Show related issues on pipeline security tab
What does this MR do and why?
Related #433477 (closed)
When the feature flag pipeline_security_dashboard_graphql is enabled, we're not showing the related issues of findings yet. This is the case for the old findings table when the feature flag is disabled.
With this MR, we fetch the issue links for the findings, which are automatically then shown because the setup has been already made previously for the vulnerability report.
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
For comparison, the related issues when the feature flag is disabled:
note: this only showed 1 issue, while now we can show multiple issues with the activity column.
How to set up and validate locally
Prerequisites
- You need an EE license
- You need to have runners enabled (See $2408961 for setting up a runner)
- Import https://gitlab.com/gitlab-examples/security/security-reports
- Run a pipeline on master
Validation
- Enable feature flag:
echo "Feature.enable(:pipeline_security_dashboard_graphql)" | rails console - Go to the latest pipeline > security tab
- Click on a finding so it opens the modal
- Click "Create issue", this redirects you to the created issue
- Go back and validate that in the activity column, for the respective finding, there is a related issue icon + hovering it will show the link.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Lorenz van Herwaarden