Update project compliance violation status (!195768) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This MR adds a graphql mutation to update the status of an existing project compliance violation.

How to set up and validate locally

You need to have a group with Ultimate license.
You need to have at least one project under the group, atleast one audit event related to the project.
Also, have at least one compliance framework in the group, the framework should have atleast one compliance control.
The framework should be applied to the project.
Now create a compliance violation entry in the database by running following command in the rails console:

   ComplianceManagement::Projects::ComplianceViolation.create(project_id: <project_id>, namespace_id: <namespace_id>, audit_event_id: <audit_event_id>, compliance_requirements_control_id: <compliance_requirements_control_id>, status: 0, audit_event_table_name: 0)

Open graphql explorer and run the following mutation to update the status of the violation:

mutation updateViolationStatus {
  updateProjectComplianceViolation(
    input: {
      id: "gid://gitlab/ComplianceManagement::Projects::ComplianceViolation/<id>",
      status: IN_REVIEW
    }
  ) {
    complianceViolation {
      id
      status
      createdAt
    }
  }
}

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #542343 (closed)

Edited Jun 30, 2025 by Hitesh Raghuvanshi

Update project compliance violation status

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports