Allow comment on GQL vulnerabilityResolve mutation
What does this MR do and why?
This MR allows the vulnerabilityResolve
GQL mutation to receive a comment
field as part of the backend changes supporting &4649 (closed)
How to set up and validate locally
- On a project with vulnerabilities, enable the
:deprecate_vulnerabilities_feedback
feature flag.Feature.enable(:deprecate_vulnerabilities_feedback, Project.find(project_id))
- Note down the ID of a vulnerability that is not resolved from the Security and Compliance -> Vulnerability Report page on the project.
- Run the following query via
/-/graphql-explorer
mutation($input: VulnerabilityResolveInput!) {
vulnerabilityResolve(input: $input) {
vulnerability {
id
state
stateComment
}
}
}
{
"input": {
"id": "gid://gitlab/Vulnerability/<vulnerability_id>",
"clientMutationId": "ANY_STRING",
"comment": "Test Resolve Comment"
}
}
- Check the state change and comment have been persisted:
query {
vulnerability(id: "gid://gitlab/Vulnerability/553") {
id
state
stateComment
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #373969 (closed)
Edited by Malcolm Locke