ISSUE-1794: Resolved merge conflict

README.md

@@ -115,6 +115,11 @@ Thank you for using ThreatMapper.  Please feel welcome to participate in the [Th
 * [productsecurity at deepfence dot io](SECURITY.md): Found a security issue?  Share it in confidence
 * Find out more at [deepfence.io](https://deepfence.io/)
 
+# Get ThreatStryker for Enterprise
+
+ThreatStryker is the enterprise version of ThreatMapper, with additional features for enterprise security teams.  ThreatStryker is available as a cloud service or for on-premises deployment.
+
+<a href="https://deepfence.io/view-enterprise-sandbox" target="_blank"><img src="./images/threatstryker.png">
 
 # Security and Support
 

deepfence_agent/tools/apache/scope/go.sum

@@ -1472,6 +1472,7 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
 gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

deepfence_bootstrapper/assets/config.ini

@@ -27,7 +27,7 @@ autostart=true
 autorestart=true
 
 [process:malware_scanner]
-command=/bin/bash -c "rm -f /tmp/yara-hunter.sock && $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=/tmp/yara-hunter.sock --http-port=8012 --enable-updater=false"
+command=/bin/bash -c "rm -f /tmp/yara-hunter.sock && $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter --config-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter --rules-path $DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/yara-rules --socket-path=/tmp/yara-hunter.sock --enable-updater=false"
 path=$DF_INSTALL_DIR/home/deepfence/bin/yara-hunter/YaraHunter
 autostart=true
 autorestart=true

deepfence_bootstrapper/go.sum

@@ -463,8 +463,8 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gotest.tools v2.1.0+incompatible h1:5USw7CrJBYKqjg9R7QlA6jzqZKEAtvW82aNmsxxGPxw=
 gotest.tools v2.1.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
+gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 k8s.io/api v0.0.0-20181204000039-89a74a8d264d/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
 k8s.io/api v0.27.2 h1:+H17AJpUMvl+clT+BPnKf0E3ksMAzoBBg7CntpSuADo=

deepfence_frontend/apps/dashboard/api-spec.json

@@ -9318,12 +9318,19 @@
         "security": [{ "bearer_token": [] }]
       }
     },
-    "/deepfence/settings/user-activity-log": {
-      "get": {
+    "/deepfence/settings/user-audit-log": {
+      "post": {
         "tags": ["Settings"],
-        "summary": "Get activity logs",
-        "description": "Get activity logs for all users",
-        "operationId": "getUserActivityLogs",
+        "summary": "Get user audit logs",
+        "description": "Get audit logs for all users",
+        "operationId": "getUserAuditLogs",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": { "$ref": "#/components/schemas/ModelGetAuditLogsRequest" }
+            }
+          }
+        },
         "responses": {
           "200": {
             "description": "OK",
@@ -9366,6 +9373,51 @@
         "security": [{ "bearer_token": [] }]
       }
     },
+    "/deepfence/settings/user-audit-log/count": {
+      "get": {
+        "tags": ["Settings"],
+        "summary": "Get user audit logs count",
+        "description": "Get user audit logs count",
+        "operationId": "getUserAuditLogsCount",
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/SearchSearchCountResp" }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ApiDocsBadRequestResponse" }
+              }
+            }
+          },
+          "401": { "description": "Unauthorized" },
+          "403": { "description": "Forbidden" },
+          "404": {
+            "description": "Not Found",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error",
+            "content": {
+              "application/json": {
+                "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" }
+              }
+            }
+          }
+        },
+        "security": [{ "bearer_token": [] }]
+      }
+    },
     "/deepfence/user": {
       "delete": {
         "tags": ["User"],
@@ -11637,6 +11689,11 @@
         "type": "object",
         "properties": { "report_id": { "type": "string" } }
       },
+      "ModelGetAuditLogsRequest": {
+        "required": ["window"],
+        "type": "object",
+        "properties": { "window": { "$ref": "#/components/schemas/ModelFetchWindow" } }
+      },
       "ModelHost": {
         "required": [
           "node_id",
@@ -12666,10 +12723,14 @@
         }
       },
       "ModelStopScanRequest": {
-        "required": ["scan_id", "scan_type"],
+        "required": ["scan_ids", "scan_type"],
         "type": "object",
         "properties": {
-          "scan_id": { "type": "string" },
+          "scan_ids": {
+            "type": "array",
+            "items": { "type": "string" },
+            "nullable": true
+          },
           "scan_type": {
             "enum": [
               "SecretScan",

deepfence_frontend/apps/dashboard/src/api/api.ts

@@ -83,6 +83,7 @@ export function getVulnerabilityApiClient() {
   return {
     startVulnerabilityScan:
       vulnerabilityApi.startVulnerabilityScan.bind(vulnerabilityApi),
+    stopVulnerabilityScan: vulnerabilityApi.stopVulnerabilityScan.bind(vulnerabilityApi),
     resultVulnerabilityScan:
       vulnerabilityApi.resultsVulnerabilityScans.bind(vulnerabilityApi),
     resultCountVulnerabilityScan:
@@ -100,6 +101,7 @@ export function getSecretApiClient() {
   const secretApi = new SecretScanApi(configuration);
   return {
     startSecretScan: secretApi.startSecretScan.bind(secretApi),
+    stopSecretScan: secretApi.stopSecretScan.bind(secretApi),
     resultSecretScan: secretApi.resultsSecretScan.bind(secretApi),
     resultCountSecretScan: secretApi.countResultsSecretScan.bind(secretApi),
     statusSecretScan: secretApi.statusSecretScan.bind(secretApi),
@@ -113,6 +115,7 @@ export function getComplianceApiClient() {
   const complianceApi = new ComplianceApi(configuration);
   return {
     startComplianceScan: complianceApi.startComplianceScan.bind(complianceApi),
+    stopComplianceScan: complianceApi.stopComplianceScan.bind(complianceApi),
     statusComplianceScan: complianceApi.statusComplianceScan.bind(complianceApi),
     resultComplianceScan: complianceApi.resultsComplianceScan.bind(complianceApi),
     resultCountComplianceScan:
@@ -157,6 +160,7 @@ export function getMalwareApiClient() {
   const malwareApi = new MalwareScanApi(configuration);
   return {
     startMalwareScan: malwareApi.startMalwareScan.bind(malwareApi),
+    stopMalwareScan: malwareApi.stopMalwareScan.bind(malwareApi),
     resultMalwareScan: malwareApi.resultsMalwareScan.bind(malwareApi),
     resultCountMalwareScan: malwareApi.countResultsMalwareScan.bind(malwareApi),
     statusMalwareScan: malwareApi.statusMalwareScan.bind(malwareApi),
@@ -217,14 +221,14 @@ export function getScanResultsApiClient() {
   return {
     deleteScanResult: scanResultsApi.deleteScanResult.bind(scanResultsApi),
     downloadScanResultsForScanID: scanResultsApi.downloadScanResults.bind(scanResultsApi),
+    bulkDeleteScans: scanResultsApi.bulkDeleteScans.bind(scanResultsApi),
     deleteScanResultsForScanID:
       scanResultsApi.deleteScanResultsForScanID.bind(scanResultsApi),
     notifyScanResult: scanResultsApi.notifyScanResult.bind(scanResultsApi),
     maskScanResult: scanResultsApi.maskScanResult.bind(scanResultsApi),
     unmaskScanResult: scanResultsApi.unmaskScanResult.bind(scanResultsApi),
     getAllNodesInScanResults:
       scanResultsApi.getAllNodesInScanResults.bind(scanResultsApi),
-    bulkDeleteScansHistory: scanResultsApi.bulkDeleteScans.bind(scanResultsApi),
   };
 }
 
@@ -316,7 +320,8 @@ export function getSettingsApiClient() {
   return {
     getSettings: settingsApi.getSettings.bind(settingsApi),
     updateSettings: settingsApi.updateSetting.bind(settingsApi),
-    getUserActivityLogs: settingsApi.getUserActivityLogs.bind(settingsApi),
+    getUserActivityLogs: settingsApi.getUserAuditLogs.bind(settingsApi),
+    getUserActivityLogCount: settingsApi.getUserAuditLogsCount.bind(settingsApi),
     getEmailConfiguration: settingsApi.getEmailConfiguration.bind(settingsApi),
     addEmailConfiguration: settingsApi.addEmailConfiguration.bind(settingsApi),
     deleteEmailConfiguration: settingsApi.deleteEmailConfiguration.bind(settingsApi),

deepfence_frontend/apps/dashboard/src/api/generated/.openapi-generator/FILES

@@ -110,6 +110,7 @@ models/ModelFiltersReq.ts
 models/ModelFiltersResult.ts
 models/ModelGenerateReportReq.ts
 models/ModelGenerateReportResp.ts
+models/ModelGetAuditLogsRequest.ts
 models/ModelHost.ts
 models/ModelImageStub.ts
 models/ModelInitAgentReq.ts

deepfence_frontend/apps/dashboard/src/api/generated/apis/SettingsApi.ts

@@ -20,12 +20,14 @@ import type {
   ModelAddScheduledTaskRequest,
   ModelEmailConfigurationAdd,
   ModelEmailConfigurationResp,
+  ModelGetAuditLogsRequest,
   ModelMessageResponse,
   ModelSettingUpdateRequest,
   ModelSettingsResponse,
   ModelUpdateScheduledTaskRequest,
   PostgresqlDbGetAuditLogsRow,
   PostgresqlDbScheduler,
+  SearchSearchCountResp,
 } from '../models';
 import {
     ApiDocsBadRequestResponseFromJSON,
@@ -38,6 +40,8 @@ import {
     ModelEmailConfigurationAddToJSON,
     ModelEmailConfigurationRespFromJSON,
     ModelEmailConfigurationRespToJSON,
+    ModelGetAuditLogsRequestFromJSON,
+    ModelGetAuditLogsRequestToJSON,
     ModelMessageResponseFromJSON,
     ModelMessageResponseToJSON,
     ModelSettingUpdateRequestFromJSON,
@@ -50,6 +54,8 @@ import {
     PostgresqlDbGetAuditLogsRowToJSON,
     PostgresqlDbSchedulerFromJSON,
     PostgresqlDbSchedulerToJSON,
+    SearchSearchCountRespFromJSON,
+    SearchSearchCountRespToJSON,
 } from '../models';
 
 export interface AddEmailConfigurationRequest {
@@ -64,6 +70,10 @@ export interface DeleteEmailConfigurationRequest {
     configId: string;
 }
 
+export interface GetUserAuditLogsRequest {
+    modelGetAuditLogsRequest?: ModelGetAuditLogsRequest;
+}
+
 export interface UpdateScheduledTaskRequest {
     id: number;
     modelUpdateScheduledTaskRequest?: ModelUpdateScheduledTaskRequest;
@@ -179,19 +189,35 @@ export interface SettingsApiInterface {
     getSettings(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<ModelSettingsResponse>>;
 
     /**
-     * Get activity logs for all users
-     * @summary Get activity logs
+     * Get audit logs for all users
+     * @summary Get user audit logs
+     * @param {ModelGetAuditLogsRequest} [modelGetAuditLogsRequest] 
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SettingsApiInterface
+     */
+    getUserAuditLogsRaw(requestParameters: GetUserAuditLogsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<PostgresqlDbGetAuditLogsRow>>>;
+
+    /**
+     * Get audit logs for all users
+     * Get user audit logs
+     */
+    getUserAuditLogs(requestParameters: GetUserAuditLogsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<PostgresqlDbGetAuditLogsRow>>;
+
+    /**
+     * Get user audit logs count
+     * @summary Get user audit logs count
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      * @memberof SettingsApiInterface
      */
-    getUserActivityLogsRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<PostgresqlDbGetAuditLogsRow>>>;
+    getUserAuditLogsCountRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<SearchSearchCountResp>>;
 
