From fd0709165c71033cb54c2c68df918b70add26d45 Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com>
Date: Mon, 10 Aug 2020 17:37:17 +0200
Subject: [PATCH] Add completion timestamp to scans once finished

This also allows to track the total runtime by
comparing it against the .metadata.creationTimestamp of the scan.
---
 operator/apis/execution/v1/scan_types.go                     | 4 +++-
 operator/apis/execution/v1/zz_generated.deepcopy.go          | 4 ++++
 .../bases/execution.experimental.securecodebox.io_scans.yaml | 5 +++++
 operator/controllers/execution/scans/hook_reconciler.go      | 4 ++++
 .../crds/execution.experimental.securecodebox.io_scans.yaml  | 5 +++++
 5 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go
index 23a598e9..4d32f283 100644
--- a/operator/apis/execution/v1/scan_types.go
+++ b/operator/apis/execution/v1/scan_types.go
@@ -43,7 +43,9 @@ type ScanSpec struct {
 type ScanStatus struct {
 	State string `json:"state,omitempty"`
 
-	ErrorDescription string `json:"errorDescription,omitempty"`
+	// FinishedAt contains the time where the scan (including parser & hooks) has been marked as "Done"
+	FinishedAt       *metav1.Time `json:"finishedAt,omitempty"`
+	ErrorDescription string       `json:"errorDescription,omitempty"`
 
 	// RawResultType determines which kind of ParseDefinition will be used to turn the raw results of the scanner into findings
 	RawResultType string `json:"rawResultType,omitempty"`
diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go
index 268e7d6f..fbae0fbc 100644
--- a/operator/apis/execution/v1/zz_generated.deepcopy.go
+++ b/operator/apis/execution/v1/zz_generated.deepcopy.go
@@ -388,6 +388,10 @@ func (in *ScanSpec) DeepCopy() *ScanSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ScanStatus) DeepCopyInto(out *ScanStatus) {
 	*out = *in
+	if in.FinishedAt != nil {
+		in, out := &in.FinishedAt, &out.FinishedAt
+		*out = (*in).DeepCopy()
+	}
 	in.Findings.DeepCopyInto(&out.Findings)
 	if in.ReadAndWriteHookStatus != nil {
 		in, out := &in.ReadAndWriteHookStatus, &out.ReadAndWriteHookStatus
diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml
index a5ee337a..01e02e48 100644
--- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml
+++ b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml
@@ -252,6 +252,11 @@ spec:
                       type: integer
                   type: object
               type: object
+            finishedAt:
+              description: FinishedAt contains the time where the scan (including
+                parser & hooks) has been marked as "Done"
+              format: date-time
+              type: string
             rawResultFile:
               description: RawResultFile Filename of the result file of the scanner.
                 e.g. `nmap-result.xml`
diff --git a/operator/controllers/execution/scans/hook_reconciler.go b/operator/controllers/execution/scans/hook_reconciler.go
index c7aee9f1..7cdbfd1e 100644
--- a/operator/controllers/execution/scans/hook_reconciler.go
+++ b/operator/controllers/execution/scans/hook_reconciler.go
@@ -217,6 +217,8 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error {
 	if len(readOnlyHooks) == 0 {
 		r.Log.Info("Marked scan as done as without running ReadOnly hooks as non were configured", "ScanName", scan.Name)
 		scan.Status.State = "Done"
+		var now metav1.Time = metav1.Now()
+		scan.Status.FinishedAt = &now
 		if err := r.Status().Update(ctx, scan); err != nil {
 			r.Log.Error(err, "Unable to update Scan status")
 			return err
@@ -281,6 +283,8 @@ func (r *ScanReconciler) checkIfReadOnlyHookIsCompleted(scan *executionv1.Scan)
 	if readOnlyHookCompletion == completed {
 		r.Log.V(7).Info("All ReadOnlyHooks have completed")
 		scan.Status.State = "Done"
+		var now metav1.Time = metav1.Now()
+		scan.Status.FinishedAt = &now
 		if err := r.Status().Update(ctx, scan); err != nil {
 			r.Log.Error(err, "Unable to update Scan status")
 			return err
diff --git a/operator/crds/execution.experimental.securecodebox.io_scans.yaml b/operator/crds/execution.experimental.securecodebox.io_scans.yaml
index a5ee337a..01e02e48 100644
--- a/operator/crds/execution.experimental.securecodebox.io_scans.yaml
+++ b/operator/crds/execution.experimental.securecodebox.io_scans.yaml
@@ -252,6 +252,11 @@ spec:
                       type: integer
                   type: object
               type: object
+            finishedAt:
+              description: FinishedAt contains the time where the scan (including
+                parser & hooks) has been marked as "Done"
+              format: date-time
+              type: string
             rawResultFile:
               description: RawResultFile Filename of the result file of the scanner.
                 e.g. `nmap-result.xml`