Help Secure with DB record cleanup 2020 August
Production Change
Change Summary
Per gitlab-org/gitlab#235894 (closed) effort to better dogfood our Security Dashboard in Q3 we want to start with a blank slate. This means we are looking to clear all existing vulnerability records on production within the gitlab-org/security-products/analyzers
namespace. As part of the aforementioned issue we have compiled a script to clear vulnerabilities and the related records.
Change Details
- Services Impacted - Postgresql
- Change Technician - @igorwwwwwwwwwwwwwwwwwwww
- Change Criticality - C3
- Change Type - changescheduled
- Change Reviewer - @igorwwwwwwwwwwwwwwwwwwww
- Due Date - 2020-08-25
- Time tracking - 5 minutes
- Downtime Component - N/A
Detailed steps for the change
Pre-Change Steps - steps to be completed before execution of the change
Estimated Time to Complete (mins) - N/A
-
No pre-change steps needed
Change Steps - steps to take to execute the change
Estimated Time to Complete (mins) - 5 minutes
-
Execution of cleanup script: #2541 (comment 399069462)
Post-Change Steps - steps to take to verify the change
Estimated Time to Complete (mins) - N/A
-
See execution script verifying affected rows are zero'd out
Rollback
Rollback steps - steps to be taken in the event of a need to rollback this change
Estimated Time to Complete (mins) - M/A
-
Rollback cannot be performed without database restoration
Monitoring
Key metrics to observe
- Metric: Metric Name
- Location: Dashboard URL
- What changes to this metric should prompt a rollback: Describe Changes
Summary of infrastructure changes
-
Does this change introduce new compute instances? -
Does this change re-size any existing compute instances? -
Does this change introduce any additional usage of tooling like Elastic Search, CDNs, Cloudflare, etc?
No changes to infrastructure
Changes checklist
-
This issue has a criticality label (e.g. C1, C2, C3, C4) and a change-type label (e.g. changeunscheduled, changescheduled). -
This issue has the change technician as the assignee. -
Pre-Change, Change, Post-Change, and Rollback steps and have been filled out and reviewed. -
Necessary approvals have been completed based on the Change Management Workflow. -
Change has been tested in staging and resultes noted in a comment on this issue. -
A dry-run has been conducted and results noted in a comment on this issue. -
SRE on-call has been informed prior to change being rolled out. (In #production channel, mention @sre-oncall
and this issue.) -
There are currently no active incidents.
Edited by Igor