Add has_merge_request field to vulnerabilities GQL
What does this MR do and why?
Related to Backend: Add hasMergeRequest filter to Vulnerab... (#371313 - closed) and it is MR-6 to add has_merge_request
argument to vulnerabilities resolver.
Screenshots or screen recordings
How to set up and validate locally
- Clone https://gitlab.com/gitlab-org/govern/threat-insights-demos/issue-390071-verification/ under path
root/mr-link-on-branch
and run pipeline for branchremediate/test-vulnerability-1-D20230321T163025
. - Goto the pipeline security tab and click on the first vulnerability and click resolve with MergeRequest button.
- Then merge branch
remediate/test-vulnerability-1-D20230321T163025
into main. Now thevulnerability_reads
latest record should havehas_merge_request
value set for it. - In GrahpiQL or Rails console run the below query
{
project(fullPath: "root/mr-link-on-branch") {
name
vulnerabilities(reportType: SAST, hasMergeRequest: true) {
nodes {
id
uuid
description
}
}
}
}
and we should get output like
{
"data": {
"project": {
"name": "MR Link On Branch",
"vulnerabilities": {
"nodes": [
{
"id": "gid://gitlab/Vulnerability/797",
"uuid": "01abf358-28e6-57fc-b89e-a8630898bfe2",
"description": "Test vulnerability description"
}
]
}
}
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #371313 (closed)
Edited by Bala Kumar