Allow comment in SecurityFindingRevertToDetected mutation
What does this MR do and why?
This MR allows a comment to be passed as argument when using the SecurityFindingRevertToDetected
mutation. The support was already partially there in ee/app/graphql/mutations/security/finding/revert_to_detected.rb
in the sense that the resolve
function already accepted the comment argument and is passing it to RevertToDetectedService
.
This is being done so we can move towards the pipeline security tab using the same bulk state change UI as the vulnerability report and add a comment when changing the state of findings to 'detected'. See Pipeline Security Listing Migration and Enhance... (&8478) for more info.
How to set up and validate locally
Use mutation on finding not in detected state:
mutation {
securityFindingRevertToDetected(input: {uuid: "<some-uuid>", comment: "Revert to detected test"}) {
errors
securityFinding {
vulnerability {
id
state
stateTransitions {
nodes {
comment
toState
}
}
}
}
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related #431818