31. Manage scans over multiple organizations manually and with automated workflows

[madelondohmen]

About this feature

Milestone items

• 32 Rate instellen voor masscan (over alles tegelijk)
• 36 API-settings gedeeld invullen
• 38 Acties uitvoeren over meerdere organisaties tegelijk. (Boefjes/bits/normalizers/reports schedules, bits rerunnen etc.)
• 39 Herhalende componenten over organisaties samenvoegen (bijv. een lokale CVE/CWE database, organisaties die dezelfde assets willen scannen)

Detailed description

Task that need to be done over multiple/all organisations:

• Change boefje config for multiple/all organisation instead of only one organisation
• Turn boefje on or off for multiple organisations (scheduler will automatically schedule scans when boefje is enabled)
• Manually run a boefje on provided list of OOIs.
• Rerun of bits
• Schedule report creation

Scope

• Create REST API in rocky for the above listed tasks.

Out of scope

• Being able to do this within the user interface, for the MVP we will only provide an API to do this.
• Sharing CVE data. This is very hard to do with our current xtdb-http-multinode setup. Migrating to XTDB 2 should make this easier.
• Optimization of multiple organisations scanning the same asset. It would be very complicated to implement this because there are a lot of edge cases that all need to be correctly handled.

Related tickets

• Organization endpoint not functioning correctly with token #2872
• Create REST API for boefje management #3524
• Create REST API to rerun bits and duplicate katalogus settings #3525
• Create REST API to schedule report creation #3526