Migrate sbom_occurrences.component_name to match

PEP 503. Changelog: fixed

Migrate sbom_occurrences.component_name to match
85faa73c · Zamir Martins · GitLab · 8b323206 · 85faa73c · 85faa73c
--- a/db/docs/batched_background_migrations/update_sbom_occurrences_component_name_based_on_pep503.yml
+++ b/db/docs/batched_background_migrations/update_sbom_occurrences_component_name_based_on_pep503.yml
+---
+migration_job_name: UpdateSbomOccurrencesComponentNameBasedOnPep503
+description: Updates sbom_occurrences.component_name in accordance with PEP503
+feature_category: software_composition_analysis
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/146776
+milestone: '16.11'
+queued_migration_version: 20240306120522
+finalize_after: '2024-03-24'
--- a/db/post_migrate/20240306120522_queue_update_sbom_occurrences_component_name_based_on_pep503.rb
+++ b/db/post_migrate/20240306120522_queue_update_sbom_occurrences_component_name_based_on_pep503.rb
+# frozen_string_literal: true
+
+class QueueUpdateSbomOccurrencesComponentNameBasedOnPep503 < Gitlab::Database::Migration[2.2]
+  milestone '16.11'
+
+  restrict_gitlab_migration gitlab_schema: :gitlab_main
+
+  MIGRATION = "UpdateSbomOccurrencesComponentNameBasedOnPep503"
+  DELAY_INTERVAL = 2.minutes
+  BATCH_SIZE = 2000
+  SUB_BATCH_SIZE = 200
+
+  def up
+    queue_batched_background_migration(
+      MIGRATION,
+      :sbom_occurrences,
+      :id,
+      job_interval: DELAY_INTERVAL,
+      batch_size: BATCH_SIZE,
+      sub_batch_size: SUB_BATCH_SIZE
+    )
+  end
+
+  def down
+    delete_batched_background_migration(MIGRATION, :sbom_occurrences, :id, [])
+  end
+end
--- a/db/schema_migrations/20240306120522
+++ b/db/schema_migrations/20240306120522
+2645479cd4ce377b4183c1fade37050a2b143d9697f341c690483a11a202bde4
\ No newline at end of file
--- a/lib/gitlab/background_migration/update_sbom_occurrences_component_name_based_on_pep503.rb
+++ b/lib/gitlab/background_migration/update_sbom_occurrences_component_name_based_on_pep503.rb
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    class UpdateSbomOccurrencesComponentNameBasedOnPep503 < BatchedMigrationJob
+      operation_name :update_occurrence_component_name_based_on_pep_503
+      feature_category :software_composition_analysis
+
+      def perform
+        each_sub_batch do |sub_batch|
+          update_occurrence_component_name(sub_batch)
+        end
+      end
+
+      private
+
+      def normalized_name(name)
+        connection.quote(name.gsub(Sbom::PackageUrl::Normalizer::PYPI_REGEX, '-'))
+      end
+
+      def update_occurrence_component_name(batch)
+        occurrences = batch
+          .joins("INNER JOIN sbom_components ON sbom_occurrences.component_id = sbom_components.id")
+          .where("sbom_components.purl_type = 8 AND sbom_occurrences.component_name LIKE '%.%'")
+
+        return if occurrences.blank?
