Database: Add hasRemediations filter to Vulnerability Report
Issue to track the database implementation work to add has_remediations
filter to VulnerabilityReport.
So that the following CQL is supported see: #358638 (closed)
query {
project(fullPath: "gitlab-org/gitlab") {
vulnerabilities(reportType:DEPENDENCY_SCANNING, hasRemediations:true) {
nodes {
hasRemediations
}
}
}
}
Implementation plan:
-
database MR 1: Add has_remediations
column tovulnerability_reads
table -
database MR 2: Update trigger in database for has_remediations
field-
Use the trigger for other vulnerability fields as an example for this
-
-
database MR 3: Backfill has_remediations
column with background migration and include a model validation forhas_remediations
to be true/false.
Non-functional requirements
-
Performance: Need to see how this would affect the performance of vulnerability_reads
-
Testing: New tests will need to be added -
E2E testing: Make sure e2e: package-and-test is run and govern specs are green
Edited by Bala Kumar