Skip to content
代码片段 群组 项目
未验证 提交 07c03dca 编辑于 作者: Jessie Young's avatar Jessie Young 提交者: GitLab
浏览文件

Merge branch 'bwill/update-sbom-occurrences-on-project-archived-event' into 'master'

No related branches found
No related tags found
无相关合并请求
......@@ -659,6 +659,8 @@
- 1
- - sbom_reports
- 1
- - sbom_sync_archived_status
- 1
- - sbom_sync_project_traversal_ids
- 1
- - search_elastic_default_branch_changed
......
# frozen_string_literal: true
module Sbom
class SyncArchivedStatusService
include Gitlab::Utils::StrongMemoize
include Gitlab::ExclusiveLeaseHelpers
BATCH_SIZE = 100
LEASE_TTL = 1.hour
def initialize(project_id)
@project_id = project_id
end
def execute
return unless project
in_lock(lease_key, ttl: LEASE_TTL) { update_archived_status }
end
private
attr_reader :project_id
def update_archived_status
project.sbom_occurrences.each_batch(of: BATCH_SIZE) do |batch|
batch.update_all(archived: project.archived)
end
end
def project
Project.find_by_id(project_id)
end
strong_memoize_attr :project
def lease_key
"sync_sbom_occurrences_archived:projects:#{project_id}"
end
end
end
......@@ -1821,6 +1821,15 @@
:weight: 1
:idempotent: true
:tags: []
- :name: sbom_sync_archived_status
:worker_name: Sbom::SyncArchivedStatusWorker
:feature_category: :dependency_management
:has_external_dependencies: false
:urgency: :low
:resource_boundary: :unknown
:weight: 1
:idempotent: true
:tags: []
- :name: sbom_sync_project_traversal_ids
:worker_name: Sbom::SyncProjectTraversalIdsWorker
:feature_category: :dependency_management
......
# frozen_string_literal: true
module Sbom
class SyncArchivedStatusWorker
include Gitlab::EventStore::Subscriber
data_consistency :always
feature_category :dependency_management
idempotent!
def handle_event(event)
::Sbom::SyncArchivedStatusService.new(event.data['project_id']).execute
end
end
end
---
name: sync_project_archival_status_to_sbom_occurrences
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/437636
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143874
rollout_issue_url: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17572
milestone: '16.10'
group: group::threat insights
type: gitlab_com_derisk
default_enabled: false
......@@ -63,6 +63,11 @@ def configure!(store)
::Feature.enabled?(:update_vuln_reads_traversal_ids_via_event,
::Group.find_by_id(event.data['group_id']), type: :gitlab_com_derisk)
}
store.subscribe ::Sbom::SyncArchivedStatusWorker, to: ::Projects::ProjectArchivedEvent,
if: ->(event) do
project = ::Project.find_by_id(event.data['project_id'])
::Feature.enabled?(:sync_project_archival_status_to_sbom_occurrences, project)
end
end
end
end
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Sbom::SyncArchivedStatusService, feature_category: :dependency_management do
let_it_be(:project) { create(:project, :archived) }
let_it_be(:sbom_occurrence) { create(:sbom_occurrence, project: project) }
let_it_be(:sbom_occurrence_2) { create(:sbom_occurrence, project: project) }
let(:project_id) { project.id }
subject(:sync) { described_class.new(project_id).execute }
it 'updates sbom_occurrences.archived' do
expect { sync }.to change { sbom_occurrence.reload.archived }.from(false).to(true)
end
context 'when project does not exist with id' do
let(:project_id) { non_existing_record_id }
it 'does not raise' do
expect { sync }.not_to raise_error
end
end
context 'when lease is taken' do
include ExclusiveLeaseHelpers
let_it_be(:other_project) { create(:project) }
let(:lease_key) { "sync_sbom_occurrences_archived:projects:#{project_id}" }
let(:lease_ttl) { 1.hour }
before do
stub_exclusive_lease_taken(lease_key, timeout: lease_ttl)
end
it 'does not permit parallel execution on the same project' do
expect { sync }.to raise_error(Gitlab::ExclusiveLeaseHelpers::FailedToObtainLockError)
.and not_change { sbom_occurrence.reload.archived }
end
it 'allows parallel execution on different projects' do
expect { described_class.new(other_project.id).execute }.not_to raise_error
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Sbom::SyncArchivedStatusWorker, feature_category: :dependency_management, type: :worker do
let_it_be(:project) { create(:project) }
let_it_be(:sbom_occurrence) { create(:sbom_occurrence, project: project) }
let_it_be(:sbom_occurrence_outside_project) { create(:sbom_occurrence) }
let(:event) do
::Projects::ProjectArchivedEvent.new(data: {
project_id: project.id,
namespace_id: project.namespace.id,
root_namespace_id: project.root_namespace.id
})
end
it_behaves_like 'worker with data consistency', described_class, data_consistency: :always
it_behaves_like 'subscribes to event'
subject(:use_event) { consume_event(subscriber: described_class, event: event) }
it 'updates sbom_occurrences archived status' do
project.update!(archived: true)
expect { use_event }.to change { sbom_occurrence.reload.archived }.from(false).to(true)
.and not_change { sbom_occurrence_outside_project.reload.archived }
end
context 'when sync_project_archival_status_to_sbom_occurrences is disabled' do
before do
stub_feature_flags(sync_project_archival_status_to_sbom_occurrences: false)
end
it_behaves_like 'ignores the published event'
end
end
0% 加载中 .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册