Enrich Vulnerabilities ES index with false positive flag data
What does this MR do and why?
This MR adds false_positive to the Vulnerabilities Elasticsearch reference class.
Vulnerability records are now enhanced with preloaded false_positive information.
References
Screenshots or screen recordings
| Query |
|---|
|
How to set up and validate locally
- Follow the ES installation and indexing instructions first
- In Rails console run
Vulnerabilities::Read.all.each { |v| ::Elastic::ProcessBookkeepingService.track!(Search::Elastic::References::Vulnerability.new(v.vulnerability_id, "group_#{v.project.namespace.root_ancestor.id}")) }- Process the Redis refs into ES, run below command multiple times unless the results show
[0, 0].
Elastic::ProcessBookkeepingService.new.execute
-
For the found vulnerability_id's from the above step verify that ES indexing has reachability field populated.
-
On your terminal the query would be like:
curl -s "http://localhost:9200/gitlab-development-vulnerabilities/_search?pretty" \
-H "Content-Type: application/json" \
-d '{
"query": {
"term": {
"vulnerability_id": {
"value": 1
}
}
},
"_source": [
"vulnerability_id",
"false_positive"
]
}'- And the result would be like
{
"took" : 20,
"timed_out" : false,
"_shards" : {
"total" : 5,
"successful" : 5,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : "gitlab-development-vulnerabilities-20251124-1359",
"_id" : "1",
"_score" : 1.0,
"_routing" : "group_22",
"_source" : {
"vulnerability_id" : 1,
"false_positive" : false
}
}
]
}
}MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Ugo Nnanna Okeadu