Skip to content

Add GraphQL APIs for updating the group's default compliance framework

Huzaifa Iftikhar requested to merge 375036-add_graphql_api_to_update_default_compliance_framework into master

What does this MR do and why?

  • Update the existing create/update/destroy mutations for compliance frameworks to enable users to set a framework as default for the namespace. Any new projects that are created under this namespace will have this compliance framework associated to them !100959 (merged).
  • A compliance framework which is set as the default framework is not prevented from being deleted.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Ensure that you have an ultimate license.
  2. Create a group and sign in with a user with owner access for that group.
  3. Visit GraphiQL explorer (https://gdk.test:3000/-/graphql-explorer) and run the following mutations.
  4. Create a new compliance framework using the following mutation and note the id.
mutation {
  createComplianceFramework(input: {params: {name: "PCI DSS", description: "Payment Card Industry Data Security Standard", color: "#87CEEB", default: false}, namespacePath: "flightjs"}) {
    framework {
      id,
      name,
      default,
      description,
      color,
      pipelineConfigurationFullPath
    }
    errors
  }
}
  1. Verify that the default framework for the namespace is nil by running the following in rails console
group.namespace_settings.default_compliance_framework_id
  1. Use the update mutation to set the above created compliance framework as the default framework.
mutation {
  updateComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/1", params: { default: true }}) {
    complianceFramework {
      id,
      name,
      default,
      description,
      color,
      pipelineConfigurationFullPath
    }
  }
}
  1. Verify that the default framework for the namespace is the id of the above framework by running the following in rails console
group.namespace_settings.default_compliance_framework_id
  1. Create another framework by running the create mutation and also setting the default parameter during creation. Note the id of this framework too.
mutation {
  createComplianceFramework(input: {params: {name: "GDPR", description: "General Data Protection Regulation", color: "#ff0000", default: true}, namespacePath: "flightjs"}) {
    framework {
      id,
      name,
      default,
      description,
      color,
      pipelineConfigurationFullPath
    }
    errors
  }
}
  1. Verify that the default framework for the namespace is the id of the second framework by running the following in rails console
group.namespace_settings.default_compliance_framework_id
  1. Try deleting the newly created framework and ensure that the deletion fails with error "Cannot delete the default framework".
mutation {
  destroyComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/2"}) {
    errors
  }
}
  1. Try deleting the first framework and ensure that it is deleted without any errors.
mutation {
  destroyComplianceFramework(input: {id: "gid://gitlab/ComplianceManagement::Framework/1"}) {
    errors
  }
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #375036 (closed)

Merge request reports