Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split code and more ideas #130

Closed
frite opened this issue Nov 28, 2019 · 2 comments
Closed

Split code and more ideas #130

frite opened this issue Nov 28, 2019 · 2 comments

Comments

@frite
Copy link
Contributor

frite commented Nov 28, 2019

Hi all, more of an umbrella issue to keep spam low.
Anyway, I'd like to propose the following:

  • Although the codebase is not exactly huge, I think it can be split in separate repos. i.e. Ansible roles can go each in a repository. This will enable to develop tests. I'm happy to use molecule tests (at least for the happy paths) to ensure that roles work as expected, potentially it also helps to onboard people faster (because if tests break you broke something). Also, that way they can be pushed into Ansible Galaxy. Finally, it makes the playbooks smaller because you can rackspace.scantron_common_role in your playbook.
  • Same as above for agent/master. Again the same reasoning.
  • More of a thought at this stage but. Agents can be containerized and come up on demand (Happy to containerize the agent as well). If multi-agent support is developed, it may be worth it to even have some option of Kubernetes cluster. Realistically speaking, even if you scan your fleet daily, there's a big part of that day that your fleet is idle. Similar approach can be taken for master although I currently can't think of any use, unless web/db is split.

Regards,
Manolis
@derpadoo
Copy link
Contributor

Hi @frite - thanks for taking the time to provide some ideas!

  • I definitely like the idea of automated testing for the Ansible playbooks, but favor the mono repo for now because I'd estimate most Scantron users (likely infosec folks) aren't well versed in Ansible, Ansible Galaxy (myself included), or molecule testing (had to look that one up) already. I'll have to read up more on that, but for now, it's easier keeping it in one repo.

  • Would definitely be interested in a containerized solution, for at least the agents, if you were willing to provide the code. Admittedly, there's so much to learn and I've been slow to jump on the the container train.

@derpadoo
Copy link
Contributor

Hi @frite - A Scantron engine docker container ticket can be found here that I could use another set of eyes to validate if you're still interested in this project: #78

Going to close this one out for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@frite @derpadoo