[go: up one dir, main page]
Skip to content

Show list of related issues

Scott Hamptonrequested to merge
541092-list-related-issues into master

What does this MR do and why?

This is the first iteration for adding related issues to compliance violations.

This iteration only shows the list of the related issues.

The actions remove/add don't have any functionality yet.

References

Related to #541092 (closed)

Screenshots or screen recordings

Before After
Screenshot_2025-07-25_at_11.52.53_AM Screenshot_2025-07-25_at_12.01.46_PM

How to set up and validate locally

  1. You need to have a group with Ultimate license.
  2. Ensure the feature flag is enabled: echo "Feature.enable(:compliance_violations_report)" | gdk rails console
  3. Required data, you can do either of following steps:
    1. You can checkout branch hraghuvanshi-comp-violations-seeder and run command FILTER=compliance_report_data SEED_COMPLIANCE_REPORT_DATA=1 GROUPID=<group_id> bundle exec rake db:seed_fu for filling required data and you can run query.
    2. Create all items manually:

      1. You need to have at least one project under the group, atleast one audit event related to the project.

      2. Also, have at least one compliance framework in the group, the framework should have atleast one compliance control.

      3. The framework should be applied to the project.

      4. Now create a compliance violation entry in the database by running following command in the rails console:

        ComplianceManagement::Projects::ComplianceViolation.create(project_id: <project_id>, namespace_id: <namespace_id>, audit_event_id: <audit_event_id>, compliance_requirements_control_id: <compliance_requirements_control_id>, status: 0, audit_event_table_name: 0)
  4. You will need to manually link an issue via graphql, as the current Add button doesn't do anything.
mutation linkViolationIssue {
  linkProjectComplianceViolationIssue(input: {
    violationId: "<violation-id>",
    issueIid: "<issue-id>",
    projectPath: "<project-path"
  }
  ) {
    violation {
      id
      status
      issues {
        nodes {
          id
          title
        }
      }
    }
    errors
  }
}
  1. Navigate to the project that now has the violation, and go to path/to/project/-/security/compliance_violations/<violation-id>
  2. Validate that the drawer works as expected

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Scott Hampton

Merge request reports