Commit 851d0c3d authored by Avielle Wolfe's avatar Avielle Wolfe Committed by Stan Hu

Remove feature flag from vulnerability GQL fields

Since the feature flag can't be scoped to a specific project, it's
making it hard to test this feature in production. Removing the flag
will allow us to test the fields and it's been decided that it's okay
for customers to begin consuming the fields.

https://gitlab.com/gitlab-org/gitlab/-/issues/215568
parent e2c99624
...@@ -4001,8 +4001,7 @@ type Group { ...@@ -4001,8 +4001,7 @@ type Group {
visibility: String visibility: String
""" """
Vulnerabilities reported on the projects in the group and its subgroups. Vulnerabilities reported on the projects in the group and its subgroups
Available only when feature flag `first_class_vulnerabilities` is enabled
""" """
vulnerabilities( vulnerabilities(
""" """
...@@ -7237,7 +7236,7 @@ type Project { ...@@ -7237,7 +7236,7 @@ type Project {
visibility: String visibility: String
""" """
Vulnerabilities reported on the project. Available only when feature flag `first_class_vulnerabilities` is enabled Vulnerabilities reported on the project
""" """
vulnerabilities( vulnerabilities(
""" """
...@@ -7282,8 +7281,7 @@ type Project { ...@@ -7282,8 +7281,7 @@ type Project {
): VulnerabilityConnection ): VulnerabilityConnection
""" """
Counts for each severity of vulnerability of the project. Available only when Counts for each severity of vulnerability of the project
feature flag `first_class_vulnerabilities` is enabled
""" """
vulnerabilitySeveritiesCount: VulnerabilitySeveritiesCount vulnerabilitySeveritiesCount: VulnerabilitySeveritiesCount
......
...@@ -11257,7 +11257,7 @@ ...@@ -11257,7 +11257,7 @@
}, },
{ {
"name": "vulnerabilities", "name": "vulnerabilities",
"description": "Vulnerabilities reported on the projects in the group and its subgroups. Available only when feature flag `first_class_vulnerabilities` is enabled", "description": "Vulnerabilities reported on the projects in the group and its subgroups",
"args": [ "args": [
{ {
"name": "projectId", "name": "projectId",
...@@ -21409,7 +21409,7 @@ ...@@ -21409,7 +21409,7 @@
}, },
{ {
"name": "vulnerabilities", "name": "vulnerabilities",
"description": "Vulnerabilities reported on the project. Available only when feature flag `first_class_vulnerabilities` is enabled", "description": "Vulnerabilities reported on the project",
"args": [ "args": [
{ {
"name": "projectId", "name": "projectId",
...@@ -21534,7 +21534,7 @@ ...@@ -21534,7 +21534,7 @@
}, },
{ {
"name": "vulnerabilitySeveritiesCount", "name": "vulnerabilitySeveritiesCount",
"description": "Counts for each severity of vulnerability of the project. Available only when feature flag `first_class_vulnerabilities` is enabled", "description": "Counts for each severity of vulnerability of the project",
"args": [ "args": [
], ],
......
...@@ -1044,7 +1044,7 @@ Information about pagination in a connection. ...@@ -1044,7 +1044,7 @@ Information about pagination in a connection.
| `tagList` | String | List of project topics (not Git tags) | | `tagList` | String | List of project topics (not Git tags) |
| `userPermissions` | ProjectPermissions! | Permissions for the current user on the resource | | `userPermissions` | ProjectPermissions! | Permissions for the current user on the resource |
| `visibility` | String | Visibility of the project | | `visibility` | String | Visibility of the project |
| `vulnerabilitySeveritiesCount` | VulnerabilitySeveritiesCount | Counts for each severity of vulnerability of the project. Available only when feature flag `first_class_vulnerabilities` is enabled | | `vulnerabilitySeveritiesCount` | VulnerabilitySeveritiesCount | Counts for each severity of vulnerability of the project |
| `webUrl` | String | Web URL of the project | | `webUrl` | String | Web URL of the project |
| `wikiEnabled` | Boolean | Indicates if Wikis are enabled for the current user | | `wikiEnabled` | Boolean | Indicates if Wikis are enabled for the current user |
......
...@@ -30,8 +30,7 @@ module EE ...@@ -30,8 +30,7 @@ module EE
::Types::VulnerabilityType.connection_type, ::Types::VulnerabilityType.connection_type,
null: true, null: true,
description: 'Vulnerabilities reported on the projects in the group and its subgroups', description: 'Vulnerabilities reported on the projects in the group and its subgroups',
resolver: Resolvers::VulnerabilitiesResolver, resolver: Resolvers::VulnerabilitiesResolver
feature_flag: :first_class_vulnerabilities
end end
end end
end end
......
...@@ -16,12 +16,10 @@ module EE ...@@ -16,12 +16,10 @@ module EE
::Types::VulnerabilityType.connection_type, ::Types::VulnerabilityType.connection_type,
