Implement vulnerability archive export API

Mehmet Emin INACrequested to merge
minac_515500_implement_vulnerability_archive_export into master

What does this MR do and why?

This MR introduces a new set of API endpoints to export the archived vulnerabilities in CSV format.

Testing the API endpoints

Initiate export process
curl -X POST https://gdk.test:3443/api/v4/security/projects/$PROJECT_ID/vulnerability_archive_exports \
     --header "PRIVATE-TOKEN: $GITLAB_ACCESS_TOKEN" \
     --header "Content-Type: application/json" \
     -d '{ "start_date": "01/01/2025", "end_date": "01/03/2025" }'
Check the status of the export
curl https://gdk.test:3443/api/v4/security/vulnerability_archive_exports/$ID \
     --header "PRIVATE-TOKEN: $GITLAB_ACCESS_TOKEN"
Download the export
curl https://gdk.test:3443/api/v4/security/vulnerability_archive_exports/$ID/download \
     --header "PRIVATE-TOKEN: $GITLAB_ACCESS_TOKEN"

Database review

The index introduced in this MR will be utilized by the queries generated by EachBatch.

archive.archived_records.each_batch do |batch|
  ...
end
SELECT
    "vulnerability_archived_records"."id"
FROM
    "vulnerability_archived_records"
WHERE
    "vulnerability_archived_records"."archive_id" = 1
ORDER BY
    "vulnerability_archived_records"."id" ASC
LIMIT 1

Currently, the vulnerability_archived_records table is empty so the execution plan wouldn't give us a good overview, however, checking the query, a compound index on the archive_id, and id columns would for sure be used by PostgreSQL.

Related to [Archive Export] Introduce endpoint to create/r... (#515500 - closed).

Edited by Mehmet Emin INAC

Merge request reports