Schedule recalculating UUID for all `Vulnerabilities::Finding` records

There are two major reasons for this:

1. We made a mistake in the algorithm when recalculating this for the
first time.
See: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67578

2. The algorithm changed yet again to improve the tracking method
See: https://gitlab.com/gitlab-org/gitlab/-/issues/322044

Changes:

* Update background migration to use signatures

* Make previous reschedule a no-op so customers doing major version
  leaps will not schedule the same job multiple times

* Remove ALL jobs from `background_migration_jobs` table. Succeeded jobs
  should be removed anyway and pending jobs were not finished because we
  had records for which the recalculation yielded identical UUIDv5. The
  reason we had such records was due to mistake outlined in point 1.
  This situation was fixed by
  https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74008

* Schedule `RecalculateVulnerabilitiesOccurrencesUuid` over entire
  `vulnerability_occurrences` table so we can leverage our new algorithm
  and finish the migration path from UUIDv4 to UUIDv5.

Changelog: added

config/feature_flags/development/migrate_vulnerability_finding_uuids.yml

+---
+name: migrate_vulnerability_finding_uuids
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75546
+rollout_issue_url:
+milestone: '14.7'
+type: development
+group: group::threat insights
+default_enabled: true

db/post_migrate/20210426225417_schedule_recalculate_uuid_on_vulnerabilities_occurrences2.rb

 # frozen_string_literal: true
 
 class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 < ActiveRecord::Migration[6.0]
-  include Gitlab::Database::MigrationHelpers
-
-  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
-  DELAY_INTERVAL = 2.minutes.to_i
-  BATCH_SIZE = 2_500
-
-  disable_ddl_transaction!
-
-  class VulnerabilitiesFinding < ActiveRecord::Base
-    include ::EachBatch
-    self.inheritance_column = :_type_disabled
-
-    self.table_name = "vulnerability_occurrences"
-  end
-
   def up
-    # Make sure that RemoveDuplicateVulnerabilitiesFindings has finished running
-    # so that we don't run into duplicate UUID issues
-    Gitlab::BackgroundMigration.steal('RemoveDuplicateVulnerabilitiesFindings')
-
-    say "Scheduling #{MIGRATION} jobs"
-    queue_background_migration_jobs_by_range_at_intervals(
-      VulnerabilitiesFinding,
-      MIGRATION,
-      DELAY_INTERVAL,
-      batch_size: BATCH_SIZE,
-      track_jobs: true
-    )
+    # no-op
+    # superseded by db/post_migrate/20211207125231_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
   end
 
   def down

db/post_migrate/20210813195518_schedule_recalculate_uuid_on_vulnerabilities_occurrences3.rb

 # frozen_string_literal: true
 
 class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences3 < ActiveRecord::Migration[6.0]
-  include Gitlab::Database::MigrationHelpers
-
-  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
-  DELAY_INTERVAL = 2.minutes.to_i
-  BATCH_SIZE = 2_500
-
-  disable_ddl_transaction!
-
   def up
-    # Make sure that RemoveDuplicateVulnerabilitiesFindings has finished running
-    # so that we don't run into duplicate UUID issues
-    Gitlab::BackgroundMigration.steal('RemoveDuplicateVulnerabilitiesFindings')
-
-    say "Scheduling #{MIGRATION} jobs"
-    queue_background_migration_jobs_by_range_at_intervals(
-      define_batchable_model('vulnerability_occurrences'),
-      MIGRATION,
-      DELAY_INTERVAL,
-      batch_size: BATCH_SIZE,
-      track_jobs: true
-    )
+    # no-op
+    # superseded by db/post_migrate/20211207125231_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
   end
 
   def down

db/post_migrate/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb

 # frozen_string_literal: true
 
 class ReschedulePendingJobsForRecalculateVulnerabilitiesOccurrencesUuid < Gitlab::Database::Migration[1.0]
-  MIGRATION = "RecalculateVulnerabilitiesOccurrencesUuid"
-  DELAY_INTERVAL = 2.minutes
-
-  disable_ddl_transaction!
-
   def up
-    delete_queued_jobs(MIGRATION)
-
-    requeue_background_migration_jobs_by_range_at_intervals(MIGRATION, DELAY_INTERVAL)
+    # no-op
+    # no replacement because we will reschedule this for the whole table
   end
 
   def down

db/post_migrate/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb

+# frozen_string_literal: true
+
+class RemoveJobsForRecalculateVulnerabilitiesOccurrencesUuid < Gitlab::Database::Migration[1.0]
+  MIGRATION_NAME = 'RecalculateVulnerabilitiesOccurrencesUuid'
+
+  def up
+    delete_job_tracking(
+      MIGRATION_NAME,
+      status: %w[pending succeeded]
+    )
+  end
+
+  def down
+    # no-op
+  end
+end

db/post_migrate/20211207135331_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb

+# frozen_string_literal: true
+
+class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences4 < Gitlab::Database::Migration[1.0]
+  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
+  DELAY_INTERVAL = 2.minutes.to_i
+  BATCH_SIZE = 2_500
+
+  disable_ddl_transaction!
+
+  def up
+    # Make sure the migration removing Findings with attributes for which UUID would be identical
+    # has finished
+    # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74008
+    Gitlab::BackgroundMigration.steal('RemoveOccurrencePipelinesAndDuplicateVulnerabilitiesFindings')
+
+    queue_background_migration_jobs_by_range_at_intervals(
+      define_batchable_model('vulnerability_occurrences'),
+      MIGRATION,
+      DELAY_INTERVAL,
+      batch_size: BATCH_SIZE,
+      track_jobs: true
+    )
+  end
+
+  def down
+    # no-op
+  end
+end

db/schema_migrations/20211207125331

+5ead867b7609248f702771078849c48c0558f5fe9a3021fbb32e4f9174af653a
\ No newline at end of file

db/schema_migrations/20211207135331

+3d9dcab49ee409da8c1ab398101041092e566b06a7bb2764db49a9201a0e5f0c
\ No newline at end of file

lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid.rb

 # frozen_string_literal: true
 
 # rubocop: disable Style/Documentation
-class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
+class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid # rubocop:disable Metrics/ClassLength
   # rubocop: disable Gitlab/NamespacedClass
   class VulnerabilitiesIdentifier < ActiveRecord::Base
     self.table_name = "vulnerability_identifiers"
@@ -9,10 +9,14 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
   end
 
   class VulnerabilitiesFinding < ActiveRecord::Base
+    include EachBatch
     include ShaAttribute
 
     self.table_name = "vulnerability_occurrences"
+
+    has_many :signatures, foreign_key: 'finding_id', class_name: 'VulnerabilityFindingSignature', inverse_of: :finding
     belongs_to :primary_identifier, class_name: 'VulnerabilitiesIdentifier', inverse_of: :primary_findings, foreign_key: 'primary_identifier_id'
+
     REPORT_TYPES = {
       sast: 0,
       dependency_scanning: 1,
@@ -20,7 +24,9 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
       dast: 3,
       secret_detection: 4,
       coverage_fuzzing: 5,
-      api_fuzzing: 6
+      api_fuzzing: 6,
+      cluster_image_scanning: 7,
+      generic: 99
     }.with_indifferent_access.freeze
     enum report_type: REPORT_TYPES
 
@@ -28,6 +34,25 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
     sha_attribute :location_fingerprint
   end
 
+  class VulnerabilityFindingSignature < ActiveRecord::Base
+    include ShaAttribute
+
+    self.table_name = 'vulnerability_finding_signatures'
+    belongs_to :finding, foreign_key: 'finding_id', inverse_of: :signatures, class_name: 'VulnerabilitiesFinding'
+
+    sha_attribute :signature_sha
+  end
+
+  class VulnerabilitiesFindingPipeline < ActiveRecord::Base
+    include EachBatch
+    self.table_name = "vulnerability_occurrence_pipelines"
+  end
+
+  class Vulnerability < ActiveRecord::Base
+    include EachBatch
+    self.table_name = "vulnerabilities"
+  end
+
   class CalculateFindingUUID
     FINDING_NAMESPACES_IDS = {
       development: "a143e9e2-41b3-47bc-9a19-081d089229f4",
@@ -52,35 +77,122 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
   end
   # rubocop: enable Gitlab/NamespacedClass
 
