Skip to content

Extend GraphQL query for protected environments

Shinya Maeda requested to merge graphql-for-protected-environments into master

What does this MR do and why?

This MR extends GraphQL query for fetching associated protected environments of multiple environments. This is important functionality to tell Deployment Index page if they need to render deployment approval models (See #367410 (closed) for more information). Specifically, the following changes are included:

  • We add a new field protectedEnvironments under environments.
  • Backend loads the protected environments in batch with ProtectedEnvironmentPreloader.
  • DeployAccessLevel has a bug that access_level is always present regardless of the auth type. In this MR, the model returns nil if it's not role type auth. This way, users won't be confused that which auth type is actually active in the system e.g. accessLevel or group.
  • Fixing a bug in the spec that creating duplicates deploy access level records.

Related #371951 (closed)

Query example

{
  project(fullPath: "dosuken-org/deployment-approval-test") {
    environment(name: "production") {
      id
      protectedEnvironments {
        nodes {
          name
          project {
            name
          }
          group {
            name
          }
          deployAccessLevels {
            nodes {
              group {
                name
              }
              user {
                name
              }
              accessLevel {
                stringValue
              }
            }
          }
          approvalRules {
            nodes {
              requiredApprovals
              group {
                name
              }
              user {
                name
              }
              accessLevel {
                stringValue
              }
            }
          }
        }
      }
    }
  }
}

Response

{
  "data": {
    "project": {
      "environment": {
        "id": "gid://gitlab/Environment/72",
        "protectedEnvironments": {
          "nodes": [
            {
              "name": "production",
              "project": null,
              "group": {
                "name": "dosuken-org"
              },
              "deployAccessLevels": {
                "nodes": [
                  {
                    "group": {
                      "name": "operator-group"
                    },
                    "user": null,
                    "accessLevel": null
                  }
                ]
              },
              "approvalRules": {
                "nodes": [
                  {
                    "requiredApprovals": 1,
                    "group": {
                      "name": "qa-group"
                    },
                    "user": null,
                    "accessLevel": null
                  }
                ]
              }
            }
          ]
        }
      }
    }
  }
}

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Shinya Maeda

Merge request reports