Simplify Collection; Add prefetch vulnerabilities step #124
Conversation
| const assetEntity = createIntegrationEntity({ | ||
| entityData: { | ||
| source: {}, | ||
| source: { | ||
| vulnerabilities: asset.vulnerabilities, |
There was a problem hiding this comment.
Adding just the vulnerabilities part to rawData will simplify data collection later allowing us to not build the assetVulnCountMap
| @@ -33,16 +31,13 @@ export async function fetchSiteAssets({ | |||
| await apiClient.iterateSiteAssets( | |||
| siteEntity.id as string, | |||
| async (assets) => { | |||
| const siteAssetRelationships: ReturnType< | |||
| typeof createDirectRelationship | |||
| >[] = []; | |||
There was a problem hiding this comment.
No longer keeping these in memory. Just writing them like normal to the jobState.
| return { | ||
| _key: getAssetVulnerabilityKey(assetId, finding.id), | ||
| _type: entities.FINDING._type, | ||
| _class: entities.FINDING._class, | ||
| id: `${finding.id}`, | ||
| name: finding.id, | ||
| category: 'host', | ||
| open: finding.status === VulnerabilityState.VULNERABLE ? true : undefined, | ||
| severity: vulnerability.severity, | ||
| numericSeverity: vulnerability.numericSeverity, | ||
| }; |
There was a problem hiding this comment.
Creating entity manually to avoid the extra allocation that createIntegrationEntity does. Also dropping rawData for the moment.
| } | ||
|
|
||
| export async function fetchAssetVulnerabilityFindings( | ||
| export async function prefetchVulnerabilities( |
There was a problem hiding this comment.
Prefetch vulnerabilities is designed to be able to run as soon as the integration starts and alongside any other steps. It will collect and store the vulnerabilities as entities on disk. It's results will be used later by the vulnerabilities step where it will first try to get it from the cache and then collect it individually if it isn't found.
| if (severityMask === 0 && asset.vulnerabilities.total) { | ||
| return true; | ||
| } else if ( | ||
| severityMask === 1 && | ||
| (asset.vulnerabilities.critical || asset.vulnerabilities.severe) | ||
| ) { | ||
| return true; | ||
| } else if (severityMask === 2 && asset.vulnerabilities.critical) { | ||
| return true; | ||
| } | ||
| return false; |
There was a problem hiding this comment.
If someone picks Critical & Moderate this will fail.
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/@jupiterone/integration-sdk-core@12.7.0-alpha.0, npm/@jupiterone/integration-sdk-dev-tools@12.7.0-alpha.0, npm/@jupiterone/integration-sdk-testing@12.7.0-alpha.0 |
Description
This PR is intended to simplify collection of data by: