Merge branch...

Merge branch '341195-reschedule-pending-recalculatevulnerabilitiesoccurrencesuuid-jobs' into 'master' Recalculate UUID for all Vulnerability::Finding records, attempt 2 See merge request gitlab-org/gitlab!75546

Merge branch...
Merge branch '341195-reschedule-pending-recalculatevulnerabilitiesoccurrencesuuid-jobs' into 'master' Recalculate UUID for all Vulnerability::Finding records, attempt 2 See merge request gitlab-org/gitlab!75546
810088dc · Patrick Bair · f33ecf53 · 88326bac · 810088dc · 810088dc
Commit 810088dc authored Jan 06, 2022 by Patrick Bair
14 changed files
--- a/config/feature_flags/development/migrate_vulnerability_finding_uuids.yml
+++ b/config/feature_flags/development/migrate_vulnerability_finding_uuids.yml
+---
+name: migrate_vulnerability_finding_uuids
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75546
+rollout_issue_url:
+milestone: '14.7'
+type: development
+group: group::threat insights
+default_enabled: true
--- a/db/post_migrate/20210426225417_schedule_recalculate_uuid_on_vulnerabilities_occurrences2.rb
+++ b/db/post_migrate/20210426225417_schedule_recalculate_uuid_on_vulnerabilities_occurrences2.rb
 # frozen_string_literal: true
 class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 < ActiveRecord::Migration[6.0]
-  include Gitlab::Database::MigrationHelpers
-  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
-  DELAY_INTERVAL = 2.minutes.to_i
-  BATCH_SIZE = 2_500
-  disable_ddl_transaction!
-  class VulnerabilitiesFinding < ActiveRecord::Base
-    include ::EachBatch
-    self.inheritance_column = :_type_disabled
-    self.table_name = "vulnerability_occurrences"
-  end
  def up
-    # Make sure that RemoveDuplicateVulnerabilitiesFindings has finished running
+    # no-op
-    # so that we don't run into duplicate UUID issues
+    # superseded by db/post_migrate/20211207125231_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
-    Gitlab::BackgroundMigration.steal('RemoveDuplicateVulnerabilitiesFindings')
-    say "Scheduling #{MIGRATION} jobs"
-    queue_background_migration_jobs_by_range_at_intervals(
-      VulnerabilitiesFinding,
-      MIGRATION,
-      DELAY_INTERVAL,
-      batch_size: BATCH_SIZE,
-      track_jobs: true
-    )
  end
  def down

--- a/db/post_migrate/20210813195518_schedule_recalculate_uuid_on_vulnerabilities_occurrences3.rb
+++ b/db/post_migrate/20210813195518_schedule_recalculate_uuid_on_vulnerabilities_occurrences3.rb
 # frozen_string_literal: true
 class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences3 < ActiveRecord::Migration[6.0]
-  include Gitlab::Database::MigrationHelpers
-  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
-  DELAY_INTERVAL = 2.minutes.to_i
-  BATCH_SIZE = 2_500
-  disable_ddl_transaction!
  def up
-    # Make sure that RemoveDuplicateVulnerabilitiesFindings has finished running
+    # no-op
-    # so that we don't run into duplicate UUID issues
+    # superseded by db/post_migrate/20211207125231_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
-    Gitlab::BackgroundMigration.steal('RemoveDuplicateVulnerabilitiesFindings')
-    say "Scheduling #{MIGRATION} jobs"
-    queue_background_migration_jobs_by_range_at_intervals(
-      define_batchable_model('vulnerability_occurrences'),
-      MIGRATION,
-      DELAY_INTERVAL,
-      batch_size: BATCH_SIZE,
-      track_jobs: true
-    )
  end
  def down

--- a/db/post_migrate/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb
+++ b/db/post_migrate/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb
 # frozen_string_literal: true
 class ReschedulePendingJobsForRecalculateVulnerabilitiesOccurrencesUuid < Gitlab::Database::Migration[1.0]
-  MIGRATION = "RecalculateVulnerabilitiesOccurrencesUuid"
-  DELAY_INTERVAL = 2.minutes
-  disable_ddl_transaction!
