feat(manager): use edge caches for vulnerabilities endpoint

RHINENG-5256
RedHatInsights · Nov 29, 2023 · 9e7f8df · 9e7f8df
1 parent e4de48f
commit 9e7f8df
Show file tree

Hide file tree

Showing 7 changed files with 17 additions and 16 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -24,7 +24,7 @@ RUN mkdir -p /tmp/prometheus_multiproc
 ENV prometheus_multiproc_dir=/tmp/prometheus_multiproc
 
 # minimal schema required by application, used for waiting in services until DB migration is finished
-ENV MINIMAL_SCHEMA=129
+ENV MINIMAL_SCHEMA=131
 
 WORKDIR /engine
 

diff --git a/common/peewee_model.py b/common/peewee_model.py
@@ -241,9 +241,11 @@ class CveAccountCache(BaseModel):
 
     rh_account_id = ForeignKeyField(column_name="rh_account_id", model=RHAccount, field="id")
     cve_id = ForeignKeyField(column_name="cve_id", model=CveMetadata, field="id")
-    systems_affected = IntegerField(null=False)
+    systems_affected_rpmdnf = IntegerField(null=False)
+    systems_affected_edge = IntegerField(null=False)
     systems_status_divergent = IntegerField(null=False)
-    systems_affected_unpatched = IntegerField()
+    systems_affected_unpatched_rpmdnf = IntegerField(null=False)
+    systems_affected_unpatched_edge = IntegerField(null=False)
     systems_status_divergent_unpatched = IntegerField()
     advisory_available = BooleanField()
 

diff --git a/database/schema/upgrade_scripts/131-drop-systems_affected.sql b/database/schema/upgrade_scripts/131-drop-systems_affected.sql
@@ -0,0 +1,2 @@
+ALTER TABLE cve_account_cache DROP COLUMN systems_affected;
+ALTER TABLE cve_account_cache DROP COLUMN systems_affected_unpatched;
diff --git a/database/schema/ve_db_postgresql.sql b/database/schema/ve_db_postgresql.sql
@@ -30,7 +30,7 @@ CREATE TABLE IF NOT EXISTS db_version (
 ) TABLESPACE pg_default;
 
 -- set the schema version directly in the insert statement here!!
-INSERT INTO db_version (name, version) VALUES ('schema_version', 130);
+INSERT INTO db_version (name, version) VALUES ('schema_version', 131);
 -- INSERT INTO db_version (name, version) VALUES ('schema_version', :schema_version);
 
 
@@ -517,11 +517,9 @@ GRANT SELECT, UPDATE, DELETE ON cve_account_data TO ve_db_user_taskomatic;
 CREATE TABLE IF NOT EXISTS cve_account_cache (
   rh_account_id INT NOT NULL,
   cve_id INT NOT NULL,
-  systems_affected INT NOT NULL,
   systems_affected_rpmdnf INT NOT NULL,
   systems_affected_edge INT NOT NULL,
   systems_status_divergent INT NOT NULL,
-  systems_affected_unpatched INT,
   systems_affected_unpatched_rpmdnf INT NOT NULL,
   systems_affected_unpatched_edge INT NOT NULL,
   systems_status_divergent_unpatched INT,

diff --git a/manager/base.py b/manager/base.py
@@ -795,7 +795,6 @@ def is_not_cacheable_request(args):
             "group_names",
             "group_ids",
             "ungrouped_hosts",
-            "affecting_host_type",
         ]
     )
 

diff --git a/manager/filters.py b/manager/filters.py
@@ -663,9 +663,6 @@ def _filter_cve_by_affecting_host_type(query, args, kwargs):
     Returns:
         object: Modified query with affecting filter applied
     """
-    if kwargs.get("is_cached"):
-        return query
-
     if affecting := args.get("affecting_host_type", []):
         count_subquery = kwargs["count_subquery"]
         if HostType.RPMDNF in affecting and HostType.EDGE in affecting and HostType.NONE in affecting:

diff --git a/manager/vulnerabilities_handler.py b/manager/vulnerabilities_handler.py
@@ -105,7 +105,7 @@ def __init__(self, account_data, list_args, uri, args):
                                                       remediation_filter=DEFAULT_REMEDIATION_FILTER)
 
         query = self._full_query(account_data.id, join_type, count_subquery)
-        query = apply_filters(query, args, full_query_filters, {"count_subquery": count_subquery, "is_cached": is_cached})
+        query = apply_filters(query, args, full_query_filters, {"count_subquery": count_subquery})
         if not account_data.cves_without_errata:
             query = query.where(CveMetadata.advisories_list != SQL("'[]'"))
         query = query.dicts()
@@ -254,27 +254,30 @@ def _unpatched_count_subquery(rh_account_id, args, filters):
     @staticmethod
     def _cached_count_subquery(rh_account_id, cves_without_errata, args):
         # Select only fixed counts by default
-        systems_affected = CveAccountCache.systems_affected
+        systems_affected_rpmdnf = CveAccountCache.systems_affected_rpmdnf
+        systems_affected_edge = CveAccountCache.systems_affected_edge
         systems_status_divergent = CveAccountCache.systems_status_divergent
         advisory_available_column = CveAccountCache.advisory_available
         # Override selected counts if advisory_available filter is used
         advisory_available = args["advisory_available"]
         if cves_without_errata:
             if advisory_available is None or (False in advisory_available and True in advisory_available):
                 # Fixed + unfixed counts
-                systems_affected = (CveAccountCache.systems_affected + fn.Coalesce(CveAccountCache.systems_affected_unpatched, 0))
+                systems_affected_rpmdnf = (CveAccountCache.systems_affected_rpmdnf + CveAccountCache.systems_affected_unpatched_rpmdnf)
+                systems_affected_edge = (CveAccountCache.systems_affected_edge + CveAccountCache.systems_affected_unpatched_edge)
                 systems_status_divergent = (CveAccountCache.systems_status_divergent + fn.Coalesce(CveAccountCache.systems_status_divergent_unpatched, 0))
             elif False in advisory_available:
                 # Only unfixed counts
-                systems_affected = fn.Coalesce(CveAccountCache.systems_affected_unpatched, 0)
+                systems_affected_rpmdnf = CveAccountCache.systems_affected_unpatched_rpmdnf
+                systems_affected_edge = CveAccountCache.systems_affected_unpatched_edge
                 systems_status_divergent = fn.Coalesce(CveAccountCache.systems_status_divergent_unpatched, 0)
                 advisory_available_column = Value(False)
 
         # edge systems are added in the cache, need to mock the systems_affected_edge_ column
         query = (CveAccountCache
                  .select(CveAccountCache.cve_id.alias("cve_id_"),
-                         systems_affected.alias("systems_affected_rpmdnf_"),
-                         Value(0).alias("systems_affected_edge_"),
+                         systems_affected_rpmdnf.alias("systems_affected_rpmdnf_"),
+                         systems_affected_edge.alias("systems_affected_edge_"),
                          systems_status_divergent.alias("systems_status_divergent_"),
                          advisory_available_column.alias("advisory_available_"))
                  .where(CveAccountCache.rh_account_id == rh_account_id))