Add `securityFindingCreateMergeRequest` mutation
Why are we doing this work
We want to add the ability to create a merge request from a security finding. This will require the following arguments:
-
uuid
: security report finding UUID (String
)
Example of new mutation:
mutation {
securityFindingCreateMergeRequest(input: { uuid: "security finding uuid" }) {
mergeRequest {
projectId
}
}
}
Sample Response:
{
"data": {
"securityFindingCreateMergeRequest": {
{
"mergeRequest": {
"projectId": 27
}
}
}
}
}
Relevant links
Non-functional requirements
-
Documentation: Update the GraphQL docs -
Testing: Add appropriate GraphQL mutation specs in https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/spec/graphql/mutations/security/finding/create_merge_request_spec.rb (new file) - Test all fields
- Test for missing arguments
- Test if a merge request exists (should fail)
- Test to confirm MR is created
Implementation plan
-
MR 1: Add securityFindingCreateMergeRequest
mutation in https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/graphql/mutations/security/finding/create_merge_request.rb (new file)-
backend Takes arguments -
uuid
: security report finding UUID (String
)
-
-
backend Use https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/services/vulnerabilities/security_finding/create_merge_request_service.rb for creating the MR.
-
Verification steps
Test query on a security finding that has a remediation (Sample Project):
mutation {
securityFindingCreateMergeRequest(input: { uuid: "security finding uuid" }) {
mergeRequest {
iid
}
}
}
Edited by mo khan