Protected containers: Show protected badge in group container overview

• Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you can request access to GitLab Duo.

What does this MR do and why?

This MR intends to provide a quick fix for the bug issue Protected containers: Protected badge not visib... (#506539 - closed) where protected container repositories did not display the "protected" badge in the group container registry overview.

The MR also includes tests that reproduce the bug scenario, see !174033 (diffs) .

The fix in this MR adjusts the BatchLoader to also include the project_id and to adjust the db query to allow processing of in one query.

🛠️ with ❤️ at Siemens

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

MR Checklist (@gerardo-navarro)

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the javascript style guides
• Conforms to the database guides

Screenshots or screen recordings

With this MR, the container overview list on group level shows the badge "protected" for all containers that are actually protected.

In the sceanrio shown in the screenshot, there are container protection rules in place for three container repositories, as described in the bug issue.

Before	After

DB queries before this MR

Given the steps to reproduce the bug described here, only one SQL query is executed (without the changes in this MR). But as stated before, this was wrong because only the container protection rules of one project have been considered although the protection rules of all three projects should have been considered.

Click to expand

WITH "container_names_and_types_cte" AS MATERIALIZED (SELECT * FROM unnest(ARRAY['test-space-bug-badge-protected-in-group-view/project-3/protected','test-space-bug-badge-protected-in-group-view/project-3']) AS x(repository_path)) SELECT container_names_and_types_cte."repository_path", EXISTS(SELECT 1 FROM "container_registry_protection_rules" WHERE "container_registry_protection_rules"."project_id" = 57 AND (container_names_and_types_cte."repository_path" ILIKE REPLACE(REPLACE(REPLACE(repository_path_pattern,
                        '%', '\%'),
                '_', '\_'),
        '*', '%')
)) AS protected FROM container_names_and_types_cte

DB queries after this MR

With the changes in this MR, a single SQL query is executed for all container repositories and projects at once, see collapsed section below.

Click to expand

WITH "container_names_and_types_cte" AS MATERIALIZED (SELECT * FROM unnest(ARRAY[56,56,57,57,55,55]::bigint[], ARRAY['test-space-bug-badge-protected-in-group-view/project-2/protected','test-space-bug-badge-protected-in-group-view/project-2','test-space-bug-badge-protected-in-group-view/project-3/protected','test-space-bug-badge-protected-in-group-view/project-3','test-space-bug-badge-protected-in-group-view/project-1','test-space-bug-badge-protected-in-group-view/project-1/protected']::text[]) AS x(project_id, repository_path)) SELECT container_names_and_types_cte."project_id", container_names_and_types_cte."repository_path", EXISTS(SELECT 1 FROM "container_registry_protection_rules" WHERE (container_names_and_types_cte."project_id" = project_id) AND (container_names_and_types_cte."repository_path" ILIKE REPLACE(REPLACE(REPLACE(repository_path_pattern,
                        '%', '\%'),
                '_', '\_'),
        '*', '%')
)) AS protected FROM container_names_and_types_cte

How to set up and validate locally

1. Follow the steps described in the bug issue.
2. Check that the container overview list on group level contains the badge "protected" for all protected containers

Related to #506539 (closed) #467718 (closed) #480385 (closed)