dso: add models for findings from gardener/inventory

gardener · Feb 24, 2025 · 53e42ae · 53e42ae
1 parent 0114c26
commit 53e42ae
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/dso/model.py b/dso/model.py
@@ -53,9 +53,10 @@ class Datasource:
     CC_UTILS = 'cc-utils'
     DELIVERY_DASHBOARD = 'delivery-dashboard'
     DIKI = 'diki'
+    INVENTORY = 'inventory'
 
     @staticmethod
-    def datasource_to_datatypes(datasource: str) -> tuple[str]:
+    def datasource_to_datatypes(datasource: str) -> tuple[str, ...]:
         return {
             Datasource.ARTEFACT_ENUMERATOR: (
                 Datatype.COMPLIANCE_SNAPSHOTS,
@@ -89,6 +90,10 @@ def datasource_to_datatypes(datasource: str) -> tuple[str]:
                 Datatype.ARTEFACT_SCAN_INFO,
                 Datatype.DIKI_FINDING,
             ),
+            Datasource.INVENTORY: (
+                Datatype.ARTEFACT_SCAN_INFO,
+                Datatype.INVENTORY_FINDING,
+            ),
         }[datasource]
 
     @staticmethod
@@ -230,6 +235,7 @@ class Datatype:
     MALWARE_FINDING = 'finding/malware'
     SAST_FINDING = 'finding/sast'
     DIKI_FINDING = 'finding/diki'
+    INVENTORY_FINDING = 'finding/inventory'
     CODECHECKS_AGGREGATED = 'codechecks/aggregated'
     OS_IDS = 'os_ids'
     RESCORING = 'rescorings'
@@ -246,6 +252,7 @@ def datatype_to_datasource(datatype: str) -> str:
             Datatype.MALWARE_FINDING: Datasource.CLAMAV,
             Datatype.DIKI_FINDING: Datasource.DIKI,
             Datatype.SAST_FINDING: Datasource.SAST_LINT_CHECK,
+            Datatype.INVENTORY_FINDING: Datasource.INVENTORY,
         }[datatype]
 
 
@@ -431,6 +438,29 @@ def key(self) -> str:
         return _as_key(self.provider_id, self.ruleset_id, self.rule_id)
 
 
+@dataclasses.dataclass(frozen=True)
+class InventoryFinding(Finding):
+    """
+    Represents a finding from the gardener/inventory system
+    """
+    # Name of provider, where orphan resources originate from, e.g. AWS, Azure,
+    # GCP, OpenStack, etc.
+    provider_name: str
+
+    # Kind of the orphan resource, e.g. Virtual Machine, Public IP address, etc.
+    resource_kind: str
+
+    # Short summary of the finding
+    summary: str
+
+    # Resources identified by gardener/inventory as being orphan
+    resources: list[dict]
+
+    @property
+    def key(self) -> str:
+        return _as_key(self.provider_name, self.resource_kind)
+
+
 @dataclasses.dataclass(frozen=True)
 class User:
     username: str
@@ -566,6 +596,7 @@ class ArtefactMetadata:
         | OsID
         | CustomRescoring
         | ComplianceSnapshot
+        | InventoryFinding
         | dict # fallback, there should be a type
     )
     discovery_date: datetime.date | None = None # required for finding specific SLA tracking

diff --git a/github/compliance/issue.py b/github/compliance/issue.py
@@ -34,6 +34,7 @@
 _label_os_outdated = 'os/outdated'
 _label_malware = 'malware/clamav'
 _label_diki = 'compliance/diki'
+_label_inventory = 'compliance/inventory'
 
 _label_no_responsible = 'cfg/policy-violation/no-responsible'
 _label_no_rule = 'cfg/policy-violation/no-rule'