Comment not added when using vulnerabilityDismiss mutation

Summary

When using the vulnerabilityDismiss mutation the value of the comment argument is not applied to the vulnerability.

Steps to reproduce

In a project with a security finding, execute the following query (replacing values as needed):

mutation {
  vulnerabilityDismiss(input: { id: "gid://gitlab/Vulnerability/VULN_ID_HERE", 
    comment: "test comment gql"
  })
    {
    vulnerability {
      state
      dismissedAt
      dismissedBy{
        id
      }
    }
  }
}

What is the current bug behavior?

The provided comment is not added with the vulnerability dismissal.

What is the expected correct behavior?

The provided comment is included with the vulnerability dismissal.

Output of checks

This bug happens on GitLab.com

Implementation plan

Add comment to ee/app/graphql/types/vulnerability_type.rb
Add specs

Verification steps

Go to https://gitlab.com/-/graphql-explorer and use the following query

query fetch {
  vulnerability(id: "gid://gitlab/Vulnerability/54568026") {
    comment
    state
    dismissedAt
    dismissedBy {
      id
      name
    }
  }
}

The comment field should be this is a test

Edited Jan 23, 2023 by Michał Zając