null: true, null: true,
description: 'Vulnerabilities reported on the project', description: 'Vulnerabilities reported on the project',
resolver: Resolvers::VulnerabilitiesResolver, resolver: Resolvers::VulnerabilitiesResolver
feature_flag: :first_class_vulnerabilities
field :vulnerability_severities_count, ::Types::VulnerabilitySeveritiesCountType, null: true, field :vulnerability_severities_count, ::Types::VulnerabilitySeveritiesCountType, null: true,
description: 'Counts for each severity of vulnerability of the project', description: 'Counts for each severity of vulnerability of the project',
feature_flag: :first_class_vulnerabilities,
resolve: -> (obj, _args, ctx) do resolve: -> (obj, _args, ctx) do
Hash.new(0).merge( Hash.new(0).merge(
obj.vulnerabilities.with_states([:detected, :confirmed]).counts_by_severity obj.vulnerabilities.with_states([:detected, :confirmed]).counts_by_severity
......
---
title: Add vulnerability fields to GraphQL project, group, and global scope
merge_request: 30663
author:
type: added
...@@ -49,37 +49,20 @@ describe GitlabSchema.types['Group'] do ...@@ -49,37 +49,20 @@ describe GitlabSchema.types['Group'] do
end end
before do before do
stub_licensed_features(security_dashboard: true)
group.add_developer(user) group.add_developer(user)
end end
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json } subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do it "returns the vulnerabilities for all projects in the group and its subgroups" do
before do vulnerabilities = subject.dig('data', 'group', 'vulnerabilities', 'nodes')
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'group', 'vulnerabilities')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns the vulnerabilities for all projects in the group and its subgroups" do
vulnerabilities = subject.dig('data', 'group', 'vulnerabilities', 'nodes')
expect(vulnerabilities.count).to be(1) expect(vulnerabilities.count).to be(1)
expect(vulnerabilities.first['title']).to eq('A terrible one!') expect(vulnerabilities.first['title']).to eq('A terrible one!')
expect(vulnerabilities.first['state']).to eq('DETECTED') expect(vulnerabilities.first['state']).to eq('DETECTED')
expect(vulnerabilities.first['severity']).to eq('CRITICAL') expect(vulnerabilities.first['severity']).to eq('CRITICAL')
end
end end
end end
end end
...@@ -8,6 +8,8 @@ describe GitlabSchema.types['Project'] do ...@@ -8,6 +8,8 @@ describe GitlabSchema.types['Project'] do
let_it_be(:vulnerability) { create(:vulnerability, project: project, severity: :high) } let_it_be(:vulnerability) { create(:vulnerability, project: project, severity: :high) }
before do before do
stub_licensed_features(security_dashboard: true)
project.add_developer(user) project.add_developer(user)
end end
...@@ -45,32 +47,13 @@ describe GitlabSchema.types['Project'] do ...@@ -45,32 +47,13 @@ describe GitlabSchema.types['Project'] do
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json } subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do it "returns the project's vulnerabilities" do
before do vulnerabilities = subject.dig('data', 'project', 'vulnerabilities', 'nodes')
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilities')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns the project's vulnerabilities" do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilities', 'nodes')
expect(vulnerabilities.count).to be(1) expect(vulnerabilities.count).to be(1)
expect(vulnerabilities.first['title']).to eq('A terrible one!') expect(vulnerabilities.first['title']).to eq('A terrible one!')
expect(vulnerabilities.first['state']).to eq('DETECTED') expect(vulnerabilities.first['state']).to eq('DETECTED')
expect(vulnerabilities.first['severity']).to eq('CRITICAL') expect(vulnerabilities.first['severity']).to eq('CRITICAL')
end
end end
end end
end end
...@@ -23,33 +23,16 @@ describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do ...@@ -23,33 +23,16 @@ describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
end end
before do before do
stub_licensed_features(security_dashboard: true)
project.add_developer(user) project.add_developer(user)
end end
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json } subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do it "returns counts for each severity of the project's detected or confirmed vulnerabilities" do
before do high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns counts for each severity of the project's detected or confirmed vulnerabilities" do
high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
expect(high_count).to be(2) expect(high_count).to be(2)
end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment