Add VulnerabiltyFindingEvidence model

New table `vulnerability_finding_evidences`

Add VulnerabiltyFindingEvidence model
New table `vulnerability_finding_evidences`
befc724f · Jonathan Schafer · Mayra Cabrera · 8d8c1e2e · befc724f · befc724f
Commit befc724f authored Mar 30, 2021 by Jonathan Schafer Committed by Mayra Cabrera Mar 30, 2021
8 changed files
--- a/changelogs/unreleased/239179-new-model-for-finding-evidence.yml
+++ b/changelogs/unreleased/239179-new-model-for-finding-evidence.yml
+---
+title: Add Vulnerabilities::FindingEvidence model
+merge_request: 56790
+author:
+type: changed
--- a/db/migrate/20210326190903_create_vulnerability_finding_evidences.rb
+++ b/db/migrate/20210326190903_create_vulnerability_finding_evidences.rb
+# frozen_string_literal: true
+
+class CreateVulnerabilityFindingEvidences < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    create_table_with_constraints :vulnerability_finding_evidences do |t|
+      t.timestamps_with_timezone null: false
+
+      t.references :vulnerability_occurrence, index: { name: 'finding_evidences_on_vulnerability_occurrence_id' }, null: false, foreign_key: { on_delete: :cascade }
+      t.text :summary
+
+      t.text_limit :summary, 8_000_000
+    end
+  end
+
+  def down
+    with_lock_retries do
+      drop_table :vulnerability_finding_evidences
+    end
+  end
+end
--- a/db/schema_migrations/20210326190903
+++ b/db/schema_migrations/20210326190903
+d6181f8806592106305366f5e8ef508286ed447c1fce0de26f242de736b21809
\ No newline at end of file
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -18531,6 +18531,24 @@ CREATE SEQUENCE vulnerability_feedback_id_seq

 ALTER SEQUENCE vulnerability_feedback_id_seq OWNED BY vulnerability_feedback.id;

+CREATE TABLE vulnerability_finding_evidences (
+    id bigint NOT NULL,
+    created_at timestamp with time zone NOT NULL,
+    updated_at timestamp with time zone NOT NULL,
+    vulnerability_occurrence_id bigint NOT NULL,
+    summary text,
+    CONSTRAINT check_5773b236fb CHECK ((char_length(summary) <= 8000000))
+);
+
+CREATE SEQUENCE vulnerability_finding_evidences_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+ALTER SEQUENCE vulnerability_finding_evidences_id_seq OWNED BY vulnerability_finding_evidences.id;
+
 CREATE TABLE vulnerability_finding_fingerprints (
    id bigint NOT NULL,
    finding_id bigint NOT NULL,
@@ -19816,6 +19834,8 @@ ALTER TABLE ONLY vulnerability_external_issue_links ALTER COLUMN id SET DEFAULT

 ALTER TABLE ONLY vulnerability_feedback ALTER COLUMN id SET DEFAULT nextval('vulnerability_feedback_id_seq'::regclass);

+ALTER TABLE ONLY vulnerability_finding_evidences ALTER COLUMN id SET DEFAULT nextval('vulnerability_finding_evidences_id_seq'::regclass);
+
 ALTER TABLE ONLY vulnerability_finding_fingerprints ALTER COLUMN id SET DEFAULT nextval('vulnerability_finding_fingerprints_id_seq'::regclass);

 ALTER TABLE ONLY vulnerability_finding_links ALTER COLUMN id SET DEFAULT nextval('vulnerability_finding_links_id_seq'::regclass);
@@ -21441,6 +21461,9 @@ ALTER TABLE ONLY vulnerability_external_issue_links
 ALTER TABLE ONLY vulnerability_feedback
    ADD CONSTRAINT vulnerability_feedback_pkey PRIMARY KEY (id);

+ALTER TABLE ONLY vulnerability_finding_evidences
+    ADD CONSTRAINT vulnerability_finding_evidences_pkey PRIMARY KEY (id);
+
 ALTER TABLE ONLY vulnerability_finding_fingerprints
    ADD CONSTRAINT vulnerability_finding_fingerprints_pkey PRIMARY KEY (id);

