Skip to content

fix: Enhance incident query to include alert enrichment for status #5062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 18 commits into from
Jun 23, 2025
Merged

fix: Enhance incident query to include alert enrichment for status #5062

merged 18 commits into from
Jun 23, 2025

Conversation

skynetigor
Copy link
Contributor

Closes #5049

πŸ“‘ Description

βœ… Checks

  • My pull request adheres to the code style of this project
  • My code requires changes to the documentation
  • I have updated the documentation as required
  • All the tests have passed

β„Ή Additional Information

@vercel Vercel
Copy link

vercel bot commented Jun 18, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git β†—οΈŽ

1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
keep ⬜️ Ignored (Inspect) Visit Preview Jun 23, 2025 7:45am

@skynetigor skynetigor marked this pull request as ready for review June 18, 2025 14:06
@dosubot dosubot bot added the size:S This PR changes 10-29 lines, ignoring generated files. label Jun 18, 2025
cursor[bot]

This comment was marked as outdated.

Sign in to view

@dosubot dosubot bot added size:M This PR changes 30-99 lines, ignoring generated files. and removed size:S This PR changes 10-29 lines, ignoring generated files. labels Jun 18, 2025
cursor[bot]

This comment was marked as outdated.

Sign in to view

@skynetigor skynetigor marked this pull request as draft June 18, 2025 16:44
@skynetigor
Merge branch 'main' into 5049-Status-changes-for-an-incident-are-not-…
dd156aa 
…reflected-in-the-incident-view

Signed-off-by: Ihor Panasiuk <igorskynet13@gmail.com>
@skynetigor
Update test_search_alerts.py
15bdcba 
Signed-off-by: Ihor Panasiuk <igorskynet13@gmail.com>
@skynetigor skynetigor marked this pull request as ready for review June 20, 2025 09:42
cursor[bot]

This comment was marked as outdated.

Sign in to view

@skynetigor
fix: Update key for incident enrichment retrieval in get_last_inciden…
ffbe9d5 
…ts_by_cel function
@skynetigor
Merge branch '5049-Status-changes-for-an-incident-are-not-reflected-i…
2406a60 
…n-the-incident-view' of https://github.com/keephq/keep into 5049-Status-changes-for-an-incident-are-not-reflected-in-the-incident-view
talboren
talboren approved these changes Jun 23, 2025
View reviewed changes
Copy link
Member

@talboren talboren left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Jun 23, 2025
cursor[bot]
cursor bot reviewed Jun 23, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Invalid Join Condition Causes Enrichment Failure

The outerjoin with incident_enrichment (an alias for AlertEnrichment) is flawed: its join condition cast(col(Incident.id), String) == foreign(incident_enrichment.alert_fingerprint) incorrectly attempts to match Incident.id (a UUID) with alert_fingerprint (an alert hash), which are unrelated identifiers, preventing incident enrichment data retrieval. The foreign() function is also misused here, as it's intended for SQLAlchemy relationship definitions. Additionally, this incident_enrichment join is unconditionally added to all queries built by __build_base_incident_query, causing unnecessary performance overhead for queries that do not require enrichment data.

keep/api/core/incidents.py#L256-L264

keep/keep/api/core/incidents.py

Lines 256 to 264 in 2406a60

sql_query = sql_query.outerjoin(
incident_enrichment,
and_(
Incident.tenant_id == incident_enrichment.tenant_id,
cast(col(Incident.id), String)
== foreign(incident_enrichment.alert_fingerprint),
),
)

Fix in Cursor

Was this report helpful? Give feedback by reacting with πŸ‘ or πŸ‘Ž

@skynetigor skynetigor merged commit 9919b99 into main Jun 23, 2025
16 of 18 checks passed
@skynetigor skynetigor deleted the 5049-Status-changes-for-an-incident-are-not-reflected-in-the-incident-view branch June 23, 2025 07:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@VladimirFilonov VladimirFilonov VladimirFilonov approved these changes

@talboren talboren talboren approved these changes

Assignees
No one assigned
Labels
lgtm This PR has been approved by a maintainer size:M This PR changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[πŸ› Bug]: Status changes for an incident are not reflected in the incident view
3 participants
@skynetigor @VladimirFilonov @talboren