Add GraphQL API to get compliance standards adherence at group level
What does this MR do and why?
- Add GraphQL API to get compliance standards adherence at group level.
- This API would be used by frontend to populate the adherence report UI.
Database
Query without any params
Link to DB lab - https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/20346/commands/66463
SELECT
"project_compliance_standards_adherence".*
FROM
"project_compliance_standards_adherence"
WHERE
"project_compliance_standards_adherence"."namespace_id" IN (65064827, 3640403, 11037005, 10310075, 10310070, 10310067, 10310086, 10310071, 3513933, 4145962, 1522629, 4145959, 1445908, 1906164, 3443609, 1457499, 2018325, 57339878, 4517050, 12667966, 10310183, 10310080, 7393794, 69934222, 3474514, 6576322, 4414318, 1434693, 4420728, 3449996, 1440683, 4523483, 2863548, 1882511, 3466887, 15794607, 12425318, 5516287, 6289401, 2018334, 2791138, 15955396, 10349932, 10310069, 15247209, 55574284, 57635353, 9472535, 1825656, 4904441, 6809149, 4988166, 5027422, 5880046, 4656532, 1819491, 2344670, 4517043, 4753232, 4656330, 5259358, 3954059, 785414, 2167956, 1854408, 11028948, 7393807, 7393822, 7393803, 14412797, 14412790, 14412793, 2045066, 58978791, 60008359, 60201286, 60387912, 60452970, 60455628, 60455637, 62948902, 65163562, 69203209, 66968060, 67653671, 67502736, 67653998, 68202970, 68558629, 68620107)
ORDER BY
"project_compliance_standards_adherence"."id" DESC
LIMIT 101Query with all the params
Link to DB lab - https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/20346/commands/66464
SELECT
"project_compliance_standards_adherence".*
FROM
"project_compliance_standards_adherence"
WHERE
"project_compliance_standards_adherence"."namespace_id" IN (65064827, 3640403, 11037005, 10310075, 10310070, 10310067, 10310086, 10310071, 3513933, 4145962, 1522629, 4145959, 1445908, 1906164, 3443609, 1457499, 2018325, 57339878, 4517050, 12667966, 10310183, 10310080, 7393794, 69934222, 3474514, 6576322, 4414318, 1434693, 4420728, 3449996, 1440683, 4523483, 2863548, 1882511, 3466887, 15794607, 12425318, 5516287, 6289401, 2018334, 2791138, 15955396, 10349932, 10310069, 15247209, 55574284, 57635353, 9472535, 1825656, 4904441, 6809149, 4988166, 5027422, 5880046, 4656532, 1819491, 2344670, 4517043, 4753232, 4656330, 5259358, 3954059, 785414, 2167956, 1854408, 11028948, 7393807, 7393822, 7393803, 14412797, 14412790, 14412793, 2045066, 58978791, 60008359, 60201286, 60387912, 60452970, 60455628, 60455637, 62948902, 65163562, 69203209, 66968060, 67653671, 67502736, 67653998, 68202970, 68558629, 68620107)
AND "project_compliance_standards_adherence"."project_id" IN (46101060, 6809149, 58978791)
AND "project_compliance_standards_adherence"."check_name" = 0
AND "project_compliance_standards_adherence"."standard" = 0
ORDER BY
"project_compliance_standards_adherence"."id" DESC
LIMIT 101Query with ProjectIds param
Link to DB lab - https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/20346/commands/66466
SELECT
"project_compliance_standards_adherence".*
FROM
"project_compliance_standards_adherence"
WHERE
"project_compliance_standards_adherence"."namespace_id" IN (65064827, 3640403, 11037005, 10310075, 10310070, 10310067, 10310086, 10310071, 3513933, 4145962, 1522629, 4145959, 1445908, 1906164, 3443609, 1457499, 2018325, 57339878, 4517050, 12667966, 10310183, 10310080, 7393794, 69934222, 3474514, 6576322, 4414318, 1434693, 4420728, 3449996, 1440683, 4523483, 2863548, 1882511, 3466887, 15794607, 12425318, 5516287, 6289401, 2018334, 2791138, 15955396, 10349932, 10310069, 15247209, 55574284, 57635353, 9472535, 1825656, 4904441, 6809149, 4988166, 5027422, 5880046, 4656532, 1819491, 2344670, 4517043, 4753232, 4656330, 5259358, 3954059, 785414, 2167956, 1854408, 11028948, 7393807, 7393822, 7393803, 14412797, 14412790, 14412793, 2045066, 58978791, 60008359, 60201286, 60387912, 60452970, 60455628, 60455637, 62948902, 65163562, 69203209, 66968060, 67653671, 67502736, 67653998, 68202970, 68558629, 68620107)
