Migrate dismissed data from dismissal feedback to Vulnerabilities
What does this MR do?
This MR migrates dismissed feedback, specifically dismissed_by_id
and dismissed_at
fields from vulnerability occurrences to Vulnerabilities, as described in #217600 (closed). This is a follow-on MR from !32147 (merged). This will require an additional MR to remove the change made in !32147 (merged), ensuring the migration has completed before removing that code.
1. Find all projects that have dimissed vulnerabilities records
https://gitlab.slack.com/archives/CLJMDRD8C/p1590599053294500 (GitLab internal)
Time: 9.320 s
- planning: 0.115 ms
- execution: 9.320 s
- I/O read: 8.521 s
- I/O write: 0.000 ms
Shared buffers:
- hits: 91925 (~718.20 MiB) from the buffer pool
- reads: 8524 (~66.60 MiB) from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
https://explain.dalibo.com/plan/Ra
EXPLAIN
SELECT “vulnerabilities”.“project_id”
FROM “vulnerabilities”
GROUP BY “vulnerabilities”.“project_id”
ORDER BY “vulnerabilities”.“project_id”
2. Migrate dismissal data from dismissal feedback
https://gitlab.slack.com/archives/CLJMDRD8C/p1590521400104500 (Gitlab Internal)
Time: 5.431 ms
- planning: 1.122 ms
- execution: 4.309 ms
- I/O read: 4.014 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 0 from the buffer pool
- reads: 3 (~24.00 KiB) from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
https://explain.dalibo.com/plan/2GS
EXPLAIN
UPDATE vulnerabilities AS v
SET dismissed_by_id = vf.author_id, dismissed_at = vf.created_at
FROM vulnerability_occurrences AS vo, vulnerability_feedback AS vf
WHERE vo.vulnerability_id = v.id
AND v.state = 2
AND vo.project_id = vf.project_id
AND ENCODE(vo.project_fingerprint, ‘HEX’) = vf.project_fingerprint
AND vo.project_id = 1
AND vo.report_type = vf.category
AND vf.feedback_type = 0;
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Jonathan Schafer