Replace undefined severity with unknown severity for vulnerabilities
What does this MR do?
We are deprecating undefined value from the severity level and replace with unknown. #198158 (closed)
Application is not using this model yet. Changes will be released under first_class_vulnerabilities feature flag
This Mr updates existing records
Query analysis
select all vulnerabilities with undefined severity
SELECT Count(*)
FROM vulnerabilities
WHERE severity = 0 Aggregate (cost=84278.48..84278.49 rows=1 width=8) (actual time=1455.907..1455.908 rows=1 loops=1)
Buffers: shared read=18412 dirtied=178
I/O Timings: read=1129.839
-> Seq Scan on public.vulnerabilities (cost=0.00..84254.76 rows=9487 width=0) (actual time=4.074..1452.903 rows=9495 loops=1)
Filter: (vulnerabilities.severity = 0)
Rows Removed by Filter: 846121
Buffers: shared read=18412 dirtied=178
I/O Timings: read=1129.839https://explain.depesz.com/s/cHLL
update
UPDATE "vulnerabilities"
SET "severity" = 2
WHERE "vulnerabilities"."severity" = 0
AND "vulnerabilities"."id" BETWEEN 0 AND 1000 ModifyTable on public.vulnerabilities (cost=0.42..257.19 rows=11 width=283) (actual time=144.395..144.395 rows=0 loops=1)
Buffers: shared hit=5615 read=178 dirtied=83
I/O Timings: read=132.802
-> Index Scan using vulnerabilities_pkey on public.vulnerabilities (cost=0.42..257.19 rows=11 width=283) (actual time=13.577..17.956 rows=106 loops=1)
Index Cond: ((vulnerabilities.id >= 0) AND (vulnerabilities.id <= 1000))
Filter: (vulnerabilities.severity = 0)
Rows Removed by Filter: 894
Buffers: shared hit=640 read=77
I/O Timings: read=16.763
https://explain.depesz.com/s/bI8C
Runtime estimates:
- There are 9_487 records to be updated on Gitlab.com
- (9_487 / 1000) = 10 iterations
- each iteration will take approx 144ms
- total execution without interval is 1.44 seconds
- with 2 min interval its 21 minutes
Conformity
Edited by 🤖 GitLab Bot 🤖