Draft: Feat(security): Add ASCP core analysis tables [MR 1/4]

Meir Benayounrequested to merge
ascp-core-analysis-tables into master

Summary

Add the foundational data layer for ASCP (Application Security Collaboration Platform) with 5 core analysis tables.

This is MR 1 of 4 implementing the ASCP data layer:

  • MR 1 (this): Core Analysis Tables (5 tables)
  • MR 2: Pattern Tables (4 tables)
  • MR 3: Component Tables (4 tables)
  • MR 4: Metadata Tables (2 tables)

Tables Added

Table Purpose
ascp_sinks Security-sensitive code locations
ascp_sink_analyses Analysis results per sink
ascp_sink_analysis_facts Supporting security facts
ascp_sink_analysis_relevant_files Related context files
ascp_sink_analysis_dataflow_locations Dataflow tracking

Files Added (37 files)

  • 5 migrations
  • 5 models under Security::Ascp namespace
  • 2 policies with 4 permission definitions
  • 5 db/docs dictionary files
  • 5 factories and 5 specs
  • Loose FK configuration for all 5 tables

How to Test

  1. Run migrations: bundle exec rails db:migrate
  2. Run specs: bundle exec rspec ee/spec/models/security/ascp/

MR Checklist

  • Migrations follow GitLab conventions
  • Models extend SecApplicationRecord
  • Models under Security::Ascp namespace (valid bounded context)
  • Loose foreign keys configured for project_id
  • Permission definitions created
  • Specs include loose FK cleanup tests
  • All specs pass (pending CI)

Merge request reports