Merge branch 'mc_rocha-reduce-queries-security-dashboard-check-225250' into 'master'

Reduce queries for the expose security dashboard check

See merge request gitlab-org/gitlab!73284

app/models/ci/pipeline.rb

@@ -652,8 +652,15 @@ module Ci
     end
 
     def batch_lookup_report_artifact_for_file_type(file_type)
+      batch_lookup_report_artifact_for_file_types([file_type])
+    end
+
+    def batch_lookup_report_artifact_for_file_types(file_types)
+      file_types_to_search = []
+      file_types.each { |file_type| file_types_to_search.append(*::Ci::JobArtifact.associated_file_types_for(file_type.to_s)) }
+
       latest_report_artifacts
-        .values_at(*::Ci::JobArtifact.associated_file_types_for(file_type.to_s))
+        .values_at(*file_types_to_search.uniq)
         .flatten
         .compact
         .last

ee/app/models/ee/ci/pipeline.rb

@@ -92,10 +92,15 @@ module EE
         tag? && project_has_subscriptions?
       end
 
-      def batch_lookup_report_artifact_for_file_type(file_type)
-        return unless available_licensed_report_type?(file_type)
+      def batch_lookup_report_artifact_for_file_types(file_types)
+        file_types_to_search = []
+        file_types.each do |file_type|
+          file_types_to_search.append(file_type) if available_licensed_report_type?(file_type)
+        end
+
+        return unless file_types_to_search.present?
 
-        super
+        super(file_types_to_search)
       end
 
       def expose_license_scanning_data?

ee/app/presenters/ee/ci/pipeline_presenter.rb

@@ -9,7 +9,7 @@ module EE
       def expose_security_dashboard?
         return false unless can?(current_user, :read_security_resource, pipeline.project)
 
-        Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.any? { |file_type| batch_lookup_report_artifact_for_file_type(file_type.to_sym) }
+        batch_lookup_report_artifact_for_file_types(Ci::JobArtifact::SECURITY_REPORT_FILE_TYPES.map(&:to_sym)).present?
       end
 
       def degradation_threshold(file_type)

ee/spec/presenters/ci/pipeline_presenter_spec.rb

@@ -61,6 +61,36 @@ RSpec.describe Ci::PipelinePresenter do
 
           it { is_expected.to be_falsey }
         end
+
+        it 'calls latest_report_artifacts once' do
+          expect(pipeline).to receive(:latest_report_artifacts).once.and_call_original
+          subject
+        end
+      end
+
+      context 'when all features are available' do
+        before do
+          stub_licensed_features(dependency_scanning: true, secret_detection: true, sast: true, container_scanning: true,
+                                 cluster_image_scanning: true, dast: true, coverage_fuzzing: true, api_fuzzing: true,
+                                 license_scanning: true, security_dashboard: true)
+        end
+
+        it 'does not increase the number of queries' do
+          all_features_query_count = count_ci_artifacts_queries
+
+          stub_licensed_features(dependency_scanning: true, secret_detection: true, sast: true, container_scanning: true,
+                                 cluster_image_scanning: false, dast: false, coverage_fuzzing: false, api_fuzzing: false,
+                                 license_scanning: true, security_dashboard: true)
+
+          less_features_query_count = count_ci_artifacts_queries
+
+          expect(all_features_query_count).to eq(less_features_query_count)
+        end
+
+        it 'calls latest_report_artifacts once' do
+          expect(pipeline).to receive(:latest_report_artifacts).once.and_call_original
+          subject
+        end
       end
 
       context 'when features are disabled' do
@@ -206,4 +236,9 @@ RSpec.describe Ci::PipelinePresenter do
       it { is_expected.to be true }
     end
   end
+
+  def count_ci_artifacts_queries
+    query_recorder = ActiveRecord::QueryRecorder.new { presenter.expose_security_dashboard? }
+    query_recorder.log.count { |q| q.include?('FROM "ci_job_artifacts"') }
+  end
 end