Skip to content

Implement Basic System Information Discovery#26

Closed
remyluslosius wants to merge 4 commits into
mainfrom
feature/host-basic-system-discovery
Closed

Implement Basic System Information Discovery#26
remyluslosius wants to merge 4 commits into
mainfrom
feature/host-basic-system-discovery

Conversation

@remyluslosius

Copy link
Copy Markdown
Contributor

Implement basic system discovery with SSH-based OS detection, hostname discovery, and architecture detection. Includes API endpoints and database integration.

remyluslosius and others added 4 commits September 2, 2025 10:40
## New Features
- **Group Compliance API**: Complete REST API for group-based compliance scanning
  - Start group scans with multiple compliance frameworks (DISA-STIG, CIS, NIST, etc.)
  - Generate comprehensive compliance reports with trend analysis
  - Schedule recurring compliance scans with Celery Beat
  - Real-time progress tracking and host-level status updates

- **Advanced Reporting**: Detailed compliance analytics and metrics
  - Risk assessment and compliance gap analysis
  - Framework-specific distribution and scoring
  - Top failed rules analysis with remediation guidance
  - Host-level compliance summaries with drill-down capabilities

- **React UI Components**: Modern Material-UI interface
  - GroupComplianceScanner: Intuitive scan configuration and execution
  - GroupComplianceReport: Rich visualizations with charts and metrics
  - Real-time progress monitoring and scan history
  - Advanced settings for concurrent scans and timeout configuration

- **Background Processing**: Robust async task system
  - Scheduled compliance scans with cron expressions
  - Email notifications and alert system
  - Compliance monitoring with automated alerting
  - Report generation and export capabilities

## Technical Implementation
- **Pydantic Schemas**: Type-safe API contracts with validation
- **Database Integration**: Leverages existing group scan tracking tables
- **Security**: RBAC integration with proper permission checks
- **Scalability**: Configurable concurrency and timeout settings
- **Observability**: Comprehensive audit logging and error handling

## API Endpoints
- POST /api/group-compliance/{group_id}/scan - Start compliance scan
- GET /api/group-compliance/{group_id}/report - Generate report
- GET /api/group-compliance/{group_id}/metrics - Get KPIs
- POST /api/group-compliance/{group_id}/schedule - Schedule scans
- GET /api/group-compliance/{group_id}/scan-history - View history

This feature enables enterprise-scale compliance scanning with advanced
reporting and automation capabilities for regulatory requirements.
- API endpoint tests for scan initiation and reporting
- Schema validation tests with edge cases
- Error handling tests for missing groups and hosts
- Enum validation for compliance frameworks and remediation modes
- Mock-based testing with proper isolation

Ensures robust functionality and prevents regressions
## Enhanced Host Groups Interface
- **New Menu Options**: Added 'Advanced Compliance Scan' and 'Compliance Report' to group context menus
- **Visual Indicators**: Enhanced group cards with compliance framework badges and quick action buttons
- **One-Click Access**: Direct access to compliance features from group cards
- **Improved Error Handling**: Fallback to new compliance API when legacy scan service fails

## New Features Added to Group Cards
- **Compliance Framework Badge**: Shows configured framework (DISA-STIG, CIS, etc.)
- **Quick Action Buttons**: 'Advanced Scan' and 'Report' buttons for immediate access
- **Clickable Compliance Chips**: Direct access to compliance reports from status indicators

## Dialog Integration
- **Advanced Compliance Scanner**: Full-featured scanning interface in modal dialog
- **Compliance Report Viewer**: Rich analytics dashboard accessible from groups list
- **Seamless Workflow**: Scan initiation connects to existing progress tracking

## Error Resolution
- **Dual API Support**: Attempts legacy scan service first, falls back to new compliance API
- **Better Error Messages**: More descriptive feedback when scans fail
- **Success Indicators**: Clear confirmation when scans start successfully

This integration makes compliance scanning easily accessible from the existing
Host Groups interface while maintaining backward compatibility with current workflows.
- Add HostBasicDiscoveryService for SSH-based system discovery
- Execute hostname, /etc/os-release, uname -m, uname -r commands
- Parse OS information and map to standardized OS families
- Handle command failures gracefully with fallback methods
- Add SSHService for secure host connectivity
- Add REST API endpoints for triggering discovery operations
- Support both individual and bulk host discovery
- Update host database records with discovered information

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
@sonarqubecloud

sonarqubecloud Bot commented Sep 2, 2025

Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
E Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@github-advanced-security github-advanced-security AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@remyluslosius remyluslosius deleted the feature/host-basic-system-discovery branch September 11, 2025 00:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants