adding phase 5 init framework, added deployment ease scripts

2025-11-18 13:10:53 -06:00
parent b2a3fc7832
commit 131e1f5a61
19 changed files with 2458 additions and 82 deletions
--- a/app/web/models.py
+++ b/app/web/models.py
@@ -284,17 +284,24 @@ class Alert(Base):

    id = Column(Integer, primary_key=True, autoincrement=True)
    scan_id = Column(Integer, ForeignKey('scans.id'), nullable=False, index=True)
-    alert_type = Column(String(50), nullable=False, comment="new_port, cert_expiry, service_change, ping_failed")
+    rule_id = Column(Integer, ForeignKey('alert_rules.id'), nullable=True, index=True, comment="Associated alert rule")
+    alert_type = Column(String(50), nullable=False, comment="unexpected_port, drift_detection, cert_expiry, service_change, ping_failed")
    severity = Column(String(20), nullable=False, comment="info, warning, critical")
    message = Column(Text, nullable=False, comment="Human-readable alert message")
    ip_address = Column(String(45), nullable=True, comment="Related IP (optional)")
    port = Column(Integer, nullable=True, comment="Related port (optional)")
    email_sent = Column(Boolean, nullable=False, default=False, comment="Was email notification sent?")
    email_sent_at = Column(DateTime, nullable=True, comment="Email send timestamp")
+    webhook_sent = Column(Boolean, nullable=False, default=False, comment="Was webhook sent?")
+    webhook_sent_at = Column(DateTime, nullable=True, comment="Webhook send timestamp")
+    acknowledged = Column(Boolean, nullable=False, default=False, index=True, comment="Was alert acknowledged?")
+    acknowledged_at = Column(DateTime, nullable=True, comment="Acknowledgment timestamp")
+    acknowledged_by = Column(String(255), nullable=True, comment="User who acknowledged")
    created_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Alert creation time")

    # Relationships
    scan = relationship('Scan', back_populates='alerts')
+    rule = relationship('AlertRule', back_populates='alerts')

    # Index for alert queries by type and severity
    __table_args__ = (
@@ -315,14 +322,79 @@ class AlertRule(Base):
    __tablename__ = 'alert_rules'

    id = Column(Integer, primary_key=True, autoincrement=True)
-    rule_type = Column(String(50), nullable=False, comment="unexpected_port, cert_expiry, service_down, etc.")
+    name = Column(String(255), nullable=True, comment="User-friendly rule name")
+    rule_type = Column(String(50), nullable=False, comment="unexpected_port, cert_expiry, service_down, drift_detection, etc.")
    enabled = Column(Boolean, nullable=False, default=True, comment="Is rule active?")
    threshold = Column(Integer, nullable=True, comment="Threshold value (e.g., days for cert expiry)")
    email_enabled = Column(Boolean, nullable=False, default=False, comment="Send email for this rule?")
+    webhook_enabled = Column(Boolean, nullable=False, default=False, comment="Send webhook for this rule?")
+    severity = Column(String(20), nullable=True, comment="Alert severity: critical, warning, info")
+    filter_conditions = Column(Text, nullable=True, comment="JSON filter conditions for the rule")
+    config_file = Column(String(255), nullable=True, comment="Optional: specific config file this rule applies to")
    created_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Rule creation time")
+    updated_at = Column(DateTime, nullable=True, comment="Last update time")
+
+    # Relationships
+    alerts = relationship("Alert", back_populates="rule", cascade="all, delete-orphan")

    def __repr__(self):
-        return f"<AlertRule(id={self.id}, rule_type='{self.rule_type}', enabled={self.enabled})>"
+        return f"<AlertRule(id={self.id}, name='{self.name}', rule_type='{self.rule_type}', enabled={self.enabled})>"
+
+
+class Webhook(Base):
+    """
+    Webhook configurations for alert notifications.
+
+    Stores webhook endpoints and authentication details for sending alert
+    notifications to external systems.
+    """
+    __tablename__ = 'webhooks'
+
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    name = Column(String(255), nullable=False, comment="Webhook name")
+    url = Column(Text, nullable=False, comment="Webhook URL")
+    enabled = Column(Boolean, nullable=False, default=True, comment="Is webhook enabled?")
+    auth_type = Column(String(20), nullable=True, comment="Authentication type: none, bearer, basic, custom")
+    auth_token = Column(Text, nullable=True, comment="Encrypted authentication token")
+    custom_headers = Column(Text, nullable=True, comment="JSON custom headers")
+    alert_types = Column(Text, nullable=True, comment="JSON array of alert types to trigger on")
+    severity_filter = Column(Text, nullable=True, comment="JSON array of severities to trigger on")
+    timeout = Column(Integer, nullable=True, default=10, comment="Request timeout in seconds")
+    retry_count = Column(Integer, nullable=True, default=3, comment="Number of retry attempts")
+    created_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Creation time")
+    updated_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Last update time")
+
+    # Relationships
+    delivery_logs = relationship("WebhookDeliveryLog", back_populates="webhook", cascade="all, delete-orphan")
+
+    def __repr__(self):
+        return f"<Webhook(id={self.id}, name='{self.name}', enabled={self.enabled})>"
+
+
+class WebhookDeliveryLog(Base):
+    """
+    Webhook delivery tracking.
+
+    Logs all webhook delivery attempts for auditing and debugging purposes.
+    """
+    __tablename__ = 'webhook_delivery_log'
+
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    webhook_id = Column(Integer, ForeignKey('webhooks.id'), nullable=False, index=True, comment="Associated webhook")
+    alert_id = Column(Integer, ForeignKey('alerts.id'), nullable=False, index=True, comment="Associated alert")
+    status = Column(String(20), nullable=True, index=True, comment="Delivery status: success, failed, retrying")
+    response_code = Column(Integer, nullable=True, comment="HTTP response code")
+    response_body = Column(Text, nullable=True, comment="Response body from webhook")
+    error_message = Column(Text, nullable=True, comment="Error message if failed")
+    attempt_number = Column(Integer, nullable=True, comment="Which attempt this was")
+    delivered_at = Column(DateTime, nullable=False, default=datetime.utcnow, comment="Delivery timestamp")
+
+    # Relationships
+    webhook = relationship("Webhook", back_populates="delivery_logs")
+    alert = relationship("Alert")
+
+    def __repr__(self):
+        return f"<WebhookDeliveryLog(id={self.id}, webhook_id={self.webhook_id}, status='{self.status}')>"


 # ============================================================================