Skip to content

Store/Update new location fingerprint for container scanning vulnerabilities

Can Eldem requested to merge use-new-fingerprint-store-service into master

What does this MR do?

We are changing how we calculate location fingerprint for CS vulnerabilities. Since we have existing data in DB we need to switch new fingerprint in phases. New way of generating hash is introduced in this MR. !39445 (merged).

This MR updates StoreReportsService temporarily until we ran migrations for update all existing CS vulnerability fingerprints.

Logic as follows;

  • Look container scanning occurrences with v1_fingerprint
  • If found update to new_fingerprint, return object
  • If not found look with new_fingerprint
  • If found, return found object
  • If not found create vulnerability object with fingerprint_v2

Related issue

#215466 (closed)

Does this MR meet the acceptance criteria?

  • StoreReportsService should work exactly same for other report types
  • StoreReportsService should save CS vulnerabilities with new location fingerprint
  • StoreReportsService should update CS vulnerabilities with new location fingerprint

Conformity

Edited by Can Eldem

Merge request reports

Loading