Allow comment in SecurityFindingRevertToDetected mutation (!137503) · Merge requests · GitLab.org / GitLab

Lorenz van Herwaarden requested to merge add-comment-to-revert-to-detected into master Nov 21, 2023

What does this MR do and why?

This MR allows a comment to be passed as argument when using the SecurityFindingRevertToDetected mutation. The support was already partially there in ee/app/graphql/mutations/security/finding/revert_to_detected.rb in the sense that the resolve function already accepted the comment argument and is passing it to RevertToDetectedService.

This is being done so we can move towards the pipeline security tab using the same bulk state change UI as the vulnerability report and add a comment when changing the state of findings to 'detected'. See Pipeline Security Listing Migration and Enhance... (&8478) for more info.

How to set up and validate locally

Use mutation on finding not in detected state:

mutation {
  securityFindingRevertToDetected(input: {uuid: "<some-uuid>", comment: "Revert to detected test"}) {
    errors
    securityFinding {
      vulnerability {
        id
        state
        stateTransitions {
          nodes {
            comment
            toState
          }
        }
      }
    }
  }
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related #431818

Edited Nov 23, 2023 by Lorenz van Herwaarden

Allow comment in SecurityFindingRevertToDetected mutation

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports