Use vulnerability-mr field for security modal
What does this MR do and why?
Instead of using the MR information directly from the finding, this change switches to using the vulnerability-mr field.
The goal of the change is to keep the querying consistent with other parts of the application.
More context: #404894 (comment 1372558834)
Screenshots or screen recordings
How to set up and validate locally
Setup
- Have the related FF enabled:
echo "Feature.enable(:standalone_finding_modal)" | rails c
- You'll need an EE License
- You'll need to have runners enabled (See $2408961 for setting up a runner)
- Import https://gitlab.com/gitlab-org/govern/demos/sandbox/minac/test-remediations
- Run a pipeline on master
Validation
- Go to the pipeline's security report tab
- Create MR via the "Resolve with merge request" button
- Go back to pipeline's security tab and click on same finding
- Verify that the MR note is showing and the "Resolve with merge request" button is not visible
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by David Pisek