  def up
-    delete_queued_jobs(MIGRATION)
+    # no-op
+    # no replacement because we will reschedule this for the whole table
-    requeue_background_migration_jobs_by_range_at_intervals(MIGRATION, DELAY_INTERVAL)
  end
  def down

--- a/db/post_migrate/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb
+++ b/db/post_migrate/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb
+# frozen_string_literal: true
+class RemoveJobsForRecalculateVulnerabilitiesOccurrencesUuid < Gitlab::Database::Migration[1.0]
+  MIGRATION_NAME = 'RecalculateVulnerabilitiesOccurrencesUuid'
+  def up
+    delete_job_tracking(
+      MIGRATION_NAME,
+      status: %w[pending succeeded]
+    )
+  end
+  def down
+    # no-op
+  end
+end
--- a/db/post_migrate/20211207135331_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
+++ b/db/post_migrate/20211207135331_schedule_recalculate_uuid_on_vulnerabilities_occurrences4.rb
+# frozen_string_literal: true
+class ScheduleRecalculateUuidOnVulnerabilitiesOccurrences4 < Gitlab::Database::Migration[1.0]
+  MIGRATION = 'RecalculateVulnerabilitiesOccurrencesUuid'
+  DELAY_INTERVAL = 2.minutes.to_i
+  BATCH_SIZE = 2_500
+  disable_ddl_transaction!
+  def up
+    # Make sure the migration removing Findings with attributes for which UUID would be identical
+    # has finished
+    # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74008
+    Gitlab::BackgroundMigration.steal('RemoveOccurrencePipelinesAndDuplicateVulnerabilitiesFindings')
+    queue_background_migration_jobs_by_range_at_intervals(
+      define_batchable_model('vulnerability_occurrences'),
+      MIGRATION,
+      DELAY_INTERVAL,
+      batch_size: BATCH_SIZE,
+      track_jobs: true
+    )
+  end
+  def down
+    # no-op
+  end
+end
--- a/db/schema_migrations/20211207125331
+++ b/db/schema_migrations/20211207125331
+5ead867b7609248f702771078849c48c0558f5fe9a3021fbb32e4f9174af653a
\ No newline at end of file
--- a/db/schema_migrations/20211207135331
+++ b/db/schema_migrations/20211207135331
+3d9dcab49ee409da8c1ab398101041092e566b06a7bb2764db49a9201a0e5f0c
\ No newline at end of file
--- a/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid.rb
+++ b/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid.rb
 # frozen_string_literal: true
 # rubocop: disable Style/Documentation
-class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
+class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid # rubocop:disable Metrics/ClassLength
  # rubocop: disable Gitlab/NamespacedClass
  class VulnerabilitiesIdentifier < ActiveRecord::Base
    self.table_name = "vulnerability_identifiers"
@@ -9,10 +9,14 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
  end
  class VulnerabilitiesFinding < ActiveRecord::Base
+    include EachBatch
    include ShaAttribute
    self.table_name = "vulnerability_occurrences"
+    has_many :signatures, foreign_key: 'finding_id', class_name: 'VulnerabilityFindingSignature', inverse_of: :finding
    belongs_to :primary_identifier, class_name: 'VulnerabilitiesIdentifier', inverse_of: :primary_findings, foreign_key: 'primary_identifier_id'
    REPORT_TYPES = {
      sast: 0,
      dependency_scanning: 1,
@@ -20,7 +24,9 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
      dast: 3,
      secret_detection: 4,
      coverage_fuzzing: 5,
-      api_fuzzing: 6
+      api_fuzzing: 6,
+      cluster_image_scanning: 7,
+      generic: 99
    }.with_indifferent_access.freeze
    enum report_type: REPORT_TYPES
@@ -28,6 +34,25 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
    sha_attribute :location_fingerprint
  end
+  class VulnerabilityFindingSignature < ActiveRecord::Base
+    include ShaAttribute
+    self.table_name = 'vulnerability_finding_signatures'
+    belongs_to :finding, foreign_key: 'finding_id', inverse_of: :signatures, class_name: 'VulnerabilitiesFinding'
+    sha_attribute :signature_sha
+  end
+  class VulnerabilitiesFindingPipeline < ActiveRecord::Base
+    include EachBatch
+    self.table_name = "vulnerability_occurrence_pipelines"
+  end
+  class Vulnerability < ActiveRecord::Base
+    include EachBatch
+    self.table_name = "vulnerabilities"
+  end
  class CalculateFindingUUID
    FINDING_NAMESPACES_IDS = {
      development: "a143e9e2-41b3-47bc-9a19-081d089229f4",
@@ -52,35 +77,122 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
  end
  # rubocop: enable Gitlab/NamespacedClass
+  # rubocop: disable Metrics/AbcSize,Metrics/MethodLength,Metrics/BlockLength
  def perform(start_id, end_id)
-    findings = VulnerabilitiesFinding
+    unless Feature.enabled?(:migrate_vulnerability_finding_uuids, default_enabled: true)
-      .joins(:primary_identifier)
+      return log_info('Migration is disabled by the feature flag', start_id: start_id, end_id: end_id)
-      .select(:id, :report_type, :fingerprint, :location_fingerprint, :project_id)
-      .where(id: start_id..end_id)
-    mappings = findings.each_with_object({}) do |finding, hash|
-      hash[finding] = { uuid: calculate_uuid_v5_for_finding(finding) }
    end
-    ::Gitlab::Database::BulkUpdate.execute(%i[uuid], mappings)
+    log_info('Migration started', start_id: start_id, end_id: end_id)
-    logger.info(message: 'RecalculateVulnerabilitiesOccurrencesUuid Migration: recalculation is done for:',
+    VulnerabilitiesFinding
-              finding_ids: mappings.keys.pluck(:id))
+      .joins(:primary_identifier)
+      .includes(:signatures)
+      .select(:id, :report_type, :primary_identifier_id, :fingerprint, :location_fingerprint, :project_id, :created_at, :vulnerability_id, :uuid)
+      .where(id: start_id..end_id)
+      .each_batch(of: 50) do |relation|
+      duplicates = find_duplicates(relation)
+      remove_findings(ids: duplicates) if duplicates.present?
+      to_update = relation.reject { |finding| duplicates.include?(finding.id) }
+      begin
+        known_uuids = Set.new
+        to_be_deleted = []
+        mappings = to_update.each_with_object({}) do |finding, hash|
+          uuid = calculate_uuid_v5_for_finding(finding)
+          if known_uuids.add?(uuid)
+            hash[finding] = { uuid: uuid }
+          else
+            to_be_deleted << finding.id
+          end
+        end
+        # It is technically still possible to have duplicate uuids
+        # if the data integrity is broken somehow and the primary identifiers of
+        # the findings are pointing to different projects with the same fingerprint values.
+        if to_be_deleted.present?
+          log_info('Conflicting UUIDs found within the batch', finding_ids: to_be_deleted)
+          remove_findings(ids: to_be_deleted)
+        end
+        ::Gitlab::Database::BulkUpdate.execute(%i[uuid], mappings) if mappings.present?
+        log_info('Recalculation is done', finding_ids: mappings.keys.pluck(:id))
+      rescue ActiveRecord::RecordNotUnique => error
+        log_info('RecordNotUnique error received')
+        match_data = /\(uuid\)=\((?<uuid>\S{36})\)/.match(error.message)
+        # This exception returns the **correct** UUIDv5 which probably comes from a later record
+        # and it's the one we can drop in the easiest way before retrying the UPDATE query
+        if match_data
+          uuid = match_data[:uuid]
+          log_info('Conflicting UUID found', uuid: uuid)
+          id = VulnerabilitiesFinding.find_by(uuid: uuid)&.id
+          remove_findings(ids: id) if id
+          retry
+        else
+          log_error('Couldnt find conflicting uuid')
+          Gitlab::ErrorTracking.track_and_raise_exception(error)
+        end
+      end
+    end
    mark_job_as_succeeded(start_id, end_id)
  rescue StandardError => error
-    Gitlab::ErrorTracking.track_and_raise_for_dev_exception(error)
+    log_error('An exception happened')
+    Gitlab::ErrorTracking.track_and_raise_exception(error)
  end
+  # rubocop: disable Metrics/AbcSize,Metrics/MethodLength,Metrics/BlockLength
  private
+  def find_duplicates(relation)
+    to_exclude = []
+    relation.flat_map do |record|
+      # Assuming we're scanning id 31 and the duplicate is id 40
+      # first we'd process 31 and add 40 to the list of ids to remove
+      # then we would process record 40 and add 31 to the list of removals
+      # so we would drop both records
+      to_exclude << record.id
+      VulnerabilitiesFinding.where(
+        report_type: record.report_type,
+        location_fingerprint: record.location_fingerprint,
+        primary_identifier_id: record.primary_identifier_id,
+        project_id: record.project_id
+      ).where.not(id: to_exclude).pluck(:id)
+    end
+  end
+  def remove_findings(ids:)
+    ids = Array(ids)
+    log_info('Removing Findings and associated records', ids: ids)
+    vulnerability_ids = VulnerabilitiesFinding.where(id: ids).pluck(:vulnerability_id).uniq.compact
+    VulnerabilitiesFindingPipeline.where(occurrence_id: ids).each_batch { |batch| batch.delete_all }
+    Vulnerability.where(id: vulnerability_ids).each_batch { |batch| batch.delete_all }
+    VulnerabilitiesFinding.where(id: ids).delete_all
+  end
  def calculate_uuid_v5_for_finding(vulnerability_finding)
    return unless vulnerability_finding
+    signatures = vulnerability_finding.signatures.sort_by { |signature| signature.algorithm_type_before_type_cast }
+    location_fingerprint = signatures.last&.signature_sha || vulnerability_finding.location_fingerprint
    uuid_v5_name_components = {
      report_type: vulnerability_finding.report_type,
      primary_identifier_fingerprint: vulnerability_finding.fingerprint,
-      location_fingerprint: vulnerability_finding.location_fingerprint,
+      location_fingerprint: location_fingerprint,
      project_id: vulnerability_finding.project_id
    }
@@ -89,6 +201,14 @@ class Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrencesUuid
    CalculateFindingUUID.call(name)
  end
+  def log_info(message, **extra)
+    logger.info(migrator: 'RecalculateVulnerabilitiesOccurrencesUuid', message: message, **extra)
+  end
+  def log_error(message, **extra)
+    logger.error(migrator: 'RecalculateVulnerabilitiesOccurrencesUuid', message: message, **extra)
+  end
  def logger
    @logger ||= Gitlab::BackgroundMigration::Logger.build
  end

--- a/spec/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid_spec.rb
+++ b/spec/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid_spec.rb
--- a/spec/migrations/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb
+++ b/spec/migrations/20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb
-# frozen_string_literal: true
-require 'spec_helper'
-require Rails.root.join('db', 'post_migrate', '20210918202855_reschedule_pending_jobs_for_recalculate_vulnerabilities_occurrences_uuid.rb')
-RSpec.describe ReschedulePendingJobsForRecalculateVulnerabilitiesOccurrencesUuid, :migration do
-  let_it_be(:background_migration_jobs) { table(:background_migration_jobs) }
-  context 'when RecalculateVulnerabilitiesOccurrencesUuid jobs are pending' do
-    before do
-      background_migration_jobs.create!(
-        class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
-        arguments: [1, 2, 3],
-        status: Gitlab::Database::BackgroundMigrationJob.statuses['pending']
-      )
-      background_migration_jobs.create!(
-        class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
-        arguments: [4, 5, 6],
-        status: Gitlab::Database::BackgroundMigrationJob.statuses['succeeded']
-      )
-    end
-    it 'queues pending jobs' do
-      migrate!
-      expect(BackgroundMigrationWorker.jobs.length).to eq(1)
-      expect(BackgroundMigrationWorker.jobs[0]['args']).to eq(['RecalculateVulnerabilitiesOccurrencesUuid', [1, 2, 3]])
-      expect(BackgroundMigrationWorker.jobs[0]['at']).to be_nil
-    end
-  end
-end
--- a/spec/migrations/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb
+++ b/spec/migrations/20211207125331_remove_jobs_for_recalculate_vulnerabilities_occurrences_uuid_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+require_migration!
+def create_background_migration_jobs(ids, status, created_at)
+  proper_status = case status
+                  when :pending
+                    Gitlab::Database::BackgroundMigrationJob.statuses['pending']
+                  when :succeeded
+                    Gitlab::Database::BackgroundMigrationJob.statuses['succeeded']
+                  else
+                    raise ArgumentError
+                  end
+  background_migration_jobs.create!(
+    class_name: 'RecalculateVulnerabilitiesOccurrencesUuid',
+    arguments: Array(ids),
+    status: proper_status,
+    created_at: created_at
+  )
+end
+RSpec.describe RemoveJobsForRecalculateVulnerabilitiesOccurrencesUuid, :migration do
+  let_it_be(:background_migration_jobs) { table(:background_migration_jobs) }
+  context 'when RecalculateVulnerabilitiesOccurrencesUuid jobs are present' do
+    before do
+      create_background_migration_jobs([1, 2, 3], :succeeded, DateTime.new(2021, 5, 5, 0, 2))
+      create_background_migration_jobs([4, 5, 6], :pending, DateTime.new(2021, 5, 5, 0, 4))
+      create_background_migration_jobs([1, 2, 3], :succeeded, DateTime.new(2021, 8, 18, 0, 0))
+      create_background_migration_jobs([4, 5, 6], :pending, DateTime.new(2021, 8, 18, 0, 2))
+      create_background_migration_jobs([7, 8, 9], :pending, DateTime.new(2021, 8, 18, 0, 4))
+    end
+    it 'removes all jobs' do
+      expect(background_migration_jobs.count).to eq(5)
+      migrate!
+      expect(background_migration_jobs.count).to eq(0)
+    end
+  end
+end
--- a/spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences2_spec.rb
+++ b/spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences2_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 require_migration!
-RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
+RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences4 do
  let(:namespace) { table(:namespaces).create!(name: 'user', path: 'user') }
  let(:users) { table(:users) }
  let(:user) { create_user! }
@@ -13,6 +13,7 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
  let(:different_scanner) { scanners.create!(project_id: project.id, external_id: 'test 2', name: 'test scanner 2') }
  let(:vulnerabilities) { table(:vulnerabilities) }
  let(:vulnerabilities_findings) { table(:vulnerability_occurrences) }
+  let(:vulnerability_finding_signatures) { table(:vulnerability_finding_signatures) }
  let(:vulnerability_identifiers) { table(:vulnerability_identifiers) }
  let(:vulnerability_identifier) do
    vulnerability_identifiers.create!(
@@ -32,6 +33,17 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
      name: 'Identifier for UUIDv4')
  end
+  let!(:uuidv4_finding) do
+    create_finding!(
+      vulnerability_id: vulnerability_for_uuidv4.id,
+      project_id: project.id,
+      scanner_id: different_scanner.id,
+      primary_identifier_id: different_vulnerability_identifier.id,
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('fa18f432f1d56675f4098d318739c3cd5b14eb3e'),
+      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
+    )
+  end
  let(:vulnerability_for_uuidv4) do
    create_vulnerability!(
      project_id: project.id,
@@ -39,6 +51,17 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
    )
  end
+  let!(:uuidv5_finding) do
+    create_finding!(
+      vulnerability_id: vulnerability_for_uuidv5.id,
+      project_id: project.id,
+      scanner_id: scanner.id,
+      primary_identifier_id: vulnerability_identifier.id,
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('838574be0210968bf6b9f569df9c2576242cbf0a'),
+      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
+    )
+  end
  let(:vulnerability_for_uuidv5) do
    create_vulnerability!(
      project_id: project.id,
@@ -46,25 +69,22 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
    )
  end
-  let!(:finding1) do
+  let(:vulnerability_for_finding_with_signature) do
-    create_finding!(
+    create_vulnerability!(
-      vulnerability_id: vulnerability_for_uuidv4.id,
      project_id: project.id,
-      scanner_id: different_scanner.id,
+      author_id: user.id
-      primary_identifier_id: different_vulnerability_identifier.id,
-      location_fingerprint: 'fa18f432f1d56675f4098d318739c3cd5b14eb3e',
-      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
    )
  end
-  let!(:finding2) do
+  let!(:finding_with_signature) do
    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv5.id,
+      vulnerability_id: vulnerability_for_finding_with_signature.id,
      project_id: project.id,
      scanner_id: scanner.id,
      primary_identifier_id: vulnerability_identifier.id,
-      location_fingerprint: '838574be0210968bf6b9f569df9c2576242cbf0a',
+      report_type: 0, # "sast"
-      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
+      location_fingerprint: Gitlab::Database::ShaAttribute.serialize('123609eafffffa2207a9ca2425ba4337h34fga1b'),
+      uuid: '252aa474-d689-5d2b-ab42-7bbb5a100c02'
    )
  end
@@ -79,9 +99,10 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
  it 'schedules background migrations', :aggregate_failures do
    migrate!
-    expect(BackgroundMigrationWorker.jobs.size).to eq(2)
+    expect(BackgroundMigrationWorker.jobs.size).to eq(3)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, finding1.id, finding1.id)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, uuidv4_finding.id, uuidv4_finding.id)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, finding2.id, finding2.id)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, uuidv5_finding.id, uuidv5_finding.id)
+    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(6.minutes, finding_with_signature.id, finding_with_signature.id)
  end
  private
@@ -98,14 +119,14 @@ RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences2 do
  end
  def create_finding!(
-    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:)
+    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:, report_type: 0)
    vulnerabilities_findings.create!(
      vulnerability_id: vulnerability_id,
      project_id: project_id,
      name: 'test',
      severity: 7,
      confidence: 7,
-      report_type: 0,
+      report_type: report_type,
      project_fingerprint: '123qweasdzxc',
      scanner_id: scanner_id,
      primary_identifier_id: primary_identifier_id,

--- a/spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences3_spec.rb
+++ b/spec/migrations/schedule_recalculate_uuid_on_vulnerabilities_occurrences3_spec.rb
-# frozen_string_literal: true
-require 'spec_helper'
-require_migration!
