Add `deprecate_vulnerability_occurrence_pipelines` FF to pipelines
What does this MR do and why?
This MR is part of the epic Delete `vulnerability_occurrence_pipelines` table (&11241)
The EE::Ci::Pipeline
model has a vulnerability_findings
association that currently goes through: :vulnerabilities_finding_pipelines
This association is used to fetch all of the vulnerabilities associated with a pipeline in:
ee/app/services/sbom/ingestion/vulnerabilities.rb#L49-55
ee/lib/gitlab/ci/parsers/security/dependency_list.rb#L35
This MR allows us to be able to toggle between the existing implementation, which goes through: :vulnerabilities_finding_pipelines
, and the new implementation, which will use finding.latest_pipeline_id
and finding.initial_pipeline_id
, with the deprecate_vulnerability_occurrence_pipelines
feature flag
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
resolves #450943 (closed)
Related to #422384 (closed)