Schmil Monderer activity

Schmil Monderer pushed to project branch ghavenga-591623-trigger-parity-check at GitLab.org / GitLab

2026-03-18T21:54:38Z

Schmil Monderer (7e642d03) at 18 Mar 21:54

Use vulnerability_occurrence_id for VAC support in TriggerParityCheck

... and 2399 more commits

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-18T13:36:31Z

Schmil Monderer (7a83727e) at 18 Mar 13:36

Add migration stub to mark_dropped_as_resolved_worker_spec

... and 1 more commit

Schmil Monderer commented on merge request !225822 at GitLab.org / GitLab

2026-03-18T12:11:10Z

@srushik Makes sense

Schmil Monderer commented on issue #35372 at GitLab.com / www-gitlab-com

2026-03-18T11:56:17Z

ok thanks

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-18T10:54:33Z

Schmil Monderer (2ae0f869) at 18 Mar 10:54

Add migration stubs to specs expecting vulnerability_read tracking

Schmil Monderer pushed to project branch ghavenga-591623-trigger-parity-check at GitLab.org / GitLab

2026-03-18T10:45:53Z

Schmil Monderer (8b26685d) at 18 Mar 10:45

Use vulnerability_occurrence_id for VAC support in TriggerParityCheck

Schmil Monderer commented on issue #593774 at GitLab.org / GitLab

2026-03-18T08:54:20Z

@bwill We should also check that customers aren't using the REST endpoint directly. It is possible that some use the endpoint in their pipeline for a conditional workflow

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-18T08:28:01Z

Schmil Monderer (e198728e) at 18 Mar 08:28

Use set_elasticsearch_migration_to helper in specs

Schmil Monderer commented on issue #35372 at GitLab.com / www-gitlab-com

2026-03-18T07:50:40Z

@minac What do you by "missing". The transaction was redundant because we are updating a single table only once

Schmil Monderer commented on merge request !225024 at GitLab.org / GitLab

2026-03-17T21:37:38Z

done

Schmil Monderer pushed to project branch schmil/592362/dual-write-vulnerability-es-indices at GitLab.org / GitLab

2026-03-17T21:31:33Z

Schmil Monderer (710b4f00) at 17 Mar 21:31

Remove ops FF definition

... and 1 more commit

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-17T21:31:10Z

Schmil Monderer (c69338f7) at 17 Mar 21:31

Refactor VulnerabilityReadIndexing spec to use shared examples

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-17T15:47:32Z

Schmil Monderer (a1cc19b3) at 17 Mar 15:47

Add migration-incomplete fallback specs

Schmil Monderer pushed to project branch main at Schmil Monderer / agents-config

2026-03-17T15:03:59Z

Schmil Monderer (b76e72e9) at 17 Mar 15:03

Add opencode.json

Schmil Monderer opened merge request !227678: Dual write vulnerability data to both ES indices at GitLab.org / GitLab

2026-03-17T14:50:44Z

What does this MR do and why?

Implements dual-write support for vulnerability data to both Elasticsearch indices: the existing vulnerabilities index and the new vulnerability_reads index.

This is part of the Vulnerabilities Across Contexts (VAC) initiative. The new vulnerability_reads index uses vulnerability_reads.id as primary key (instead of vulnerability_id), which is needed to support multiple context-specific read entries per vulnerability.

Changes

Vulnerabilities::Read#elastic_reference — When the vulnerability_read_es_dual_write feature flag is enabled and the create_vulnerability_reads_index ES migration has completed, returns an array of two serialized references (one for each index) instead of a single reference.
Search::Elastic::Reference.serialize — Handles Array return values from elastic_reference (pass-through).
Elastic::ProcessBookkeepingService#track! — Flattens the serialized items array after mapping, so multi-ref arrays are enqueued as individual items.
Feature flag vulnerability_read_es_dual_write — Ops flag (default off) to gate the dual-write behavior.

How it works

Vulnerabilities::Read record
  → elastic_reference
    → [Vulnerability ref string, Vulnerabilities::Read ref string]
  → ProcessBookkeepingService.track!
    → serialize + flatten
    → both refs enqueued independently in Redis
  → ProcessBookkeepingService#execute
    → each ref deserialized and indexed to its respective ES index

Dependencies

This MR is chained on:

!225631 (preloaders)
!225822 (reference class) ← current target branch

Once those merge to master, this MR should be retargeted to master.

Feature flag

Name: vulnerability_read_es_dual_write Type: ops

The flag is additionally gated on the create_vulnerability_reads_index ES migration having completed, to prevent writes to a non-existent index.

Closes #592362

Schmil Monderer pushed new project branch schmil/592362/dual-write-vulnerability-es-indices at GitLab.org / GitLab

2026-03-17T14:46:44Z

Schmil Monderer (6397ba23) at 17 Mar 14:46

Dual write vulnerability data to both ES indices

... and 5 more commits

Schmil Monderer pushed to project branch ghavenga-591623-trigger-parity-check at GitLab.org / GitLab

2026-03-17T14:23:35Z

Schmil Monderer (afd153ca) at 17 Mar 14:23

Fix FK cascade delete in VulnerabilityReadHasValidOccurrenceIdCheck...

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-17T13:21:29Z

Schmil Monderer (30339e17) at 17 Mar 13:21

Add TODO comment to elastic_reference and fix spec typo

Schmil Monderer pushed to project branch convert-vulnerability-to-read-for-es-queue at GitLab.org / GitLab

2026-03-17T12:21:34Z

Schmil Monderer (fef3ed84) at 17 Mar 12:21

Update FF MS to 18.11

Schmil Monderer pushed to project branch main at Schmil Monderer / agents-config

2026-03-17T11:54:48Z

Schmil Monderer (8215c44c) at 17 Mar 11:54

Add merge-request subagent