Make RTV preflight check errors more granular (!144395) · Merge requests · GitLab.org / GitLab

Malcolm Locke requested to merge 432776-rtv-granular-exception-message into master Feb 11, 2024

What does this MR do and why?

Make RTV preflight check errors more granular

If the vulnerable code is ineligible to send to the AI, return a more granular explaining why, rather than just the generic "Unable to generate prompt for Vulnerability".

Before	After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Example below:

Ensure you have GDK set up with runner and AI features enabled note - you do not need to configure GCP vertex or anthropic access for this MR
Clone https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-432776 to a local group with AI features enabled
Once the master pipeline has completed visit Security -> Vulnerability Report on the project
Click on the Vulnerability
Click 'Resolve with AI'

You should see the error message Unable to locate source code for vulnerability

Related to #432776 (closed)

Edited Feb 12, 2024 by Malcolm Locke

Make RTV preflight check errors more granular

What does this MR do and why?

How to set up and validate locally

Merge request reports