Update CreateService::Base to handle tracked context

Harrison Petersrequested to merge
574935-update-vulnerability-manuallycreateservice-to-handle-tracked-context into master

What does this MR do and why?

This MR adds tracked context support to manually created vulnerabilities by updating Vulnerabilities::CreateServiceBase to automatically associate vulnerability findings with the appropriate Security::ProjectTrackedContext .

Vulnerabilities::ManuallyCreateService (API) and Vulnerabilities::StarboardVulnerabilityCreateService (Starboard) both inherit from Vulnerabilities::CreateServiceBase.

Changes

  • Updates Vulnerabilities::CreateServiceBase to accept and handle tracked context parameters
  • Adds new GraphQL arguments projectTrackedContextName and projectTrackedContextType to the vulnerabilityCreate mutation
  • Creates Security::ProjectTrackedContextsFinder to find tracked contexts by name, type, and state
  • Automatically creates a default tracked context if none exists (Falls back to the project's default branch context when no specific context is provided)
  • Set the project_tracked_context_id on associated vulnerability reads

References

Screenshots or screen recordings

Before After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #555972

Edited by Harrison Peters

Merge request reports