Skip to content

Add violation comment form

Scott Hamptonrequested to merge
541095-add-comment-form into master

What does this MR do and why?

Added a component for a comment form on the compliance violation details page, hidden behind a new feature flag (compliance_violation_comments_ui).

References

Related to #541095

Screenshots or screen recordings

Before After
Screenshot_2025-10-22_at_12.27.49_PM Screenshot_2025-10-22_at_12.27.03_PM

How to set up and validate locally

  1. You need to have a group with Ultimate license.
  2. Required data, you need to have a project compliance violation to view:
    1. You need to have at least one project under the group, atleast one audit event related to the project.
    2. Also, have at least one compliance framework in the group, the framework should have atleast one compliance control.
    3. The framework should be applied to the project.
    4. Now create a compliance violation entry in the database by running following command in the rails console: 
      ComplianceManagement::Projects::ComplianceViolation.create(project_id: <project_id>, namespace_id: <namespace_id>, audit_event_id: <audit_event_id>, compliance_requirements_control_id: <compliance_requirements_control_id>, status: 0, audit_event_table_name: 0)
  3. Navigate to the project that now has the violation, and go to path/to/project/-/security/compliance_violations/<violation-id>
  4. In rails console enable the feature flag 
    Feature.enable(:compliance_violation_comments_ui)
  5. Verify that the form renders on the violation page
  6. Submit a comment
  7. Verify that the note shows up on the violation details page

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports