Disable reading remdiation records (!89059) · Merge requests · GitLab.org / GitLab

Jonathan Schafer requested to merge 362170-use-raw_metadata-for-remediations into master Jun 01, 2022

What does this MR do and why?

As a safeguard during the remediation migrations, we will change the logic in the Finding model to solely depend on the raw_metadata until we finish all the migrations, as described in !49762 (comment 935454969). This will be done using a feature flag.

tl;dr from the referenced discussion: remediations are a complex beast, and while the data migrations are in process, we want to make sure we're not responding with a remediation that doesn't have an associated file.

Screenshots or screen recordings

N/A

How to set up and validate locally

Generate a vulnerability with a remediation (suggest https://gitlab.com/gitlab-examples/security/security-reports)
Start a rails console, and enter the following:

remediation = Vulnerabilities::Remediation.last
finding = remediation.findings.first
Feature.disable(:enable_vulnerability_remediations_from_records)
remediation.update!(summary: "A new summary")
finding.remediations.first # Should not be "A new summary"
Feature.enable(:enable_vulnerability_remediations_from_records)
finding.remediations.first # Should be "A new summary"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #362170

Edited Jun 06, 2022 by Jonathan Schafer

Disable reading remdiation records

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports