Fix bulk insert of vulnerability reads in Rails 7.2
What does this MR do and why?
The Vulnerabilities::Read model has vulnerability_id as the primary
key but it also has an id column.
Rails treats id as a special attribute and reading / writing id
actually writes to the primary key.
We need to remove id from the attributes hash so that the value can be
auto-generated from the sequence.
In Rails 7.1:
Loading development environment (Rails 7.1.5.2)
[1] pry(main)> vr = Vulnerabilities::Read.new(vulnerability_id: 5)
=> #<Vulnerabilities::Read:0x000000034443c280
 id: nil,
 vulnerability_id: 5,
 project_id: nil,
 scanner_id: nil,
 report_type: nil,
 severity: nil,
 state: nil,
 has_issues: false,
 resolved_on_default_branch: false,
 uuid: nil,
 location_image: nil,
 cluster_agent_id: nil,
 casted_cluster_agent_id: nil,
 dismissal_reason: nil,
 has_merge_request: false,
 has_remediations: false,
 owasp_top_10: "undefined",
 traversal_ids: [],
 archived: false,
 identifier_names: [],
 has_vulnerability_resolution: false,
 auto_resolved: false,
 security_project_tracked_context_id: nil,
 vulnerability_occurrence_id: nil>
[2] pry(main)> vr.id
=> 5
[3] pry(main)> vr.read_attribute(:id)
DEPRECATION WARNING: Using read_attribute(:id) to read the primary key value is deprecated. Use #id instead. (called from __pry__ at (pry):3)
=> 5In Rails 7.2:
Loading development environment (Rails 7.2.2.2)
[1] pry(main)> vr = Vulnerabilities::Read.new(vulnerability_id: 5)
=> #<Vulnerabilities::Read:0x0000000337ddc4c8
 id: nil,
 vulnerability_id: 5,
 project_id: nil,
 scanner_id: nil,
 report_type: nil,
 severity: nil,
 state: nil,
 has_issues: false,
 resolved_on_default_branch: false,
 uuid: nil,
 location_image: nil,
 cluster_agent_id: nil,
 casted_cluster_agent_id: nil,
 dismissal_reason: nil,
 has_merge_request: false,
 has_remediations: false,
 owasp_top_10: "undefined",
 traversal_ids: [],
 archived: false,
 identifier_names: [],
 has_vulnerability_resolution: false,
 auto_resolved: false,
 security_project_tracked_context_id: nil,
 vulnerability_occurrence_id: nil>
[2] pry(main)> vr.id
=> 5
[3] pry(main)> vr.read_attribute(:id)
=> nilReferences
How to set up and validate locally
Example Rails 7.2 failure: https://gitlab.com/gitlab-org/gitlab/-/jobs/11768358563
BUNDLE_GEMFILE=Gemfile.next bundle exec rspec ./ee/spec/services/vulnerabilities/reads/upsert_service_spec.rbMR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited  by Heinrich Lee Yu