Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan Configuration Item #108

Closed
zimventures opened this issue Jul 27, 2023 · 0 comments
Closed

Scan Configuration Item #108

zimventures opened this issue Jul 27, 2023 · 0 comments
Assignees
@zimventures
Labels
backlog An issue that has been accepted and will be added to a future release enhancement New feature or request

Comments

@zimventures
Copy link
Contributor

As a user, it would be useful to be able to rerun a scan after performing remediation.

The rerun functionality request implies a few deliverables:

  • Scans have a history
  • Scans are configuration items, not execution items
  • Scans have job control state (start/stop)

Scan

Current Behavior

The current design of a Scan is that the user must create it every time they would like to kick one off. There is no concept of a "scan history", since each scan is its own entity.

Scan As A Configuration Item

If we move the current Scan behavior into a new model, ScanRun, then a Scan becomes a configuration element, of sorts. This has some advantages:

  1. Users will be able to easily click "run scan" without having to configure it (once configured, of course)
  2. A "re-scan" button can be available in the scan summary page, allowing the scan to be rereun
  3. Scanning history will be available
  4. Opens the door for scans to be run automatically on a schedule
  5. Opens the door to organize scans in the future (folders, disable, archive, etc...)

New Scan model:

class Scan(models.Model):
   name = models.CharField(...)
   description = models.TextField(...)
   current_version = models.ForeignKey(ScanVersion)

New ScanVersion model:

class ScanVersion(models.Model):
   number = models.IntegerField(default=1)
   scan = models.ForeignKey(Scan)
   policies = models.ManyToManyField('policy.Policy')
   assets = models.ManyToManyField('asset.BaseAsset')

New ScanRun model:

class ScanRun(models.Model):
   started_at = models.DateTimeField(auto_now_add=True)
   finished_at = models.DateTimeField(null=True)
   scan_version = models.ForeignKey(ScanVersion)

The ScanAsset model will be updated so that its scan property will instead point to a ScanRun instance (as opposed to a Scan). The ScanAsset model will continue to be directly tied to a single Celery task

Asset Lock Check

Since assets can now be referenced in multiple ScanVersion instances, it's important to let the user know that modifying an Asset will impact one or more Scan configurations.

Asset Deletion -> Archived

Asset deletion can only occur when any and all scans that reference the asset have been archived. Asset deletion will need to be changed so that it is archived, rather than deleted. Historical scan results will need to reference the asset.

Asset Edit

Prior to an asset being saved, the user should be notified of all the scans which reference the asset. The user should be prompted with a confirmation dialog to accept that the list of scans will be impacted. If ANY of the scans are currently running, the edit will NOT be performed.

Scan Versioning

Like the PolicyVersion model, a new ScanVersion entity will keep track of when the configuration of a Scan is modified. This will allow users the ability to edit a scan, without impacting previous scan runs results.

UI Changes

Creating a new Scan now does not kick off a scan. Instead, it simply sets up the configuration FOR a scan. That means the current dashboard functionality will need to be updated, and some new views will be added.

Scan Dashboard

The Scan dashboard will be modified to show the list of configured scans. For each scan the following items will be shown:

  • Name of the scan
  • DateTime of when the scan configuration was last modified
  • Current version number
  • Number of assets configured
  • Number of policies configured
  • DateTime of the last scan run
  • VCR controls to start/stop the scan
  • Button to view the most recent scan results
  • Button to view scan run history

Scan History Page

Now that a Scan has zero or more ScanRun instances associated with it, we need a way to display them. This page will display a paginated list of ScanRun objects, sorted by start time. For each ScanRun object, display the following:

  • Start/Stop DateTime
  • Duration
  • Status
  • Findings Count
  • Button to the details page
  • ScanVersion used

Scan Start/Stop/State

As noted in the UI Changes above, VCR controls will be added to start/stop a scan. View routes will need to be added to fetch the current state of a scan, start a scan, and stop a scan (which cancels it - not pause).

Scan Re-Run

Finally - we reach the meat of the user story - the ability to rerun a scan.

In the scan results page, a new button will be available to re-run the scan. The button will only be available if the scan is not currently running. If the user clicks on the button, but the scan has somehow started by another user, the button will be disabled with a busy icon, noting a scan is currently running.
@zimventures zimventures added enhancement New feature or request backlog An issue that has been accepted and will be added to a future release labels Jul 27, 2023
@zimventures zimventures self-assigned this Aug 16, 2023
@zimventures zimventures mentioned this issue Aug 17, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zimventures zimventures

Labels
backlog An issue that has been accepted and will be added to a future release enhancement New feature or request
Projects
Flexible Scan Jobs and Policy Rules
Status: Done
Chirps Roadmap
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zimventures