Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

configurable severity #161

Merged
merged 15 commits into from
Aug 17, 2023
Merged

configurable severity #161

merged 15 commits into from
Aug 17, 2023

Conversation

alex-nork
Copy link
Contributor

@alex-nork alex-nork commented Aug 16, 2023
edited

Description

The purpose of this PR is to make rule severity configurable. With these changes, each severity will have a name, value, and color, instead of just a number. These severities are not user-specific, so all users can see severities that have been loaded/created, but only a superuser can create/edit/archive a severity.

There are two improvements that will be made in follow up PRs, in order to keep each a manageable size to review. The first improvement is to change the Rule severity field to a dropdown list populated by the existing severities. The second is tests.

Screenshots

Severity management dashboard

severity_management_dashboard

Create new severity

create_severity

Severity created

severity_created

Archive severity confirmation

archive_severity_confirmation

Non-superuser dashboard view

non_superuser_dashboard_view

Closes #155

zimventures
zimventures suggested changes Aug 16, 2023
View reviewed changes
Copy link
Contributor

@zimventures zimventures left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good stuff.

Ideally, it would be great to have the severity stuff broken out into its own application. Riding along side of the policy code things will start to get ugly (especially as Rules get more complicated). If it isn't too much trouble, breaking it out now would be a great step.

I apologize for not spelling that out in the original ticket 🙇‍♂️

chirps/policy/templates/policy/severity_management.html Outdated Show resolved Hide resolved
chirps/policy/templates/policy/severity_management.html Outdated Show resolved Hide resolved
chirps/policy/templates/policy/severity_management.html Outdated Show resolved Hide resolved
@alex-nork
Copy link
Contributor Author

Agreed that it feels a little clunky living in the Policy application. I'm happy to move it out 🚚

zimventures
zimventures reviewed Aug 17, 2023
View reviewed changes
chirps/chirps/settings.py
Comment on lines 49 to +55
'account',
'policy',
'asset',
'base_app',
'embedding',
'policy',
'scan',
'severity',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doing The Lord's Work right here. 🙇‍♂️

zimventures
zimventures approved these changes Aug 17, 2023
View reviewed changes
Copy link
Contributor

@zimventures zimventures left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you very much for taking the time to pull this out. Nice n' tidy now :)

@alex-nork alex-nork merged commit d8c4276 into main Aug 17, 2023
5 checks passed
@alex-nork alex-nork deleted the AlexN/configurable-severity branch August 17, 2023 15:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zimventures zimventures zimventures approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Configurable Severity
2 participants
@alex-nork @zimventures