Make AdvisoryScanner upsert Vulnerabilities::Scanner
What does this MR do and why?
Upsert Vulnerabilities::Scanner models when doing
Continuous Vulnerability Scanning (CVS) scans
in order to avoid a race condition where
multiple scan jobs create the exact same
scanner model, making the uniqueness check fail.
This should fix GlobalAdvisoryScanWorker: Validation failed: Ex... (#433342 - closed).
Further details
CVS is implemented in the GlobalAdvisoryScanWorker worker,
and relies on the AdvisoryScanner
to create vulnerabilities in a large number of Ultimate projects (>10k on gitlab.com).
AdvisoryScanner relies on
VulnerabilityScanning::SecurityScanner,
to upsert Vulnerabilities::Scanner models with the expected attributes for CVS.
Multiple GlobalAdvisoryScanWorker jobs might run at the same time,
and they might attempt to create the exact same Vulnerabilities::Scanner.
This lead to GlobalAdvisoryScanWorker: Validation failed: Ex... (#433342 - closed).
VulnerabilityScanning::SecurityScanner doesn't have specs but it's tested when testing AdvisoryScanner.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #433342 (closed)