Add GraphQL APIs for updating the group's default compliance framework
What does this MR do and why?
- Update the existing create/update/destroy mutations for compliance frameworks to enable users to set a framework as default for the namespace. Any new projects that are created under this namespace will have this compliance framework associated to them !100959 (merged).
- A compliance framework which is set as the default framework is not prevented from being deleted.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Ensure that you have an ultimate license.
- Create a group and sign in with a user with owner access for that group.
- Visit GraphiQL explorer (
https://gdk.test:3000/-/graphql-explorer
) and run the following mutations. - Create a new compliance framework using the following mutation and note the
id
.
mutation {
createComplianceFramework(input: {params: {name: "PCI DSS", description: "Payment Card Industry Data Security Standard", color: "#87CEEB", default: false}, namespacePath: "flightjs"}) {
framework {
id,
name,
default,
description,
color,
pipelineConfigurationFullPath
}
errors
}
}
- Verify that the default framework for the namespace is
nil
by running the following in rails console
group.namespace_settings.default_compliance_framework_id
- Use the update mutation to set the above created compliance framework as the default framework.
mutation {
updateComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/1", params: { default: true }}) {
complianceFramework {
id,
name,
default,
description,
color,
pipelineConfigurationFullPath
}
}
}
- Verify that the default framework for the namespace is the id of the above framework by running the following in rails console
group.namespace_settings.default_compliance_framework_id
- Create another framework by running the create mutation and also setting the default parameter during creation. Note the
id
of this framework too.
mutation {
createComplianceFramework(input: {params: {name: "GDPR", description: "General Data Protection Regulation", color: "#ff0000", default: true}, namespacePath: "flightjs"}) {
framework {
id,
name,
default,
description,
color,
pipelineConfigurationFullPath
}
errors
}
}
- Verify that the default framework for the namespace is the id of the second framework by running the following in rails console
group.namespace_settings.default_compliance_framework_id
- Try deleting the newly created framework and ensure that the deletion fails with error "Cannot delete the default framework".
mutation {
destroyComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/2"}) {
errors
}
}
- Try deleting the first framework and ensure that it is deleted without any errors.
mutation {
destroyComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/1"}) {
errors
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #375036 (closed)