Add support for user_id, group_id and group_path
What does this MR do and why?
Add support for user_id, group_id and group_path extending how it has been done for vulnerability-check.
Related issue: #342171 (closed)
Example of YAML:
scan_result_policy:
- name: critical vulnerability CS approvals
description: critical severity level only for container scanning
enabled: true
rules:
- type: scan_finding
branches:
- master
scanners:
- container_scanning
vulnerabilities_allowed: 1
severity_levels:
- critical
actions:
- type: require_approval
approvals_required: 1
user_approvers:
- o.lecia.conner
group_approvers:
- gitlab-org
group_approvers_ids:
- 23
user_approvers_ids:
- 11
Database
explain SELECT "namespaces"."id" FROM "namespaces" WHERE "namespaces"."type" = 'Group' AND "namespaces"."visibility_level" IN (0, 10, 20) AND (path = 'gitlab-org/protect/demos' OR id = 11805471)
Session: 7608 Plan with execution:
Bitmap Heap Scan on public.namespaces (cost=4.02..8.60 rows=1 width=4) (actual time=7.780..7.783 rows=1 loops=1)
Filter: (((namespaces.type)::text = 'Group'::text) AND (namespaces.visibility_level = ANY ('{0,10,20}'::integer[])))
Rows Removed by Filter: 0
Buffers: shared read=8
I/O Timings: read=7.646 write=0.000
-> BitmapOr (cost=4.02..4.02 rows=3 width=0) (actual
[...SKIP...]
Full execution plan (The text in the preview above has been cut).
Other artifacts are provided in the thread.
Recommendations:
Summary:
Time: 10.493 ms
- planning: 2.663 ms
- execution: 7.830 ms
- I/O read: 7.646 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 0 from the buffer pool
- reads: 8 (~64.00 KiB) from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
Details and visualization: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/7608/commands/26999.
explain SELECT "users"."id" FROM "users" INNER JOIN "project_authorizations" ON "users"."id" = "project_authorizations"."user_id" WHERE "project_authorizations"."project_id" = 480804 AND (username = 'thiagocsf' OR id = 480804)
Session: 7608 Plan with execution:
Nested Loop (cost=4.46..12.64 rows=1 width=4) (actual time=9.919..9.922 rows=0 loops=1)
Buffers: shared hit=1 read=10
I/O Timings: read=9.764 write=0.000
-> Bitmap Heap Scan on public.users (cost=3.89..6.93 rows=2 width=4) (actual time=3.974..3.978 rows=1 loops=1)
Buffers: shared hit=1 read=6
I/O Timings: read=3.875 write=0.000
-> BitmapOr (c
[...SKIP...]
Full execution plan (The text in the preview above has been cut).
Other artifacts are provided in the thread.
Recommendations:
Summary:
Time: 12.856 ms
- planning: 2.874 ms
- execution: 9.982 ms
- I/O read: 9.764 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 1 (~8.00 KiB) from the buffer pool
- reads: 10 (~80.00 KiB) from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
Details and visualization: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/7608/commands/27000.
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.