blob: 2900ef852a5fef489a133f460a2e63fc2f6f52fa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# frozen_string_literal: true
class SetResolvedStateOnVulnerabilities < ActiveRecord::Migration[5.2]
DOWNTIME = false
def up
execute <<~SQL
-- selecting IDs for all non-orphan Findings that either have no feedback or it's a non-dismissal feedback
WITH resolved_vulnerability_ids AS #{Gitlab::Database::AsWithMaterialized.materialized_if_supported} (
SELECT DISTINCT vulnerability_id AS id
FROM vulnerability_occurrences
LEFT JOIN vulnerability_feedback ON vulnerability_feedback.project_fingerprint = ENCODE(vulnerability_occurrences.project_fingerprint::bytea, 'HEX')
WHERE vulnerability_id IS NOT NULL
AND (vulnerability_feedback.id IS NULL OR vulnerability_feedback.feedback_type <> 0)
)
UPDATE vulnerabilities
SET state = 3, resolved_by_id = closed_by_id, resolved_at = NOW()
FROM resolved_vulnerability_ids
WHERE vulnerabilities.id IN (resolved_vulnerability_ids.id)
AND state = 2 -- only 'closed' Vulnerabilities become 'resolved'
SQL
end
def down
execute <<~SQL
UPDATE vulnerabilities
SET state = 2, resolved_by_id = NULL, resolved_at = NULL -- state = 'closed'
WHERE state = 3 -- 'resolved'
SQL
end
end
|