Ingest software licenses into SBOM occurrences
What does this MR do and why?
This change updates the SBOM ingestion to record the software licenses associated with each component. It introduces an additional SQL query when ingesting an SBoM report.
10 components at a time.
SELECT
"pm_packages".*
FROM
"pm_packages"
WHERE ("pm_packages"."purl_type", "pm_packages"."name") IN (
(3, 'actioncable'),
(3, 'actionmailer'),
(3, 'actiontext'),
(3, 'actionview'),
(3, 'activejob'),
(3, 'activemodel'),
(3, 'activerecord'),
(3, 'activestorage'),
(3, 'activesupport'),
(3, 'zeitwerk')
);
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/21712/commands/70508
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by mo khan