Add sync worker for advisories
What does this MR do and why?
Adds worker for importing advisory package metadata.
Notable changes:
- Worker
- Renames existing sync worker to licenses
- Adds worker for advisories similar to above
- Extract stop signal into its own class and allow sync service to instantiate it
-
ExclusiveLease
passed to sync service
- Sync Service
- Add
advisories
support - Instantiate stop signal in class method
- Better logging of sync position
- Invoke self-describing
#to_s
onBaseDataFile
andSyncConfig
- Invoke self-describing
- Call stubbed advisory ingestion service (being added in Ingest advisory and affected package data to DB (!123149 - merged))
- Add
- Sync Config
- Check whether old offline path is available for licenses
- Feature flag to control ingestio
Changelog: added
How to set up and validate locally
See here.
Or:
bundle exec rails console
ENV['PM_SYNC_IN_DEV'] = 'true'
-
::License.feature_available?(:dependency_scanning)
should evaluate to true -
PackageMetadata::AdvisoriesSyncWorker.new.perform
should generate calls togcp
bucket and error out withNoMethodError
fromAdvisoryIngestionService
since it is being added in !123149 (merged)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #370780 (closed)
Edited by Igor Frenkel