtLWdpdCBhL0RvY2tlcmZpbGUgYi9Eb2NrZXJmaWxlCmluZGV4IDkwNDVhNTguLjcxNjQwMWUgMTAwNjQ0Ci0tLSBhL0RvY2tlcmZpbGUKKysrIGIvRG9ja2VyZmlsZQpAQCAtMSw0ICsxLDUgQEAKIEZST00gYWxwaW5lOjMuMTMKIFJVTiBhcGsgLS1uby1jYWNoZSB1cGRhdGUgJiYgYXBrIC0tbm8tY2FjaGUgYWRkIGFway10b29scz0yLjEwLjctcjAKK1JVTiBhcGsgLS1uby1jYWNoZSB1cGRhdGUgJiYgYXBrIC0tbm8tY2FjaGUgYWRkIGFway10b29scz0yLjEwLjctcjAKIAogUlVOIGVjaG8gIkkgZG9uJ3QgZG8gYW55dGhpbmci"
}
]
}
]
}
}
}
}
}
Relevant links
Non-functional requirements
-
Documentation: Update the GraphQL docs -
Testing: Add appropriate GraphQL feature specs
Implementation plan
-
MR 1: Create RemediationsType
Verification steps
Test query on security finding with a remediation:
query {
project(fullPath:"<project path>") {
pipeline(iid:"<pipeline iid>") {
securityReportFinding(uuid:"<uuid>") {
remediations {
summary
diff
}
}
}
}
}
Edited by Jonathan Schafer