Skip to content

Add Dependency list to Explore page

mo khan requested to merge mokhax/432264/explore-dependencies into master

What does this MR do and why?

This MR contains a spike implementation of a global dependency list that is available under /explore/dependencies. This initial version of the Dependency list is gated behind a feature flag and only available to instance admins. It requires membership to the default organization and removes features such as exporting, filtering, sorting, grouping, and advanced pagination.

SELECT 
  "sbom_occurrences"."id",
  "sbom_occurrences"."created_at",
  "sbom_occurrences"."updated_at",
  "sbom_occurrences"."component_version_id",
  "sbom_occurrences"."project_id",
  "sbom_occurrences"."pipeline_id",
  "sbom_occurrences"."source_id",
  "sbom_occurrences"."commit_sha",
  "sbom_occurrences"."component_id",
  "sbom_occurrences"."uuid",
  "sbom_occurrences"."package_manager",
  "sbom_occurrences"."component_name",
  "sbom_occurrences"."input_file_path",
  "sbom_occurrences"."licenses",
  "sbom_occurrences"."highest_severity",
  "sbom_occurrences"."vulnerability_count",
  "sbom_occurrences"."source_package_id"
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1 
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 20
OFFSET 0;
Time: 25.281 ms
  - planning: 7.076 ms
  - execution: 18.205 ms
    - I/O read: 17.753 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 82 (~656.00 KiB) from the buffer pool
  - reads: 14 (~112.00 KiB) from the OS file cache, including disk I/O
  - dirtied: 0
  - writes: 0

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/25779/commands/81260

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

image image

How to set up and validate locally

  1. Enable explore_dependencies feature flag. Feature.enable(:explore_dependencies)
  2. Log in as an instance admin.
  3. Ensure membership in the default organization. ::Organizations::OrganizationUser.create_default_organization_record_for(1, user_is_admin: true)
  4. Open http://gdk.test:3000/explore/dependencies
Edited by mo khan

Merge request reports