Add resolved_at, dimissed_at to vulnerability ES reference

Bala Kumarrequested to merge
563388-vuln-es-refs-resolved_at-dismissed_at into master

What does this MR do and why?

Add vulnerability resolved_at, dimissed_at to ES reference.

How to set up and validate locally

  1. Ensure Elastic::DataMigrationService[20250822201831].completed? is returning true in Rails console.
  2. If the above step is returning false, complete the migration by running below commands in Rails console.
Elastic::DataMigrationService[20250822201831].migrate

Elastic::MigrationWorker.new.perform

  1. Manually edit a vulnerability with resolved_at and dismissed_at in rails console and verify that the vulnerability fields are synced in ES.

  2. Run below commands to edit a vulnerability and perform sync

vuln_last = Vulnerability.last
time = Time.now
vuln_last.resolved_at = time
vuln_last.dismissed_at = time
vuln_last.save! # this would add a reference to the ES zset queue
puts "#{vuln_last.id}"
# 4334

# wait for 1 min for the cron to sync to ES or run below command to fast track sync
# Elastic::ProcessBookkeepingService.new.execute
  1. Checking the vulnerability ES fields should reflect the updated resolved_at and dimissed_at.
curl -GET "http://localhost:9200/gitlab-development-vulnerabilities/_search" -H "Content-Type: application/json" -d'
{
  "query": {
    "term": {
      "vulnerability_id": {
        "value": 4334
      }
    }
  },
  "_source": [
    "vulnerability_id", "resolved_at", "dismissed_at"
  ]
}'

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #563388 (closed)

Edited by Bala Kumar

Merge request reports