Skip to content

Add basic GraphQL resources for project security exclusions

Ahmed Hemdan requested to merge ahmed.hemdan-allowlist-for-secret-push-protection-9e046465 into master

What does this MR do and why?

This merge request adds the basic GraphQL resources for the project security exclusions.

  • Types:
    • ProjectSecurityExclusion
    • ExclusionTypeEnum
    • ExclusionScannerEnum
  • Resolvers:
    • ProjectSecurityExclusionResolver
  • [Database] Finders:
    • ProjectSecurityExclusionsFinder

And updates ProjectType to include the ProjectSecurityExclusion as well.

Resolves #479305 (closed) partially.

Note: The target branch is ahmed.hemdan-allowlist-for-secret-push-protection-4fdd537f because this merge request was built using stacked diffs, so it merges back onto the previous merge request. I'm also happy to wait until the three earlier MRs (1, 2, 3) have been approved and merged before proceeding with this one.

MR acceptance checklist

I have evaluated this MR against the MR acceptance checklist.

Query Plans

Please note that the table was only created a couple of days ago, so it has no records in the database at this point, but I have included the query plans below.

Query Plans

Without params/filters

SELECT
    "project_security_exclusions".*
FROM
    "project_security_exclusions"
WHERE
    "project_security_exclusions"."project_id" = 278964;

Query Plan: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31317/commands/97214.

With scanner filter specified

SELECT
    "project_security_exclusions".*
FROM
    "project_security_exclusions"
WHERE
    "project_security_exclusions"."project_id" = 278964
AND
    "project_security_exclusions"."scanner" = 0;

Query Plan: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31317/commands/97215.

With type filter specified

SELECT
    "project_security_exclusions".*
FROM
    "project_security_exclusions"
WHERE
    "project_security_exclusions"."project_id" = 278964
AND
    "project_security_exclusions"."type" = 2;

Query Plan: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31317/commands/97216.

With active filter specified

SELECT
    "project_security_exclusions".*
FROM
    "project_security_exclusions"
WHERE
    "project_security_exclusions"."project_id" = 278964
AND
    "project_security_exclusions"."active" = FALSE;

Query Plan: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31317/commands/97217.

Edited by Ahmed Hemdan

Merge request reports