-RSpec.describe ScheduleRecalculateUuidOnVulnerabilitiesOccurrences3 do
-  let(:namespace) { table(:namespaces).create!(name: 'user', path: 'user') }
-  let(:users) { table(:users) }
-  let(:user) { create_user! }
-  let(:project) { table(:projects).create!(id: 123, namespace_id: namespace.id) }
-  let(:scanners) { table(:vulnerability_scanners) }
-  let(:scanner) { scanners.create!(project_id: project.id, external_id: 'test 1', name: 'test scanner 1') }
-  let(:different_scanner) { scanners.create!(project_id: project.id, external_id: 'test 2', name: 'test scanner 2') }
-  let(:vulnerabilities) { table(:vulnerabilities) }
-  let(:vulnerabilities_findings) { table(:vulnerability_occurrences) }
-  let(:vulnerability_identifiers) { table(:vulnerability_identifiers) }
-  let(:vulnerability_identifier) do
-    vulnerability_identifiers.create!(
-      project_id: project.id,
-      external_type: 'uuid-v5',
-      external_id: 'uuid-v5',
-      fingerprint: '7e394d1b1eb461a7406d7b1e08f057a1cf11287a',
-      name: 'Identifier for UUIDv5')
-  end
-  let(:different_vulnerability_identifier) do
-    vulnerability_identifiers.create!(
-      project_id: project.id,
-      external_type: 'uuid-v4',
-      external_id: 'uuid-v4',
-      fingerprint: '772da93d34a1ba010bcb5efa9fb6f8e01bafcc89',
-      name: 'Identifier for UUIDv4')
-  end
-  let(:vulnerability_for_uuidv4) do
-    create_vulnerability!(
-      project_id: project.id,
-      author_id: user.id
-    )
-  end
-  let(:vulnerability_for_uuidv5) do
-    create_vulnerability!(
-      project_id: project.id,
-      author_id: user.id
-    )
-  end
-  let!(:finding1) do
-    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv4.id,
-      project_id: project.id,
-      scanner_id: different_scanner.id,
-      primary_identifier_id: different_vulnerability_identifier.id,
-      location_fingerprint: 'fa18f432f1d56675f4098d318739c3cd5b14eb3e',
-      uuid: 'b3cc2518-5446-4dea-871c-89d5e999c1ac'
-    )
-  end
-  let!(:finding2) do
-    create_finding!(
-      vulnerability_id: vulnerability_for_uuidv5.id,
-      project_id: project.id,
-      scanner_id: scanner.id,
-      primary_identifier_id: vulnerability_identifier.id,
-      location_fingerprint: '838574be0210968bf6b9f569df9c2576242cbf0a',
-      uuid: '77211ed6-7dff-5f6b-8c9a-da89ad0a9b60'
-    )
-  end
-  before do
-    stub_const("#{described_class}::BATCH_SIZE", 1)
-  end
-  around do |example|
-    freeze_time { Sidekiq::Testing.fake! { example.run } }
-  end
-  it 'schedules background migrations', :aggregate_failures do
-    migrate!
-    expect(BackgroundMigrationWorker.jobs.size).to eq(2)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, finding1.id, finding1.id)
-    expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, finding2.id, finding2.id)
-  end
-  private
-  def create_vulnerability!(project_id:, author_id:, title: 'test', severity: 7, confidence: 7, report_type: 0)
-    vulnerabilities.create!(
-      project_id: project_id,
-      author_id: author_id,
-      title: title,
-      severity: severity,
-      confidence: confidence,
-      report_type: report_type
-    )
-  end
-  def create_finding!(
-    vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, location_fingerprint:, uuid:)
-    vulnerabilities_findings.create!(
-      vulnerability_id: vulnerability_id,
-      project_id: project_id,
-      name: 'test',
-      severity: 7,
-      confidence: 7,
-      report_type: 0,
-      project_fingerprint: '123qweasdzxc',
-      scanner_id: scanner_id,
-      primary_identifier_id: primary_identifier_id,
-      location_fingerprint: location_fingerprint,
-      metadata_version: 'test',
-      raw_metadata: 'test',
-      uuid: uuid
-    )
-  end
-  def create_user!(name: "Example User", email: "user@example.com", user_type: nil)
-    users.create!(
-      name: name,
-      email: email,
-      username: name,
-      projects_limit: 0
-    )
-  end
-end