Improve error handling for fetching API fuzzing scan profiles
Context
The API fuzzing scan profiles are loaded into the API fuzzing CI configuration form by importing them directly from https://gitlab.com/gitlab-org/security-products/analyzers/api-fuzzing/-/raw/master/gitlab-api-fuzzing-config.yml.
Errors in the request are caught and return an empty array. Errors from parsing the YAML are not caught. As a result, no useful error is returned by the scanProfiles
field on CiConfiguration::ApiFuzzing::Type
.
Proposal
Handle both types of error by returning a GraphQL error detailing the problem. If necessary, update the frontend to respond appropriately to the errors (probably by retrying the query).
Implementation Plan
TBD
-
Add errors
toapi_fuzzing_ci_configuration.query.graphql
-
Implement error handler in the component -
show an alert with error message -
add specs
Edited by Dheeraj Joshi