fix: security best practices rename tables to conform to kafka topic limits

backend/src/database/migrations/V1746542390__securityInsightsTableRename.sql

@@ -0,0 +1,11 @@
+ALTER PUBLICATION sequin_pub DROP TABLE "securityInsightsEvaluationSuiteControlEvaluations";
+ALTER PUBLICATION sequin_pub DROP TABLE "securityInsightsEvaluationSuiteControlEvaluationAssessments";
+
+ALTER TABLE "securityInsightsEvaluationSuiteControlEvaluations" RENAME TO "securityInsightsEvaluations";
+ALTER TABLE "securityInsightsEvaluationSuiteControlEvaluationAssessments" RENAME TO "securityInsightsEvaluationAssessments";
+ALTER TABLE "securityInsightsEvaluationAssessments" RENAME COLUMN "securityInsightsEvaluationSuiteControlEvaluationId" TO "securityInsightsEvaluationId";
+
+ALTER PUBLICATION sequin_pub ADD TABLE "securityInsightsEvaluations";
+ALTER PUBLICATION sequin_pub ADD TABLE "securityInsightsEvaluationAssessments";
+ALTER TABLE public."securityInsightsEvaluations" REPLICA IDENTITY FULL;
+ALTER TABLE public."securityInsightsEvaluationAssessments" REPLICA IDENTITY FULL;

services/apps/security_best_practices_worker/src/activities/index.ts

@@ -119,7 +119,7 @@ export async function saveOSPSBaselineInsightsToDB(
         runDuration: assessment.run_duration,
         steps: assessment.steps,
         stepsExecuted: assessment.steps_executed,
-        securityInsightsEvaluationSuiteControlEvaluationId: controlEvaluation.id,
+        securityInsightsEvaluationId: controlEvaluation.id,
       })
     }
   }

services/libs/data-access-layer/src/security_insights/index.ts

@@ -1,8 +1,8 @@
 import { generateUUIDv4 } from '@crowd/common'
 import {
+  ISecurityInsightsEvaluationAssessment,
   ISecurityInsightsEvaluationSuite,
-  ISecurityInsightsEvaluationSuiteControlEvaluation,
-  ISecurityInsightsEvaluationSuiteControlEvaluationAssessment,
+  ISecurityInsightsEvaluations,
   ISecurityInsightsObsoleteRepo,
 } from '@crowd/types'
 
@@ -102,11 +102,11 @@ export async function findSuiteControlEvaluation(
   qx: QueryExecutor,
   repo: string,
   controlId: string,
-): Promise<ISecurityInsightsEvaluationSuiteControlEvaluation | null> {
+): Promise<ISecurityInsightsEvaluations | null> {
   return await qx.selectOneOrNone(
     `
       select *
-      from "securityInsightsEvaluationSuiteControlEvaluations"
+      from "securityInsightsEvaluations"
       where "repo" = $(repo) and "controlId" = $(controlId)
     `,
     {
@@ -118,11 +118,11 @@ export async function findSuiteControlEvaluation(
 
 export async function addSuiteControlEvaluation(
   qx: QueryExecutor,
-  evaluation: ISecurityInsightsEvaluationSuiteControlEvaluation,
+  evaluation: ISecurityInsightsEvaluations,
 ): Promise<void> {
   await qx.result(
     `
-        insert into "securityInsightsEvaluationSuiteControlEvaluations"
+        insert into "securityInsightsEvaluations"
             (
                 "id", 
                 "securityInsightsEvaluationSuiteId",
@@ -183,14 +183,14 @@ export async function addSuiteControlEvaluation(
 
 export async function addControlEvaluationAssessment(
   qx: QueryExecutor,
-  assessment: ISecurityInsightsEvaluationSuiteControlEvaluationAssessment,
+  assessment: ISecurityInsightsEvaluationAssessment,
 ): Promise<void> {
   await qx.result(
     `
-        insert into "securityInsightsEvaluationSuiteControlEvaluationAssessments"
+        insert into "securityInsightsEvaluationAssessments"
             (
                 "id", 
-                "securityInsightsEvaluationSuiteControlEvaluationId",
+                "securityInsightsEvaluationId",
                 "repo", 
                 "insightsProjectId",
                 "insightsProjectSlug",
@@ -208,7 +208,7 @@ export async function addControlEvaluationAssessment(
         values 
             (
                 $(id), 
-                $(securityInsightsEvaluationSuiteControlEvaluationId), 
+                $(securityInsightsEvaluationId), 
                 $(repo), 
                 $(insightsProjectId),
                 $(insightsProjectSlug),
@@ -223,7 +223,7 @@ export async function addControlEvaluationAssessment(
                 now(), 
                 now()
             )
-        on conflict ("securityInsightsEvaluationSuiteControlEvaluationId", "repo", "requirementId")
+        on conflict ("securityInsightsEvaluationId", "repo", "requirementId")
             do update
             set "updatedAt"      = EXCLUDED."updatedAt",
                 "applicability"  = EXCLUDED."applicability",
@@ -237,8 +237,7 @@ export async function addControlEvaluationAssessment(
     `,
     {
       id: generateUUIDv4(),
-      securityInsightsEvaluationSuiteControlEvaluationId:
-        assessment.securityInsightsEvaluationSuiteControlEvaluationId,
+      securityInsightsEvaluationId: assessment.securityInsightsEvaluationId,
       repo: assessment.repo,
       insightsProjectId: assessment.insightsProjectId,
       insightsProjectSlug: assessment.insightsProjectSlug,

services/libs/tinybird/datasources/securityInsightsEvaluationSuiteControlEvaluationAssessments.datasource → services/libs/tinybird/datasources/securityInsightsEvaluationAssessments.datasource

@@ -2,7 +2,7 @@ TAGS "Security insights widget"
 
 SCHEMA >
     `id` String `json:$.record.id`,
-    `securityInsightsEvaluationSuiteControlEvaluationId` String `json:$.record.securityInsightsEvaluationSuiteControlEvaluationId` DEFAULT '',
+    `securityInsightsEvaluationId` String `json:$.record.securityInsightsEvaluationId` DEFAULT '',
     `insightsProjectId` String `json:$.record.insightsProjectId` DEFAULT '',
     `insightsProjectSlug` String `json:$.record.insightsProjectSlug` DEFAULT '',
     `repo` String `json:$.record.repo` DEFAULT '',

services/libs/tinybird/pipes/security_and_best_practices.pipe

@@ -82,11 +82,11 @@ SQL >
                 )
             )
         ) AS assessments
-    FROM securityInsightsEvaluationSuiteControlEvaluations eval
+    FROM securityInsightsEvaluations eval final
     left join evaluation_controlId_category_map ecm on ecm.controlId = eval.controlId
     left join
-        securityInsightsEvaluationSuiteControlEvaluationAssessments assessment
-        on eval.id = assessment.securityInsightsEvaluationSuiteControlEvaluationId
+        securityInsightsEvaluationAssessments assessment final
+        on eval.id = assessment.securityInsightsEvaluationId
     where
         eval.result <> 'Not Run'
         and eval.repo in (select arrayJoin(repositories) from segments_filtered)

services/libs/types/src/securityInsights.ts

@@ -9,7 +9,7 @@ export interface ISecurityInsightsEvaluationSuite {
   corruptedState: boolean
 }
 
-export interface ISecurityInsightsEvaluationSuiteControlEvaluation {
+export interface ISecurityInsightsEvaluations {
   id?: string
   securityInsightsEvaluationSuiteId?: string
   name: string
@@ -23,9 +23,9 @@ export interface ISecurityInsightsEvaluationSuiteControlEvaluation {
   remediationGuide: string
 }
 
-export interface ISecurityInsightsEvaluationSuiteControlEvaluationAssessment {
+export interface ISecurityInsightsEvaluationAssessment {
   id?: string
-  securityInsightsEvaluationSuiteControlEvaluationId?: string
+  securityInsightsEvaluationId?: string
   repo: string
   insightsProjectId: string
   insightsProjectSlug: string