Skip to content

Use GraphQL-API to fetch security training providers

What does this MR do and why?

This MR adds changes that moves from client-side resolvers (with mock data), for retrieving security training providers, to fetching the data from the actual GraphQL endpoint.

It also contains the renaming of a Vue-injected value to have it consistent with the vulnerability report.

Screenshots or screen recordings

How to set up and validate locally

Setup

Enable the feature flag:

echo "Feature.enable(:secure_vulnerability_training)" | rails c

Create two training providers:

echo "Security::TrainingProvider.create!(name: 'Foo', description: 'Foo provider', url: 'http://foo.com', logo_url: [http://foo.com/logo')" | rails c
echo "Security::TrainingProvider.create!(name: 'Bar', description: 'Bar provider', url: 'http://bar.com', logo_url: 'http://bar.com/logo')" | rails c
  1. Go to a project's "Security & Compliance" -> "Configuration"
  2. Click on "Vulnerability Management"
  3. Verify that both the "Foo" and "Bar" providers are visible (not configurable yet - will be tackled in separate issues)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #350956 (closed)

Edited by David Pisek

Merge request reports

Loading