GraphQL changes to support limited vulnerability severities count
What does this MR do and why?
Part 2 MR, to introduce GraphQL changes to support capped counts for vulnerability severities. We are introducing capped argument to the vulnerabilitySeveritiesCount GraphQL API and by default it is set to false, when true it returns the capped count. capped: true will be used by the UI and it is tracked #463387 (closed)
Part 1 MR, related to the DB query changes on the model is already database approved and merged.
Screenshots or screen recordings
| API | Without capped | With capped: true |
|---|---|---|
| project.vulnerabilitySeveritiesCount |  |
 |
| group.vulnerabilitySeveritiesCount |  |
 |
| instanceSecurityDashboard.vulnerabilitySeveritiesCount |  |
 |
How to set up and validate locally
- Import project from https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/438303-limit-vulnerabiility-severity-counts into local and run the pipeline on the main branch. This will populate the vulnerabilities, this project has 1100 vulnerabilities (
low: 1045andcritical: 55). - Run the GraphQL queries for
project.vulnerabilitySeveritiesCount,group.vulnerabilitySeveritiesCountandinstanceSecurityDashboard.vulnerabilitySeveritiesCountwithfullPathcorresponding to the imported project above and we should observe that maximum count returned does not exceed 1001 as shown in screenshots above.
query {
project(fullPath: "bala-test-group/438303-limit-vulnerabiility-severity-counts") {
vulnerabilitySeveritiesCount(state: [DETECTED]) {
critical
high
info
low
medium
unknown
}
}
}query {
group(fullPath: "bala-test-group") {
vulnerabilitySeveritiesCount(state: [DETECTED]) {
critical
high
info
low
medium
unknown
}
}
}
query {
instanceSecurityDashboard {
vulnerabilitySeveritiesCount(state: [DETECTED]) {
critical
high
info
low
medium
unknown
}
}
}Related to #438303 (closed)
Edited by Bala Kumar