Improve performance of vulnerabilityResolve
Why are we doing this work
As identified in a spike (internal link), the vulnerabilityResolve
is the feature_category: vulnerability_management
GraphQL operation with the highest apdex violation count.
We want this endpoint to respond in < 1000ms.
At the moment, it regularly exceeds 8s:
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
deprecate_vulnerabilities_feedback
on
With - Make
Vulnerabilities::ResolveService
accept multiple ids and createVulnerabilities::StateTransition
entries usingbulk_insert
- Make Mutations::Vulnerabilities::Resolve accept multiple GlobalIDs
deprecate_vulnerabilities_feedback
Without - Same as above and...
- Modify
Vulnerabilities::DestroyDismissalFeedbackService
to accept multiple Vulnerability objects - Modify
VulnerabilityFeedback::DestroyService
to accept multiple Vulnerability objects, separate them into those that will need to be reverted todetected
(to retain current functionality of the service object) and those that don't have to. Then delete Feedback records for all of providedVulnerabilties
and executeVulnerabilities::RevertToDetectedService
for Vulnerability objects that need it well.
Verification steps
Edited by Michał Zając