Fix vulnerability statistics calculation query
What does this MR do and why?
As we have introduced a change to create vulnerabilities with present_on_default_branch
as FALSE, the previous query was counting
the vulnerabilities that do not exist on the default branch as well.
With this change, we will start querying the vulnerability_reads
table which contains only the vulnerabilities that exist on the default branch.
Related to Project with no vulnerabilities receiving an F ... (#416111 - closed).
Database change
In this MR we are changing an existing query, therefore, I wanted to get database review.
Here is the new query
SELECT
severity_counts.*,
(
CASE WHEN severity_counts.critical > 0 THEN
4
WHEN severity_counts.high > 0
OR severity_counts.unknown > 0 THEN
3
WHEN severity_counts.medium > 0 THEN
2
WHEN severity_counts.low > 0 THEN
1
ELSE
0
END) AS letter_grade,
now() AS created_at,
now() AS updated_at
FROM (
SELECT
vulnerability_reads.project_id AS project_id,
COUNT(*) AS total,
COUNT(*) FILTER (WHERE severity = 1) AS info,
COUNT(*) FILTER (WHERE severity = 2) AS unknown,
COUNT(*) FILTER (WHERE severity = 4) AS low,
COUNT(*) FILTER (WHERE severity = 5) AS medium,
COUNT(*) FILTER (WHERE severity = 6) AS high,
COUNT(*) FILTER (WHERE severity = 7) AS critical
FROM
vulnerability_reads
WHERE
vulnerability_reads.project_id IN (278964, 13083)
AND state IN (1, 4)
GROUP BY
vulnerability_reads.project_id) AS severity_counts
Execution plan: https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/22842/commands/73707
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.