Commit 851d0c3d authored by Avielle Wolfe's avatar Avielle Wolfe Committed by Stan Hu

Remove feature flag from vulnerability GQL fields

Since the feature flag can't be scoped to a specific project, it's
making it hard to test this feature in production. Removing the flag
will allow us to test the fields and it's been decided that it's okay
for customers to begin consuming the fields.

https://gitlab.com/gitlab-org/gitlab/-/issues/215568
parent e2c99624
......@@ -4001,8 +4001,7 @@ type Group {
visibility: String
"""
Vulnerabilities reported on the projects in the group and its subgroups.
Available only when feature flag `first_class_vulnerabilities` is enabled
Vulnerabilities reported on the projects in the group and its subgroups
"""
vulnerabilities(
"""
......@@ -7237,7 +7236,7 @@ type Project {
visibility: String
"""
Vulnerabilities reported on the project. Available only when feature flag `first_class_vulnerabilities` is enabled
Vulnerabilities reported on the project
"""
vulnerabilities(
"""
......@@ -7282,8 +7281,7 @@ type Project {
): VulnerabilityConnection
"""
Counts for each severity of vulnerability of the project. Available only when
feature flag `first_class_vulnerabilities` is enabled
Counts for each severity of vulnerability of the project
"""
vulnerabilitySeveritiesCount: VulnerabilitySeveritiesCount
......
......@@ -11257,7 +11257,7 @@
},
{
"name": "vulnerabilities",
"description": "Vulnerabilities reported on the projects in the group and its subgroups. Available only when feature flag `first_class_vulnerabilities` is enabled",
"description": "Vulnerabilities reported on the projects in the group and its subgroups",
"args": [
{
"name": "projectId",
......@@ -21409,7 +21409,7 @@
},
{
"name": "vulnerabilities",
"description": "Vulnerabilities reported on the project. Available only when feature flag `first_class_vulnerabilities` is enabled",
"description": "Vulnerabilities reported on the project",
"args": [
{
"name": "projectId",
......@@ -21534,7 +21534,7 @@
},
{
"name": "vulnerabilitySeveritiesCount",
"description": "Counts for each severity of vulnerability of the project. Available only when feature flag `first_class_vulnerabilities` is enabled",
"description": "Counts for each severity of vulnerability of the project",
"args": [
],
......
......@@ -1044,7 +1044,7 @@ Information about pagination in a connection.
| `tagList` | String | List of project topics (not Git tags) |
| `userPermissions` | ProjectPermissions! | Permissions for the current user on the resource |
| `visibility` | String | Visibility of the project |
| `vulnerabilitySeveritiesCount` | VulnerabilitySeveritiesCount | Counts for each severity of vulnerability of the project. Available only when feature flag `first_class_vulnerabilities` is enabled |
| `vulnerabilitySeveritiesCount` | VulnerabilitySeveritiesCount | Counts for each severity of vulnerability of the project |
| `webUrl` | String | Web URL of the project |
| `wikiEnabled` | Boolean | Indicates if Wikis are enabled for the current user |
......
......@@ -30,8 +30,7 @@ module EE
::Types::VulnerabilityType.connection_type,
null: true,
description: 'Vulnerabilities reported on the projects in the group and its subgroups',
resolver: Resolvers::VulnerabilitiesResolver,
feature_flag: :first_class_vulnerabilities
resolver: Resolvers::VulnerabilitiesResolver
end
end
end
......
......@@ -16,12 +16,10 @@ module EE
::Types::VulnerabilityType.connection_type,
null: true,
description: 'Vulnerabilities reported on the project',
resolver: Resolvers::VulnerabilitiesResolver,
feature_flag: :first_class_vulnerabilities
resolver: Resolvers::VulnerabilitiesResolver
field :vulnerability_severities_count, ::Types::VulnerabilitySeveritiesCountType, null: true,
description: 'Counts for each severity of vulnerability of the project',
feature_flag: :first_class_vulnerabilities,
resolve: -> (obj, _args, ctx) do
Hash.new(0).merge(
obj.vulnerabilities.with_states([:detected, :confirmed]).counts_by_severity
......
---
title: Add vulnerability fields to GraphQL project, group, and global scope
merge_request: 30663
author:
type: added
......@@ -49,29 +49,13 @@ describe GitlabSchema.types['Group'] do
end
before do
stub_licensed_features(security_dashboard: true)
group.add_developer(user)
end
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do
before do
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'group', 'vulnerabilities')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns the vulnerabilities for all projects in the group and its subgroups" do
vulnerabilities = subject.dig('data', 'group', 'vulnerabilities', 'nodes')
......@@ -81,5 +65,4 @@ describe GitlabSchema.types['Group'] do
expect(vulnerabilities.first['severity']).to eq('CRITICAL')
end
end
end
end
......@@ -8,6 +8,8 @@ describe GitlabSchema.types['Project'] do
let_it_be(:vulnerability) { create(:vulnerability, project: project, severity: :high) }
before do
stub_licensed_features(security_dashboard: true)
project.add_developer(user)
end
......@@ -45,24 +47,6 @@ describe GitlabSchema.types['Project'] do
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do
before do
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilities')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns the project's vulnerabilities" do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilities', 'nodes')
......@@ -72,5 +56,4 @@ describe GitlabSchema.types['Project'] do
expect(vulnerabilities.first['severity']).to eq('CRITICAL')
end
end
end
end
......@@ -23,33 +23,16 @@ describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
end
before do
stub_licensed_features(security_dashboard: true)
project.add_developer(user)
end
subject { GitlabSchema.execute(query, context: { current_user: user }).as_json }
context 'when first_class_vulnerabilities is disabled' do
before do
stub_feature_flags(first_class_vulnerabilities: false)
end
it 'is null' do
vulnerabilities = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount')
expect(vulnerabilities).to be_nil
end
end
context 'when first_class_vulnerabilities is enabled' do
before do
stub_feature_flags(first_class_vulnerabilities: true)
stub_licensed_features(security_dashboard: true)
end
it "returns counts for each severity of the project's detected or confirmed vulnerabilities" do
high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
expect(high_count).to be(2)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment