feat(worker): remove stale import findings for successful record (#2945)

This adds functionality to the worker to clear any existing import
findings for a record that previously failed to import, but now does.
This avoids confusing historical findings existing for records that are
successfully importing now.

Part of #2189 and #2188

Author: andrewpollock

gcp/workers/worker/worker.py

@@ -542,6 +542,7 @@ def _do_update(self, source_repo, repo, vulnerability, relative_path,
 
     osv.update_affected_commits(bug.key.id(), result.commits, bug.public)
     self._notify_ecosystem_bridge(vulnerability)
+    self._maybe_remove_import_findings(bug)
 
   def _notify_ecosystem_bridge(self, vulnerability):
     """Notify ecosystem bridges."""
@@ -561,6 +562,14 @@ def _notify_ecosystem_bridge(self, vulnerability):
             push_topic,
             data=json.dumps(osv.vulnerability_to_dict(vulnerability)).encode())
 
+  def _maybe_remove_import_findings(self, vulnerability: osv.Bug):
+    """Remove any stale import findings for a successfully processed Bug,"""
+
+    finding = osv.ImportFinding.get_by_id(vulnerability.id())
+    if finding:
+      logging.info('Removing stale import finding for %s', vulnerability.id())
+      finding.key.delete()
+
   def _do_process_task(self, subscriber, subscription, ack_id, message,
                        done_event):
     """Process task with timeout."""

gcp/workers/worker/worker_test.py

@@ -1734,6 +1734,28 @@ def test_analysis_crash_handling(self):
 
     self.expect_dict_equal('analysis_crash_handling', bug._to_dict())
 
+  def test_update_clears_stale_import_finding(self):
+    """A subsequent successful update removes the now stale import finding."""
+
+    # Add a pre-existing record import finding.
+
+    osv.ImportFinding(
+        bug_id='OSV-123',
+        source='source',
+        findings=[osv.ImportFindings.INVALID_JSON],
+        first_seen=osv.utcnow(),
+        last_attempt=osv.utcnow()).put()
+
+    # Simulate a successful record update.
+
+    self.test_update()
+
+    # Check the pre-existing finding is no longer present.
+
+    self.assertIsNone(
+        osv.ImportFinding.get_by_id('OSV-123'),
+        'Stale import finding still present after successful record processing')
+
 
 if __name__ == '__main__':
   ds_emulator = tests.start_datastore_emulator()