     /**
-     * Get activity logs for all users
-     * Get activity logs
+     * Get user audit logs count
+     * Get user audit logs count
      */
-    getUserActivityLogs(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<PostgresqlDbGetAuditLogsRow>>;
+    getUserAuditLogsCount(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<SearchSearchCountResp>;
 
     /**
      * Update scheduled task
@@ -475,14 +501,16 @@ export class SettingsApi extends runtime.BaseAPI implements SettingsApiInterface
     }
 
     /**
-     * Get activity logs for all users
-     * Get activity logs
+     * Get audit logs for all users
+     * Get user audit logs
      */
-    async getUserActivityLogsRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<PostgresqlDbGetAuditLogsRow>>> {
+    async getUserAuditLogsRaw(requestParameters: GetUserAuditLogsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<PostgresqlDbGetAuditLogsRow>>> {
         const queryParameters: any = {};
 
         const headerParameters: runtime.HTTPHeaders = {};
 
+        headerParameters['Content-Type'] = 'application/json';
+
         if (this.configuration && this.configuration.accessToken) {
             const token = this.configuration.accessToken;
             const tokenString = await token("bearer_token", []);
@@ -492,21 +520,58 @@ export class SettingsApi extends runtime.BaseAPI implements SettingsApiInterface
             }
         }
         const response = await this.request({
-            path: `/deepfence/settings/user-activity-log`,
-            method: 'GET',
+            path: `/deepfence/settings/user-audit-log`,
+            method: 'POST',
             headers: headerParameters,
             query: queryParameters,
+            body: ModelGetAuditLogsRequestToJSON(requestParameters.modelGetAuditLogsRequest),
         }, initOverrides);
 
         return new runtime.JSONApiResponse(response, (jsonValue) => jsonValue.map(PostgresqlDbGetAuditLogsRowFromJSON));
     }
 
     /**
-     * Get activity logs for all users
-     * Get activity logs
+     * Get audit logs for all users
+     * Get user audit logs
+     */
+    async getUserAuditLogs(requestParameters: GetUserAuditLogsRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<PostgresqlDbGetAuditLogsRow>> {
+        const response = await this.getUserAuditLogsRaw(requestParameters, initOverrides);
+        return await response.value();
+    }
+
+    /**
+     * Get user audit logs count
+     * Get user audit logs count
+     */
+    async getUserAuditLogsCountRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<SearchSearchCountResp>> {
+        const queryParameters: any = {};
+
+        const headerParameters: runtime.HTTPHeaders = {};
+
+        if (this.configuration && this.configuration.accessToken) {
+            const token = this.configuration.accessToken;
+            const tokenString = await token("bearer_token", []);
+
+            if (tokenString) {
+                headerParameters["Authorization"] = `Bearer ${tokenString}`;
+            }
+        }
+        const response = await this.request({
+            path: `/deepfence/settings/user-audit-log/count`,
+            method: 'GET',
+            headers: headerParameters,
+            query: queryParameters,
+        }, initOverrides);
+
+        return new runtime.JSONApiResponse(response, (jsonValue) => SearchSearchCountRespFromJSON(jsonValue));
+    }
+
+    /**
+     * Get user audit logs count
+     * Get user audit logs count
      */
-    async getUserActivityLogs(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<PostgresqlDbGetAuditLogsRow>> {
-        const response = await this.getUserActivityLogsRaw(initOverrides);
+    async getUserAuditLogsCount(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<SearchSearchCountResp> {
+        const response = await this.getUserAuditLogsCountRaw(initOverrides);
         return await response.value();
     }