Merge branch '233536-resolve-n+1-queries-when-loading-statistics' into 'master'

Preload vulnerability statistics when loading vulnerable projects

See merge request gitlab-org/gitlab!38905

ee/app/models/ee/project.rb

@@ -151,6 +151,7 @@ module EE
       scope :with_compliance_framework_settings, -> { preload(:compliance_framework_setting) }
       scope :has_vulnerabilities, -> { joins(:vulnerabilities).group(:id) }
       scope :has_vulnerability_statistics, -> { joins(:vulnerability_statistic) }
+      scope :with_vulnerability_statistics, -> { includes(:vulnerability_statistic) }
 
       scope :with_group_saml_provider, -> { preload(group: :saml_provider) }
 

ee/app/models/vulnerabilities/projects_grade.rb

@@ -16,7 +16,7 @@ module Vulnerabilities
     def projects
       return vulnerable.projects.none if project_ids.blank?
 
-      vulnerable.projects.where(id: project_ids)
+      vulnerable.projects.with_vulnerability_statistics.inc_routes.where(id: project_ids)
     end
 
     def self.grades_for(vulnerables)

ee/changelogs/unreleased/233536-resolve-n-1-queries-when-loading-statistics.yml

+---
+title: Preload vulnerability statistics when loading vulnerable projects
+merge_request: 38905
+author:
+type: performance

ee/spec/models/vulnerabilities/projects_grade_spec.rb

@@ -78,6 +78,12 @@ RSpec.describe Vulnerabilities::ProjectsGrade do
     subject(:projects) { projects_grade.projects }
 
     it { is_expected.to match_array(expected_projects) }
+
+    it 'preloads vulnerability statistic once for whole collection' do
+      control_count = ActiveRecord::QueryRecorder.new { described_class.new(group, 1, [project_3.id]).projects.map(&:vulnerability_statistic) }.count
+
+      expect { described_class.new(group, 1, [project_3.id, project_4.id]).projects.map(&:vulnerability_statistic) }.not_to exceed_query_limit(control_count)
+    end
   end
 
   describe '#count' do