Add GraphQL types and models for API fuzzing configuration
What does this MR do?
Adds models and GraphQL types for configuring API Fuzzing
The GraphQL types follow the structure of the SAST configuration types:
Types::CiConfiguration::ApiFuzzing::Type
Types::CiConfiguration::ApiFuzzing::ScanModeEnum
Types::CiConfiguration::ApiFuzzing::ScanProfile
Models:
Security::ApiFuzzing::CiConfiguration
Security::ApiFuzzing::ScanProfile
GraphQL query and response
This query:
{
project(fullPath: "my-namespace/my-project") {
apiFuzzingCiConfiguration {
scanModes
scanProfiles {
name
description
yaml
}
}
}
}
produces the following response:
{
"data": {
"project": {
"apiFuzzingCiConfiguration": {
"scanModes": [
"HAR",
"OPENAPI"
],
"scanProfiles": [
{
"name": "Quick-10",
"description": "Fuzzing 10 times per parameter",
"yaml": "---\n:Name: Quick-10 # truncated here for brevity \n"
},
{
"name": "Medium-20",
"description": "Fuzzing 20 times per parameter",
"yaml": "---\n:Name: Medium-20 # truncated here for brevity \n"
},
{
"name": "Medium-50",
"description": "Fuzzing 50 times per parameter",
"yaml": "---\n:Name: Medium-50 # truncated here for brevity \n"
},
{
"name": "Long-100",
"description": "Fuzzing 100 times per parameter",
"yaml": "---\n:Name: Long-100 # truncated here for brevity \n"
}
]
}
}
}
}
Issue
This is the first backend MR for #299234 (closed). The next MR will include the mutation for providing code snippets based on the configuration input
Edited by Avielle Wolfe