Resolve cross DB issues in ee/lib/analytics/devops_adoption/snapshot_calculator.rb

Summary

The snapshot calculator grabs a set of vulnerability statistics using a subquery dependent on the projects table. This will need to be decomposed into separate queries and will likely come at a performance penalty.

Further details

See https://gitlab.com/gitlab-org/gitlab/-/blob/02b025571341b90fb51757da6f38c545e9dfb521/ee/lib/analytics/devops_adoption/snapshot_calculator.rb#L103-113

      def vulnerability_management_used_count
        subquery = Vulnerability.not_detected
                                .created_in_time_range(from: range_start, to: range_end)
                                .where(Vulnerability.arel_table[:project_id].eq(Project.arel_table[:id])).arel.exists

        snapshot_project_ids.each_slice(1000).sum do |project_ids|
          Project.where(id: project_ids).where(subquery)
          .allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/485660')
          .count
        end
      end

Proposal

For each slice of snapshot_project_ids, select vulnerabilities that reference the project_ids, and count distinct values of project_id.

Edited Nov 06, 2024 by Fabien Catteau