Add GraphQL mutations to create and destroy a external issue (Jira) for a pipeline finding
Currently, we have:
They operate on a Vulnerability and we need the same functionality for pipeline findings:
securityFindingExternalIssueLinkCreate
securityFindingExternalIssueLinkDestroy
Implementation Plan
-
Create a new mutation to link a vulnerability to a JIRA issue via a security finding uuid -
Create a new mutation to delete a JIRA issue link from a vulnerability via a security finding uuid. -
Ensure that an externalIssueLink
is returned from `Mutation.vulnerabilityExternalIssueLinkCreate.
Verification Steps
- Execute mutation to link a vulnerability to an external JIRA issue
mutation{ vulnerabilityExternalIssueLinkCreate(input: { uuid: "6420931a-a072-5f61-a5bf-ae4628ec8bd3" }){ externalIssueLink{ externalIssue{ title } id linkType } } }
- Execute query to view the vulnerability is linked to an external JIRA issue
query getLinks($fullPath: ID!, $pipelineIid: ID!, $findingUuid: String!) { project(fullPath: $fullPath) { pipeline(iid: $pipelineIid) { securityReportFinding(uuid: $findingUuid) { vulnerability { externalIssueLinks { nodes { id linkType externalIssue { title } } } } } } } }
- Execute mutation to delete the link between a vulnerability and an external JIRA issue.
mutation deleteLink($linkID: ID!) { vulnerabilityExternalIssueLinkDestroy(input: {id: $linkID}) { errors } }
- Execute query to verify that the vulnerability is not linked to an external JIRA issue.
query getLinks($fullPath: ID!, $pipelineIid: ID!, $findingUuid: String!) { project(fullPath: $fullPath) { pipeline(iid: $pipelineIid) { securityReportFinding(uuid: $findingUuid) { vulnerability { externalIssueLinks { nodes { id linkType externalIssue { title } } } } } } } }
Edited by mo khan