diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md index e1fa9942f1..0e356f3492 100644 --- a/api/CHANGELOG.md +++ b/api/CHANGELOG.md @@ -10,6 +10,7 @@ All notable changes to the **Prowler API** are documented in this file. - Deleting providers don't try to delete a `None` Neo4j database when an Attack Paths scan is scheduled [(#9858)](https://github.com/prowler-cloud/prowler/pull/9858) - Use replica database for reading Findings to add them to the Attack Paths graph [(#9861)](https://github.com/prowler-cloud/prowler/pull/9861) - Attack paths findings loading query to use streaming generator for O(batch_size) memory instead of O(total_findings) [(#9862)](https://github.com/prowler-cloud/prowler/pull/9862) +- Use `Findings.all_objects` to avoid the `ActiveProviderPartitionedManager` [(#9869)](https://github.com/prowler-cloud/prowler/pull/9869) ## [1.18.0] (Prowler v5.17.0) diff --git a/api/src/backend/tasks/jobs/attack_paths/prowler.py b/api/src/backend/tasks/jobs/attack_paths/prowler.py index d1d4c6dfdb..e91dee03e9 100644 --- a/api/src/backend/tasks/jobs/attack_paths/prowler.py +++ b/api/src/backend/tasks/jobs/attack_paths/prowler.py @@ -2,7 +2,6 @@ from collections import defaultdict from typing import Generator import neo4j - from cartography.client.core.tx import run_write_query from cartography.config import Config as CartographyConfig from celery.utils.log import get_task_logger @@ -129,7 +128,10 @@ def get_provider_last_scan_findings( iteration += 1 with rls_transaction(prowler_api_provider.tenant_id, using=READ_REPLICA_ALIAS): - qs = Finding.objects.filter(scan_id=scan_id).order_by("id") + # Use all_objects to avoid the ActiveProviderManager's implicit JOIN + # through Scan -> Provider (to check is_deleted=False). + # The provider is already validated as active in this context. + qs = Finding.all_objects.filter(scan_id=scan_id).order_by("id") if last_id is not None: qs = qs.filter(id__gt=last_id)