Add run-on to Boefje Setup page (#4061)

Co-authored-by: Donny Peeters <donny@bitestreams.com>
Co-authored-by: Donny Peeters <46660228+Donnype@users.noreply.github.com>
Co-authored-by: ammar92 <ammar.abdulamir@gmail.com>
Co-authored-by: Jan Klopper <janklopper+underdark@gmail.com>

Author: 4 people

boefjes/boefjes/katalogus/plugins.py

@@ -15,6 +15,7 @@
     get_plugins_filter_parameters,
 )
 from boefjes.models import FilterParameters, PaginationParameters, PluginType
+from boefjes.sql.db_models import RunOn
 from boefjes.sql.plugin_storage import get_plugin_storage
 from boefjes.storage.interfaces import DuplicatePlugin, IntegrityError, NotAllowed, PluginStorage
 
@@ -130,6 +131,7 @@ class BoefjeIn(BaseModel):
     boefje_schema: dict | None = None
     cron: str | None = None
     interval: int | None = None
+    run_on: list[RunOn] | None = None
     oci_image: str | None = None
     oci_arguments: list[str] = Field(default_factory=list)
 

boefjes/boefjes/migrations/versions/fc0295b38184_add_run_on_field_to_boefje.py

@@ -0,0 +1,33 @@
+"""Add run on field to boefje
+
+Revision ID: fc0295b38184
+Revises: 9f48560b0000
+Create Date: 2025-02-04 16:43:59.171960
+
+"""
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision = "fc0295b38184"
+down_revision = "9f48560b0000"
+branch_labels = None
+depends_on = None
+
+
+run_on = sa.Enum("create", "update", "create_update", name="run_on")
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    run_on.create(op.get_bind())
+    op.add_column("boefje", sa.Column("run_on", run_on, nullable=True))
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column("boefje", "run_on")
+    run_on.drop(op.get_bind(), checkfirst=False)
+    # ### end Alembic commands ###

boefjes/boefjes/models.py

@@ -1,5 +1,6 @@
 import datetime
 from enum import Enum
+from functools import total_ordering
 from typing import Literal
 
 from croniter import croniter
@@ -8,6 +9,18 @@
 from pydantic import BaseModel, Field, field_validator
 
 
+# This makes the RunOn sortable when in a list. This is convenient for e.g. the RunOnDB.from_run_ons method, that now
+# does not have to take the ordering of a boefje.run_on into account in its match statement. This is especially handy
+# once we introduce more RunOn values such as DELETE.
+@total_ordering
+class RunOn(Enum):
+    CREATE = "create"
+    UPDATE = "update"
+
+    def __lt__(self, other):
+        return self.value < other.value
+
+
 class Organisation(BaseModel):
     id: str
     name: str
@@ -34,6 +47,7 @@ class Boefje(Plugin):
     boefje_schema: dict | None = None
     cron: str | None = None
     interval: int | None = None
+    run_on: list[RunOn] | None = None
     runnable_hash: str | None = None
     oci_image: str | None = None
     oci_arguments: list[str] = Field(default_factory=list)

boefjes/boefjes/plugins/kat_export_http/boefje.json

@@ -5,8 +5,5 @@
   "consumes": [],
   "scan_level": 4,
   "oci_image": "ghcr.io/minvws/openkat/export-http:latest",
-  "run_on": [
-    "create",
-    "update"
-  ]
+  "run_on": ["create", "update"]
 }

boefjes/boefjes/sql/db_models.py

@@ -3,6 +3,7 @@
 from sqlalchemy import Boolean, Column, ForeignKey, Integer, String, UniqueConstraint, types
 from sqlalchemy.orm import relationship
 
+from boefjes.models import RunOn
 from boefjes.sql.db import SQL_BASE
 
 
@@ -14,6 +15,36 @@ class ScanLevel(Enum):
     L4 = 4
 
 
+class RunOnDB(Enum):
+    CREATE = "create"
+    UPDATE = "update"
+    CREATE_UPDATE = "create_update"
+
+    @classmethod
+    def from_run_ons(cls, run_ons: list[RunOn] | None):
+        if run_ons is None:
+            return None
+
+        match sorted(run_ons):
+            case [RunOn.CREATE]:
+                return cls.CREATE
+            case [RunOn.UPDATE]:
+                return cls.UPDATE
+            case [RunOn.CREATE, RunOn.UPDATE]:
+                return cls.CREATE_UPDATE
+            case _:
+                return None
+
+    def to_run_ons(self) -> list[RunOn]:
+        match self:
+            case RunOnDB.CREATE:
+                return [RunOn.CREATE]
+            case RunOnDB.UPDATE:
+                return [RunOn.UPDATE]
+            case RunOnDB.CREATE_UPDATE:
+                return [RunOn.CREATE, RunOn.UPDATE]
+
+
 class OrganisationInDB(SQL_BASE):
     __tablename__ = "organisation"
 
@@ -72,6 +103,7 @@ class BoefjeInDB(SQL_BASE):
     schema = Column(types.JSON(), nullable=True)
     cron = Column(types.String(length=128), nullable=True)
     interval = Column(types.Integer, nullable=True)
+    run_on = Column(types.Enum(*[x.value for x in RunOnDB], name="run_on"), nullable=True)
 
     # Image specifications
     oci_image = Column(types.String(length=256), nullable=True)

boefjes/boefjes/sql/plugin_storage.py

@@ -6,7 +6,7 @@
 from boefjes.config import Settings, settings
 from boefjes.models import Boefje, Normalizer, PluginType
 from boefjes.sql.db import ObjectNotFoundException, session_managed_iterator
-from boefjes.sql.db_models import BoefjeInDB, NormalizerInDB
+from boefjes.sql.db_models import BoefjeInDB, NormalizerInDB, RunOnDB
 from boefjes.sql.session import SessionMixin
 from boefjes.storage.interfaces import NotAllowed, PluginNotFound, PluginStorage
 
@@ -98,6 +98,7 @@ def _db_normalizer_instance_by_id(self, normalizer_id: str) -> NormalizerInDB:
 
     @staticmethod
     def to_boefje_in_db(boefje: Boefje, pk: int | None = None) -> BoefjeInDB:
+        run_on_db = RunOnDB.from_run_ons(boefje.run_on)
         boefje = BoefjeInDB(
             plugin_id=boefje.id,
             created=boefje.created,
@@ -109,6 +110,7 @@ def to_boefje_in_db(boefje: Boefje, pk: int | None = None) -> BoefjeInDB:
             schema=boefje.boefje_schema,
             cron=boefje.cron,
             interval=boefje.interval,
+            run_on=run_on_db.value if run_on_db is not None else None,
             oci_image=boefje.oci_image,
             oci_arguments=boefje.oci_arguments,
             version=boefje.version,
@@ -152,6 +154,7 @@ def to_boefje(boefje_in_db: BoefjeInDB) -> Boefje:
             boefje_schema=boefje_in_db.schema,
             cron=boefje_in_db.cron,
             interval=boefje_in_db.interval,
+            run_on=RunOnDB(boefje_in_db.run_on).to_run_ons() if boefje_in_db.run_on else None,
             oci_image=boefje_in_db.oci_image,
             oci_arguments=boefje_in_db.oci_arguments,
             version=boefje_in_db.version,

boefjes/tests/integration/test_api.py

@@ -83,6 +83,22 @@ def test_enable_boefje(test_client, organisation, second_organisation):
     assert response.json()["enabled"] is False
 
 
+def test_run_on(test_client, organisation, second_organisation):
+    test_client.patch(f"/v1/organisations/{organisation.id}/plugins/export-to-http-api", json={"enabled": True})
+
+    response = test_client.get(f"/v1/organisations/{organisation.id}/plugins/export-to-http-api")
+    assert response.json()["enabled"] is True
+    assert response.json()["run_on"] == ["create", "update"]
+
+    boefje = Boefje(id="test_run_on", name="Run On", static=False, run_on=["create"])
+    response = test_client.post(f"/v1/organisations/{organisation.id}/plugins", content=boefje.model_dump_json())
+    assert response.status_code == 201
+
+    response = test_client.get(f"/v1/organisations/{organisation.id}/plugins/test_run_on")
+    assert response.json()["enabled"] is False
+    assert response.json()["run_on"] == [x.value for x in boefje.run_on]
+
+
 def test_cannot_add_static_plugin_with_duplicate_name(test_client, organisation):
     boefje = Boefje(id="test_plugin", name="DNS records", static=False)
     response = test_client.post(f"/v1/organisations/{organisation.id}/plugins", content=boefje.model_dump_json())

boefjes/tests/test_models.py

@@ -0,0 +1,15 @@
+from boefjes.models import RunOn
+from boefjes.sql.db_models import RunOnDB
+
+
+def test_run_on():
+    assert RunOnDB.from_run_ons([RunOn.CREATE]) == RunOnDB.CREATE
+    assert RunOnDB.from_run_ons([RunOn.UPDATE]) == RunOnDB.UPDATE
+    assert RunOnDB.from_run_ons([RunOn.CREATE, RunOn.UPDATE]) == RunOnDB.CREATE_UPDATE
+    assert RunOnDB.from_run_ons([RunOn.UPDATE, RunOn.CREATE]) == RunOnDB.CREATE_UPDATE
+    assert RunOnDB.from_run_ons([1]) is None
+    assert RunOnDB.from_run_ons([]) is None
+
+    assert RunOnDB.CREATE.to_run_ons() == [RunOn.CREATE]
+    assert RunOnDB.UPDATE.to_run_ons() == [RunOn.UPDATE]
+    assert RunOnDB.CREATE_UPDATE.to_run_ons() == [RunOn.CREATE, RunOn.UPDATE]

mula/scheduler/models/ooi.py

@@ -9,6 +9,11 @@ class MutationOperationType(Enum):
     DELETE = "delete"
 
 
+class RunOn(Enum):
+    CREATE = MutationOperationType.CREATE.value
+    UPDATE = MutationOperationType.UPDATE.value
+
+
 class ScanProfile(BaseModel):
     level: int
     reference: str

mula/scheduler/models/plugin.py

@@ -2,6 +2,8 @@
 
 from pydantic import BaseModel
 
+from scheduler.models.ooi import RunOn
+
 
 class Plugin(BaseModel):
     id: str
@@ -19,4 +21,4 @@ class Plugin(BaseModel):
     produces: list[str]
     cron: str | None = None
     interval: int | None = None
-    run_on: list[str] | None = None
+    run_on: list[RunOn] | None = None