+
+        values_list = occurrences.map do |occurrence|
+          "(#{occurrence.id}, #{normalized_name(occurrence.component_name)})"
+        end.join(", ")
+
+        sql = <<~SQL
+          WITH new_values (id, component_name) AS (
+            VALUES
+              #{values_list}
+          )
+          UPDATE sbom_occurrences
+          SET component_name = new_values.component_name
+          FROM new_values
+          WHERE sbom_occurrences.id = new_values.id
+        SQL
+
+        connection.execute(sql)
+      end
+    end
+  end
+end
--- a/spec/lib/gitlab/background_migration/update_sbom_occurrences_component_name_based_on_pep503_spec.rb
+++ b/spec/lib/gitlab/background_migration/update_sbom_occurrences_component_name_based_on_pep503_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Gitlab::BackgroundMigration::UpdateSbomOccurrencesComponentNameBasedOnPep503, feature_category: :software_composition_analysis do
+  let(:occurrences) { table(:sbom_occurrences) }
+  let(:components) { table(:sbom_components) }
+  let(:projects) { table(:projects) }
+  let(:namespaces) { table(:namespaces) }
+  let(:namespace) { namespaces.create!(name: 'name', path: 'path') }
+  let(:project) { projects.create!(namespace_id: namespace.id, project_namespace_id: namespace.id) }
+
+  describe '#perform' do
+    subject(:perform_migration) do
+      described_class.new(
+        start_id: occurrences.first.id,
+        end_id: occurrences.last.id,
+        batch_table: :sbom_occurrences,
+        batch_column: :id,
+        sub_batch_size: occurrences.count,
+        pause_ms: 0,
+        connection: ActiveRecord::Base.connection
+      ).perform
+    end
+
+    context 'without data' do
+      before do
+        component = components.create!(name: 'azure', purl_type: 8, component_type: 0)
+        occurrences.create!(project_id: project.id, component_id: component.id, commit_sha: 'commit_sha',
+          uuid: SecureRandom.uuid, component_name: 'azure')
+      end
+
+      it 'does not raise exception' do
+        expect { perform_migration }.not_to raise_error
+      end
+    end
+
+    context 'with data' do
+      before do
+        %w[aws-cdk.region-info azure.identity backports.cached-property backports.csv].each do |input_name|
+          component = components.create!(name: input_name, purl_type: 8, component_type: 0)
+          occurrences.create!(project_id: project.id, component_id: component.id, commit_sha: 'commit_sha',
+            uuid: SecureRandom.uuid, component_name: input_name)
+        end
+      end
+
+      let(:expected_names) { %w[aws-cdk-region-info azure-identity backports-cached-property backports-csv] }
+
+      it 'successfully updates name according to PEP 0503' do
+        perform_migration
+
+        expect(occurrences.pluck(:component_name)).to eq(expected_names)
+      end
+
+      context 'with unrelated components' do
+        let(:component_name) { 'unrelated.component' }
+        let(:unrelated_component) { components.create!(name: component_name, purl_type: 6, component_type: 0) }
+        let!(:unrelated_occurrence) do
+          occurrences.create!(project_id: project.id, component_id: unrelated_component.id, commit_sha: 'commit_sha',
+            uuid: SecureRandom.uuid, component_name: component_name)
+        end
+
+        it 'does not update the unrelated occurrence' do
+          expect { perform_migration }.not_to change { unrelated_occurrence.reload.component_name }
+        end
+      end
+    end
+  end
+end
--- a/spec/migrations/20240306120522_queue_update_sbom_occurrences_component_name_based_on_pep503_spec.rb
+++ b/spec/migrations/20240306120522_queue_update_sbom_occurrences_component_name_based_on_pep503_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+require_migration!
+
+RSpec.describe QueueUpdateSbomOccurrencesComponentNameBasedOnPep503, feature_category: :software_composition_analysis do
+  let!(:batched_migration) { described_class::MIGRATION }
+
+  it 'schedules a new batched migration' do
+    reversible_migration do |migration|
+      migration.before -> {
+        expect(batched_migration).not_to have_scheduled_batched_migration
+      }
+
+      migration.after -> {
+        expect(batched_migration).to have_scheduled_batched_migration(
+          table_name: :sbom_occurrences,
+          column_name: :id,
+          interval: described_class::DELAY_INTERVAL,
+          batch_size: described_class::BATCH_SIZE,
+          sub_batch_size: described_class::SUB_BATCH_SIZE
+        )
+      }
+    end
+  end
+end