Add name field to external controls

Jean van der Waltrequested to merge
527007-add-name-field-to-external-controls-be into master

What does this MR do and why?

In this MR, we are making backend changes to support updating 'external_control_name' via the API.

  • Update API params to receive new field
  • Add model validations

We are going to be using the backend changes in a subsequent frontend MR to allow updating via the UI.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

The below example uses the gitlab-org namespace as an example, feel free to substitute with your local example of choice.

  1. Ensure you have an ultimate license on your GDK.
  2. Visit the GraphQL explorer. Eg: http://gitlab.localdev:3000/-/graphql-explorer
  3. Run the following mutation to create a Compliance Requirement:
mutation createComplianceRequirement {
  createComplianceRequirement(
    input: {
      complianceFrameworkId: "gid://gitlab/ComplianceManagement::Framework/<ID>",
      params: {
        name: "External Control Name Test",
        description: "Description"
      }
    }) {
    errors
    requirement {
      id
      name
      description
    }
  }
}
  1. You should get a response as below:
{
  "data": {
    "createComplianceRequirement": {
      "errors": [],
      "requirement": {
        "id": "gid://gitlab/ComplianceManagement::ComplianceFramework::ComplianceRequirement/<ID>",
        "name": "External Control Name Test",
        "description": "Description"
      }
    }
  },
  "correlationId": "01JTSDGJYCPY14HKSTWFR5D74G"
}
  1. Now run the mutation to create a Compliance Requirement Control with an external_control_name, using the Compliance Requirement ID that was returned:
mutation createComplianceRequirementControl {
  createComplianceRequirementsControl(
    input: {
      complianceRequirementId: "gid://gitlab/ComplianceManagement::ComplianceFramework::ComplianceRequirement/<ID>",
      params: {
        name: "external_control",
        controlType: "external",
        externalControlName: "New External Control",
        externalUrl: "https://www.externalcontrol.com",
        secretToken: "123456789"
      }
    }) {
    errors
    requirementsControl {
      id
      name
      externalControlName
      externalUrl
    }
  }
}
  1. You should get a response like this:
{
  "data": {
    "createComplianceRequirementsControl": {
      "errors": [],
      "requirementsControl": {
        "id": "gid://gitlab/ComplianceManagement::ComplianceFramework::ComplianceRequirementsControl/<ID>",
        "name": "external_control",
        "externalControlName": "New External Control",
        "externalUrl": "https://www.externalcontrol.com"
      }
    }
  },
  "correlationId": "01JTSEP14DG5TEBP245HB54CAN"
}
  1. You can also query via GraphQL explorer again to ensure that the compliance control has an external_control_name.
query {
  namespace(fullPath: "gitlab-org") {
    complianceFrameworks {
      nodes {
        name,
        complianceRequirements {
          nodes {
            complianceRequirementsControls {
              nodes {
                name,
                externalControlName
              }
            }
          }
        }
      }
    }
  }
}

Issue: #527007 (closed)

Edited by Jean van der Walt

Merge request reports