Commit ebd81138 authored by Vasilii Iakliushin's avatar Vasilii Iakliushin

Merge branch 'mc_rocha-reduce-queries-security-dashboard-check-225250' into 'master'

Reduce queries for the expose security dashboard check

See merge request gitlab-org/gitlab!73284
parents f9f80ec6 bef74f71
......@@ -652,8 +652,15 @@ module Ci
end
def batch_lookup_report_artifact_for_file_type(file_type)
batch_lookup_report_artifact_for_file_types([file_type])
end
def batch_lookup_report_artifact_for_file_types(file_types)
file_types_to_search = []
file_types.each { |file_type| file_types_to_search.append(*::Ci::JobArtifact.associated_file_types_for(file_type.to_s)) }
latest_report_artifacts
.values_at(*::Ci::JobArtifact.associated_file_types_for(file_type.to_s))
.values_at(*file_types_to_search.uniq)
.flatten
.compact
.last
......
......@@ -92,10 +92,15 @@ module EE
tag? && project_has_subscriptions?
end
def batch_lookup_report_artifact_for_file_type(file_type)
return unless available_licensed_report_type?(file_type)
def batch_lookup_report_artifact_for_file_types(file_types)
file_types_to_search = []
file_types.each do |file_type|
file_types_to_search.append(file_type) if available_licensed_report_type?(file_type)
end
return unless file_types_to_search.present?
super
super(file_types_to_search)
end
def expose_license_scanning_data?
......
......@@ -9,7 +9,7 @@ module EE
def expose_security_dashboard?
return false unless can?(current_user, :read_security_resource, pipeline.project)
Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.any? { |file_type| batch_lookup_report_artifact_for_file_type(file_type.to_sym) }
batch_lookup_report_artifact_for_file_types(Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.map(&:to_sym)).present?
end
def degradation_threshold(file_type)
......
......@@ -61,6 +61,36 @@ RSpec.describe Ci::PipelinePresenter do
it { is_expected.to be_falsey }
end
it 'calls latest_report_artifacts once' do
expect(pipeline).to receive(:latest_report_artifacts).once.and_call_original
subject
end
end
context 'when all features are available' do
before do
stub_licensed_features(dependency_scanning: true, secret_detection: true, sast: true, container_scanning: true,
cluster_image_scanning: true, dast: true, coverage_fuzzing: true, api_fuzzing: true,
license_scanning: true, security_dashboard: true)
end
it 'does not increase the number of queries' do
all_features_query_count = count_ci_artifacts_queries
stub_licensed_features(dependency_scanning: true, secret_detection: true, sast: true, container_scanning: true,
cluster_image_scanning: false, dast: false, coverage_fuzzing: false, api_fuzzing: false,
license_scanning: true, security_dashboard: true)
less_features_query_count = count_ci_artifacts_queries
expect(all_features_query_count).to eq(less_features_query_count)
end
it 'calls latest_report_artifacts once' do
expect(pipeline).to receive(:latest_report_artifacts).once.and_call_original
subject
end
end
context 'when features are disabled' do
......@@ -206,4 +236,9 @@ RSpec.describe Ci::PipelinePresenter do
it { is_expected.to be true }
end
end
def count_ci_artifacts_queries
query_recorder = ActiveRecord::QueryRecorder.new { presenter.expose_security_dashboard? }
query_recorder.log.count { |q| q.include?('FROM "ci_job_artifacts"') }
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment