feat: delete edge_parity feature flag

RHINENG-2179

common/feature_flags.py

@@ -15,9 +15,6 @@
 APP_NAME = "vulnerability-engine"
 LOGGER = get_logger(__name__)
 
-# Flag toggles
-EDGE_PARITY_FEATURE = "vulnerability.edge_parity"
-
 
 class UnleashClientProxy:
     def __init__(self):

develfeatureflags.json

@@ -29,20 +29,6 @@
       "strategy": "default",
       "parameters": {}
     },
-    {
-      "name": "vulnerability.edge_parity",
-      "type": "release",
-      "enabled": true,
-      "stale": false,
-      "strategies": [
-        {
-          "name": "default",
-          "parameters": {}
-        }
-      ],
-      "strategy": "default",
-      "parameters": {}
-    },
     {
       "name": "vulnerability.inventory_groups",
       "type": "release",

manager/base.py

@@ -34,8 +34,6 @@
 from .rbac_manager import RbacManager
 from common.config import Config
 from common.constants import remediation
-from common.feature_flags import EDGE_PARITY_FEATURE
-from common.feature_flags import UNLEASH
 from common.identity import get_identity
 from common.logging import get_logger
 from common.peewee_conditions import (system_is_active)
@@ -571,22 +569,22 @@ def get_mapping(cves: List[int], subquery, rh_account_id):
                           .dicts())
 
 
-def get_subquery(cves: List[int], rh_account_id, edge=False):
+def get_subquery(cves: List[int], rh_account_id):
     """Return subquery, None if `rh_account_id` is None"""
     # pylint: disable=singleton-comparison
     if rh_account_id is None:
         return None
 
     subquery = (SystemVulnerabilities.select(SystemVulnerabilities.id, SystemVulnerabilities.rule_id, SystemVulnerabilities.cve_id)
                                      .join(SystemPlatform, on=((SystemVulnerabilities.system_id == SystemPlatform.id) &
-                                                               system_is_active(rh_account_id=rh_account_id, edge=edge)))
+                                                               system_is_active(rh_account_id=rh_account_id, edge=None)))
                                      .where(SystemVulnerabilities.cve_id.in_(cves))
                                      .where(SystemVulnerabilities.mitigation_reason.is_null(True))
                                      .where((SystemVulnerabilities.rh_account_id == rh_account_id)))
     return cyndi_join(subquery)
 
 
-def get_rules_for_cves(cves: list, rh_account=None, edge=False) -> dict:
+def get_rules_for_cves(cves: list, rh_account=None) -> dict:
     """Return associated rules for a CVE"""
     # pylint: disable=singleton-comparison, unsubscriptable-object
     rules_map = {}
@@ -599,7 +597,7 @@ def get_rules_for_cves(cves: list, rh_account=None, edge=False) -> dict:
         except IndexError:
             pass
 
-    subquery = get_subquery(cves, rh_account_id, edge)
+    subquery = get_subquery(cves, rh_account_id)
     mapping = get_mapping(cves, subquery, rh_account_id)
 
     for row in mapping:
@@ -623,13 +621,13 @@ def get_rules_for_cves(cves: list, rh_account=None, edge=False) -> dict:
     return rules_map
 
 
-def get_system_count(rh_account, include_cyndi=True, filters=None, filters_args=None, edge=False):
+def get_system_count(rh_account, include_cyndi=True, filters=None, filters_args=None):
     """Get count of nonstale, nonoptouted, evaluated user systems"""
     # pylint: disable=singleton-comparison
     query = SystemPlatform.select(fn.COUNT(SystemPlatform.id).alias("count"))\
         .where((SystemPlatform.rh_account_id == rh_account)
                & ((SystemPlatform.last_evaluation.is_null(False)) | (SystemPlatform.advisor_evaluated.is_null(False)))
-               & system_is_active(rh_account_id=rh_account, edge=edge))
+               & system_is_active(rh_account_id=rh_account, edge=None))
 
     if include_cyndi:
         query = cyndi_join(query)
@@ -640,14 +638,12 @@ def get_system_count(rh_account, include_cyndi=True, filters=None, filters_args=
     return query.first().count
 
 
-def get_system_count_by_type(rh_account_id, edge=False) -> Dict[str, int]:
+def get_system_count_by_type(rh_account_id) -> Dict[str, int]:
     """Get count of nonstale, nonoptouted, evaluated user systems, by their type"""
     selectables = [
         fn.COALESCE(fn.SUM(Case(None, ((SystemPlatform.host_type == "edge", 1),), 0)), 0).alias("edge"),
         fn.COALESCE(fn.SUM(Case(None, ((SystemPlatform.host_type.is_null(True), 1),), 0)), 0).alias("rpmdnf"),
     ]
-    if edge is False:
-        selectables = selectables[1:]
 
     query = (SystemPlatform.select(*selectables)
                            .where((SystemPlatform.rh_account_id == rh_account_id) &
@@ -704,15 +700,6 @@ def is_valid_cache(account_data: AccountData, group_ids: List[List[Dict[str, str
     return correct_groups and account_data.cve_cache_from is not None
 
 
-def edge_feature_arg():
-    """Return value for system_is_active edge argument based on a feature flag value.
-
-    flag_enabled == False -> edge = False -- selects traditional systems only
-    flag_enabled == True  -> edge = None -- selects all systems, edge systems included
-    """
-    return None if UNLEASH.is_enabled(EDGE_PARITY_FEATURE) else False
-
-
 def unique_bool_list(bool_list):
     """Makes from repeating multiple values only unique bool values"""
     return list(set(bool_list))

manager/cve_handler.py

@@ -21,7 +21,6 @@
 from .base import DEFAULT_BUSINESS_RISK
 from .base import DEFAULT_REMEDIATION_FILTER
 from .base import DEFAULT_STATUS
-from .base import edge_feature_arg
 from .base import get_account_data
 from .base import get_or_create_account
 from .base import get_remediation_filter
@@ -258,7 +257,7 @@ def _full_query(rh_account_id, synopsis, parsed_args, filters, remediation_filte
                 .join(InsightsRule, JOIN.LEFT_OUTER, on=(InsightsRule.id == SystemVulnerabilities.rule_id))
                 .where(CveMetadata.cve == synopsis)
                 .where(SystemVulnerabilities.rh_account_id == rh_account_id)
-                .where(system_is_active(rh_account_id=rh_account_id, edge=edge_feature_arg()))
+                .where(system_is_active(rh_account_id=rh_account_id, edge=None))
                 .where(system_is_vulnerable(rule_subselect=False)))
         if remediation_filter:
             subq = subq.where(SystemVulnerabilities.remediation_type_id << remediation_filter)
@@ -317,7 +316,7 @@ def _unpatched_full_query(rh_account_id, synopsis, parsed_args, filters):
                         .join(CveAccountData, JOIN.LEFT_OUTER, on=((CveAccountData.rh_account_id == rh_account_id) &
                               (CveMetadata.id == CveAccountData.cve_id)))
                         .where(CveMetadata.cve == synopsis)
-                        .where(system_is_active(rh_account_id=rh_account_id, edge=edge_feature_arg()))
+                        .where(system_is_active(rh_account_id=rh_account_id, edge=None))
                         .where(SystemVulnerablePackage.rh_account_id == rh_account_id))
         unfixed_subq = cyndi_join(unfixed_subq)
         unfixed_subq = apply_filters(unfixed_subq, parsed_args, filters, {"unfixed": [True]})
@@ -359,7 +358,7 @@ def _id_query(rh_account_id, synopsis, parsed_args, filters, remediation_filter=
                 .join(InsightsRule, JOIN.LEFT_OUTER, on=(InsightsRule.id == SystemVulnerabilities.rule_id))
                 .where(CveMetadata.cve == synopsis)
                 .where(SystemVulnerabilities.rh_account_id == rh_account_id)
-                .where(system_is_active(rh_account_id=rh_account_id, edge=edge_feature_arg()))
+                .where(system_is_active(rh_account_id=rh_account_id, edge=None))
                 .where(system_is_vulnerable(rule_subselect=False)))
         if remediation_filter:
             subq = subq.where(SystemVulnerabilities.remediation_type_id << remediation_filter)
@@ -403,7 +402,7 @@ def _unpatched_id_query(rh_account_id, synopsis, parsed_args, filters):
                                                                   & (CveMetadata.id == SystemCveData.cve_id)))
                         .where(CveMetadata.cve == synopsis)
                         .where(SystemVulnerablePackage.rh_account_id == rh_account_id)
-                        .where(system_is_active(rh_account_id=rh_account_id, edge=edge_feature_arg())))
+                        .where(system_is_active(rh_account_id=rh_account_id, edge=None)))
 
         unfixed_subq = cyndi_join(unfixed_subq)
         unfixed_subq = apply_filters(unfixed_subq, parsed_args, filters, {"unfixed": [True]})
@@ -431,7 +430,7 @@ def _get_cve_details(synopsis):
                                        CveMetadata.exploit_data)
                     .join(CveImpact, on=(CveMetadata.impact_id == CveImpact.id))
                     .where(CveMetadata.cve == synopsis)).dicts()[0]
-            rules_map = get_rules_for_cves([data["id"]], connexion.context["user"], edge=edge_feature_arg())
+            rules_map = get_rules_for_cves([data["id"]], connexion.context["user"])
             retval = {
                 "celebrity_name": str_or_none(data["celebrity_name"]),
                 "cvss2_metrics": str_or_none(data["cvss2_metrics"]),
@@ -484,9 +483,6 @@ def _cve_details(cls, synopsis, advisory_available):
             retval["status_id"] = 0
             retval["status_text"] = None
 
-        # argument for controling host types in system counts
-        edge = edge_feature_arg()
-
         # overall count of affected systems and affected but not vulnerable systems
         base_cnt_query = (SystemVulnerabilities
                           .select(fn.Count(SystemVulnerabilities.id))
@@ -495,7 +491,7 @@ def _cve_details(cls, synopsis, advisory_available):
                           .join(InsightsRule, JOIN.LEFT_OUTER, on=(SystemVulnerabilities.rule_id == InsightsRule.id))
                           .where((SystemVulnerabilities.rh_account_id == rh_account_id))
                           .where(CveMetadata.cve == synopsis)
-                          .where(system_is_active(rh_account_id=rh_account_id, edge=edge)))
+                          .where(system_is_active(rh_account_id=rh_account_id, edge=None)))
         base_cnt_query = cyndi_join(base_cnt_query)
 
         abnv_query = base_cnt_query.where(system_is_abnv())
@@ -519,7 +515,7 @@ def _cve_details(cls, synopsis, advisory_available):
                                .join(InsightsRule, JOIN.LEFT_OUTER, on=(InsightsRule.id == SystemVulnerabilities.rule_id))
                                .where(CveMetadata.cve == synopsis)
                                .where(SystemVulnerabilities.rh_account_id == rh_account_id)
-                               .where(system_is_active(rh_account_id=rh_account_id, edge=edge))
+                               .where(system_is_active(rh_account_id=rh_account_id, edge=None))
                                .where(system_is_vulnerable())
                                .group_by(fn.COALESCE(SystemCveData.status_id, 0))
                                .dicts())
@@ -537,7 +533,7 @@ def _cve_details(cls, synopsis, advisory_available):
                                                                            & (CveMetadata.id == SystemCveData.cve_id)))
                                  .where(CveMetadata.cve == synopsis)
                                  .where(SystemVulnerablePackage.rh_account_id == rh_account_id)
-                                 .where(system_is_active(rh_account_id=rh_account_id, edge=edge))
+                                 .where(system_is_active(rh_account_id=rh_account_id, edge=None))
                                  .group_by(fn.COALESCE(SystemCveData.status_id, 0))
                                  .dicts())
         status_detail_unfixed = cyndi_join(status_detail_unfixed)

manager/dashbar_handler.py

@@ -10,7 +10,6 @@
 
 from .base import cyndi_join
 from .base import DEFAULT_REMEDIATION_FILTER
-from .base import edge_feature_arg
 from .base import get_account_data
 from .base import GetRequest
 from .base import is_not_cacheable_request
@@ -56,8 +55,6 @@ def handle_get(cls, **kwargs):
         args = cls._parse_arguments(kwargs, args_desc)
         filters = [filter_types.SYSTEM_TAGS, filter_types.SYSTEM_SAP, filter_types.SYSTEM_SAP_SIDS, filter_types.SYSTEM_AAP, filter_types.SYSTEM_MSSQL]
 
-        edge = edge_feature_arg()
-
         account_data = get_account_data(connexion.context["user"])
         valid_cache = is_valid_cache(account_data, g.group_ids)
 
@@ -74,10 +71,7 @@ def handle_get(cls, **kwargs):
                      .join(InsightsRule, JOIN.LEFT_OUTER, on=((CveRuleMapping.rule_id == InsightsRule.id) &
                                                               (InsightsRule.active == True)))
                      .where(CveAccountCache.rh_account_id == account_data.id))
-            if edge is False:
-                query = query.where(CveAccountCache.systems_affected_rpmdnf > 0)
-            else:
-                query = query.where((CveAccountCache.systems_affected_rpmdnf + CveAccountCache.systems_affected_edge) > 0)
+            query = query.where((CveAccountCache.systems_affected_rpmdnf + CveAccountCache.systems_affected_edge) > 0)
         else:
             query = (SystemVulnerabilities
                      .select(fn.Count(fn.Distinct(Case(None, ((CveMetadata.exploit_data.is_null(False) &
@@ -90,7 +84,7 @@ def handle_get(cls, **kwargs):
                      .join(CveRuleMapping, JOIN.LEFT_OUTER, on=((SystemVulnerabilities.cve_id == CveRuleMapping.cve_id)))
                      .join(InsightsRule, JOIN.LEFT_OUTER, on=(CveRuleMapping.rule_id == InsightsRule.id))
                      .join(SystemPlatform, on=((SystemVulnerabilities.system_id == SystemPlatform.id) &
-                                               system_is_active(rh_account_id=account_data.id, edge=edge)))
+                                               system_is_active(rh_account_id=account_data.id, edge=None)))
                      .where(SystemVulnerabilities.rh_account_id == account_data.id)
                      .where(system_is_vulnerable())
                      .where(SystemVulnerabilities.remediation_type_id << DEFAULT_REMEDIATION_FILTER))

