Create Vulnerability when issue feedback created
requested to merge 384867-add-issuelinks-field-to-pipelinesecurityreportfinding-create-vuln into master
What does this MR do and why?
This MR is the first part of 384867+, to create vulnerabilities from the Pipeline Security page if one does not already exist. From this, we can then pull issues into the Security Finding GraphQL query through the Vulnerability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
- Create a new local project based off of https://gitlab.com/gitlab-examples/security/security-reports.
- Create a branch and run a pipeline off of it.
- Checkout the
masterbranch. Create an issue by clicking the "Create Issue" button in the Pipeline Security Findings list. - The issue should be created, but not the Vulnerability.
- This can be verified by performing the following in a rails console:
Project.find(<project ID>).vulnerabilities #should be 0- Checkout the
384867-add-issuelinks-field-to-pipelinesecurityreportfinding-create-vulnbranch. Create an issue by clicking the "Create Issue" button in the Pipeline Security Findings list. - The issue and vulnerability should both be created.
- This can be verified by performing the following in a rails console:
Project.find(<project ID>).vulnerabilities #should be > 0MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #384867 (closed)