BE: GraphQL to support vulnerability report grouping with single GQL query
Overview
To present the vulnerability report grouping planned in &10164, for the frontend we discussed to present the data in a 2 query approach which was explored in Spike: Investigate 2 query approach for vulnera... (#422203 - closed)
- Backend first returns the groups and the number of vulnerabilities for each group
- When a group is expanded, we make another request to fetch the vulnerabilities of that group
After the spike POC we decided to split the backend work into two parts:
- GQL changes
- Model changes
Requirements
In this issue we track the implementations related to the GraphQL backend changes
1st query
Backend first returns the groups and the number of vulnerabilities for each group
{
project(fullPath: "root/mr-link-on-branch") {
name
vulnerabilityGroupCountBySeverity(reportType: SAST, grouping: STATUS) {
groups
counts
}
}
}
Example: See, !131888 (closed)
2nd query:
- When a group is expanded, we make another request to fetch the vulnerabilities of that group
we can make use of the already available query vulnerabilities
{
project(fullPath: "root/mr-link-on-branch") {
name
vulnerabilities(reportType: SAST, state: DETECTED, first: 20) {
nodes {
id
title
description
}
}
}
}
Edited by Bala Kumar