Skip to content

Populate `first_pipeline_id` and `latest_pipeline_id` for findings

Context

We want to drop the vulnerability_occurrence_pipelines table. In order to do this, we still need the first and latest pipeline ID stored somewhere to support the existing feature-set

We added columns to to the vulnerability_occurrences table to accomplish this in #422382 (closed)

What does this MR do and why?

This change updates the vulnerability ingestion pipeline to start populating these columns.

It does this by:

  1. Making the initial_pipeline_id column a read-only attribute at the model layer with active record
    • This means we don't need any conditional logic in the task with regards to initial_pipeline_id as AR sets read-only attributes only while creating the records and ignores them from updates
  2. Updates the #to_hash method in Security::Ingestion::FindingMap and Security::VulnerabilityScanning::FindingMap to set these attributes
  3. Also sets these value in the #build_vulnerability_finding method of the concerns/vulnerability_finding_helpers

Related to #422384 (closed)
Resolves #449145 (closed)

Edited by Michael Becker

Merge request reports

Loading