@@ -21676,6 +21699,8 @@ CREATE UNIQUE INDEX epic_user_mentions_on_epic_id_index ON epic_user_mentions US

 CREATE INDEX expired_artifacts_temp_index ON ci_job_artifacts USING btree (id, created_at) WHERE ((expire_at IS NULL) AND (date(timezone('UTC'::text, created_at)) < '2020-06-22'::date));

+CREATE INDEX finding_evidences_on_vulnerability_occurrence_id ON vulnerability_finding_evidences USING btree (vulnerability_occurrence_id);
+
 CREATE INDEX finding_links_on_vulnerability_occurrence_id ON vulnerability_finding_links USING btree (vulnerability_occurrence_id);

 CREATE INDEX idx_audit_events_on_entity_id_desc_author_id_created_at ON audit_events_archived USING btree (entity_id, entity_type, id DESC, author_id, created_at);
@@ -26597,6 +26622,9 @@ ALTER TABLE ONLY cluster_platforms_kubernetes
 ALTER TABLE ONLY ci_builds_metadata
    ADD CONSTRAINT fk_rails_e20479742e FOREIGN KEY (build_id) REFERENCES ci_builds(id) ON DELETE CASCADE;

+ALTER TABLE ONLY vulnerability_finding_evidences
+    ADD CONSTRAINT fk_rails_e3205a0c65 FOREIGN KEY (vulnerability_occurrence_id) REFERENCES vulnerability_occurrences(id) ON DELETE CASCADE;
+
 ALTER TABLE ONLY vulnerability_occurrence_identifiers
    ADD CONSTRAINT fk_rails_e4ef6d027c FOREIGN KEY (occurrence_id) REFERENCES vulnerability_occurrences(id) ON DELETE CASCADE;

--- a/ee/app/models/vulnerabilities/finding.rb
+++ b/ee/app/models/vulnerabilities/finding.rb
@@ -36,6 +36,8 @@ module Vulnerabilities

    has_many :fingerprints, class_name: 'Vulnerabilities::FindingFingerprint', inverse_of: :finding

+    has_many :finding_evidences, class_name: 'Vulnerabilities::FindingEvidence', inverse_of: :finding, foreign_key: 'vulnerability_occurrence_id'
+
    serialize :config_options, Serializers::JSON # rubocop:disable Cop/ActiveRecordSerialize

    attr_writer :sha

--- a/ee/app/models/vulnerabilities/finding_evidence.rb
+++ b/ee/app/models/vulnerabilities/finding_evidence.rb
+# frozen_string_literal: true
+
+module Vulnerabilities
+  class FindingEvidence < ApplicationRecord
+    self.table_name = 'vulnerability_finding_evidences'
+
+    belongs_to :finding, class_name: 'Vulnerabilities::Finding', inverse_of: :finding_evidences, foreign_key: 'vulnerability_occurrence_id', optional: false
+  end
+end
--- a/ee/spec/models/vulnerabilities/finding_evidence_spec.rb
+++ b/ee/spec/models/vulnerabilities/finding_evidence_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Vulnerabilities::FindingEvidence do
+  it { is_expected.to belong_to(:finding).class_name('Vulnerabilities::Finding').required }
+end
--- a/ee/spec/models/vulnerabilities/finding_spec.rb
+++ b/ee/spec/models/vulnerabilities/finding_spec.rb
@@ -19,6 +19,7 @@ RSpec.describe Vulnerabilities::Finding do
    it { is_expected.to have_many(:finding_links).class_name('Vulnerabilities::FindingLink').with_foreign_key('vulnerability_occurrence_id') }
    it { is_expected.to have_many(:finding_remediations).class_name('Vulnerabilities::FindingRemediation').with_foreign_key('vulnerability_occurrence_id') }
    it { is_expected.to have_many(:remediations).through(:finding_remediations) }
+    it { is_expected.to have_many(:finding_evidences).class_name('Vulnerabilities::FindingEvidence').with_foreign_key('vulnerability_occurrence_id') }
  end

  describe 'validations' do