Add validation to Default Branch Image when parsing CS vulnerability
What does this MR do and why?
This MR adds validation of value of the image for the default branch. This value is used to deduplicate findings. With this MR we will start validating if the value provided by the analyzer (that should carry the value from CS_DEFAULT_BRANCH_IMAGE
variable) is valid (if there is at least one vulnerability with given location_image
in the database).
Queries
SELECT
1 AS one
FROM
"vulnerability_reads"
WHERE
"vulnerability_reads"."project_id" = 24673064
AND "vulnerability_reads"."report_type" = 2
AND "vulnerability_reads"."location_image" = 'registry.gitlab.com / gitlab - org / security - products / analyzers / container - scanning / tmp / grype :59eb479934ca3bde2e62d48b75817f3d9e44294f'
LIMIT
1
Time: 15.521 ms
- planning: 1.850 ms
- execution: 13.671 ms
- I/O read: 13.560 ms
- I/O write: 0.000 ms
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/11173/commands/39966
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #339320 (closed)
Edited by Alan (Maciej) Paruszewski