Complete Phase 1: Foundation - Flask web application infrastructure

Implement complete database schema and Flask application structure for
SneakyScan web interface. This establishes the foundation for web-based
scan management, scheduling, and visualization.

Database & ORM:
- Add 11 SQLAlchemy models for comprehensive scan data storage
  (Scan, ScanSite, ScanIP, ScanPort, ScanService, ScanCertificate,
  ScanTLSVersion, Schedule, Alert, AlertRule, Setting)
- Configure Alembic migrations system with initial schema migration
- Add init_db.py script for database initialization and password setup
- Support both migration-based and direct table creation

Settings System:
- Implement SettingsManager with automatic encryption for sensitive values
- Add Fernet encryption for SMTP passwords and API tokens
- Implement PasswordManager with bcrypt password hashing (work factor 12)
- Initialize default settings for SMTP, authentication, and retention

Flask Application:
- Create Flask app factory pattern with scoped session management
- Add 4 API blueprints: scans, schedules, alerts, settings
- Implement functional Settings API (GET/PUT/DELETE endpoints)
- Add CORS support, error handlers, and request/response logging
- Configure development and production logging to file and console

Docker & Deployment:
- Update Dockerfile to install Flask dependencies
- Add docker-compose-web.yml for web application deployment
- Configure volume mounts for database, output, and logs persistence
- Expose port 5000 for Flask web server

Testing & Validation:
- Add validate_phase1.py script to verify all deliverables
- Validate directory structure, Python syntax, models, and endpoints
- All validation checks passing

Documentation:
- Add PHASE1_COMPLETE.md with comprehensive Phase 1 summary
- Update ROADMAP.md with Phase 1 completion status
- Update .gitignore to exclude database files and documentation

Files changed: 21 files
- New: web/ directory with complete Flask app structure
- New: migrations/ with Alembic configuration
- New: requirements-web.txt with Flask dependencies
- Modified: Dockerfile, ROADMAP.md, .gitignore

docker-compose-web.yml

@@ -0,0 +1,53 @@
+version: '3.8'
+
+services:
+  web:
+    build: .
+    image: sneakyscanner:latest
+    container_name: sneakyscanner-web
+    # Override entrypoint to run Flask app instead of scanner
+    entrypoint: ["python3", "-u"]
+    command: ["-m", "web.app"]
+    ports:
+      - "5000:5000"
+    volumes:
+      # Mount configs directory (read-only) for scan configurations
+      - ./configs:/app/configs:ro
+      # Mount output directory for scan results
+      - ./output:/app/output
+      # Mount database file for persistence
+      - ./data:/app/data
+      # Mount logs directory
+      - ./logs:/app/logs
+    environment:
+      # Flask configuration
+      - FLASK_APP=web.app
+      - FLASK_ENV=development
+      - FLASK_DEBUG=true
+      - FLASK_HOST=0.0.0.0
+      - FLASK_PORT=5000
+      # Database configuration (SQLite in mounted volume for persistence)
+      - DATABASE_URL=sqlite:////app/data/sneakyscanner.db
+      # Security settings
+      - SECRET_KEY=${SECRET_KEY:-dev-secret-key-change-in-production}
+      # Optional: CORS origins (comma-separated)
+      - CORS_ORIGINS=${CORS_ORIGINS:-*}
+      # Optional: Logging level
+      - LOG_LEVEL=${LOG_LEVEL:-INFO}
+    # Note: Scanner functionality requires privileged mode and host network
+    # For now, the web app will trigger scans via subprocess
+    # In Phase 2, we'll integrate scanner properly
+    restart: unless-stopped
+
+  # Optional: Initialize database on first run
+  # Run with: docker-compose -f docker-compose-web.yml run --rm init-db
+  init-db:
+    build: .
+    image: sneakyscanner:latest
+    container_name: sneakyscanner-init-db
+    entrypoint: ["python3"]
+    command: ["init_db.py", "--db-url", "sqlite:////app/data/sneakyscanner.db"]
+    volumes:
+      - ./data:/app/data
+    profiles:
+      - tools