Database Group Triage for week ending 2025-09-12

About

This issue is used by groupdatabase frameworks to triage issues and make sure they get properly assigned and prioritized. Each week, a bot will look up the old issue, pick the next assignee in the list, and submit a new issue with a list of any issues that may need attention from the team.

Last week's issue

Process

• Review any issues with undefined types
• Post any questions or pressing issues to the database group meeting doc

Bugs needing Severity

For each issue below:

1. For each typebug, spend up to 1 hour investigating or fixing the issue.
2. Assign it one of severity1, severity2, severity3, or severity4
3. Document any findings you make in a comment on the issue, and if the issue still needs additional work or refinement, consider looping in @alexives and @ to help with scheduling and priority.

• "ci_build_tags_100" violates foreign key constraint [...] not present in table "p_ci_builds"
• False positive for enum without DB column
• lock retries possibly not working for transactional migrations
• Incorrect sequence owners on dev instance

Issues with Undefined Type

For each issue below:

1. Assess if the issue is appropriately assigned to groupdatabase frameworks, if not add the correct group label.
2. Add the proper work type label, or if the issue is a request for support, redirect the user to our support resources with the following message:

   Hey @author. Based on the information given, this request for support is out of the scope of the issue tracker (which is for new bug reports and feature proposals). Unfortunately, I won't be able to help get it resolved. However, for support requests we have several resources that you can use to find help and support from the Community, including:
   * [Technical Support for Paid Tiers](https://about.gitlab.com/support/)
   * [Community Forum](https://forum.gitlab.com/)
   * [Reference Documents and Videos](https://about.gitlab.com/get-help/#references)
   
   Please refer to our [Support page](https://about.gitlab.com/support/) for more information.
   
   If you believe this was closed in error, please feel free to re-open the issue.
   
   /label ~"support request"
   /close

3. If the issue needs further investigation, add databasetriage and spend up to 1 hour of investigating the issue.
4. Document any findings you make in a comment on the issue, and if the issue still needs additional work or refinement, consider looping in @alexives and @ to help with scheduling and priority.

• Develop a process to selectively detach a partition
• Feature flags requiring attention for group::database frameworks - 2025-09-01
• Feature flags requiring attention for group::database - 2025-09-01

Recent issues labeled database

For each issue below:

1. If the issue has no group label, consider if it should be addressed by groupdatabase frameworks and if so label it.
2. If the issue has a group, and you think they may need assistance from us:
   • If the issue needs further investigation, add databasetriage and spend up to 1 hour of investigating the issue.
   • Document any findings you make in a comment on the issue, and if the issue still needs additional work or refinement, consider looping in @alexives and/or @

• grouppackage registry Support regex protection rule on UI
• groupperformance enablement Investigate Error Budget degradation on PUT /api/:version/projects/:id/security_settings when updating secret_push_protection_enabled
• groupsecurity infrastructure Drop vulnerability_occurencces.new_uuid
• ~"group::not_owned" Swap names between vulnerability_ocurrences.new_uuid and vulnerability_occurences.uuid
• groupsecurity insights Update vulnerability ingestion process to upsert on the new vulnerabilities.uuid unique index
• groupsecurity insights Update vulnerability ingestion process to upsert on the new vulnerability_occurrences.new_uuid unique index
• groupsecurity infrastructure Create new unique index on vulnerability_occurrences.new_uuid
• ~"group::not_owned" Create new unique index on vulnerabilities.uuid
• ~"group::not_owned" Backfill vulnerabilities.uuid and vulnerability_occurrences.new_uuid
• groupsecurity insights Update vulnerability ingestion to save vulnerability_occurence uuid to the vulnerabilities table
• groupsecurity insights Update vulnerability ingestion to calculate a ref contextual uuid and save to vulnerability_occurences.new_uuid
• groupsecurity infrastructure Add new_uuid to the vulnerability_occurrences table
• groupsecurity insights Add UUID column to vulnerabilities table
• grouppackage registry Deprecate package_name_pattern in GraphQL API endpoints
• grouppackage registry Support new target_field: :version
• grouppackage registry Start using regex and target_field in Packages::Protection::CheckRuleExistenceService
• grouppackage registry Support version protection rule on UI
• grouppackage registry Support new regex and target_field via GraphQL API endpoints
• grouppackage registry Create migration to migrate existing package_name_pattern to regex
• grouppackage registry Start writing to regex column when user create/update

