Expose missing security scan types information

Merged Mehmet Emin INAC requested to merge 224170_compare_report_types_with_base_branch into master

What does this MR do?

This MR introduces a new attribute for the response of cached_widget called missing_security_scan_types which will expose the information of missing security scans between the base pipeline and head pipeline based on a feature flag.

Database queries to fetch scan_types for each pipeline(will be called twice);

    INNER JOIN "ci_builds" ON "security_scans"."build_id" = "ci_builds"."id"
    "ci_builds"."type" = 'Ci::Build'
    AND "ci_builds"."commit_id" = 182409746
 Nested Loop  (cost=1.13..391.94 rows=1 width=2) (actual time=0.015..0.015 rows=0 loops=1)
   Buffers: shared hit=5
   ->  Index Scan using index_ci_builds_on_commit_id_and_status_and_type on public.ci_builds  (cost=0.70..129.71 rows=124 width=4) (actual time=0.014..0.014 rows=0 loops=1)
         Index Cond: ((ci_builds.commit_id = 182409746) AND ((ci_builds.type)::text = 'Ci::Build'::text))
         Buffers: shared hit=5
   ->  Index Only Scan using idx_security_scans_on_build_and_scan_type on public.security_scans  (cost=0.43..2.10 rows=1 width=10) (actual time=0.000..0.000 rows=0 loops=0)
         Index Cond: (security_scans.build_id = ci_builds.id)
         Heap Fetches: 0


Related to #224170 (closed)


Does this MR meet the acceptance criteria?


Availability and Testing


If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Mehmet Emin INAC