Add GraphQL type to allow retrieval of compliance violations within a group
Why are we doing this work
To implement the next iteration of the "Compliance Dashboard" we should store compliance violations such as a failure of separations of duties.
Thanks to the work done in #347324 (closed) we should now have a collection of compliance violations saved into the new table. This issue should be used to surface these to the GraphQL API.
Proposed Data Structure
query getComplianceViolations($fullPath: ID!, $filters: ViolationFilters, $sort: String) {
group(fullPath: $fullPath) {
id
mergeRequestViolations(filters: $filters, sort: $sort) {
nodes {
id
severity
reason
violatingUser {
id
name
username
state
avatarUrl
webUrl
}
mergeRequest {
id
title
mergedAt
milestone
webUrl
author {
id
name
username
state
avatarUrl
webUrl
}
mergedBy {
id
name
username
state
avatarUrl
webUrl
}
committers {
nodes {
id
name
username
state
avatarUrl
webUrl
}
}
participants {
nodes {
id
name
username
state
avatarUrl
webUrl
}
}
approvedBy {
nodes {
id
name
username
state
avatarUrl
webUrl
}
}
ref: reference
fullRef: reference(full: true)
sourceBranch
sourceBranchExists
targetBranch
targetBranchExists
headPipeline {
detailedStatus {
id
icon
favicon
text
label
group
tooltip
hasDetails
detailsPath
}
}
}
project {
id
avatarUrl
name
webUrl
complianceFrameworks {
nodes {
id
name
description
color
}
}
}
}
}
}
}
The ViolationFilters
should be a new type like EpicFilters
and it should accept the following arguments:
$projectIds: [ID!], $createdBefore: Time, $createdAfter: Time
Sort should use this format and have ASC and DESC values for Severity
, Violation
(type / user?), Merge request
(alphabetical on name), and Date merged
.