Skip to content

Add bulk dismiss and needs triage for pipeline security tab

What does this MR do and why?

Related #331408 (closed)

Add bulk dismiss and needs triage for pipeline security tab. This MR hides the "resolve" and "confirm" bulk state actions because these don't have finding mutations yet. For "dismiss" and "needs triage" bulk state actions the finding mutations are added and the specs are updated.

Screenshots or screen recordings

Before After
Screenshot_2023-12-11_at_10.53.43 Screenshot_2023-12-11_at_10.53.00

note: before the 4 bulk state actions were shown but were not working for findings.

For context: with feature flag pipeline_security_dashboard_graphql disabled

It only allows you to bulk dismiss, and the reasons you can give are added as a comment and not actual an dismissal reason.

Screenshot_2023-12-11_at_11.00.39

How to set up and validate locally

Prerequisites

  1. You need an EE license
  2. You need to have runners enabled (See $2408961 for setting up a runner)
  3. Import https://gitlab.com/gitlab-examples/security/security-reports
  4. Run a pipeline on master

Validation

  1. Enable feature flag: echo "Feature.enable(:pipeline_security_dashboard_graphql)" | rails console
  2. Go to the latest pipeline > security tab
  3. Select a couple of findings and validate you can change state to "dismiss" (with dismissal reason) or "needs triage".

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Lorenz van Herwaarden

Merge request reports

Loading