MigrateSharedVulnerabilityScannersV2 background migration
What does this MR do and why?
!89127 (merged) introduced a background migration for #357659 (closed):
Introduces a background migration that fixes vulnerability findings with erroneously associated vulnerability scanners.
Due to a bug,
Vulnerabilities::Scanner
records were erroneously reused across projects. This causesscanner: null
GraphQL responses when querying project vulnerabilities due to lack of read permission.Specifically, for concerned rows, the
vulnerability_occurrences.project_id
column mismatches the associatedvulnerability_scanners.project_id
.
However the migration applies its scope to sub-batches instead of batches. This results in a very long runtime (relevant Slack thread).
Here, a new verison of the migration is introduced, which applies its scope to batches. The difference to the currently running migration is essentially:
+ prepended do
+ scope_to -> (relation) { Finding.to_process.merge(relation) }
+ end
def perform
each_sub_batch(
operation_name: :migrate_shared_vulnerability_scanners,
- batching_scope: -> (relation) { Finding.to_process.merge(relation) }
) do |batch|
# ...
end
This MR:
- updates the original scheduling migration's
#up
and#down
to no-ops - updates the original background migration class
MigrateSharedVulnerabilityScanners
- adds a new scheduling migration which in
#up
first usesdelete_batched_background_migration
and thenqueue_batched_background_migration
to enqueue the updated background migration again
Migration output
Up
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: migrating =====
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: migrated (0.0554s)
Down
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: reverting =====
main: == 20220919080304 ScheduleMigrateSharedVulnerabilityScannersV2: reverted (0.0648s)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.