Add table to link Security Policies to Compliance Frameworks (!135291) · Merge requests · GitLab.org / GitLab

Sashi Kumar Kumaresan requested to merge sk/428491-add-db into master Oct 26, 2023

What does this MR do and why?

This MR adds a new table to link Compliance Frameworks with Security policies. The reason we want to store this in DB is that the compliance framework IDs are added in policies which are persisted in the git repository. In order to show the policies linked to a compliance framework (#428493 (closed)) it'll be inefficient to query all the policy project linked to a group or project.

The actual logic that creates entries in this table will be in a follow-up MR.

Migration output

main: == 20231025123238 CreateComplianceFrameworkSecurityPolicies: migrating ========
main: -- create_table(:compliance_framework_security_policies)
main:    -> 0.0061s
main: == 20231025123238 CreateComplianceFrameworkSecurityPolicies: migrated (0.0999s) 


main: == 20231031200433 AddFrameworkFkToComplianceFrameworkSecurityPolicies: migrating 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("ALTER TABLE compliance_framework_security_policies ADD CONSTRAINT fk_b5df066d8f FOREIGN KEY (framework_id) REFERENCES compliance_management_frameworks (id) ON DELETE CASCADE NOT VALID;")
main:    -> 0.0008s
main: -- execute("SET statement_timeout TO 0")
main:    -> 0.0002s
main: -- execute("ALTER TABLE compliance_framework_security_policies VALIDATE CONSTRAINT fk_b5df066d8f;")
main:    -> 0.0011s
main: -- execute("RESET statement_timeout")
main:    -> 0.0002s
main: == 20231031200433 AddFrameworkFkToComplianceFrameworkSecurityPolicies: migrated (0.0266s) 


main: == 20231031200645 AddPolicyConfigurationFkToComplianceFrameworkSecurityPolicies: migrating 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- execute("ALTER TABLE compliance_framework_security_policies ADD CONSTRAINT fk_cf3c0ac207 FOREIGN KEY (policy_configuration_id) REFERENCES security_orchestration_policy_configurations (id) ON DELETE CASCADE NOT VALID;")
main:    -> 0.0010s
main: -- execute("SET statement_timeout TO 0")
main:    -> 0.0003s
main: -- execute("ALTER TABLE compliance_framework_security_policies VALIDATE CONSTRAINT fk_cf3c0ac207;")
main:    -> 0.0010s
main: -- execute("RESET statement_timeout")
main:    -> 0.0006s
main: == 20231031200645 AddPolicyConfigurationFkToComplianceFrameworkSecurityPolicies: migrated (0.0211s)

main: == 20231031200645 AddPolicyConfigurationFkToComplianceFrameworkSecurityPolicies: reverting 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- remove_foreign_key(:compliance_framework_security_policies, {:column=>:policy_configuration_id})
main:    -> 0.1108s
main: == 20231031200645 AddPolicyConfigurationFkToComplianceFrameworkSecurityPolicies: reverted (0.1287s) 

main: == 20231031200433 AddFrameworkFkToComplianceFrameworkSecurityPolicies: reverting 
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- remove_foreign_key(:compliance_framework_security_policies, {:column=>:framework_id})
main:    -> 0.0026s
main: == 20231031200433 AddFrameworkFkToComplianceFrameworkSecurityPolicies: reverted (0.0074s) 

main: == 20231025123238 CreateComplianceFrameworkSecurityPolicies: reverting ========
main: -- drop_table(:compliance_framework_security_policies)
main:    -> 0.0014s
main: == 20231025123238 CreateComplianceFrameworkSecurityPolicies: reverted (0.0061s)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Addresses #428491 (closed)

Edited Oct 31, 2023 by Sashi Kumar Kumaresan

Add table to link Security Policies to Compliance Frameworks

What does this MR do and why?

Migration output

MR acceptance checklist

Merge request reports