AND "project_compliance_standards_adherence"."project_id" IN (46101060, 6809149, 58978791)
ORDER BY
"project_compliance_standards_adherence"."id" DESC
LIMIT 101Query with check name and standard param
Link to DB lab - https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/20346/commands/66468
SELECT
"project_compliance_standards_adherence".*
FROM
"project_compliance_standards_adherence"
WHERE
"project_compliance_standards_adherence"."namespace_id" IN (65064827, 3640403, 11037005, 10310075, 10310070, 10310067, 10310086, 10310071, 3513933, 4145962, 1522629, 4145959, 1445908, 1906164, 3443609, 1457499, 2018325, 57339878, 4517050, 12667966, 10310183, 10310080, 7393794, 69934222, 3474514, 6576322, 4414318, 1434693, 4420728, 3449996, 1440683, 4523483, 2863548, 1882511, 3466887, 15794607, 12425318, 5516287, 6289401, 2018334, 2791138, 15955396, 10349932, 10310069, 15247209, 55574284, 57635353, 9472535, 1825656, 4904441, 6809149, 4988166, 5027422, 5880046, 4656532, 1819491, 2344670, 4517043, 4753232, 4656330, 5259358, 3954059, 785414, 2167956, 1854408, 11028948, 7393807, 7393822, 7393803, 14412797, 14412790, 14412793, 2045066, 58978791, 60008359, 60201286, 60387912, 60452970, 60455628, 60455637, 62948902, 65163562, 69203209, 66968060, 67653671, 67502736, 67653998, 68202970, 68558629, 68620107)
AND "project_compliance_standards_adherence"."check_name" = 0
AND "project_compliance_standards_adherence"."standard" = 0
ORDER BY
"project_compliance_standards_adherence"."id" DESC
LIMIT 101Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Enable feature flag
Feature.enable(:compliance_adherence_report) - Visit group settings and enable "Prevent approval by author" from the 'Merge Request Approval' section.
- This will create a couple of rows inside the
project_compliance_standards_adherencetable. - Visit the GraphiQL explorer (
https://gdk.test:3000/-/graphql-explorer) and run the following queries (update the values as per your dev setup):
GraphQL query without filters
query getProjectComplianceStandardsAdherence {
group(fullPath: "flightjs") {
projectComplianceStandardsAdherence {
nodes {
id,
updatedAt,
status,
checkName,
standard,
project {
id,
name,
complianceFrameworks {
nodes {
id,
name,
description,
color,
default
}
}
}
}
}
}
}Query with filters
query getProjectComplianceStandardsAdherence {
group(fullPath: "flightjs") {
projectComplianceStandardsAdherence(filters: {standard: GITLAB, checkName: PREVENT_APPROVAL_BY_MERGE_REQUEST_AUTHOR, projectIds: ["gid://gitlab/Project/39", "gid://gitlab/Project/22"]}) {
nodes {
id,
updatedAt,
status,
checkName,
standard,
project {
id,
name,
complianceFrameworks {
nodes {
id,
name,
description,
color,
default
}
}
}
}
}
}
}- Verify that the output has the following format and that the filters work as expected.
{
"data": {
"group": {
"projectComplianceStandardsAdherence": {
"nodes": [
{
"id": "gid://gitlab/Projects::ComplianceStandards::Adherence/9",
"updatedAt": "2023-07-05T07:39:08Z",
"status": "FAIL",
"checkName": "PREVENT_APPROVAL_BY_MERGE_REQUEST_AUTHOR",
"standard": "GITLAB",
"project": {
"id": "gid://gitlab/Project/22",
"name": "Test Nodejs Template",
"complianceFrameworks": {
"nodes": [
{
"id": "gid://gitlab/ComplianceManagement::Framework/12",
"name": "Compliance pipeline",
"description": "This compliance framework is a test framework.",
"color": "#009966",
"default": false
}
]
}
}
}
]
}
}
}
}MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Closes #413236 (closed)
Edited by Huzaifa Iftikhar