+  # rubocop: disable Metrics/AbcSize,Metrics/MethodLength,Metrics/BlockLength
   def perform(start_id, end_id)
-    findings = VulnerabilitiesFinding
-      .joins(:primary_identifier)
-      .select(:id, :report_type, :fingerprint, :location_fingerprint, :project_id)
-      .where(id: start_id..end_id)
-
-    mappings = findings.each_with_object({}) do |finding, hash|
-      hash[finding] = { uuid: calculate_uuid_v5_for_finding(finding) }
+    unless Feature.enabled?(:migrate_vulnerability_finding_uuids, default_enabled: true)
+      return log_info('Migration is disabled by the feature flag', start_id: start_id, end_id: end_id)
     end
 
-    ::Gitlab::Database::BulkUpdate.execute(%i[uuid], mappings)
+    log_info('Migration started', start_id: start_id, end_id: end_id)
 
-    logger.info(message: 'RecalculateVulnerabilitiesOccurrencesUuid Migration: recalculation is done for:',
-              finding_ids: mappings.keys.pluck(:id))
+    VulnerabilitiesFinding
+      .joins(:primary_identifier)
+      .includes(:signatures)
+      .select(:id, :report_type, :primary_identifier_id, :fingerprint, :location_fingerprint, :project_id, :created_at, :vulnerability_id, :uuid)
+      .where(id: start_id..end_id)
+      .each_batch(of: 50) do |relation|
+      duplicates = find_duplicates(relation)
+      remove_findings(ids: duplicates) if duplicates.present?
+
+      to_update = relation.reject { |finding| duplicates.include?(finding.id) }
+
+      begin
+        known_uuids = Set.new
+        to_be_deleted = []
+
+        mappings = to_update.each_with_object({}) do |finding, hash|
+          uuid = calculate_uuid_v5_for_finding(finding)
+
+          if known_uuids.add?(uuid)
+            hash[finding] = { uuid: uuid }
+          else
+            to_be_deleted << finding.id
+          end
+        end
+
+        # It is technically still possible to have duplicate uuids
+        # if the data integrity is broken somehow and the primary identifiers of
+        # the findings are pointing to different projects with the same fingerprint values.
+        if to_be_deleted.present?
+          log_info('Conflicting UUIDs found within the batch', finding_ids: to_be_deleted)
+
+          remove_findings(ids: to_be_deleted)
+        end
+
+        ::Gitlab::Database::BulkUpdate.execute(%i[uuid], mappings) if mappings.present?
+
+        log_info('Recalculation is done', finding_ids: mappings.keys.pluck(:id))
+      rescue ActiveRecord::RecordNotUnique => error
+        log_info('RecordNotUnique error received')
+
+        match_data = /\(uuid\)=\((?<uuid>\S{36})\)/.match(error.message)
+
+        # This exception returns the **correct** UUIDv5 which probably comes from a later record
+        # and it's the one we can drop in the easiest way before retrying the UPDATE query
+        if match_data
+          uuid = match_data[:uuid]
+          log_info('Conflicting UUID found', uuid: uuid)
+
+          id = VulnerabilitiesFinding.find_by(uuid: uuid)&.id
+          remove_findings(ids: id) if id
+          retry
+        else
+          log_error('Couldnt find conflicting uuid')
+
+          Gitlab::ErrorTracking.track_and_raise_exception(error)
+        end
+      end
+    end
 
     mark_job_as_succeeded(start_id, end_id)
   rescue StandardError => error
-    Gitlab::ErrorTracking.track_and_raise_for_dev_exception(error)
+    log_error('An exception happened')
+
+    Gitlab::ErrorTracking.track_and_raise_exception(error)
   end
+  # rubocop: disable Metrics/AbcSize,Metrics/MethodLength,Metrics/BlockLength
 
   private
 
+  def find_duplicates(relation)
+    to_exclude = []
+    relation.flat_map do |record|
+      # Assuming we're scanning id 31 and the duplicate is id 40
+      # first we'd process 31 and add 40 to the list of ids to remove
+      # then we would process record 40 and add 31 to the list of removals
+      # so we would drop both records
+      to_exclude << record.id
+
+      VulnerabilitiesFinding.where(
+        report_type: record.report_type,
+        location_fingerprint: record.location_fingerprint,
+        primary_identifier_id: record.primary_identifier_id,
+        project_id: record.project_id
+      ).where.not(id: to_exclude).pluck(:id)
+    end
+  end
+
+  def remove_findings(ids:)
+    ids = Array(ids)
+    log_info('Removing Findings and associated records', ids: ids)
+
+    vulnerability_ids = VulnerabilitiesFinding.where(id: ids).pluck(:vulnerability_id).uniq.compact
+
+    VulnerabilitiesFindingPipeline.where(occurrence_id: ids).each_batch { |batch| batch.delete_all }
+    Vulnerability.where(id: vulnerability_ids).each_batch { |batch| batch.delete_all }
+    VulnerabilitiesFinding.where(id: ids).delete_all
+  end
+
   def calculate_uuid_v5_for_finding(vulnerability_finding)
     return unless vulnerability_finding
 
