Skip to content

Filter by identifier name graphql api

Bala Kumarrequested to merge
432419-filter-dropdown-graphql into master

What does this MR do and why?

Vulnerabilities GraphQL API to filter by identifier_name on the project level field alone.

It is intended to be used by the frontend in #452492 (closed)

The API arguent is behind FF vulnerability_filtering_by_identifier. The argument is ignored if the FF is not enabled.

Screenshots or screen recordings

Screenshot_2024-11-08_at_3.00.25_AM

Database

Query plans are available in !171463 (comment 2199663954)

How to set up and validate locally

  1. Import project https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-owasp-top-10-grouping into local. After import, go to Build -> pipelines and start a new pipeline this will feed the vulnerabilities data.

  2. In rails console enable FF Feature.enable(:vulnerability_filtering_by_identifier)

  3. In GraphIQL run the below equivalent query for the imported project

{
  project(fullPath: "bala-test-group/verify-filter-by-identifier") {
    vulnerabilities(identifierName: "CVE-2019-10086") {
      nodes {
        id
        identifiers {
          name
        }
      }
    }
  }
}
  1. It should display only the filtered vulnerability with the identifier name as shown in the screenshot above.

Related to #432419 (closed)

Edited by Bala Kumar

Merge request reports