POC 2 query approach for vulnerability grouping (!131888) · Merge requests · GitLab.org / GitLab

Bala Kumar requested to merge 422203-poc-2-query-approach into master Sep 15, 2023

What does this MR do and why?

POC for 2 query approach for vulnerability grouping.

Have limited to query to projects alone, and we require an equivalent work for groups as well during development.

Screenshots or screen recordings

1st query to support list by groups with counts by severity. Can use a GraphQL query as proposed below:

{
  project(fullPath: "root/mr-link-on-branch") {
    name
    vulnerabilityGroupCountBySeverity(reportType: SAST, grouping: STATUS) {
      groups
      counts
    }
  }
}

2nd query to support the expansion action. Can use the already available query vulnerabilities

{
  project(fullPath: "root/mr-link-on-branch") {
    name
    vulnerabilities(reportType: SAST, state: DETECTED, first: 20) {
      nodes {
        id
        title
        description
      }
    }
  }
}

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #422203 (closed)

Edited Sep 19, 2023 by Bala Kumar

POC 2 query approach for vulnerability grouping

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports