1212
1313Available Scanners:
1414- BaseScanner: Abstract base class defining the scanner interface
15- - UnifiedSCAPScanner: Primary SCAP scanner with MongoDB rule integration
15+ - OWScanner: OpenWatch's primary SCAP scanner with MongoDB rule integration
1616- OSCAPScanner: OpenSCAP-based content validation and profile extraction
1717- KubernetesScanner: Kubernetes/OpenShift compliance scanner
1818
1919Scanner Registry (ScannerFactory):
20- - "scap" -> UnifiedSCAPScanner (primary, MongoDB-integrated)
20+ - "scap" or "owscan" -> OWScanner (primary, MongoDB-integrated)
2121- "oscap" -> OSCAPScanner (content operations, validation)
2222- "kubernetes" -> KubernetesScanner (K8s/OpenShift)
2323
24+ Backward Compatibility:
25+ - UnifiedSCAPScanner is an alias for OWScanner
26+
2427Usage:
2528 from app.services.engine.scanners import (
26- UnifiedSCAPScanner ,
29+ OWScanner ,
2730 OSCAPScanner,
2831 KubernetesScanner,
2932 ScannerFactory,
30- get_unified_scanner ,
33+ get_ow_scanner ,
3134 )
3235
33- # Get unified scanner for MongoDB-integrated scanning (recommended)
34- scanner = get_unified_scanner ()
36+ # Get OWScanner for MongoDB-integrated scanning (recommended)
37+ scanner = get_ow_scanner ()
3538 await scanner.initialize()
3639 result = await scanner.scan_with_rules(
3740 host_id=host_id,
5356- Scanners do NOT handle execution (that's the executor's job)
5457- Scanners focus on content validation and result parsing
5558- Scanner capabilities advertise what each scanner supports
56- - UnifiedSCAPScanner is the primary scanner for compliance operations
59+ - OWScanner is the primary scanner for compliance operations
5760"""
5861
5962import logging
6871from .base import BaseScanner # noqa: F401, E402
6972from .kubernetes import KubernetesScanner # noqa: F401, E402
7073from .oscap import OSCAPScanner # noqa: F401, E402
71- from .scap import UnifiedSCAPScanner # noqa: F401, E402
74+ from .owscan import OWScanner , UnifiedSCAPScanner # noqa: F401, E402
7275
7376
7477def get_scanner (provider : ScanProvider ) -> BaseScanner :
@@ -148,15 +151,15 @@ def get_scanner_for_content(content_path: str) -> Optional[BaseScanner]:
148151 return None
149152
150153
151- def get_unified_scanner (
154+ def get_ow_scanner (
152155 content_dir : Optional [str ] = None ,
153156 results_dir : Optional [str ] = None ,
154157 encryption_service : Optional [object ] = None ,
155- ) -> "UnifiedSCAPScanner " :
158+ ) -> "OWScanner " :
156159 """
157- Get the unified SCAP scanner with MongoDB integration.
160+ Get the OpenWatch scanner with MongoDB integration.
158161
159- The unified scanner combines all SCAP scanning capabilities including:
162+ The OWScanner combines all SCAP scanning capabilities including:
160163 - MongoDB rule selection and generation
161164 - Dynamic XCCDF/OVAL content creation
162165 - Local and remote scan execution
@@ -171,10 +174,10 @@ def get_unified_scanner(
171174 encryption_service: Encryption service for credential decryption.
172175
173176 Returns:
174- Configured UnifiedSCAPScanner instance (requires async initialization).
177+ Configured OWScanner instance (requires async initialization).
175178
176179 Usage:
177- >>> scanner = get_unified_scanner ()
180+ >>> scanner = get_ow_scanner ()
178181 >>> await scanner.initialize() # Required before MongoDB operations
179182 >>> result = await scanner.scan_with_rules(
180183 ... host_id="uuid",
@@ -184,13 +187,17 @@ def get_unified_scanner(
184187 ... connection_params=params,
185188 ... )
186189 """
187- return UnifiedSCAPScanner (
190+ return OWScanner (
188191 content_dir = content_dir ,
189192 results_dir = results_dir ,
190193 encryption_service = encryption_service ,
191194 )
192195
193196
197+ # Backward compatibility alias
198+ get_unified_scanner = get_ow_scanner
199+
200+
194201# =============================================================================
195202# Scanner Factory
196203# =============================================================================
@@ -233,7 +240,8 @@ class ScannerFactory:
233240 # Keys are lowercase identifiers used in rule metadata
234241 _scanners : dict [str , type [BaseScanner ]] = {
235242 # Primary scanner for SCAP compliance (MongoDB-integrated)
236- "scap" : UnifiedSCAPScanner ,
243+ "owscan" : OWScanner ,
244+ "scap" : OWScanner , # Alias for backward compatibility
237245 # Legacy/content-only scanner (profile extraction, validation)
238246 "oscap" : OSCAPScanner ,
239247 # Kubernetes/OpenShift compliance
@@ -296,9 +304,10 @@ def get_available_scanners(cls) -> dict[str, str]:
296304 ... print(f"{name}: {desc}")
297305 """
298306 return {
299- "scap" : "Unified SCAP Scanner - MongoDB-integrated compliance scanning with rule intelligence" ,
300- "oscap" : "OpenSCAP - OVAL-based content validation and profile extraction" ,
301- "kubernetes" : "Kubernetes - YAML-based checks for K8s/OpenShift clusters" ,
307+ "owscan" : "OWScanner - OpenWatch's primary MongoDB-integrated compliance scanner" ,
308+ "scap" : "OWScanner (alias) - MongoDB-integrated compliance scanning" ,
309+ "oscap" : "OSCAPScanner - OpenSCAP content validation and profile extraction" ,
310+ "kubernetes" : "KubernetesScanner - YAML-based checks for K8s/OpenShift clusters" ,
302311 # Future scanners will be documented here
303312 }
304313
@@ -372,13 +381,16 @@ def is_registered(cls, scanner_type: str) -> bool:
372381 # Base class
373382 "BaseScanner" ,
374383 # Scanner implementations
384+ "OWScanner" ,
375385 "OSCAPScanner" ,
376- "UnifiedSCAPScanner" ,
377386 "KubernetesScanner" ,
387+ # Backward compatibility aliases
388+ "UnifiedSCAPScanner" , # Alias for OWScanner
378389 # Factory class
379390 "ScannerFactory" ,
380391 # Factory functions
381392 "get_scanner" ,
382393 "get_scanner_for_content" ,
383- "get_unified_scanner" ,
394+ "get_ow_scanner" ,
395+ "get_unified_scanner" , # Alias for get_ow_scanner
384396]
0 commit comments