DAST On-demand Scheduler - Implement Scheduling
related link(s)
implementation plan
use Extend DAST scan execution policy to support scheduled execution
as a guide.
model changes
- create new model
Dast::ProfileSchedule
id :: bigint
dast_profile_id :: bigint
-
user_id :: bigint
(owner
of the schedule) next_run_at :: timestamp with time zone
cron :: text
- add relevant model associations to
dast_profile
anddast_profile_schedule
worker
- create a new worker
AppSec::Dast::ProfileScheduleWorker
- enumerate upcoming scheduled scans and create a
dast
scan using::DastOnDemandScans::CreateService
settings
- extend
Settings.cron_jobs
with newly created workerAppSec::Dast::ProfileScheduleWorker
- extend
ee/app/workers/all_queues.yml
with newly created
gotchas
-
Ci::Pipeline
needs auser
to ensure scan runs correctly hence necessity ofowner
concept
Edited by Philip Cunningham