Add new table and models to store Security Orchestration Policy Schedules
Why are we doing this work
To support scheduled scans configured in Security Orchestration Policies we need to add new table to database to store them and we need to extend current table with Security Orchestration Policy Configuration with new field that will indicate when given we have updated background jobs configuration for given Policy Project.
Relevant links
Non-functional requirements
- [-] Documentation:
- [-] Feature flag:
- [-] Performance:
- [-] Testing:
Implementation plan
-
database create new table security_orchestration_policy_rule_schedules
with fields:-
security_orchestration_policy_configuration_id bigint NOT NULL
-
policy_index integer NOT NULL
- to store the index of the policy to properly configure scheduled scan, -
cron text ((char_length(cron) <= 255))
- to store cron extension -
next_run_at timestamp with time zone
- to store when we should start next scheduled scan, -
updated_at timestamp with time zone NOT NULL
-
created_at timestamp with time zone NOT NULL
-
-
database set owner of the table to ~"group::container security" and provide the description to table comment, -
database extend security_orchestration_policy_configurations
with new fieldconfigured_at
timestamp with time zone
to store when we background jobs for given Security Orchestration Policy Configuration were configured -
backend extend ee/app/models/security/orchestration_policy_configuration.rb
with associationhas_many :rule_schedules
, -
backend create new model ee/app/models/security/orchestration_policy_rule_schedule.rb
withSchedulable
concern, with associationsbelongs_to :security_orchestration_policy_configuration
and presence validation forcron
andpolicy_index
fields
Edited by Alan (Maciej) Paruszewski