manager/dashboard_handler.py

@@ -12,7 +12,6 @@
 
 from .base import cyndi_join
 from .base import DEFAULT_REMEDIATION_FILTER
-from .base import edge_feature_arg
 from .base import get_account_data
 from .base import get_system_count
 from .base import GetRequest
@@ -97,10 +96,7 @@ def handle_get(cls, **kwargs):
         cyndi_request = is_not_cacheable_request(args)
         account_data = get_account_data(connexion.context["user"])
 
-        # argument for controling host types in system counts
-        edge = edge_feature_arg()
-
-        retval["system_count"] = get_system_count(account_data.id, True, FILTERS, args, edge=edge)
+        retval["system_count"] = get_system_count(account_data.id, True, FILTERS, args)
 
         # API using cache, set keepalive for account to enable maintaining cache
         valid_cache = is_valid_cache(account_data, g.group_ids)
@@ -110,16 +106,13 @@ def handle_get(cls, **kwargs):
             active_cves_subquery = (CveAccountCache
                                     .select(CveAccountCache.cve_id.alias("cve_id_"))
                                     .where(CveAccountCache.rh_account_id == account_data.id))
-            if edge is False:
-                active_cves_subquery = active_cves_subquery.where(CveAccountCache.systems_affected_rpmdnf > 0)
-            else:
-                active_cves_subquery = active_cves_subquery.where((CveAccountCache.systems_affected_rpmdnf +
-                                                                   CveAccountCache.systems_affected_edge) > 0)
+            active_cves_subquery = active_cves_subquery.where((CveAccountCache.systems_affected_rpmdnf +
+                                                               CveAccountCache.systems_affected_edge) > 0)
         else:
             active_cves_subquery = (SystemVulnerabilities
                                     .select(fn.Distinct(SystemVulnerabilities.cve_id).alias("cve_id_"))
                                     .join(SystemPlatform, on=((SystemVulnerabilities.system_id == SystemPlatform.id) &
-                                                              system_is_active(rh_account_id=account_data.id, edge=edge)))
+                                                              system_is_active(rh_account_id=account_data.id, edge=None)))
                                     .where(SystemVulnerabilities.rh_account_id == account_data.id)
                                     .where(system_is_vulnerable())
                                     .where(SystemVulnerabilities.remediation_type_id << DEFAULT_REMEDIATION_FILTER))
@@ -186,10 +179,7 @@ def handle_get(cls, **kwargs):
                                .join(InsightsRule, on=(
                                     (CveRuleMapping.rule_id == InsightsRule.id) & (InsightsRule.active == True)))
                                .where(CveAccountCache.rh_account_id == account_data.id))
-            if edge is False:
-                rules_breakdown = rules_breakdown.where(CveAccountCache.systems_affected_rpmdnf > 0)
-            else:
-                rules_breakdown = rules_breakdown.where((CveAccountCache.systems_affected_rpmdnf + CveAccountCache.systems_affected_edge) > 0)
+            rules_breakdown = rules_breakdown.where((CveAccountCache.systems_affected_rpmdnf + CveAccountCache.systems_affected_edge) > 0)
         else:
             rules_breakdown = (CveRuleMapping.select(fn.COUNT(fn.Distinct(CveRuleMapping.cve_id)).alias("rules_cves_count"))
                                              .join(InsightsRule, on=((CveRuleMapping.rule_id == InsightsRule.id)
@@ -208,7 +198,7 @@ def handle_get(cls, **kwargs):
                             .select(SystemVulnerabilities.rule_id.alias("rule_id_"),
                                     fn.Count(fn.Distinct(SystemVulnerabilities.system_id)).alias("systems_affected_"))
                             .join(SystemPlatform, on=((SystemVulnerabilities.system_id == SystemPlatform.id) &
-                                                      system_is_active(rh_account_id=account_data.id, edge=edge)))
+                                                      system_is_active(rh_account_id=account_data.id, edge=None)))
                             .where(SystemVulnerabilities.rh_account_id == account_data.id)
                             .where(system_has_rule_hit())
                             .group_by(SystemVulnerabilities.rule_id)