Threats poc #239

soum-kazuaki · 2024-07-03T06:59:27Z

PR の目的

threats-poc の累積改修を main に適用
- group を service に名称変更
- PTeam の脅威情報を、Team 単位でなく Service, Dependency 単位で扱うように改修
  - アラート通知も Team 単位から Service 単位に改修
- 脅威度を SSVC deployer priority ベースで扱えるように改修
  - スコア計算部は未だ仮実装
  - 旧 ThreatImpact も残存しているが、いずれ↑に置き換え予定
- SBOMアップロード機能を非同期化
- SBOM(CycloneDX) 解析時に tag_name を {group}/{name} で生成するように改修
  - トピックタグ生成側も揃えるため、pkg_name の : を / に変換するよう改修
- PTeam, Topic の disabled 属性を廃止
- UI
  - 脅威情報を Service 単位で扱うように改修
    - 一部は api 側で暫定的な帳尻合わせを行っている
  - Service 削除機能を実装
  - TeamStatus （チーム内の最悪な ThreatImpact）を廃止

…pact fix default dependency_mission_impact to None

Topic/create ticket

Topic/add new parameter to topic

…_topic add new parameter

implement creating/sending alert based on ticket

…ty_impact

…ssage set tmp threat impact based on ssvc_deployer_priority instead of safe…

add 3 test cases

add ondelete='SET NULL' option to Alert.ticket_id

topic/add-test-in-test_pteams.py

add requests test

topic/add alembic migration script

… tasks

…ound-tasks Topic/api patch get db for background tasks

…_ticket_ids topic/add test get_service_tagged_ticket_ids

…-colon-to-slash fix namespace delimiter in package name

add tests for bg_create_tags_from_sbom_json

mshim03

LGTM

dejima-shikou and others added 30 commits May 13, 2024 12:45

test create ticket

59c654a

fix default dependency_mission_impact to None

e34b326

Merge pull request #163 from nttcom/fix/default-dependency-mission-im…

b1c695b

…pact fix default dependency_mission_impact to None

Merge branch 'threats-poc' into topic/create-ticket

3341abd

add new parameter to topic generation script

2fed100

fix topic api

9cf4a3b

modification of tests due to changes in api

01fb4e8

test get_mission_impact

db54a14

delete print

7cbb821

refactor create ticket

c299cad

add test_calculate_mission_impact

0d6336e

fix api schema

18f2186

Merge pull request #164 from nttcom/topic/create-ticket

b9708c2

Topic/create ticket

Merge pull request #165 from nttcom/topic/add-new-parameter-to-Topic

af16ed4

Topic/add new parameter to topic

add new parameter

5715f1e

Merge pull request #166 from nttcom/topic/add-new-parameter-to-update…

b84eb0c

…_topic add new parameter

implement creating/sending alert based on ticket

928ee16

add unique constraint to Ticket.threat_id and Alert.ticket_id

62ba93f

Merge pull request #167 from nttcom/topic/api-create-alert

86192e9

implement creating/sending alert based on ticket

add 3 test cases

d84120d

set tmp threat impact based on ssvc_deployer_priority instead of safe…

63cd1dd

…ty_impact

Merge pull request #169 from nttcom/fix/tmp-threat-impact-in-alert-me…

2951373

…ssage set tmp threat impact based on ssvc_deployer_priority instead of safe…

fix test name and change from create_topic to client.post

ee67783

add ondelete='SET NULL' option to Alert.ticket_id

d8c2bd1

Added service tab to status screen

6d4580d

add cascade='all, delete' option to Threat.ticket relationship

a1342d6

Merge pull request #168 from nttcom/topic/add-test-for-topic

f38e569

add 3 test cases

Merge pull request #170 from nttcom/fix/relationship-Alert-to-Ticket

9520c8b

add ondelete='SET NULL' option to Alert.ticket_id

add TicketStatus, CurrentTicketStatus model

d279c82

change versions file name

eab624c

TsurutaYoshiki and others added 24 commits June 27, 2024 05:55

split the test into two parts

010e74c

fix test_get_service_tagged_ticket_ids_when_change_the_threat_impact

3920bc0

fix test name

6639e02

Merge pull request #231 from nttcom/topic/add-test-in-test_pteams.py

0dc382e

topic/add-test-in-test_pteams.py

add requests tests

375d37d

fix test_TicketStatus_with_multi_ActionLogs

3f75fe8

Merge pull request #232 from nttcom/topic/add-requests-test

4fe2226

add requests test

topic/add alembic migration script

fd064bb

delete alembic migration script

04c5ed7

delete 55bb39ec2d69_add_ticketid_to_actionlog.py

5d462d2

Merge pull request #233 from nttcom/topic/add-alembic-migration-script

80c4f04

topic/add alembic migration script

patch get_db with override_get_db for the case called from background…

a9a65aa

… tasks

remove pytest.mark.skip from test_upload_pteam_sbom_file

31c630b

Merge pull request #234 from nttcom/topic/api-patch-get-db-for-backgr…

4740ffa

…ound-tasks Topic/api patch get db for background tasks

change env name

1ee639f

add tests for bg_create_tags_from_sbom_json

3bd302b

topic/add test get_service_tagged_ticket_ids

2a860d1

fix namespace delimiter in package name

39fc973

Merge pull request #236 from nttcom/topic/add-test-get_service_tagged…

58e5905

…_ticket_ids topic/add test get_service_tagged_ticket_ids

Merge pull request #237 from nttcom/topic/api-fix-namespace-delimiter…

c4c96ae

…-colon-to-slash fix namespace delimiter in package name

add test_create_threats_based_on_sbom

61ea8d3

Merge branch 'threats-poc' into topic/api-test-bg-upload-sbom

d766d69

Merge pull request #235 from nttcom/topic/api-test-bg-upload-sbom

4ba60c5

add tests for bg_create_tags_from_sbom_json

Merge branch 'main' into threats-poc

3972673

soum-kazuaki temporarily deployed to test July 3, 2024 06:59 — with GitHub Actions Inactive

fix format

a91a791

soum-kazuaki temporarily deployed to test July 3, 2024 07:07 — with GitHub Actions Inactive

mshim03 approved these changes Jul 4, 2024

View reviewed changes

mshim03 merged commit 6c06e4b into main Jul 4, 2024
10 checks passed

mshim03 deleted the threats-poc branch July 4, 2024 00:47

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Threats poc #239

Threats poc #239

soum-kazuaki commented Jul 3, 2024

mshim03 left a comment

Threats poc #239

Threats poc #239

Conversation

soum-kazuaki commented Jul 3, 2024

PR の目的

mshim03 left a comment

Choose a reason for hiding this comment