Commit ecbb7f37 authored by Dylan Griffith's avatar Dylan Griffith

Merge branch '342380-finding-build' into 'master'

Use disable join to avoid  doing cross-join via `ci_builds` in `Security::Finding.build`

See merge request gitlab-org/gitlab!72738
parents 3acfc746 08791fbe
---
name: security_finding_build_disable_joins
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72738
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/342380
milestone: '14.4'
type: development
group: group::threat insights
default_enabled: true
...@@ -14,7 +14,7 @@ module Security ...@@ -14,7 +14,7 @@ module Security
belongs_to :scan, inverse_of: :findings, optional: false belongs_to :scan, inverse_of: :findings, optional: false
belongs_to :scanner, class_name: 'Vulnerabilities::Scanner', inverse_of: :security_findings, optional: false belongs_to :scanner, class_name: 'Vulnerabilities::Scanner', inverse_of: :security_findings, optional: false
has_one :build, through: :scan has_one :build, through: :scan, disable_joins: -> { ::Feature.enabled?(:security_finding_build_disable_joins, default_enabled: :yaml) }
enum confidence: ::Enums::Vulnerability.confidence_levels, _prefix: :confidence enum confidence: ::Enums::Vulnerability.confidence_levels, _prefix: :confidence
enum severity: ::Enums::Vulnerability.severity_levels, _prefix: :severity enum severity: ::Enums::Vulnerability.severity_levels, _prefix: :severity
...@@ -36,7 +36,7 @@ module Security ...@@ -36,7 +36,7 @@ module Security
end end
scope :latest, -> { joins(:scan).merge(Security::Scan.latest_successful_by_build).allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/341796') } scope :latest, -> { joins(:scan).merge(Security::Scan.latest_successful_by_build).allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/341796') }
scope :ordered, -> { order(severity: :desc, confidence: :desc, id: :asc) } scope :ordered, -> { order(severity: :desc, confidence: :desc, id: :asc) }
scope :with_pipeline_entities, -> { includes(build: [:job_artifacts, :pipeline]) } scope :with_pipeline_entities, -> { preload(build: [:job_artifacts, :pipeline]) }
scope :with_scan, -> { includes(:scan) } scope :with_scan, -> { includes(:scan) }
scope :with_scanner, -> { includes(:scanner) } scope :with_scanner, -> { includes(:scanner) }
scope :deduplicated, -> { where(deduplicated: true) } scope :deduplicated, -> { where(deduplicated: true) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment