Add filter by component names for
What does this MR do and why?
Describe in detail what your merge request does and why.
Add filter by component names for dependencies.
EE: true Changelog: changed
Related issue: #409368 (closed)
Query plan
Link to the single filter query plan
Link to the multiple filter query plan
SELECT
"sbom_occurrences".*
FROM
"sbom_occurrences"
INNER JOIN "sbom_components" ON "sbom_components"."id" = "sbom_occurrences"."component_id"
WHERE
"sbom_occurrences"."project_id" = 278964
AND "sbom_components"."name" IN ('git', 'rack')
ORDER BY
"sbom_occurrences"."id" ASC
LIMIT
100 OFFSET 0
New index
CREATE INDEX index_sbom_occurrences_on_project_id_component_id ON sbom_occurrences USING btree (project_id, component_id);
migrate/rollback
$ bundle exec rails db:migrate:down:main VERSION=20230511132140
main: == [advisory_lock_connection] object_id: 275320, pg_backend_pid: 52990
main: == 20230511132140 CreateComponentIdIndex: reverting ===========================
main: -- transaction_open?()
main: -> 0.0000s
main: -- view_exists?(:postgres_partitions)
main: -> 0.0817s
main: -- indexes(:sbom_sources)
main: -> 0.0027s
main: -- current_schema()
main: -> 0.0002s
main: == 20230511132140 CreateComponentIdIndex: reverted (0.0924s) ==================
main: == [advisory_lock_connection] object_id: 275320, pg_backend_pid: 52990
$ bundle exec rails db:migrate VERSION=20230511132140
main: == [advisory_lock_connection] object_id: 275560, pg_backend_pid: 53395
main: == 20230511132140 CreateComponentIdIndex: migrating ===========================
main: -- indexes(:sbom_occurrences)
main: -> 0.0895s
main: == 20230511132140 CreateComponentIdIndex: migrated (0.0929s) ==================
main: == [advisory_lock_connection] object_id: 275560, pg_backend_pid: 53395
ci: == [advisory_lock_connection] object_id: 275740, pg_backend_pid: 53397
ci: == [advisory_lock_connection] object_id: 275740, pg_backend_pid: 53397
How to set up and validate locally
- Create a project with the following content:
-
.gitlab-ci.yml
:
include:
- template: Security/Dependency-Scanning.gitlab-ci.yml
-
Gemfile.lock
: with this content
- Through graphql explorer (
http://<YOUR_LOCAL_HOST>/-/graphql-explorer
) use the following graphql query:
query {
project(fullPath: <PROJECT_FULL_PATH>){
dependencies(componentNames:["actioncable", "RedCloth"]){
nodes{
name
location {
blobPath
path
}
}
}
}
}
Expected Response:
{
"data": {
"project": {
"dependencies": {
"nodes": [
{
"name": "RedCloth",
"location": {
"blobPath": "/top-level-group/subgroup-test/bottom-project-test/-/blob/0125c367eaf1bcb52ebbfbe09ecf2d1bdb5ceb3b/Gemfile.lock",
"path": "Gemfile.lock"
}
},
{
"name": "actioncable",
"location": {
"blobPath": "/top-level-group/subgroup-test/bottom-project-test/-/blob/0125c367eaf1bcb52ebbfbe09ecf2d1bdb5ceb3b/Gemfile.lock",
"path": "Gemfile.lock"
}
}
]
}
}
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Zamir Martins