Swap FK vulnerability_feedback.pipeline_id to ci_pipelines for LFK
What does this MR do and why?
Per &7249 (closed)
As part of our CI "decomposition" efforts we need to remove all foreign keys that are cross-database (ie. between the planned main
and ci
databases). We are going to replace them all with "loose foreign keys".
Related: #348272 (closed)
!77640 (merged) previously added the LFK
Validations
- Best team to review (check off when reviewed): groupthreat insights devopssecure
-
No way for user to access once parent is deleted. Please explain: (@minac ?) We are using the pipeline_id
column to show on which pipeline the vulnerability has been dismissed. We are already checking if thepipeline.present?
to render the information and frontend can gracefully handle the response if thepipeline
isnull
so there is no problem. -
Possible to access once parent deleted but low user impact. Please explain: -
Possible Sidekiq workers that may load directly and possibly lead to exceptions. Please explain: -
Possible user impact to be evaluated or mitigated. Please explain: -
Is this FK safe to be removed to avoid LOCKing problems? (Explanation: &7249 (comment 819662046)). Please explain: Yes. We agreed that getting lock on ci_pipelines
is possible
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Kamil Trzciński