Use Elasticsearch to fetch vulnerabilities

Rushik Subbarequested to merge
srushik/use_elasticsearch_to_fetch_vulnerabilities into master

What does this MR do and why?

Use Elasticsearch to fetch vulnerabilities

This MR changes the vulnerabilities resolver to fetch vulnerabilities from elasticsearch. This requires es to be setup and advanced_vulnerability_management FF to be enabled.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

  1. Ensure that ES is setup in local and the vulnerabilities Index is created.
  2. Ensure that local setup is running SASS mode steps here
  3. Enable the FF globally in rails console Feature.enable(:advanced_vulnerability_management)
  4. Go to Security > Vulnerability report and filter by identifier
  5. The results should now be displayed from elasticsearch, test pagination moving through next and previous pages.
  6. Compare results with FF turned off.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Relates to - #532695 (closed) Relates to - #524127 (closed)

Edited by Rushik Subba

Merge request reports