Essential metrics for CVS on advisory DB change
Why are we doing this work
We need to measure the success of Dependency Scanning: CVS Trigger scans on Advis... (&9534 - closed).
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
-
Name category: VulnerabilityScanning::AdvisoryScanner
(class name) #424229 (comment 1543985508) -
Name action: scan
#424229 (comment 1543987134) -
Name label and property, if any. #424229 (comment 1544181519) -
List what needs to be collected, and check feasibility. #424229 (comment 1544040151) -
Specify context to be collect. #424229 (comment 1544040151) -
Specify JSON schema for this event. #424229 (comment 1543997350) -
Add JSON schema iglu. -
Create tracking service. #424229 (comment 1544100832) -
Call tracking service from the advisory scanner.
The advisory scanner is currently being implemented in !129640 (merged).
Verification steps
This can be tested on GDK with Snowplow micro.
- Load advisories into the database.
- Create some projects that match these advisories.
- Trigger the advisory scan jobs with IDs of previously loaded advisories.
- Check event on Snowplow micro.
Edited by Aditya Tiwari