Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c7b00ec0
Commit
c7b00ec0
authored
Jul 31, 2020
by
Saikat Sarkar
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Implement a GraphQL mutation for MR creation flow in SAST config
parent
85825fb1
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
349 additions
and
0 deletions
+349
-0
doc/api/graphql/reference/gitlab_schema.graphql
doc/api/graphql/reference/gitlab_schema.graphql
+41
-0
doc/api/graphql/reference/gitlab_schema.json
doc/api/graphql/reference/gitlab_schema.json
+143
-0
doc/api/graphql/reference/index.md
doc/api/graphql/reference/index.md
+10
-0
ee/app/graphql/ee/types/mutation_type.rb
ee/app/graphql/ee/types/mutation_type.rb
+1
-0
ee/app/graphql/mutations/security/ci_configuration/configure_sast.rb
...hql/mutations/security/ci_configuration/configure_sast.rb
+49
-0
ee/changelogs/unreleased/create_mr_mutation.yml
ee/changelogs/unreleased/create_mr_mutation.yml
+5
-0
ee/spec/graphql/mutations/security/ci_configuration/configure_sast_spec.rb
...utations/security/ci_configuration/configure_sast_spec.rb
+100
-0
No files found.
doc/api/graphql/reference/gitlab_schema.graphql
View file @
c7b00ec0
...
...
@@ -1531,6 +1531,46 @@ type ComplianceFrameworkEdge {
node
:
ComplianceFramework
}
"""
Autogenerated input type of ConfigureSast
"""
input
ConfigureSastInput
{
"""
A
unique
identifier
for
the
client
performing
the
mutation
.
"""
clientMutationId
:
String
"""
Payload
containing
SAST
variable
values
(
https
:
//
docs
.
gitlab
.
com
/
ee
/
user
/
application_security
/
sast
/
#available-variables).
"""
configuration
:
JSON
!
"""
Full
path
of
the
project
.
"""
projectPath
:
ID
!
}
"""
Autogenerated
return
type
of
ConfigureSast
"""
type
ConfigureSastPayload
{
"""
A
unique
identifier
for
the
client
performing
the
mutation
.
"""
clientMutationId
:
String
"""
Errors
encountered
during
execution
of
the
mutation
.
"""
errors
:
[
String
!]!
"""
JSON
containing
the
status
of
MR
creation
.
"""
result
:
JSON
}
"""
A
tag
expiration
policy
designed
to
keep
only
the
images
that
matter
most
"""
...
...
@@ -8776,6 +8816,7 @@ type Mutation {
awardEmojiToggle
(
input
:
AwardEmojiToggleInput
!):
AwardEmojiTogglePayload
boardListUpdateLimitMetrics
(
input
:
BoardListUpdateLimitMetricsInput
!):
BoardListUpdateLimitMetricsPayload
commitCreate
(
input
:
CommitCreateInput
!):
CommitCreatePayload
configureSast
(
input
:
ConfigureSastInput
!):
ConfigureSastPayload
createAlertIssue
(
input
:
CreateAlertIssueInput
!):
CreateAlertIssuePayload
createAnnotation
(
input
:
CreateAnnotationInput
!):
CreateAnnotationPayload
createBranch
(
input
:
CreateBranchInput
!):
CreateBranchPayload
...
...
doc/api/graphql/reference/gitlab_schema.json
View file @
c7b00ec0
...
...
@@ -4153,6 +4153,122 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "INPUT_OBJECT",
"name": "ConfigureSastInput",
"description": "Autogenerated input type of ConfigureSast",
"fields": null,
"inputFields": [
{
"name": "projectPath",
"description": "Full path of the project.",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "ID",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "configuration",
"description": "Payload containing SAST variable values (https://docs.gitlab.com/ee/user/application_security/sast/#available-variables).",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "JSON",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
}
],
"interfaces": null,
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "ConfigureSastPayload",
"description": "Autogenerated return type of ConfigureSast",
"fields": [
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "errors",
"description": "Errors encountered during execution of the mutation.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
}
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "result",
"description": "JSON containing the status of MR creation.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "JSON",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "ContainerExpirationPolicy",
...
...
@@ -24893,6 +25009,33 @@
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "configureSast",
"description": null,
"args": [
{
"name": "input",
"description": null,
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "INPUT_OBJECT",
"name": "ConfigureSastInput",
"ofType": null
}
},
"defaultValue": null
}
],
"type": {
"kind": "OBJECT",
"name": "ConfigureSastPayload",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "createAlertIssue",
"description": null,
doc/api/graphql/reference/index.md
View file @
c7b00ec0
...
...
@@ -264,6 +264,16 @@ Represents a ComplianceFramework associated with a Project
| --- | ---- | ---------- |
|
`name`
| ProjectSettingEnum! | Name of the compliance framework |
## ConfigureSastPayload
Autogenerated return type of ConfigureSast
| Name | Type | Description |
| --- | ---- | ---------- |
|
`clientMutationId`
| String | A unique identifier for the client performing the mutation. |
|
`errors`
| String! => Array | Errors encountered during execution of the mutation. |
|
`result`
| JSON | JSON containing the status of MR creation. |
## ContainerExpirationPolicy
A tag expiration policy designed to keep only the images that matter most
...
