Fix add/edit/delete dismissal comment for pipeline security tab
What does this MR do and why?
This MR updates the add/edit/delete dismissal comment actions on the pipeline security tab to use a GraphQL mutation instead of the vulnerability_feedback
endpoint, which is going away as part of the deprecate vulnerabilities feedback work. The add/edit/delete dismissal comment feature can be done on the finding modal:
How to set up and validate locally
- Disable the
deprecate_vulnerabilities_feedback
feature flag. - Clone any project that has security findings, like this one: https://gitlab.com/gitlab-examples/security/security-reports
- Run a pipeline against any branch, then go to the pipeline security tab for that pipeline.
- Click on a finding to open the modal.
- Dismiss the finding with a comment, re-open the modal, and verify that the comment was added.
- Re-open the modal, edit the comment, save it, re-open the modal, and verify that the comment was edited.
- Re-open the modal, delete the comment, re-open the modal, and verify that the comment was removed.
- Enable the
deprecate_vulnerabilities_feedback
feature flag and repeat steps 4-8.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #390073 (closed)
Edited by Daniel Tian