Make RTV preflight check errors more granular
What does this MR do and why?
Make RTV preflight check errors more granular
If the vulnerable code is ineligible to send to the AI, return a
more granular explaining why, rather than just the generic
"Unable to generate prompt for Vulnerability"
.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Example below:
- Ensure you have GDK set up with runner and AI features enabled note - you do not need to configure GCP vertex or anthropic access for this MR
- Clone https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-432776 to a local group with AI features enabled
- Once the master pipeline has completed visit Security -> Vulnerability Report on the project
- Click on the Vulnerability
- Click 'Resolve with AI'
You should see the error message Unable to locate source code for vulnerability
Related to #432776 (closed)
Edited by Malcolm Locke