Secure `[analyzer]_scans` metrics report on all CI jobs
What does this MR do?
[analyzer]_scans
service ping metrics are sent for every CI job that contains a scan, not just for those that are part of successful non-retried jobs. This is an attempt to reduce the load on the database.
Resolves issue #336170 (closed).
Impact to the database
Query
A query like the following will be made for each scan type (of which there are nine).
SELECT
count("security_scans"."build_id")
FROM
"security_scans"
WHERE
"security_scans"."scan_type" = 1
AND "security_scans"."created_at" BETWEEN '2021-07-11 06:48:30.475125' AND '2021-08-08 06:48:30.475324'
AND "security_scans"."build_id" >= 1491032526
AND "security_scans"."build_id" < 1491132526
This is an expected improvement on the previous query as it doesn't have to join with the ci_builds
table and filter by the latest successful build.
The new query searches using the index on scan_type
. This query is run against scan_type
1
(SAST), which accounts for the vast majority of Security Scans.
The explain plan generated from #database_lab
can be found at the following location https://explain.depesz.com/s/q0rE.
Does this MR meet the acceptance criteria?
Conformity
-
I have included changelog trailers, or none are needed. (Does this MR need a changelog?) -
I have added/updated documentation, or it's not needed. (Is documentation required?) -
I have properly separated EE content from FOSS, or this MR is FOSS only. (Where should EE code go?) -
I have added information for database reviewers in the MR description, or it's not needed. (Does this MR have database related changes?) -
I have self-reviewed this MR per code review guidelines. -
This MR does not harm performance, or I have asked a reviewer to help assess the performance impact. (Merge request performance guidelines) -
I have followed the style guides. -
This change is backwards compatible across updates, or this does not apply.
Availability and Testing
-
I have added/updated tests following the Testing Guide, or it's not needed. (Consider all test levels. See the Test Planning Process.) -
I have tested this MR in all supported browsers, or it's not needed. -
I have informed the Infrastructure department of a default or new setting change per definition of done, or it's not needed.
Edited by Cameron Swords