Loading content/handbook/engineering/architecture/design-documents/security_analyzer_configuration_profiles/_index.md +29 −24 Original line number Diff line number Diff line Loading @@ -332,6 +332,20 @@ Example schema: ```mermaid classDiagram class analyzers { id: bigint image: text version: integer type: smallint ... } class rules { id: bigint analyzer_id: bigint ... } class namespaces { id: bigint path: text Loading @@ -352,47 +366,38 @@ classDiagram class security_scan_profiles { id: bigint, namespace_id: bigint, traversal_ids: array, ... } class security_scan_profile_contexts { class security_scan_profile_triggers { id: bigint, context_type: enum, secret_push|secret_pipeline|... trigger_type: enum, secret_push|secret_pipeline|... ... } note for security_scan_profile_exclusions "migration from project_security_exclusions" class security_scan_profile_exclusions { note for security_scan_profile_rule_exclusions "migration from project_security_exclusions" class security_scan_profile_rule_exclusions { id: bigint profile_id: bigint trigger_id: bigint rule_id: bigint } %% These are rule exclusions/modifications %% Store only disablements initially note for security_scan_profile_rule_overrides "migration from project_security_exclusions" class security_scan_profile_rule_overrides { id: bigint profile_id: bigint %% replaceable with an enum once synchronization infrastructure is in place identifier: text context_types: array } class security_scans { id: bigint project_id: bigint scan_type: text trigger_id: bigint rule_id: bigint } projects <-- namespaces : has_many projects --> security_scans : has_many security_scan_profiles --> security_scans : has_many security_scan_profiles --> security_scan_profile_rule_overrides : has_many security_scan_profile_rule_overrides --> security_scan_profile_contexts security_scan_profiles --> security_scan_profile_contexts : has_many security_scan_profiles --> security_scan_profile_exclusions : has_many analyzers --> rules : has_many security_scan_profiles --> security_scan_profile_triggers : has_many security_scan_profile_triggers <--> analyzers: many to many security_scan_profile_triggers --> security_scan_profile_rule_overrides : has_many security_scan_profile_triggers --> security_scan_profile_rule_exclusions : has_many security_scan_profile_rule_overrides --> rules : belongs_to security_scan_profile_rule_exclusions --> rules : belongs_to security_scan_profile_projects <-- projects : has_many security_scan_profile_projects <-- security_scan_profiles : has_many namespaces --> security_scan_profiles : has_many Loading Loading
content/handbook/engineering/architecture/design-documents/security_analyzer_configuration_profiles/_index.md +29 −24 Original line number Diff line number Diff line Loading @@ -332,6 +332,20 @@ Example schema: ```mermaid classDiagram class analyzers { id: bigint image: text version: integer type: smallint ... } class rules { id: bigint analyzer_id: bigint ... } class namespaces { id: bigint path: text Loading @@ -352,47 +366,38 @@ classDiagram class security_scan_profiles { id: bigint, namespace_id: bigint, traversal_ids: array, ... } class security_scan_profile_contexts { class security_scan_profile_triggers { id: bigint, context_type: enum, secret_push|secret_pipeline|... trigger_type: enum, secret_push|secret_pipeline|... ... } note for security_scan_profile_exclusions "migration from project_security_exclusions" class security_scan_profile_exclusions { note for security_scan_profile_rule_exclusions "migration from project_security_exclusions" class security_scan_profile_rule_exclusions { id: bigint profile_id: bigint trigger_id: bigint rule_id: bigint } %% These are rule exclusions/modifications %% Store only disablements initially note for security_scan_profile_rule_overrides "migration from project_security_exclusions" class security_scan_profile_rule_overrides { id: bigint profile_id: bigint %% replaceable with an enum once synchronization infrastructure is in place identifier: text context_types: array } class security_scans { id: bigint project_id: bigint scan_type: text trigger_id: bigint rule_id: bigint } projects <-- namespaces : has_many projects --> security_scans : has_many security_scan_profiles --> security_scans : has_many security_scan_profiles --> security_scan_profile_rule_overrides : has_many security_scan_profile_rule_overrides --> security_scan_profile_contexts security_scan_profiles --> security_scan_profile_contexts : has_many security_scan_profiles --> security_scan_profile_exclusions : has_many analyzers --> rules : has_many security_scan_profiles --> security_scan_profile_triggers : has_many security_scan_profile_triggers <--> analyzers: many to many security_scan_profile_triggers --> security_scan_profile_rule_overrides : has_many security_scan_profile_triggers --> security_scan_profile_rule_exclusions : has_many security_scan_profile_rule_overrides --> rules : belongs_to security_scan_profile_rule_exclusions --> rules : belongs_to security_scan_profile_projects <-- projects : has_many security_scan_profile_projects <-- security_scan_profiles : has_many namespaces --> security_scan_profiles : has_many Loading
