Skip to content

MigrateSharedVulnerabilityScannersV2 background migration

Dominic Bauer requested to merge migrate-erroneously-shared-vulnerability-scanners-2 into master

What does this MR do and why?

!89127 (merged) introduced a background migration for #357659 (closed):

Introduces a background migration that fixes vulnerability findings with erroneously associated vulnerability scanners.

Due to a bug, Vulnerabilities::Scanner records were erroneously reused across projects. This causes scanner: null GraphQL responses when querying project vulnerabilities due to lack of read permission.

Specifically, for concerned rows, the vulnerability_occurrences.project_id column mismatches the associated vulnerability_scanners.project_id.

However the migration applies its scope to sub-batches instead of batches. This results in a very long runtime (relevant Slack thread).

Here, a new verison of the migration is introduced, which applies its scope to batches. The difference to the currently running migration is essentially:

+ prepended do
+   scope_to -> (relation) { Finding.to_process.merge(relation) }
+ end

 def perform
   each_sub_batch(
     operation_name: :migrate_shared_vulnerability_scanners,
-    batching_scope: -> (relation) { Finding.to_process.merge(relation) }
  ) do |batch|
   # ...
 end

This MR:

  • updates the original scheduling migration's #up and #down to no-ops
  • updates the original background migration class MigrateSharedVulnerabilityScanners
  • adds a new scheduling migration which in #up first uses delete_batched_background_migration and then queue_batched_background_migration to enqueue the updated background migration again

Migration output

Up

main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: migrating =====
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: migrated (0.0554s)

Down

main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: reverting =====
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: reverted (0.0648s)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Dominic Bauer

Merge request reports