Add vulnerabilityFindingDismiss GraphQL mutation
requested to merge 332066-be-bulk-status-change-for-findings-in-the-pipeline-security-dashboard into master
What does this MR do and why?
Add vulnerabilityFindingDismiss
GraphQL mutation so we can use GraphQL for the entire Pipeline Security widget
Related to #332066 (closed)
How to set up and validate locally
- Fork a repository (such as https://gitlab.com/gitlab-examples/security/security-reports/)
- Run the pipeline
- You can get the Finding ids via
Vulnerabilities::Finding.where(project_id: <your project id>).pluck(:id)
- Invoke the mutation with one of the ids (see below for sample), state should be
DISMISSED
- Go to Project > CI/CD > Pipelines > Your Pipeline > Security Tab and see if it's dismissed, you may need to uncheck
Hide dismissed
in the top right
GraphQL mutation
mutation dismissFinding($input: VulnerabilityFindingDismissInput!) {
vulnerabilityFindingDismiss(input: $input) {
errors
clientMutationId
finding {
state
}
}
}
{
"input": {
"id": "gid://gitlab/Vulnerabilities::Finding/158",
"comment": "some comment here",
"dismissalReason": "USED_IN_TESTS"
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Michał Zając