Database: Add hasRemediations filter to Vulnerability Report
Issue to track the database implementation work to add has_remediations filter to VulnerabilityReport.
So that the following CQL is supported see: #358638 (closed)
query {
project(fullPath: "gitlab-org/gitlab") {
vulnerabilities(reportType:DEPENDENCY_SCANNING, hasRemediations:true) {
nodes {
hasRemediations
}
}
}
}Implementation plan:
-
database MR 1: Add has_remediationscolumn tovulnerability_readstable -
database MR 2: Update trigger in database for has_remediationsfield-
Use the trigger for other vulnerability fields as an example for this
-
-
database MR 3: Backfill has_remediationscolumn with background migration and include a model validation forhas_remediationsto be true/false.
Non-functional requirements
-
Performance: Need to see how this would affect the performance of vulnerability_reads -
Testing: New tests will need to be added -
E2E testing: Make sure e2e: package-and-test is run and govern specs are green
Edited by Bala Kumar