Skip to content

Add severity level to compliance violations table

Robert Hunt requested to merge 351577-add-severity-level-to-compliance-violations-table into master

What does this MR do and why?

This MR adds the severity level to the compliance violations table. The usage of this table is behind the :compliance_violations_graphql_type feature flag. The service which creates the violations will not run unless the flag is enabled.

It also updates the saving process to make sure the severity is stored when MR's are merged.

Output of `db:check-migrations` job 
$ scripts/validate_migration_schema
$ git diff --name-only --diff-filter=A master -- db/migrate db/post_migrate
db/migrate/20220131135725_add_severity_level_to_merge_requests_compliance_violations.rb
$ scripts/db_tasks db:migrate:down VERSION=20220131135725
== 20220131135725 AddSeverityLevelToMergeRequestsComplianceViolations: reverting 
-- remove_column(:merge_requests_compliance_violations, :severity_level, :integer, {:limit=>2, :null=>false, :default=>0})
   -> 0.0015s
== 20220131135725 AddSeverityLevelToMergeRequestsComplianceViolations: reverted (0.0347s) 
$ scripts/db_tasks db:schema:dump
$ git diff master -- db/structure.sql
$ scripts/db_tasks db:migrate
== 20220131135725 AddSeverityLevelToMergeRequestsComplianceViolations: migrating 
-- add_column(:merge_requests_compliance_violations, :severity_level, :integer, {:limit=>2, :null=>false, :default=>0})
   -> 0.0022s
== 20220131135725 AddSeverityLevelToMergeRequestsComplianceViolations: migrated (0.0023s) 
$ scripts/db_tasks db:schema:dump
$ git diff -- db/structure.sql
$ git add -A -n db/schema_migrations

How to set up and validate locally

  1. Enable the feature flag compliance_violations_graphql_type: echo "Feature.enable(:compliance_violations_graphql_type)" | bundle exec rails c
  2. Run the migration: bundle exec rails db:migrate
  3. Go to a projects general settings and make sure Prevent approval by author. is unticked under the Merge request approvals section
  4. Edit a file in the project and create a new merge request
  5. Use the merge requests author to approve the merge request and then merge it
  6. Wait for merging to be completed
  7. Check the merge_request_compliance_violations table to see rows with the correct severity levels on the violations
    • Use a database GUI
    • In your terminal enter gdk psql and then run the following query: SELECT * FROM merge_requests_compliance_violations;

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #351577 (closed)

Edited by Robert Hunt

Merge request reports