Recent mentions of @gitlab-org/database-team

For each mention below:

1. If the item already has an adequate response, move on to the next
2. If the mention is from someone looking to provide feedback on database review, and nobody has responded yet, set up a coffee chat with them and make a note in the thread that you did. Record feedback in the feedback issue.
3. If you know how to respond to the comment, post a response
4. If you don't know how, redirect with a specific mention to someone who may be able to respond

• @hptrs mentioned triage on Schema Change Request: Sbom_occurrences

Customer Issue Hand-offs

For each issue below:

1. If the item already has a back and forth, check in with the @stomlinson to see if what needs to be handed off
2. Consider if it's right for our team and if not, ask the support rep to follow up with the correct team.
3. If the item is right for our team, spend some time accessing it and trying to assist.
4. If you need help, and the request seems pressing, ask in the team channel if there's someone who can help dig into it.

• Error after running gitlab:db:repair_index~"Help group::Database Frameworks", ~"RFH-Lifecycle::Last comment from Development", severity2
• gitlab_partitions_dynamic.security_findings_1in thegitlabhq_production` is corrupted~"Help group::Database Frameworks", ~"RFH-Lifecycle::Last comment from Development", severity3
• Advice on supported options for tuning/cleanup~"Help group::Database Frameworks", ~"RFH-Lifecycle::Pending Closure", SupportAssigned Support Engineer, severity3
• Request for Help - Traffic not balanced correctly to R/O DB replicas~"Help group::Database Frameworks", ~"RFH-Lifecycle::Last comment from Development", SupportAssigned Support Engineer, severity2
• Request for Help resolving failing db:reindexing~"Help group::Database Frameworks", ~"RFH-Lifecycle::Last comment from Development", SupportAssigned Support Engineer, severity2
• Missing partitioned tables triggers 'No partition of relation "user_audit_events" found' error~"Help group::Database Frameworks", ~"RFH-Lifecycle::Last comment from Support", severity2

Review Top Queries for Changes

There were some new anomalous queries to review on the main database, broken down by metric type:

Metric	# of queries
by_total_time	0
by_time_avg	0

Please find the detailed query report here (Ops access required.)

For each query listed:

1. Spend up to 30 minutes trying to understand its source.
2. If needed, determine the team that owns the query and file an issue with them. A good place to start would be to check the relevant table's owner under db/docs.

For additional context around how these queries were determined to be anomalous as well as historical rankings for known queries, all of the data we have collected lives in a database dump stored in artifacts in the query-stats-reporting repo on ops. Specifically check query-stats.yml for an example of how you can use this dump to locally rehydrate this database on your own Postgres instance and analyze the collected statistics. For this iteration of this report, queries are grouped by fingerprint.

Legacy query analysis

It is not necessary to look at this unless we need to check the new anomalous query report against the top query report on the main database.

Click to expand

For each database:

1. Are there new queries in the top queries (See: K003 Top-15 Queries by total_time) compared to a previous report?
2. If there are new queries, Spend up to 30 minutes trying to understand their sources
3. If there are new queries, file an issue and assign to the team that owns the query, or if unable to source, then the team that owns the table
4. If there are no new queries, review the top 5 queries for each to see if there are already investigations, or file issues to investigate them

• Review recent Primary Checkup for new Top Queries (K003)
• Review recent CI Checkup for new Top Queries (K003)

Review Dashboards on queries with large In-Lists

For both Sidekiq and Rails:

1. If the report is empty, no action is needed
2. For each item on the report:
   1. Determine what feature the query belongs to
   2. Create an issue for the team owning the feature category asking them to limit the maximum number of items in the in query

• Rails
• Sidekiq

Int4 Saturation Review

For issue(s) linked below:

1. Ensure each table referenced in the report has an associated issue with ~"Gitlab.com Resource Saturation" and infradev attached

2. Make sure the issue is assigned to a team.

   • All tables approaching saturation in Capacity warning for patroni: pg_int4_id have an issue assigned to a team.

@alexives if @irina.bronipolsky isn't available this week, please reassign to @jon_jenkins cc @

This is generated by this project.