+    signatures = vulnerability_finding.signatures.sort_by { |signature| signature.algorithm_type_before_type_cast }
+    location_fingerprint = signatures.last&.signature_sha || vulnerability_finding.location_fingerprint
+
     uuid_v5_name_components = {
       report_type: vulnerability_finding.report_type,
       primary_identifier_fingerprint: vulnerability_finding.fingerprint,
-      location_fingerprint: vulnerability_finding.location_fingerprint,
+      location_fingerprint: location_fingerprint,
       project_id: vulnerability_finding.project_id
     }
 
@@ -89,6 +201,14 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
     CalculateFindingUUID.call(name)
   end
 
+  def log_info(message, **extra)
+    logger.info(migrator: 'RecalculateVulnerabilitiesOccurrencesUuid', message: message, **extra)
+  end
+
+  def log_error(message, **extra)
+    logger.error(migrator: 'RecalculateVulnerabilitiesOccurrencesUuid', message: message, **extra)
+  end
+
   def logger
     @logger ||= Gitlab::BackgroundMigration::Logger.build
   end

spec/migrations/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb

-# frozen_string_literal: true
-require 'spec_helper'
-require Rails.root.join('db', 'post_migrate', '20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb')
-
-RSpec.describe ReschedulePendingJobsForRecalculateVulnerabilitiesOccurrencesUuid, :migration do
-  let_it_be(:background_migration_jobs) { table(:background_migration_jobs) }
-
-  context 'when RecalculateVulnerabilitiesOccurrencesUuid jobs are pending' do
-    before do
-      background_migration_jobs.create!(
-        class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
-        arguments: [1, 2, 3],
-        status: Gitlab::Database::BackgroundMigrationJob.statuses['pending']
-      )
-      background_migration_jobs.create!(
-        class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
-        arguments: [4, 5, 6],
-        status: Gitlab::Database::BackgroundMigrationJob.statuses['succeeded']
-      )
-    end
-
-    it 'queues pending jobs' do
-      migrate!
-
-      expect(BackgroundMigrationWorker.jobs.length).to eq(1)
-      expect(BackgroundMigrationWorker.jobs[0]['args']).to eq(['RecalculateVulnerabilitiesOccurrencesUuid', [1, 2, 3]])
-      expect(BackgroundMigrationWorker.jobs[0]['at']).to be_nil
-    end
-  end
-end

spec/migrations/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb

+# frozen_string_literal: true
+require 'spec_helper'
+require_migration!
+
+def create_background_migration_jobs(ids, status, created_at)
+  proper_status = case status
+                  when :pending
+                    Gitlab::Database::BackgroundMigrationJob.statuses['pending']
+                  when :succeeded
+                    Gitlab::Database::BackgroundMigrationJob.statuses['succeeded']
+                  else
+                    raise ArgumentError
+                  end
+
+  background_migration_jobs.create!(
+    class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
+    arguments: Array(ids),
+    status: proper_status,
+    created_at: created_at
+  )
+end
+
+RSpec.describe RemoveJobsForRecalculateVulnerabilitiesOccurrencesUuid, :migration do
+  let_it_be(:background_migration_jobs) { table(:background_migration_jobs) }
+
+  context 'when RecalculateVulnerabilitiesOccurrencesUuid jobs are present' do
+    before do
+      create_background_migration_jobs([1, 2, 3], :succeeded, DateTime.new(2021, 5, 5, 0, 2))
+      create_background_migration_jobs([4, 5, 6], :pending, DateTime.new(2021, 5, 5, 0, 4))
+
+      create_background_migration_jobs([1, 2, 3], :succeeded, DateTime.new(2021, 8, 18, 0, 0))
+      create_background_migration_jobs([4, 5, 6], :pending, DateTime.new(2021, 8, 18, 0, 2))
+      create_background_migration_jobs([7, 8, 9], :pending, DateTime.new(2021, 8, 18, 0, 4))
+    end
+
+    it 'removes all jobs' do
+      expect(background_migration_jobs.count).to eq(5)
+
+      migrate!
+
+      expect(background_migration_jobs.count).to eq(0)
+    end
+  end
+end

spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences2_spec.rb → spec/migrations/20211207135331_schedule_recalculate_uuid_on_vulnerabilities_occurrences4_spec.rb

@@ -3,7 +3,7 @@
 require 'spec_helper'
 require_migration!
 
-RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
+RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences4 do
   let(:namespace) { table(:namespaces).create!(name: 'user', path: 'user') }
   let(:users) { table(:users) }
   let(:user) { create_user! }
@@ -13,6 +13,7 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
   let(:different_scanner) { scanners.create!(project_id: project.id, external_id: 'test 2', name: 'test scanner 2') }
   let(:vulnerabilities) { table(:vulnerabilities) }
   let(:vulnerabilities_findings) { table(:vulnerability_occurrences) }
+  let(:vulnerability_finding_signatures) { table(:vulnerability_finding_signatures) }
   let(:vulnerability_identifiers) { table(:vulnerability_identifiers) }
   let(:vulnerability_identifier) do
     vulnerability_identifiers.create!(
@@ -32,6 +33,17 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
       name: 'Identifier for UUIDv4')
   end
 
+  let!(:uuidv4_finding) do
+    create_finding!(
+      vulnerability_id: vulnerability_for_uuidv4.id,
+      project_id: project.id,
+      scanner_id: different_scanner.id,
+      primary_identifier_id: different_vulnerability_identifier.id,
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('fa18f432f1d56675f4098d318739c3cd5b14eb3e'),
+      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
+    )
+  end
+
   let(:vulnerability_for_uuidv4) do
     create_vulnerability!(
       project_id: project.id,
@@ -39,6 +51,17 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
     )
   end
 
+  let!(:uuidv5_finding) do
+    create_finding!(
+      vulnerability_id: vulnerability_for_uuidv5.id,
+      project_id: project.id,
+      scanner_id: scanner.id,
+      primary_identifier_id: vulnerability_identifier.id,
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('838574be0210968bf6b9f569df9c2576242cbf0a'),
+      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
+    )
+  end
+
   let(:vulnerability_for_uuidv5) do
     create_vulnerability!(
       project_id: project.id,
@@ -46,25 +69,22 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
     )
   end
 
-  let!(:finding1) do
-    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv4.id,
+  let(:vulnerability_for_finding_with_signature) do
+    create_vulnerability!(
       project_id: project.id,
-      scanner_id: different_scanner.id,
-      primary_identifier_id: different_vulnerability_identifier.id,
-      location_fingerprint: 'fa18f432f1d56675f4098d318739c3cd5b14eb3e',
-      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
+      author_id: user.id
     )
   end
 
-  let!(:finding2) do
+  let!(:finding_with_signature) do
     create_finding!(
-      vulnerability_id: vulnerability_for_uuidv5.id,
+      vulnerability_id: vulnerability_for_finding_with_signature.id,
       project_id: project.id,
       scanner_id: scanner.id,
       primary_identifier_id: vulnerability_identifier.id,
-      location_fingerprint: '838574be0210968bf6b9f569df9c2576242cbf0a',
-      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
+      report_type: 0, # "sast"
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('123609eafffffa2207a9ca2425ba4337h34fga1b'),
+      uuid: '252aa474-d689-5d2b-ab42-7bbb5a100c02'
     )
   end
 
@@ -79,9 +99,10 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
   it 'schedules background migrations', :aggregate_failures do
     migrate!
 
-    expect(BackgroundMigrationWorker.jobs.size).to eq(2)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, finding1.id, finding1.id)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, finding2.id, finding2.id)
+    expect(BackgroundMigrationWorker.jobs.size).to eq(3)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, uuidv4_finding.id, uuidv4_finding.id)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, uuidv5_finding.id, uuidv5_finding.id)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(6.minutes, finding_with_signature.id, finding_with_signature.id)
   end
 
   private
@@ -98,14 +119,14 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
   end
 
   def create_finding!(
-    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:)
+    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:, report_type: 0)
     vulnerabilities_findings.create!(
       vulnerability_id: vulnerability_id,
       project_id: project_id,
       name: 'test',
       severity: 7,
       confidence: 7,
-      report_type: 0,
+      report_type: report_type,
       project_fingerprint: '123qweasdzxc',
       scanner_id: scanner_id,
       primary_identifier_id: primary_identifier_id,

spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences3_spec.rb

-# frozen_string_literal: true
-
-require 'spec_helper'
-require_migration!
-
-RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences3 do
-  let(:namespace) { table(:namespaces).create!(name: 'user', path: 'user') }
-  let(:users) { table(:users) }
-  let(:user) { create_user! }
-  let(:project) { table(:projects).create!(id: 123, namespace_id: namespace.id) }
-  let(:scanners) { table(:vulnerability_scanners) }
-  let(:scanner) { scanners.create!(project_id: project.id, external_id: 'test 1', name: 'test scanner 1') }
-  let(:different_scanner) { scanners.create!(project_id: project.id, external_id: 'test 2', name: 'test scanner 2') }
-  let(:vulnerabilities) { table(:vulnerabilities) }
-  let(:vulnerabilities_findings) { table(:vulnerability_occurrences) }
-  let(:vulnerability_identifiers) { table(:vulnerability_identifiers) }
-  let(:vulnerability_identifier) do
-    vulnerability_identifiers.create!(
-      project_id: project.id,
-      external_type: 'uuid-v5',
-      external_id: 'uuid-v5',
-      fingerprint: '7e394d1b1eb461a7406d7b1e08f057a1cf11287a',
-      name: 'Identifier for UUIDv5')
-  end
-
-  let(:different_vulnerability_identifier) do
-    vulnerability_identifiers.create!(
-      project_id: project.id,
-      external_type: 'uuid-v4',
-      external_id: 'uuid-v4',
-      fingerprint: '772da93d34a1ba010bcb5efa9fb6f8e01bafcc89',
-      name: 'Identifier for UUIDv4')
-  end
-
-  let(:vulnerability_for_uuidv4) do
-    create_vulnerability!(
-      project_id: project.id,
-      author_id: user.id
-    )
-  end
-
-  let(:vulnerability_for_uuidv5) do
-    create_vulnerability!(
-      project_id: project.id,
-      author_id: user.id
-    )
-  end
-
-  let!(:finding1) do
-    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv4.id,
-      project_id: project.id,
-      scanner_id: different_scanner.id,
-      primary_identifier_id: different_vulnerability_identifier.id,
-      location_fingerprint: 'fa18f432f1d56675f4098d318739c3cd5b14eb3e',
-      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
-    )
-  end
-
-  let!(:finding2) do
-    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv5.id,
-      project_id: project.id,
-      scanner_id: scanner.id,
-      primary_identifier_id: vulnerability_identifier.id,
-      location_fingerprint: '838574be0210968bf6b9f569df9c2576242cbf0a',
-      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
-    )
-  end
-
-  before do
-    stub_const("#{described_class}::BATCH_SIZE", 1)
-  end
-
-  around do |example|
-    freeze_time { Sidekiq::Testing.fake! { example.run } }
-  end
-
-  it 'schedules background migrations', :aggregate_failures do
-    migrate!
-
-    expect(BackgroundMigrationWorker.jobs.size).to eq(2)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, finding1.id, finding1.id)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, finding2.id, finding2.id)
-  end
-
-  private
-
-  def create_vulnerability!(project_id:, author_id:, title: 'test', severity: 7, confidence: 7, report_type: 0)
-    vulnerabilities.create!(
-      project_id: project_id,
-      author_id: author_id,
-      title: title,
-      severity: severity,
-      confidence: confidence,
-      report_type: report_type
-    )
-  end
-
-  def create_finding!(
-    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:)
-    vulnerabilities_findings.create!(
-      vulnerability_id: vulnerability_id,
-      project_id: project_id,
-      name: 'test',
-      severity: 7,
-      confidence: 7,
-      report_type: 0,
-      project_fingerprint: '123qweasdzxc',
-      scanner_id: scanner_id,
-      primary_identifier_id: primary_identifier_id,
-      location_fingerprint: location_fingerprint,
-      metadata_version: 'test',
-      raw_metadata: 'test',
-      uuid: uuid
-    )
-  end
-
-  def create_user!(name: "Example User", email: "user@example.com", user_type: nil)
-    users.create!(
-      name: name,
-      email: email,
-      username: name,
-      projects_limit: 0
-    )
-  end
-end