Add latest changes from gitlab-org/gitlab@master

6 files changed, 79 insertions, 1 deletions

diff --git a/db/docs/scan_result_policies.yml b/db/docs/scan_result_policies.yml
new file mode 100644
index 00000000000..6a6eb12a270
--- /dev/null
+++ b/db/docs/scan_result_policies.yml
@@ -0,0 +1,9 @@
+---
+table_name: scan_result_policies
+classes: []
+feature_categories:
+- security_policy_management
+description: 'Stores rules of a Security Orchestration Policy.'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/109624
+milestone: '15.9'
+gitlab_schema: gitlab_main
diff --git a/db/migrate/20230123095022_create_scan_result_policies.rb b/db/migrate/20230123095022_create_scan_result_policies.rb
new file mode 100644
index 00000000000..d5cd8a017a1
--- /dev/null
+++ b/db/migrate/20230123095022_create_scan_result_policies.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class CreateScanResultPolicies < Gitlab::Database::Migration[2.1]
+  INDEX_NAME = "index_scan_result_policies_on_policy_configuration_id".freeze
+
+  def change
+    create_table :scan_result_policies do |t|
+      t.references :security_orchestration_policy_configuration,
+                   null: false,
+                   foreign_key: { on_delete: :cascade },
+                   index: { name: INDEX_NAME }
+
+      t.timestamps_with_timezone null: false
+      t.integer :orchestration_policy_idx, limit: 2, null: false
+      t.text :license_states, array: true, default: []
+    end
+  end
+end
diff --git a/db/post_migrate/20230123095023_add_scan_result_policy_id_to_software_license_policies.rb b/db/post_migrate/20230123095023_add_scan_result_policy_id_to_software_license_policies.rb
new file mode 100644
index 00000000000..c3f1bcda441
--- /dev/null
+++ b/db/post_migrate/20230123095023_add_scan_result_policy_id_to_software_license_policies.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class AddScanResultPolicyIdToSoftwareLicensePolicies < Gitlab::Database::Migration[2.1]
+  INDEX_NAME = "index_software_license_policies_on_scan_result_policy_id".freeze
+
+  def change
+    # rubocop:disable Migration/AddReference
+    add_reference :software_license_policies,
+                  :scan_result_policy,
+                  foreign_key: { on_delete: :cascade },
+                  index: { name: INDEX_NAME },
+                  null: true
+    # rubocop:enable Migration/AddReference
+  end
+end
diff --git a/db/schema_migrations/20230123095022 b/db/schema_migrations/20230123095022
new file mode 100644
index 00000000000..258c9e571ad
--- /dev/null
+++ b/db/schema_migrations/20230123095022
@@ -0,0 +1 @@
+d526d2549357ca87fb4abf400d6128cc14d01ea633cf2d496c3a9111e412c7f2
\ No newline at end of file
diff --git a/db/schema_migrations/20230123095023 b/db/schema_migrations/20230123095023
new file mode 100644
index 00000000000..cdc0376c719
--- /dev/null
+++ b/db/schema_migrations/20230123095023
@@ -0,0 +1 @@
+7ad649155804a011c43e4208eea1f59c3e6894591587b5cf9ba4e8be4f5fa757
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index c0617ec779b..6475c5e7b9b 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -21580,6 +21580,24 @@ CREATE SEQUENCE sbom_vulnerable_component_versions_id_seq
 
 ALTER SEQUENCE sbom_vulnerable_component_versions_id_seq OWNED BY sbom_vulnerable_component_versions.id;
 
+CREATE TABLE scan_result_policies (
+    id bigint NOT NULL,
+    security_orchestration_policy_configuration_id bigint NOT NULL,
+    created_at timestamp with time zone NOT NULL,
+    updated_at timestamp with time zone NOT NULL,
+    orchestration_policy_idx smallint NOT NULL,
+    license_states text[] DEFAULT '{}'::text[]
+);
+
+CREATE SEQUENCE scan_result_policies_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+ALTER SEQUENCE scan_result_policies_id_seq OWNED BY scan_result_policies.id;
+
 CREATE TABLE schema_migrations (
     version character varying NOT NULL,
     finished_at timestamp with time zone DEFAULT now()
@@ -22011,7 +22029,8 @@ CREATE TABLE software_license_policies (
     software_license_id integer NOT NULL,
     classification integer DEFAULT 0 NOT NULL,
     created_at timestamp with time zone NOT NULL,
-    updated_at timestamp with time zone NOT NULL
+    updated_at timestamp with time zone NOT NULL,
+    scan_result_policy_id bigint
 );
 
