feat: Collect scanner statistics during AssetScan

To be able to dynamically estimate time and cost of scans, we need to gather statistics about the scanned filesystem size and time benchmarks per family per input. This information is exported to the AssetScan where the control plane can use it to estimate the cost of future scans.
openclarity · Jul 28, 2023 · 4d1e8b3 · 4d1e8b3
1 parent 412f1bf
commit 4d1e8b3
Show file tree

Hide file tree

Showing 39 changed files with 971 additions and 215 deletions.
diff --git a/api/models/models.gen.go b/api/models/models.gen.go
diff --git a/api/openapi.yaml b/api/openapi.yaml
@@ -1724,6 +1724,8 @@ components:
               type: boolean
             resourceCleanup:
               $ref: '#/components/schemas/ResourceCleanupState'
+            stats:
+              $ref: '#/components/schemas/AssetScanStats'
             summary:
               $ref: '#/components/schemas/ScanFindingsSummary'
         - $ref: '#/components/schemas/AssetScanTemplate'
@@ -1739,6 +1741,40 @@ components:
       #  - asset
       #  - scan
 
+    AssetScanStats:
+      type: object
+      properties:
+        general:
+          $ref: '#/components/schemas/AssetScanGeneralStats'
+        sbom:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        vulnerabilities:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        malware:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        rootkits:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        secrets:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        misconfigurations:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+        exploits:
+          type: array
+          items:
+            $ref: '#/components/schemas/AssetScanInputScanStats'
+
     AssetScanTemplateReadOnly:
       type: object
       properties:
@@ -1802,12 +1838,49 @@ components:
             resourceCleanup:
               $ref: '#/components/schemas/ResourceCleanupState'
               readOnly: true
+            stats:
+              $ref: '#/components/schemas/AssetScanStats'
+              readOnly: true
             summary:
               $ref: '#/components/schemas/ScanFindingsSummary'
               readOnly: true
           required: [id]
         - $ref: '#/components/schemas/AssetScanTemplateReadOnly'
 
+    AssetScanGeneralStats:
+      type: object
+      description: Global statistics for asset scan of all families.
+      properties:
+        scanTime:
+          $ref: '#/components/schemas/AssetScanScanTime'
+
+    AssetScanInputScanStats:
+      type: object
+      description: Statistics per asset scan input.
+      properties:
+        type:
+          description: The input type (ROOTFS, DIR, IMAGE etc.)
+          type: string
+        path:
+          description: The input path (/mnt/snapshot for ex.)
+          type: string
+        size:
+          description: The input size in MB.
+          type: integer
+          format: int64
+        scanTime:
+          $ref: '#/components/schemas/AssetScanScanTime'
+
+    AssetScanScanTime:
+      type: object
+      properties:
+        startTime:
+          type: string
+          format: date-time
+        endTime:
+          type: string
+          format: date-time
+
     AssetScanExists:
       type: object
       properties: