cloudoperators / heureka

Security and compliance management
Apache License 2.0
3 stars 1 forks source link

chore(bootcamp): Capture BootCamp Stream-settings/Recap Notes #135

Closed lolaapenna closed 2 months ago

lolaapenna commented 2 months ago

Day 2 Stream Setting

GH Enablement Stream

Done:

  • GH Cluster Create
  • Deployed OpenBao

To Do:

  • Plugin definitions
  • ...

Scanner Stream

Done:

  • Research and align on the general entity rel model to understand how instances work wth heur
  • kubernetes and keppel scanner

Todo:

  • finalise CVE scanner - create issue and issue variant
  • Begin working on keppel scanner (scanners will be stand alone)
  • dummy Helm chart wich deploys servic account
  • plugin definition for heureka and plugin definition for each scanner
  • SARIF converter - SARIF being a standardized scanner result format

UI Stream

Done:

  • Refactored the store library (lib in react) to manage store properties better to accommodate the growing data
  • Finalise searching/filtering functionality
  • Implemented panel manager

ToDo:

  • ...

Org. Stream

Done:

  • Created persona definitions which include background, goals, and chalenges

Todo:

  • Establish the 'needs' definition for each persona
  • Create user journey for the personas
lolaapenna commented 2 months ago

Day 2 Recap

Org Stream

Done:

  • Added persona needs

In Progress:

  • Translate needs to views

To DO:

  • Storyline for Demo - famous CVE example - exclude background config and focus on capability.

UI Stream

In Progress:

  • Refactoring the store slices
  • implementing the service detail panel

GH Enablement Stream

Done:

  • plugin definitions

To Do:

  • Deploy load balancer
  • create a cname for the service - enable reaching the service with a domain name
  • Create: cname for Heureka + gardener cluster

Scanner Stream

Done:

  • New requirements established
  • Potential need to define an API model package

In Progress:

  • CVE scanner - new requirements discovered - issue repository ID needs to be fetched + issue variant entity to be created

To Do:

  • Align on seamless interconnectivity of Heureka components - scanners + heureka service - this should be easy with helm chart - definitions for both scanner and heureka
  • Clearly define the scope of Demo
lolaapenna commented 2 months ago

Day 3 Recap

UI Stream: done:

  • Filters for issue match implemented - pri name, sec name
  • Service detail view implemented
  • component list view - shows type of comp, num of comp version num of issues- may not be useful

To do:

  • issue match filtered values

GH Stream done:

  • Basic Helm chart for Heureka core published - deployed on remote vanilla gardener cluster
  • Plugin for deploying heureka PR submitted
  • Heureka deployed in QA cluster

Todo:

  • Configure ingress
  • 3 helm chart for scanners

Scanner Stream: done:

  • CVE scanner - repository ID implemented
  • Keppel scanner - fetching data from Keppel is implemented (within one keppel instance)

To do:

  • CVE from a repository contains lists with metrics (multiple ratings) - need to decide the most recent rating - this impends the issue variant entity implementation
  • API endpoint for component version issue

In progress:

  • Keppel scanner processing in Heureka (impended by component version issue API endpoint)

Org Stream

User story map done

lolaapenna commented 2 months ago

Day 4 Stream Setting:

Scanner Stream To do:

  • Severity rating figure out
  • Backend functionality missing for -component-version-issue - implement across all layers

Org Stream: To do

  • Finalise user story map - add storyline for manager
  • Prepare for Show and Tell

GH Stream

We need a dedicated session to figure out how to tie the pieces together Tackle the unknowns with deploying in GH We avoid this for the Demo - we install the plugin for the UI alone - The plugin visible in the selector for GH

To do:

  • setup LB and DNS for heureka
  • Helm chart and deployment for scanners

UI Stream To do:

  • finalize filter for services - with the new query
  • search functionality for issue once it's done at the back end
lolaapenna commented 2 months ago

Day 4 Recap

Org Stream

  • User Story Mapping completed

In Progress

  • Show and Tell Prep

UI Stream Done:

  • Filtering for services - pending review
  • Issue-match detail view - pending review

In Progress:

GH Stream Done:

  • Dev Cluster onboarded into GH QA ---- real vanilla cluster onboarded to GH
  • Main Cluster onboarded into GH Prod.
  • Basic Helm Chart for Heureka
  • All Helm charts for scanners --- They are all deployed in QA
  • All Helm charts and images are now packages on GHCR.io/cloudoperators (image registry for cloud operators)
  • Ingress and domain name for Heureka --- 2nd Heureka backend now running (QA)

In Progress:

  • pending PR for UI plugin definition

Scanner Stream Done

  • POC for Kepel scanner - inserts Keppel data to heureka
  • POC for NVD scanner - inserts NVD data to heureka

To Do:

  • Kubernetes scanner
  • Matching process
lolaapenna commented 2 months ago

WEEK 2

Scanner Stream

  • In Progress
  • Heureka clients for Keppel and Kubernetes scan
  • Local cluster setup for the kubernetes scanner

UI Stream

  • Search functionality for service - To do by Dustin
  • Optimise list view of issues match list and issue match details
  • URL state manager
  • Modify filter slice store

Org. Stream

  • Follow-up with personas - edit capabilities and the Auditor persona
lolaapenna commented 2 months ago

Org Stream

  • Finalise Mural board for Show and Tell
  • Slide deck for Demo
  • Clearly outline Demo scope

Scanner Stream

  • NVD and Keppel Scanners finalised - pending PR review/merge
  • Kubernetes Scanner
  • The issue matcher - handles creation only - for now
    • BL - Implement component version match state management - create a ticket + scanning capability for all clusters
lolaapenna commented 2 months ago

Scanner Stream

  • Kubernetes Scanner - decide on how to handle when a container is found with an image version (component version) not in Heureka - BL item
  • Implement Event Register - the ability to central register handlers to certain events. - this solves the problems of acting on events such as event versions being created, which need to be injected into app layer functions. events of the issue matcher - BL item
  • NVD and Keppel Scanner PR merged - we need to check the deployment.

Org Stream:

  • BootCamp Show n Tell ready.
  • Demo Prep ongoing