Use vulnerability-mr field for security modal (!120877) · Merge requests · GitLab.org / GitLab

David Pisek requested to merge dpisek-use-vulnerability-mr-field-for-standalone-modal into master May 16, 2023

What does this MR do and why?

Instead of using the MR information directly from the finding, this change switches to using the vulnerability-mr field.

The goal of the change is to keep the querying consistent with other parts of the application.

More context: #404894 (comment 1372558834)

Screenshots or screen recordings

How to set up and validate locally

Setup

Have the related FF enabled: echo "Feature.enable(:standalone_finding_modal)" | rails c
You'll need an EE License
You'll need to have runners enabled (See $2408961 for setting up a runner)
Import https://gitlab.com/gitlab-org/govern/demos/sandbox/minac/test-remediations
Run a pipeline on master

Validation

Go to the pipeline's security report tab
Create MR via the "Resolve with merge request" button
Go back to pipeline's security tab and click on same finding
Verify that the MR note is showing and the "Resolve with merge request" button is not visible

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited May 16, 2023 by David Pisek

Use vulnerability-mr field for security modal