Add Jira issues in activity column to pipeline security listing
What does this MR do and why?
Related #450240 (closed)
This MR allows Jira issues related to findings to be displayed in the activity column of the GraphQL pipeline listing page.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Prerequisites
- You need an EE license
- You need to have runners enabled (See $2408961 for setting up a runner)
- Import https://gitlab.com/gitlab-examples/security/security-reports
- Run a pipeline on master
Jira setup
- Create a Jira test project at https://jira.atlassian.com/ and get an API key at Account settings > Security
- Navigate to the security-reports project
- Go to Settings > Integrations > Jira
- Enable the integration and fill out the form
- Enable "Jira Issues" and "Issue creation from vulnerabilities"
Enable feature flag
- Go to http://gdk.test:3000/rails/features
- Search for
pipeline_security_dashboard_graphql
and enable
Create jira issue
- Go to security reports vulnerability report
- Click first vulnerability to go to detail page
- Click "Create jira issue"
Validate pipeline activity column
- Go to latest pipeline on security reports
- Go to the security tab
- Validate that first finding has an issue badge in the activity column hovering it opens a popover with a link. Click the link to go the issue in Jira (if this badge is not showing, check troubleshoot below).
Troubleshooting
- Check #450240 (comment 1859119476) for context. The jira issues are cached reactively, which means if they are requested by the UI for the first time, you'll not see them and a background job will kick off to fetch this data. The next time they should appear. However, it seems that on the GDK, this does not always behave correctly.
- You can try refreshing the page once.
- If that does not work, you can temporarily remove the reactive caching:
diff --git a/ee/app/finders/projects/integrations/jira/by_ids_finder.rb b/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
index bb43f74535a6..00b6d2b1b856 100644
--- a/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
+++ b/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
@@ -24,7 +24,7 @@ def initialize(project, jira_issue_ids)
end
def execute
- with_reactive_cache(*cache_args) { |issues| issues }
+ without_reactive_cache(*cache_args) { |issues| issues }
end
def calculate_reactive_cache(*)
Edited by Lorenz van Herwaarden