fix: Drop unnecessary unique index on vulnerability_signatures (!127796) · Merge requests · GitLab.org / GitLab

Lucas Charles requested to merge drop-unique-signatures-idx into master Jul 27, 2023

What does this MR do and why?

fix: Drop unnecessary unique index on vulnerability_signatures

Unique index is unneeded and causes violations when vulnerabilities may have multiple signatures.

There is already a unique index on idx_vuln_signatures_uniqueness_signature_sha, so while this fixes the underlying bug a relevant uniqueness constraint continues to remain in place.

Relates to #419737 (closed)

Migration logs

`db:migrate`

ci: == [advisory_lock_connection] object_id: 242000, pg_backend_pid: 64896
main: == [advisory_lock_connection] object_id: 255080, pg_backend_pid: 64899
main: == 20230727203840 DropUniqueIdxOnVulnSignatures: migrating ====================
main: -- transaction_open?()
main:    -> 0.0000s
main: -- view_exists?(:postgres_partitions)
main:    -> 0.0007s
main: -- indexes(:vulnerability_finding_signatures)
main:    -> 0.0071s
main: -- execute("SET statement_timeout TO 0")
main:    -> 0.0003s
main: -- remove_index(:vulnerability_finding_signatures, {:algorithm=>:concurrently, :name=>"idx_vuln_signatures_on_occurrences_id_and_signature_sha"})
main:    -> 0.0095s
main: -- execute("RESET statement_timeout")
main:    -> 0.0005s
main: == 20230727203840 DropUniqueIdxOnVulnSignatures: migrated (0.0363s) ===========

main: == [advisory_lock_connection] object_id: 255080, pg_backend_pid: 64899
ci: == [advisory_lock_connection] object_id: 268720, pg_backend_pid: 64901
ci: == 20230727203840 DropUniqueIdxOnVulnSignatures: migrating ====================
ci: -- transaction_open?()
ci:    -> 0.0000s
ci: -- view_exists?(:postgres_partitions)
ci:    -> 0.0008s
ci: -- indexes(:vulnerability_finding_signatures)
ci:    -> 0.0059s
ci: -- execute("SET statement_timeout TO 0")
ci:    -> 0.0003s
ci: -- remove_index(:vulnerability_finding_signatures, {:algorithm=>:concurrently, :name=>"idx_vuln_signatures_on_occurrences_id_and_signature_sha"})
ci:    -> 0.0043s
ci: -- execute("RESET statement_timeout")
ci:    -> 0.0008s
ci: == 20230727203840 DropUniqueIdxOnVulnSignatures: migrated (0.0395s) ===========

ci: == [advisory_lock_connection] object_id: 268720, pg_backend_pid: 64901
~/code/gl/gdk/gitlab drop-unique-signatures-idx* 18s

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jul 27, 2023 by Lucas Charles