matcher: new database schema #1340
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hdonnay
force-pushed
the
hack/new-updater-db
branch
2 times, most recently
from
9390605
to
2a46f51
Compare
hdonnay
force-pushed
the
hack/new-updater-db
branch
2 times, most recently
from
fa2fbf1
to
60a6c74
Compare
This comment was marked as resolved.
This comment was marked as resolved.
hdonnay
force-pushed
the
hack/new-updater-db
branch
5 times, most recently
from
b7073cd
to
bfa4413
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## dev/matcher-v2 #1340 +/- ##
=================================================
Coverage ? 56.25%
=================================================
Files ? 267
Lines ? 16876
Branches ? 0
=================================================
Hits ? 9493
Misses ? 6418
Partials ? 965 ☔ View full report in Codecov by Sentry. |
hdonnay
force-pushed
the
hack/new-updater-db
branch
2 times, most recently
from
4737949
to
086ee3e
Compare
|
I cooked up a monster "show me everything" view that took ~38ms to return the first row. CREATE TYPE display_reference AS (
namespace TEXT,
name TEXT,
uri TEXT[]
);
CREATE TYPE display_package AS (
name TEXT,
kind PackageKind,
arch Architecture[],
vulnerable_range VersionMultiRange,
version_upstream TEXT[],
version_kind TEXT,
purl TEXT,
cpe TEXT
);
CREATE TYPE display_attr AS (
mediatype TEXT,
data JSONB
);
CREATE OR REPLACE VIEW latest_advisory_full AS
SELECT
latest.id,
latest.added,
latest.generation,
latest.updater,
latest.name,
meta.issued,
meta.summary,
meta.description,
meta.uri,
meta.severity,
meta.normalized_severity,
ref.refs,
pkg.pkgs,
attr.attrs
FROM
matcher_v2.latest_advisory AS latest
JOIN matcher_v2.advisory_meta AS meta ON meta.advisory = latest.id
JOIN (
SELECT
ar.advisory,
array_agg((
r.namespace,
r.name,
r.uri)::matcher_v2.display_reference) AS refs
FROM
matcher_v2.advisory_reference AS ar
JOIN matcher_v2.reference AS r ON r.id = ar.reference
GROUP BY
ar.advisory
) AS ref ON ref.advisory = latest.id
JOIN (
SELECT array_agg((n.name, p.kind, p.arch, p.vulnerable_range, p.version_upstream, p.version_kind, p.purl, p.cpe)::matcher_v2.display_package) AS pkgs, p.advisory
FROM matcher_v2.package AS p
JOIN matcher_v2.package_name AS n ON n.id = p.name
GROUP BY p.advisory
) AS pkg ON pkg.advisory = latest.id
JOIN (
SELECT aa.advisory,
array_agg((mt.mediatype, a.data)::matcher_v2.display_attr) AS attrs
FROM matcher_v2.advisory_attr AS aa
JOIN matcher_v2.attr AS a ON a.id = aa.attr
JOIN matcher_v2.mediatype AS mt ON a.mediatype = mt.id
GROUP BY aa.advisory
) AS attr on attr.advisory = latest.id
;
I don't think this is a typical query, as the normalized parts ( |
hdonnay
force-pushed
the
hack/new-updater-db
branch
from
086ee3e
to
954f1ba
Compare
hdonnay
force-pushed
the
hack/new-updater-db
branch
from
954f1ba
to
50654a4
Compare
|
Decided to try merging this stuff into a feature branch as things are going. |
hdonnay
requested review from
crozzy,
BradLugo and
RTann
and removed request for
a team
crozzy
reviewed
Jun 21, 2024
| ADD UNIQUE (mediatype, data); | ||
|
|
||
| COMMENT ON TABLE attr IS $$ | ||
| Attrs are generic features of advisories and references. |
There was a problem hiding this comment.
I don't see a table to connect attrs with references
There was a problem hiding this comment.
Right, attr and reference are associated with an advisory.
|
|
||
| COMMENT ON FUNCTION version_check_array IS 'This function reports whether a text array is well-formed to be used as a VersionRange'; | ||
|
|
||
| CREATE OR REPLACE FUNCTION version_check (mr matcher_v2.VersionMultiRange) |
There was a problem hiding this comment.
Are we missing a VersionMultiRange definition here? Can't see to be able to run the migration without an error
There was a problem hiding this comment.
No, it's created automatically with a RANGE type: https://www.postgresql.org/docs/16/sql-createtype.html#SQL-CREATETYPE-RANGE
hdonnay
force-pushed
the
hack/new-updater-db
branch
from
50654a4
to
bbd9edb
Compare
This meets the PostgreSQL version requirements and prevents needing to install it. Signed-off-by: Hank Donnay <[email protected]>
Signed-off-by: Hank Donnay <[email protected]>
Signed-off-by: Hank Donnay <[email protected]>
Signed-off-by: Hank Donnay <[email protected]>
hdonnay
force-pushed
the
hack/new-updater-db
branch
from
bbd9edb
to
6a82cf9
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a new database schema for the
matchersubsystem, focused on:COPYExplicit non-goals:
JOINavoidanceTODO for this PR:
attrand the "name" tablesVIEW