Create scan_result_policy_violations model and database table

Background

violation_data JSONB stores individual violation items (finding UUIDs, license+component pairs, commit SHAs) in nested arrays. This makes pagination impossible, dismissal checks expensive, and finding lookups require JSONB digging. The new normalized table stores one row per violation item.

Proposal

1. New AR model (ee/app/models/security/scan_result_policy_violation_detail.rb):

# frozen_string_literal: true

module Security
  class ScanResultPolicyViolationDetail < ApplicationRecord
    self.table_name = 'scan_result_policy_violation_details'

    belongs_to :violation,
      class_name: 'Security::ScanResultPolicyViolation',
      foreign_key: :scan_result_policy_violation_id,
      inverse_of: :violation_details

    enum violation_type: { scan_finding: 0, license_scanning: 1, any_merge_request: 2 }
    enum finding_state:  { newly_detected: 0, previously_existing: 1 }

    validates :violation_type, presence: true
    validates :project_id, presence: true
  end
end

2. Association on parent model (ee/app/models/security/scan_result_policy_violation.rb)**

3: Create scan_result_policy_violation_details

Acceptance criteria

  • Migration in db/migrate/ creates the table with all columns, constraints, and indexes listed above
  • db/structure.sql updated
  • bin/rails db:migrate runs cleanly
Edited by 🤖 GitLab Bot 🤖