chore(ApeiroOrg): Prepare for the upcoming Apeiro Backlog Refinement session

[lolaapenna]

Task Description The session aims to consolidate all planned activities across the various streams of the Apeiro Cloud Operator Project. It is therefore a communication platform for stakeholders and management.

Acceptance Criteria:

• [x] Clearly outlined stakeholder understandable epics planned for sprint 11
• [x] The committed epics have been aligned and agreed on internally
• [x] The committed items are feasible for sprint 11

[lolaapenna]

Apeiro previous sprint 10 items:

• (heureka): Refined Heureka PoC: Solve the limitations of the PoC
• (heureka): Refined Heureka Issue Matcher: Enhance the Issue Matcher service

Update on the items for Sprint 10 (to be added as a comment in the issue for both items)

Several issues were discovered with the PoC. As a result, the planned epics for Sprint 10 were paused to address these new tasks.

These tasks fall in 2 categories (epics):
- Fix performance issues and UX after having real data - Delayed loading of entities when handling real data.

- Fix Bugs with Heureka Issue Matches - Errors in service matching and support group matching.

Apeiro new sprint 11 items:

**1. (heureka) Enable Multiple Clusters for the Scanners**
### Description
The scanners currently scan a single cluster, we need to onboard all clusters to the scanners to ensure comprehensive infrastructure coverage.

### Objectives
- Extend the scanner's capability to handle multiple clusters.
- Ensure seamless integration and scanning of all clusters.
- Maintain or improve the performance and accuracy of the scanners.

### Acceptance Criteria
Kubernetes Scanner is enabled for all clusters
Image Scanner is enabled for all clusters

**2. (heureka) Implement Continuous Scans for the Scanners**

### Description
This epic focuses on enhancing the scanners to support continuous scanning capabilities.

### Objectives
To equip the scanners with the ability to detect changes since the last scan and update results accordingly, eliminating the need to wipe results from each scan.

### Acceptance Criteria
Continuous Scanning Framework is designed
Incremental Updates is Implemented
Testing and Validation is done

**3. epic(demo): Address initial feedback from Heureka PoC demo**

### Description
The idea is to compile received feedback form demoing the PoC until until a formal feedback channel is established..

### Objectives
Ensure continuous improvement in parallel with ongoing development.

### Acceptance Criteria
- [ ] Establish a formal feedback channel: document, consolidate, and link it to a created issue for resolution.
- [ ] Implement sorting by Target Remediation Date, and Severity
- [ ] Implement filter for Severity != None - provide a filter option to exclude entries where Severity is None.
- [ ] Implement identification of Severity (None) on the Service Detail view - Entries with Severity set to None should be clearly identified in the Service Detail view.

[lolaapenna]

@drochow and @MR2011

The above comment are the updates I plan to provide in the Apeiro Backlog Refinement session tomorrow. Kindly take a look and modify where ever you find the need to. Thank you!

[drochow]

1. (heureka) Enable Multiple Clusters for the Scanners**

Description

We currently only scan 2 clusters without scanning within the cluster (local scan). We need to onboard multiple clusters and scan from within the clusters.

Objectives

• Work on the Deployment of Scanners to multiple clusters
• Investigate further potential errors occurring on additional data sets
• Maintain or improve the performance and accuracy of the scanners based on new data sets

Acceptance Criteria

• Kubernetes Scanner is enabled and running on multiple clusters
• Image Scanner is enabled and running on multiple clusters
• Scanner Logs are available for investigation
• Scans occur at least daily
• Heureka db partially wiped daily to ensure remediated issues disappear (workaround)

[drochow]

2. (heureka) Implement Continuous Scans for the Scanners

Description

This epic focuses on enhancing the scanners to support continuous scanning capabilities.

Objectives

To equip the scanners with the ability to detect changes since the last scan and update results accordingly, eliminating the need to wipe results from each scan.

Acceptance Criteria

Added tracking of Scan Jobs Added scanner registration capabilities Adjust scanners to do authenticated queries and submit their Job Status Add trigger for automatic closure of remediated issues E2E Tests for Scan Tracking E2E Tests for Scanner Registration Integration Tests for Automatic Closure

[drochow]

*3. epic(demo): Address feedback from Heureka PoC demo**

Description

The idea is to compile received feedback form demoing the PoC until a formal feedback channel is established..

Objectives

Ensure continuous improvement in parallel with ongoing development.

Due to the continuous feedback loop the acceptance criterias do change over time.

Acceptance Criteria

• [ ] Establish a formal feedback channel: document, consolidate, and link it to a created issue for resolution.
• [ ] Sorting
  • [ ] Issue Matches:
    • [ ] by Target Remediation Date
    • [ ] by Severity
    • [ ] by Name
  • [ ] Service:
    • [ ] by Name
• [ ] Add default filter selection to All Severities but None --> filter for Severity != None
• [ ] Implement identification of Severity (None) on the Service Detail view - Entries with Severity set to None should not be displayed as issues on the service detail view
• [ ] Add Pagination for Component Instances in Service Detail View
• [ ] Decide: Allow Filtering for Services & Support Group Name on the Issue Match Search or indicate that only searching for CVE's is supported

[drochow]

I would suggest changing the order:

Prio 1. gonna be epic 3.

Then the other two.

@MR2011 @lolaapenna WDYT?

[lolaapenna]

I agree with that order - we should prioritise epic 3.