 CREATE SEQUENCE software_license_policies_id_seq
@@ -24796,6 +24815,8 @@ ALTER TABLE ONLY sbom_sources ALTER COLUMN id SET DEFAULT nextval('sbom_sources_
 
 ALTER TABLE ONLY sbom_vulnerable_component_versions ALTER COLUMN id SET DEFAULT nextval('sbom_vulnerable_component_versions_id_seq'::regclass);
 
+ALTER TABLE ONLY scan_result_policies ALTER COLUMN id SET DEFAULT nextval('scan_result_policies_id_seq'::regclass);
+
 ALTER TABLE ONLY scim_identities ALTER COLUMN id SET DEFAULT nextval('scim_identities_id_seq'::regclass);
 
 ALTER TABLE ONLY scim_oauth_access_tokens ALTER COLUMN id SET DEFAULT nextval('scim_oauth_access_tokens_id_seq'::regclass);
@@ -27128,6 +27149,9 @@ ALTER TABLE ONLY sbom_sources
 ALTER TABLE ONLY sbom_vulnerable_component_versions
     ADD CONSTRAINT sbom_vulnerable_component_versions_pkey PRIMARY KEY (id);
 
+ALTER TABLE ONLY scan_result_policies
+    ADD CONSTRAINT scan_result_policies_pkey PRIMARY KEY (id);
+
 ALTER TABLE ONLY schema_migrations
     ADD CONSTRAINT schema_migrations_pkey PRIMARY KEY (version);
 
@@ -31271,6 +31295,8 @@ CREATE UNIQUE INDEX index_sbom_occurrences_on_uuid ON sbom_occurrences USING btr
 
 CREATE UNIQUE INDEX index_sbom_sources_on_source_type_and_source ON sbom_sources USING btree (source_type, source);
 
+CREATE INDEX index_scan_result_policies_on_policy_configuration_id ON scan_result_policies USING btree (security_orchestration_policy_configuration_id);
+
 CREATE INDEX index_scim_identities_on_group_id ON scim_identities USING btree (group_id);
 
 CREATE UNIQUE INDEX index_scim_identities_on_lower_extern_uid_and_group_id ON scim_identities USING btree (lower((extern_uid)::text), group_id);
@@ -31381,6 +31407,8 @@ CREATE INDEX index_snippets_on_updated_at ON snippets USING btree (updated_at);
 
 CREATE INDEX index_snippets_on_visibility_level_and_secret ON snippets USING btree (visibility_level, secret);
 
+CREATE INDEX index_software_license_policies_on_scan_result_policy_id ON software_license_policies USING btree (scan_result_policy_id);
+
 CREATE INDEX index_software_license_policies_on_software_license_id ON software_license_policies USING btree (software_license_id);
 
 CREATE UNIQUE INDEX index_software_license_policies_unique_per_project ON software_license_policies USING btree (project_id, software_license_id);
@@ -35844,6 +35872,9 @@ ALTER TABLE ONLY incident_management_timeline_event_tags
 ALTER TABLE ONLY user_callouts
     ADD CONSTRAINT fk_rails_ddfdd80f3d FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 
+ALTER TABLE ONLY scan_result_policies
+    ADD CONSTRAINT fk_rails_de9e5d2ce6 FOREIGN KEY (security_orchestration_policy_configuration_id) REFERENCES security_orchestration_policy_configurations(id) ON DELETE CASCADE;
+
 ALTER TABLE ONLY dast_scanner_profiles_tags
     ADD CONSTRAINT fk_rails_deb79b7f19 FOREIGN KEY (dast_scanner_profile_id) REFERENCES dast_scanner_profiles(id) ON DELETE CASCADE;
 
@@ -35895,6 +35926,9 @@ ALTER TABLE ONLY serverless_domain_cluster
 ALTER TABLE ONLY incident_management_escalation_policies
     ADD CONSTRAINT fk_rails_e5b513daa7 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
 
+ALTER TABLE ONLY software_license_policies
+    ADD CONSTRAINT fk_rails_e5b77d620e FOREIGN KEY (scan_result_policy_id) REFERENCES scan_result_policies(id) ON DELETE CASCADE;
+
 ALTER TABLE ONLY vulnerability_external_issue_links
     ADD CONSTRAINT fk_rails_e5ba7f7b13 FOREIGN KEY (author_id) REFERENCES users(id) ON DELETE SET NULL;