Add a service to promote security findings to vulnerability findings
What does this MR do and why?
Describe in detail what your merge request does and why.
This Merge Requests add a new Service to create a Vulnerabilities::Finding
from Security::Finding
as described here.
Related issue: #361948 (closed)
Query Plans
SELECT
"security_findings".*
FROM
"security_findings"
WHERE
"security_findings"."uuid" = '3e3d3f55-cacf-564b-8afc-31fb0125ad15'
ORDER BY
"security_findings"."id" DESC
LIMIT 1
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/10934/commands/39277
A new index will be added for this query in a follow-up MR as discussed here.
SELECT
"security_scans".*
FROM
"security_scans"
WHERE
"security_scans"."id" = 47
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/10714/commands/38649
SELECT
"ci_builds".*
FROM
"ci_builds"
WHERE
"ci_builds"."type" = 'Ci::Build'
AND "ci_builds"."id" = 2625712723
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/10714/commands/38650
SELECT
"ci_job_artifacts"."project_id",
"ci_job_artifacts"."file_type",
"ci_job_artifacts"."size",
"ci_job_artifacts"."created_at",
"ci_job_artifacts"."updated_at",
"ci_job_artifacts"."expire_at",
"ci_job_artifacts"."file",
"ci_job_artifacts"."file_store",
"ci_job_artifacts"."file_sha256",
"ci_job_artifacts"."file_format",
"ci_job_artifacts"."file_location",
"ci_job_artifacts"."id",
"ci_job_artifacts"."job_id",
"ci_job_artifacts"."locked"
FROM
"ci_job_artifacts"
WHERE
"ci_job_artifacts"."job_id" = 2625713871
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/10714/commands/38651
SELECT
"ci_pipelines".*
FROM
"ci_pipelines"
WHERE
"ci_pipelines"."id" = 570320333
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/10714/commands/38652
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.