Commit bfdb9d7a authored by Dylan Griffith's avatar Dylan Griffith

Merge branch '338665-vuln-finding-pipelines' into 'master'

Disable `Vulnerabilities::Finding` joins in `Ci::Pipeline`

See merge request gitlab-org/gitlab!70216
parents 629543bd 04456776
---
name: finding_ci_pipeline_disable_joins
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70216
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/338665
milestone: '14.3'
type: development
group: group::threat insights
default_enabled: true
...@@ -19,7 +19,7 @@ module Projects ...@@ -19,7 +19,7 @@ module Projects
feature_category :vulnerability_management feature_category :vulnerability_management
def show def show
pipeline = vulnerability.finding.pipelines.first pipeline = vulnerability.finding.first_finding_pipeline
@pipeline = pipeline if Ability.allowed?(current_user, :read_pipeline, pipeline) @pipeline = pipeline if Ability.allowed?(current_user, :read_pipeline, pipeline)
@gfm_form = true @gfm_form = true
end end
......
...@@ -38,7 +38,7 @@ module Vulnerabilities ...@@ -38,7 +38,7 @@ module Vulnerabilities
has_many :remediations, through: :finding_remediations has_many :remediations, through: :finding_remediations
has_many :finding_pipelines, class_name: 'Vulnerabilities::FindingPipeline', inverse_of: :finding, foreign_key: 'occurrence_id' has_many :finding_pipelines, class_name: 'Vulnerabilities::FindingPipeline', inverse_of: :finding, foreign_key: 'occurrence_id'
has_many :pipelines, through: :finding_pipelines, class_name: 'Ci::Pipeline' has_many :pipelines, through: :finding_pipelines, class_name: 'Ci::Pipeline', disable_joins: -> { ::Feature.enabled?(:finding_ci_pipeline_disable_joins, default_enabled: :yaml) }
has_many :signatures, class_name: 'Vulnerabilities::FindingSignature', inverse_of: :finding has_many :signatures, class_name: 'Vulnerabilities::FindingSignature', inverse_of: :finding
...@@ -105,11 +105,6 @@ module Vulnerabilities ...@@ -105,11 +105,6 @@ module Vulnerabilities
.where("vulnerability_occurrences.location -> 'image' ?| array[:images]", images: images) .where("vulnerability_occurrences.location -> 'image' ?| array[:images]", images: images)
end end
def self.for_pipelines(pipelines)
joins(:finding_pipelines)
.where(vulnerability_occurrence_pipelines: { pipeline_id: pipelines })
end
def self.counted_by_severity def self.counted_by_severity
group(:severity).count.transform_keys do |severity| group(:severity).count.transform_keys do |severity|
severities[severity] severities[severity]
...@@ -368,13 +363,21 @@ module Vulnerabilities ...@@ -368,13 +363,21 @@ module Vulnerabilities
end end
def pipeline_branch def pipeline_branch
pipelines&.last&.sha || project.default_branch last_finding_pipeline&.sha || project.default_branch
end end
def false_positive? def false_positive?
vulnerability_flags.false_positive.any? vulnerability_flags.false_positive.any?
end end
def first_finding_pipeline
finding_pipelines.first&.pipeline
end
def last_finding_pipeline
finding_pipelines.last&.pipeline
end
protected protected
def primary_identifier_fingerprint def primary_identifier_fingerprint
......
...@@ -69,7 +69,7 @@ class VulnerabilityPresenter < Gitlab::View::Presenter::Delegated ...@@ -69,7 +69,7 @@ class VulnerabilityPresenter < Gitlab::View::Presenter::Delegated
end end
def pipeline_branch def pipeline_branch
finding.pipelines&.last&.sha || project.default_branch finding.pipeline_branch
end end
def path_with_line_number(path) def path_with_line_number(path)
......
...@@ -235,8 +235,7 @@ FactoryBot.define do ...@@ -235,8 +235,7 @@ FactoryBot.define do
trait :with_pipeline do trait :with_pipeline do
after(:create) do |finding| after(:create) do |finding|
pipeline = create(:ci_pipeline, project: finding.project) pipeline = create(:ci_pipeline, project: finding.project)
create(:vulnerabilities_finding_pipeline, finding: finding, pipeline: pipeline)
finding.pipelines = [pipeline]
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment