Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BOD 22-01 / KEV changes #68

Merged
merged 16 commits into from
Apr 28, 2022
Merged

BOD 22-01 / KEV changes #68

merged 16 commits into from
Apr 28, 2022

Conversation

dav3r
Copy link
Member

@dav3r dav3r commented Apr 18, 2022
edited
Loading

🗣 Description

This PR pulls together the following previously-tested and reviewed cyhy-core PRs related to BOD 22-01 / Known Exploited Vulnerabilities (KEVs):

💭 Motivation and context

This PR:

🧪 Testing

Testing information can be found in the details of the PRs listed in the "Description" section above.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated
    to reflect the changes in this PR.
  • All new and existing tests pass.

✅ Post-merge checklist

  • Coordinate deployment plan with CyHy team.
  • Run cyhy-kevsync in Production to populate new kevs collection.
  • Deploy these changes to Production.

felddy and others added 13 commits March 31, 2022 16:32
@felddy
Sort dictionary keys and other assignments
8c612a7
@felddy
Add KEV flag to ticket docment details
e48950b
@felddy @dav3r
Add notification when KEV is true for new tickets
49618e3 
Co-authored-by: dav3r <dav3r@users.noreply.github.com>
@felddy
Add query to count KEV tickets for a host
278b130
@felddy
Incorporate kev_count into scheduler calculations
18f1714
@dav3r
Make __generate_ticket_details return a delta if present
57c4963
@dav3r
Create notifications for existing tickets in certain cases:
848b265 
* If severity goes from less than 3 (High) to 3 or greater
* If KEV flag goes from False to True
@felddy @mcdonnnj
Apply suggestions from code review
ab02ba1 
Sort imports.
Improve grammar of a comment.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@felddy @mcdonnnj
Apply suggestions from code review
00f7439 
- Since we're already editing this docstring the summary should be in the imperative mood and there should be a blank line after the summary.
- Add comma: Just something to break up the chain of ors since the first two are part of one logical check.
- Correct tense of method comment.

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@felddy
Merge pull request #63 from cisagov/improvement/add-kev-to-tickets
b5e576b 
Add KEV flag to ticket documents
@felddy
Merge pull request #64 from cisagov/improvement/kev-aware-scheduler
c6c625f 
Make the scheduler aware of KEVs
@dav3r
Merge branch 'epic/bod-22-01' into improvement/notifications-for-exis…
fd33044 
…ting-tickets
@dav3r
Merge pull request #65 from cisagov/improvement/notifications-for-exi…
3a97f44 
…sting-tickets

Create notifications for existing tickets
@dav3r dav3r added the improvement This issue or pull request will add new or improve existing functionality label Apr 18, 2022
@dav3r dav3r requested review from felddy, jsf9k and mcdonnnj as code owners April 18, 2022 17:15
@dav3r dav3r self-assigned this Apr 18, 2022
This was referenced Apr 19, 2022
Merged
Merged
Merged
dav3r added 2 commits April 22, 2022 11:34
@dav3r
Remove unused import
e5ef9bc
@dav3r
Exclude docopt call from main try block
11d9b73 
This is because docopt can generate SystemExit and DocoptExit exceptions in certain normal use cases.
@dav3r dav3r requested a review from jsf9k April 22, 2022 16:53
felddy
felddy approved these changes Apr 22, 2022
View reviewed changes
Copy link
Member

@felddy felddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still looking good after all these years!

🔂 :shipit:

mcdonnnj
mcdonnnj approved these changes Apr 22, 2022
View reviewed changes
Copy link
Member

@mcdonnnj mcdonnnj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even better the second time around!

@dav3r dav3r merged commit 797bd63 into develop Apr 28, 2022
@dav3r dav3r deleted the epic/bod-22-01 branch April 28, 2022 19:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felddy felddy felddy approved these changes

@jsf9k jsf9k jsf9k approved these changes

@mcdonnnj mcdonnnj mcdonnnj approved these changes

Assignees

@dav3r dav3r

Labels
improvement This issue or pull request will add new or improve existing functionality
Projects
No open projects
BOD 22-01
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update CyHy notification triggers for high/critical and KEVs
4 participants
@dav3r @felddy @jsf9k @mcdonnnj