...
ee/app/graphql/ee/types/mutation_type.rb
View file @
c7b00ec0
...
...
@@ -26,6 +26,7 @@ module EE
mount_mutation
::
Mutations
::
DastSiteProfiles
::
Create
mount_mutation
::
Mutations
::
DastSiteProfiles
::
Delete
mount_mutation
::
Mutations
::
DastScannerProfiles
::
Create
mount_mutation
::
Mutations
::
Security
::
CiConfiguration
::
ConfigureSast
mount_mutation
::
Mutations
::
Namespaces
::
IncreaseStorageTemporarily
end
end
...
...
ee/app/graphql/mutations/security/ci_configuration/configure_sast.rb
0 → 100644
View file @
c7b00ec0
# frozen_string_literal: true
module
Mutations
module
Security
module
CiConfiguration
class
ConfigureSast
<
BaseMutation
include
ResolvesProject
graphql_name
'ConfigureSast'
argument
:project_path
,
GraphQL
::
ID_TYPE
,
required:
true
,
description:
'Full path of the project.'
argument
:configuration
,
GraphQL
::
Types
::
JSON
,
required:
true
,
description:
'Payload containing SAST variable values (https://docs.gitlab.com/ee/user/application_security/sast/#available-variables).'
field
:result
,
GraphQL
::
Types
::
JSON
,
null:
true
,
description:
'JSON containing the status of MR creation.'
authorize
:push_code
def
resolve
(
project_path
:,
configuration
:)
project
=
authorized_find!
(
full_path:
project_path
)
format_json
(
::
Security
::
CiConfiguration
::
SastCreateService
.
new
(
project
,
current_user
,
configuration
).
execute
)
end
private
def
find_object
(
full_path
:)
resolve_project
(
full_path:
full_path
)
end
def
format_json
(
result
)
{
result:
{
status:
result
[
:status
],
success_path:
result
[
:success_path
],
errors:
result
[
:errors
]
}
}
end
end
end
end
end
ee/changelogs/unreleased/create_mr_mutation.yml
0 → 100644
View file @
c7b00ec0
---
title
:
Implement a GraphQL mutation for MR creation flow in SAST Config
merge_request
:
38406
author
:
type
:
added
ee/spec/graphql/mutations/security/ci_configuration/configure_sast_spec.rb
0 → 100644
View file @
c7b00ec0
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
Mutations
::
Security
::
CiConfiguration
::
ConfigureSast
do
subject
(
:mutation
)
{
described_class
.
new
(
object:
nil
,
context:
context
,
field:
nil
)
}
let_it_be
(
:project
)
{
create
(
:project
,
:public
,
:repository
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:service_result_json
)
do
{
result:
"3ec1b6e9a1f564da65f7c084e2497cf930dfa1c7"
,
status:
"success"
,
success_path:
"http://127.0.0.1:3000/root/demo-historic-secrets/-/merge_requests/new?"
}
end
let_it_be
(
:service_error_result_json
)
do
{
result:
"3ec1b6e9a1f564da65f7c084e2497cf930dfa1c7"
,
status:
"error"
,
errors:
%w(error1 error2)
}
end
let
(
:context
)
do
GraphQL
::
Query
::
Context
.
new
(
query:
OpenStruct
.
new
(
schema:
nil
),
values:
{
current_user:
user
},
object:
nil
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:push_code
)
}
describe
'#resolve'
do
subject
{
mutation
.
resolve
(
project_path:
project
.
full_path
,
configuration:
{})
}
let
(
:result
)
{
subject
[
:result
]
}
it
'raises an error if the resource is not accessible to the user'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
context
'when user does not have enough permissions'
do
before
do
project
.
add_guest
(
user
)
end
it
'raises an error'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when user is a maintainer of a different project'
do
before
do
create
(
:project_empty_repo
).
add_maintainer
(
user
)
end
it
'raises an error'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can create a merge request'
do
before_all
do
project
.
add_developer
(
user
)
end
context
'when service successfully generates a path to create a new merge request'
do
it
'returns a success path'
do
allow_next_instance_of
(
::
Security
::
CiConfiguration
::
SastCreateService
)
do
|
service
|
allow
(
service
).
to
receive
(
:execute
).
and_return
(
service_result_json
)
end
expect
(
result
).
to
match
(
status:
'success'
,
success_path:
service_result_json
[
:success_path
],
errors:
be_nil
)
end
end
context
'when service can not generate any path to create a new merge request'
do
it
'returns an array of errors'
do
allow_next_instance_of
(
::
Security
::
CiConfiguration
::
SastCreateService
)
do
|
service
|
allow
(
service
).
to
receive
(
:execute
).
and_return
(
service_error_result_json
)
end
expect
(
result
).
to
match
(
status:
'error'
,
success_path:
be_nil
,
errors:
match_array
(
service_error_result_json
[
:errors
])
)
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment