Skip to content

Add info column into security_scans table

Mehmet Emin INAC requested to merge 321917_introduce_info_column_for_the_security_scans_table into master

What does this MR do?

This MR introduces a new column for the security_scans table called info. The column will store the error & debug information to inform the users about the issues that happened during the report ingestion process. We've decided to use a JSONB column to store this information as the schema can change in the near future. We are also not introducing any index for this column as it will only be read-only.

Database Review

rake db:migrate

== 20210308125742 AddInfoColumnIntoSecurityScansTable: migrating ==============
-- add_column(:security_scans, :info, :jsonb, {:null=>false, :default=>{}})
   -> 0.0032s
== 20210308125742 AddInfoColumnIntoSecurityScansTable: migrated (0.0033s) =====

rake db:rollback

== 20210308125742 AddInfoColumnIntoSecurityScansTable: reverting ==============
-- remove_column(:security_scans, :info, :jsonb, {:null=>false, :default=>{}})
   -> 0.0028s
== 20210308125742 AddInfoColumnIntoSecurityScansTable: reverted (0.0046s) =====

Related to #321917 (closed).

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Mehmet Emin INAC

Merge request reports