Fix bug where remediations error on [nil] array
What does this MR do and why?
This MR puts a check in to make sure that the remediations field is an empty array and not an array with a single value of nil. This was originally in place when the fixes field was included in the GraphQL. It didn't seem to be still needed, but further usage indicted contrary to that. See related review comment in !108584 (comment 1237278640). Another interesting aspect of this bug is that when there isn't a vulnerability finding associated with the report finding, it will return nil, which still isn't quite right but it doesn't throw an error. A follow-up issue to investigate the FindingsFinder will be created.
Screenshots or screen recordings
How to set up and validate locally
- Run a pipeline with security findings that have no remediations (sample project
- Run the query on all security findings. The findings without remediations should return an empty array (
[]).
{
project(fullPath: "<project path>") {
pipeline(iid: "<pipeline IID>") {
securityReportFindings {
nodes {
uuid
remediations {
summary
diff
}
}
}
}
}
}
- Run the query on of the security findings from before. Should return an empty array (
[]) for remediations.
{
project(fullPath: "<project path>") {
pipeline(iid: "<pipeline IID>") {
securityReportFinding(uuid: "<security finding uuid>") {
uuid
remediations {
summary
diff
}
}
}
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #388655 (closed)