Added update mutation for project frameworks
What does this MR do and why?
This MR introduces a new mutation projectUpdateComplianceFrameworks which allows users to add and remove compliance framework labels from a project. The mutation expects an array of compliance framework ids and replaces the existing frameworks associated with the project with these new ones.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Query execution plans
Query 1:
Query for ComplianceManagement::Framework.by_ids.
SELECT "compliance_management_frameworks".*
FROM "compliance_management_frameworks"
WHERE "compliance_management_frameworks"."id" IN ( 36, 37 ) Query 2:
Query for ComplianceManagement::ComplianceFramework::ProjectSettings.by_framework_and_project
SELECT
"project_compliance_framework_settings".*
FROM
"project_compliance_framework_settings"
WHERE
"project_compliance_framework_settings"."project_id" = 58283029
AND "project_compliance_framework_settings"."framework_id" = 1017800
GraphQl mutation
mutation projectUpdateComplianceFrameworks {
projectUpdateComplianceFrameworks(input: {projectId: "gid://gitlab/Project/7",
complianceFrameworkIds: ["gid://gitlab/ComplianceManagement::Framework/10",
"gid://gitlab/ComplianceManagement::Framework/11"]}) {
errors
project {
id
name
}
}
}How to set up and validate locally
- For this you need to have a group with
Ultimatelicense. - Let's say the name of group is
Flightjs. - Add three compliance frameworks to this group by following steps mentioned in https://docs.gitlab.com/ee/user/compliance/compliance_center/compliance_frameworks_report.html#create-a-new-compliance-framework.
- Also create several projects for the group.
- Now visit the project's tab in compliance center for the group at http://gitlab.localdev:3000/groups/flightjs/-/security/compliance_dashboard/projects.
- You will be able to check that the newly created projects do not have any framework assigned to them.
- You can get the ids of compliance frameworks associated with the group by running
group.compliance_management_frameworksin the rails console, the ids will be helpful in mutations, or you can also run following query:
query group {
group(fullPath: "<group-full-path>") {
id
name
complianceFrameworks {
nodes {
id
name
}
}
}
}
- Now, let's add two frameworks to one of the projects by running following mutation in http://gitlab.localdev:3000/-/graphql-explorer.
mutation projectUpdateComplianceFrameworks {
projectUpdateComplianceFrameworks(input: {projectId: "gid://gitlab/Project/<project_id>",
complianceFrameworkIds: ["gid://gitlab/ComplianceManagement::Framework/<framework1_id>",
"gid://gitlab/ComplianceManagement::Framework/<framework2_id>"]}) {
errors
project {
id
name
}
}
}- Make sure above mutation does not return any error and then refresh the projects tab of compliance center for the group.
- You will notice that the frameworks have been added to the project, it will look something like following
- You can also remove any framework by removing the framework from the list of frameworks in the mutation, for example to remove framework with id
framework1_idand to add a new framework with idframework3_id, you can run the mutation as follows:
mutation projectUpdateComplianceFrameworks {
projectUpdateComplianceFrameworks(input: {projectId: "gid://gitlab/Project/<project_id>",
complianceFrameworkIds: ["gid://gitlab/ComplianceManagement::Framework/<framework2_id>",
"gid://gitlab/ComplianceManagement::Framework/<framework3_id>"]}) {
errors
project {
id
name
}
}
}- If you will refresh the compliance center then you will notice that the framework for the project has changed.
Related to #464160 (closed)
Edited by Hitesh Raghuvanshi