Error when dismissing pipeline security findings which do not exist on the default branch
Context
When dismissing pipeline security findings, which don't exist on the default branch, the related GraphQL query encounters an internal server error and the dismissal fails:
UI error message and server response |
---|
![]() |
Additional info
Example
How to reproduce
- Import the security-reports example project and Do not run pipeline on master yet!
- Comment all bug 1 scanners in
.gitlab-ci.yml
(leave one uncommented otherwise the CI file is invalid) and commit and push this to master/main - Uncomment the scanners in
.gitlab-ci.yml
, commit and push to a new branch and create an MR - Run a pipeline for the MR and then go to the "Security" tab on that pipeline
- Dismiss a finding from a scanner that is added in the MR
Example of error message
{
"errors": [
{
"message": "Internal server error: undefined method `update!' for nil:NilClass\n\n vulnerability.vulnerability_read.update!(dismissal_reason: params[:dismissal_reason])\n ^^^^^^^^",
"raisedAt": "/gitlab-development-kit-new/gitlab/ee/app/services/vulnerabilities/find_or_create_from_security_finding_service.rb:90:in `block in update_existing_state_transition' \u003c-- /gitlab-development-kit-new/gitlab/app/models/concerns/cross_database_modification.rb:92:in `block in transaction' \u003c-- /.asdf/installs/ruby/3.1.4/lib/ruby/gems/3.1.0/gems/activerecord-7.0.8/lib/active_record/connection_adapters/abstract/database_statements.rb:314:in `transaction' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/connection_proxy.rb:127:in `public_send' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/connection_proxy.rb:127:in `block in write_using_load_balancer' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/load_balancer.rb:137:in `block in read_write' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/load_balancer.rb:224:in `retry_with_backoff' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/load_balancer.rb:126:in `read_write' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/connection_proxy.rb:126:in `write_using_load_balancer' \u003c-- /gitlab-development-kit-new/gitlab/lib/gitlab/database/load_balancing/connection_proxy.rb:78:in `transaction' \u003c-- /Users/davepisek/.asdf/installs/ruby/3.1.4/lib/ruby/gems/3.1.0/gems/activerecord-7.0.8/lib/active_record/transactions.rb:209:in `transaction'"
}
]
}