Prioritize vulnerability severity when resolving security findings

Gal Katzrequested to merge
gkatz_prioritize_vul_severity_pipelile_security_report into master

What does this MR do and why?

Prioritize vulnerability severity when resolving security findings under PipelineSecurityReportFinding, which is used to resolve findings for the pipeline security tab and MR widget vulnerability modal. This change is introduced to support vulnerability and security finding severity override.

Related issue

Prioritize vulnerability severity when resolvin... (#515811 - closed) • Gal Katz • 17.9

Verify

  1. Run a pipeline to generate security findings. (This can be useful)
  2. Go to the pipeline security tab and inspect the severity of one of the findings in the list.
  3. Click on the finding and verify the same severity appears in the finding modal as well.
  4. Use this mutation to change the finding severity. Alternatively, it is also possible to change the finding state and then manually change the severity of the created severity in the DB, but this is less recommended.
  5. The severity in the pipeline security tab and in the modal should reflect the new severity.

Merge request reports