Skip to content
代码片段 群组 项目
未验证 提交 a547977c 编辑于 作者: Michał Zając's avatar Michał Zając 提交者: GitLab
浏览文件

Add and track events for Vulnerability auto-resolution 

Changelog: added
EE: true
上级 dbbe5ede
No related branches found
No related tags found
无相关合并请求
隐藏空白变更内容
行内 左右并排
显示
123 个添加0 个删除
ee/app/services/vulnerabilities/auto_resolve_service.rb
+ 10
0
浏览文件 @ a547977c
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
module Vulnerabilities module Vulnerabilities
class AutoResolveService class AutoResolveService
include Gitlab::Utils::StrongMemoize include Gitlab::Utils::StrongMemoize
include Gitlab::InternalEventsTracking
def initialize(project, vulnerability_ids, budget) def initialize(project, vulnerability_ids, budget)
@project = project @project = project
...@@ -73,10 +74,19 @@ def resolve_vulnerabilities ...@@ -73,10 +74,19 @@ def resolve_vulnerabilities
updated_at: now updated_at: now
) )
end end
Note.transaction do Note.transaction do
results = Note.insert_all!(system_note_attrs, returning: %w[id]) results = Note.insert_all!(system_note_attrs, returning: %w[id])
SystemNoteMetadata.insert_all!(note_metadata_attrs(results)) SystemNoteMetadata.insert_all!(note_metadata_attrs(results))
end end
track_internal_event(
'autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set',
project: project,
additional_properties: {
value: vulnerabilities_to_resolve.size
}
)
end end
def state_transition_attrs def state_transition_attrs
......
ee/config/events/autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set.yml 0 → 100644
+ 18
0
浏览文件 @ a547977c
---
description: Vulnerabilities being auto-resolved in a Project when auto-resolve policy is set
internal_events: true
action: autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set
identifiers:
- project
- namespace
additional_properties:
value:
description: Count of auto-resolved Vulnerabilities
product_group: security_insights
product_categories:
- vulnerability_management
milestone: '17.7'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175012
tiers:
- premium
- ultimate
ee/config/metrics/counts_all/count_distinct_project_id_from_vulnerability_auto_resolution.yml 0 → 100644
+ 25
0
浏览文件 @ a547977c
---
key_path: redis_hll_counters.count_distinct_project_id_from_vulnerability_auto_resolution
description: Count of unique projects where auto-resolution of Vulnerabilities is being used
product_group: security_insights
product_categories:
- vulnerability_management
performance_indicator_type: []
value_type: number
status: active
milestone: '17.7'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175012
time_frame:
- 7d
- 28d
- all
data_source: internal_events
data_category: optional
distribution:
- ee
tiers:
- premium
- ultimate
events:
- name: autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set
unique: project.id
ee/config/metrics/counts_all/count_total_autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set.yml 0 → 100644
+ 25
0
浏览文件 @ a547977c
---
key_path: sums.count_total_autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set
description: Total count of auto-resolved Vulnerabilities in projects with auto-resolution policy set
product_group: security_insights
product_categories:
- vulnerability_management
performance_indicator_type: []
value_type: number
status: active
milestone: '17.7'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175012
time_frame:
- 7d
- 28d
- all
data_source: internal_events
data_category: optional
distribution:
- ee
tiers:
- premium
- ultimate
events:
- name: autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set
operator: sum(value)
ee/spec/services/vulnerabilities/auto_resolve_service_spec.rb
+ 45
0
浏览文件 @ a547977c
...@@ -157,6 +157,51 @@ ...@@ -157,6 +157,51 @@
let_it_be(:vulnerabilities) { create_list(:vulnerability, 2, :with_findings, project: project) } let_it_be(:vulnerabilities) { create_list(:vulnerability, 2, :with_findings, project: project) }
let_it_be(:vulnerability_ids) { vulnerabilities.map(&:id) } let_it_be(:vulnerability_ids) { vulnerabilities.map(&:id) }
describe 'internal event tracking' do
let(:event) { 'autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set' }
let(:distinct_count_weekly) do
'redis_hll_counters.count_distinct_project_id_from_vulnerability_auto_resolution_weekly'
end
let(:distinct_count_monthly) do
'redis_hll_counters.count_distinct_project_id_from_vulnerability_auto_resolution_monthly'
end
let(:distinct_count_total) { 'redis_hll_counters.count_distinct_project_id_from_vulnerability_auto_resolution' }
let(:total_count_weekly) do
'sums.count_total_autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set_weekly'
end
let(:total_count_monthly) do
'sums.count_total_autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set_monthly'
end
let(:total_count) do
'sums.count_total_autoresolve_vulnerability_in_project_after_pipeline_run_if_policy_is_set'
end
let(:additional_properties) do
{
value: vulnerabilities.size
}
end
it 'tracks internal events', :clean_gitlab_redis_shared_state, :aggregate_failures do
expect { service.execute }
.to trigger_internal_events(event)
.with(
project: project,
namespace: project.namespace,
additional_properties: additional_properties
).and increment_usage_metrics(distinct_count_weekly).by(1)
.and increment_usage_metrics(distinct_count_monthly).by(1)
.and increment_usage_metrics(distinct_count_total).by(1)
.and increment_usage_metrics(total_count_weekly).by(2)
.and increment_usage_metrics(total_count_monthly).by(2)
.and increment_usage_metrics(total_count).by(2)
end
end
it 'does not introduce N+1 queries' do it 'does not introduce N+1 queries' do
control = ActiveRecord::QueryRecorder.new do control = ActiveRecord::QueryRecorder.new do
described_class.new(project, vulnerability_ids, budget).execute described_class.new(project, vulnerability_ids, budget).execute
......
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册