Skip to content

ROX-30135: Send baselines to sensor when deployment leaves observation #16077

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
JoukoVirtanen wants to merge 30 commits into from
Closed

ROX-30135: Send baselines to sensor when deployment leaves observation #16077

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
d77b428
X-Smart-Branch-Parent: master
JoukoVirtanen Aug 27, 2025
1173c6c
X-Smart-Squash: Squashed 7 commits:
JoukoVirtanen Aug 6, 2025
fe779a1
Revert "X-Smart-Squash: Squashed 7 commits:"
JoukoVirtanen Aug 6, 2025
5267950
Sends locked processes baselines to sensor when deployments leave obs…
JoukoVirtanen Aug 7, 2025
f9abaa8
Added a feature flag
JoukoVirtanen Aug 7, 2025
89af50f
Fixed unit test
JoukoVirtanen Aug 7, 2025
7eae4ae
Changed the name of the feature flag
JoukoVirtanen Aug 10, 2025
986e97b
Setting connectionManager for lifecycle manager
JoukoVirtanen Aug 11, 2025
c264034
Manual testing works
JoukoVirtanen Aug 14, 2025
ade5925
Fixed style
JoukoVirtanen Aug 14, 2025
e4d93de
Not upserting the baseline if it doesn't need to be upserted
JoukoVirtanen Aug 14, 2025
d9e9ce5
Added unit test
JoukoVirtanen Aug 14, 2025
cd11907
Remved connection manager from process baseline service
JoukoVirtanen Aug 15, 2025
b583e14
make style
JoukoVirtanen Aug 15, 2025
d71f71c
Apply suggestions from code review
JoukoVirtanen Aug 15, 2025
0d0f8fc
Made feature flag consistent
JoukoVirtanen Aug 15, 2025
618ff7c
Added test for UpdateProcessBaselineElements where autolock is true
JoukoVirtanen Aug 15, 2025
343cea3
Clarified which lock is being used
JoukoVirtanen Aug 15, 2025
95f5c2e
Further clarified which lock is being used
JoukoVirtanen Aug 15, 2025
4387c22
stackroxLock will be set to true if userLock is set to true. userLock…
JoukoVirtanen Aug 15, 2025
f8761ba
SendBaselineToSensor returns error. Variable renamed from pw to baseline
JoukoVirtanen Aug 15, 2025
829b7d2
Added more tests for .checkAndUpdateBaseline with autolocking
JoukoVirtanen Aug 15, 2025
5351e5d
Added another test. UserLock should be unlocked when needed
JoukoVirtanen Aug 16, 2025
0d46ce6
Moved a check into its own function
JoukoVirtanen Aug 16, 2025
53d88a2
Refactored case where the baseline already exists
JoukoVirtanen Aug 16, 2025
7703df6
Corrected comment
JoukoVirtanen Aug 16, 2025
fd17e0c
Saving feature flag to env var, because it can be more complex in the…
JoukoVirtanen Aug 18, 2025
3fdc16d
Renamed checkIfBaselineDoesntNeedUpdate to checkIfBaselineCanBeSkipped
JoukoVirtanen Aug 20, 2025
379d14f
Not passing userLock to updateProcessBaselineElements
JoukoVirtanen Aug 20, 2025
6c97e89
Saving cluster id to a variable in SendBaselineToSensor
JoukoVirtanen Aug 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion central/alert/service/service_impl.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@ func (s *serviceImpl) ResolveAlert(ctx context.Context, req *v1.ResolveAlertRequ
ClusterId: alert.GetDeployment().GetClusterId(),
Namespace: alert.GetDeployment().GetNamespace(),
}
baseline, err := s.baselines.UpdateProcessBaselineElements(ctx, key, items, nil, false)
baseline, err := s.baselines.UpdateProcessBaselineElements(ctx, key, items, nil, false, false)
if err != nil {
return nil, err
}
Expand Down
6 changes: 5 additions & 1 deletion central/detection/lifecycle/manager.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
baselineDataStore "github.com/stackrox/rox/central/processbaseline/datastore"
processDatastore "github.com/stackrox/rox/central/processindicator/datastore"
"github.com/stackrox/rox/central/reprocessor"
"github.com/stackrox/rox/central/sensor/service/connection"
"github.com/stackrox/rox/generated/storage"
"github.com/stackrox/rox/pkg/logging"
"github.com/stackrox/rox/pkg/process/filter"
Expand Down Expand Up @@ -42,13 +43,14 @@ type Manager interface {
DeploymentRemoved(deploymentID string) error
RemovePolicy(policyID string) error
RemoveDeploymentFromObservation(deploymentID string)
SendBaselineToSensor(baseline *storage.ProcessBaseline) error
}

// newManager returns a new manager with the injected dependencies.
func newManager(buildTimeDetector buildtime.Detector, deployTimeDetector deploytime.Detector, runtimeDetector runtime.Detector,
deploymentDatastore deploymentDatastore.DataStore, processesDataStore processDatastore.DataStore, baselines baselineDataStore.DataStore,
alertManager alertmanager.AlertManager, reprocessor reprocessor.Loop, deletedDeploymentsCache cache.DeletedDeployments, filter filter.Filter,
processAggregator aggregator.ProcessAggregator) *managerImpl {
processAggregator aggregator.ProcessAggregator, connectionManager connection.Manager) *managerImpl {
m := &managerImpl{
buildTimeDetector: buildTimeDetector,
deployTimeDetector: deployTimeDetector,
Expand All @@ -70,6 +72,8 @@ func newManager(buildTimeDetector buildtime.Detector, deployTimeDetector deployt

removedOrDisabledPolicies: set.NewStringSet(),
processAggregator: processAggregator,

connectionManager: connectionManager,
}

go m.flushQueuePeriodically()
Expand Down
85 changes: 78 additions & 7 deletions central/detection/lifecycle/manager_impl.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,12 @@ import (
baselineDataStore "github.com/stackrox/rox/central/processbaseline/datastore"
processIndicatorDatastore "github.com/stackrox/rox/central/processindicator/datastore"
"github.com/stackrox/rox/central/reprocessor"
"github.com/stackrox/rox/central/sensor/service/connection"
"github.com/stackrox/rox/generated/internalapi/central"
"github.com/stackrox/rox/generated/storage"
"github.com/stackrox/rox/pkg/concurrency"
"github.com/stackrox/rox/pkg/env"
"github.com/stackrox/rox/pkg/features"
"github.com/stackrox/rox/pkg/policies"
"github.com/stackrox/rox/pkg/postgres/pgutils"
"github.com/stackrox/rox/pkg/process/filter"
Expand Down Expand Up @@ -81,6 +84,8 @@ type managerImpl struct {
removedOrDisabledPolicies set.StringSet

processAggregator aggregator.ProcessAggregator

connectionManager connection.Manager
}

func (m *managerImpl) copyAndResetIndicatorQueue() map[string]*storage.ProcessIndicator {
Expand Down Expand Up @@ -248,6 +253,27 @@ func (m *managerImpl) buildMapAndCheckBaseline(indicatorSlice []*storage.Process
}
}

func (m *managerImpl) SendBaselineToSensor(baseline *storage.ProcessBaseline) error {
clusterId := baseline.GetKey().GetClusterId()
err := m.connectionManager.SendMessage(clusterId, &central.MsgToSensor{
Msg: &central.MsgToSensor_BaselineSync{
BaselineSync: &central.BaselineSync{
Baselines: []*storage.ProcessBaseline{baseline},
}},
})
if err != nil {
log.Errorf("Error sending process baseline to cluster %q: %v", clusterId, err)
return err
}
log.Infof("Successfully sent process baseline to cluster %q: %s", clusterId, baseline.GetId())

return nil
}

func checkIfBaselineCanBeSkipped(elements []*storage.BaselineItem, inObservation bool, baseline *storage.ProcessBaseline) bool {
return len(elements) == 0 && (inObservation || !features.AutoLockProcessBaselines.Enabled() || processbaseline.IsUserLocked(baseline))
}

func (m *managerImpl) checkAndUpdateBaseline(baselineKey processBaselineKey, indicators []*storage.ProcessIndicator) (bool, error) {
key := &storage.ProcessBaselineKey{
DeploymentId: baselineKey.deploymentID,
Expand All @@ -256,15 +282,19 @@ func (m *managerImpl) checkAndUpdateBaseline(baselineKey processBaselineKey, ind
Namespace: baselineKey.namespace,
}

autolockEnabled := features.AutoLockProcessBaselines.Enabled()

// TODO joseph what to do if exclusions ("baseline" in the old non-inclusive language) doesn't exist? Always create for now?
baseline, exists, err := m.baselines.GetProcessBaseline(lifecycleMgrCtx, key)
if err != nil {
return false, err
}

inObservation := m.deploymentObservationQueue.InObservation(key.GetDeploymentId())
Copy link
Copy Markdown
Contributor Author

@JoukoVirtanen JoukoVirtanen Aug 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are now more checks for the deployment being in observation, so this is saved to a new variable.


// If the baseline does not exist AND this deployment is in the observation period, we
// need not process further at this time.
if !exists && m.deploymentObservationQueue.InObservation(key.GetDeploymentId()) {
if !exists && inObservation {
return false, nil
}

Expand All @@ -286,22 +316,63 @@ func (m *managerImpl) checkAndUpdateBaseline(baselineKey processBaselineKey, ind
insertableElement := &storage.BaselineItem{Item: &storage.BaselineItem_ProcessName{ProcessName: baselineItem}}
elements = append(elements, insertableElement)
}
if len(elements) == 0 {

if checkIfBaselineCanBeSkipped(elements, inObservation, baseline) {
return false, nil
}

if !exists {
_, err = m.baselines.UpsertProcessBaseline(lifecycleMgrCtx, key, elements, true, true)
userLock := autolockEnabled && !inObservation
upsertedBaseline, err := m.baselines.UpsertProcessBaseline(lifecycleMgrCtx, key, elements, true, true, userLock)
if err != nil {
return false, err
}
if userLock {
err = m.SendBaselineToSensor(upsertedBaseline)
}
return false, err
}

userBaseline := processbaseline.IsUserLocked(baseline)
roxBaseline := processbaseline.IsRoxLocked(baseline) && hasNonStartupProcess
if userBaseline || roxBaseline {
reprocessRisk := userBaseline || roxBaseline

if reprocessRisk {
// We already checked if it's in the baseline and it is not, so reprocess risk to mark the results are suspicious if necessary
m.reprocessor.ReprocessRiskForDeployments(baselineKey.deploymentID)
} else {
// So we have a baseline, but not locked. Now we need to add these elements to the unlocked baseline
_, err = m.baselines.UpdateProcessBaselineElements(lifecycleMgrCtx, key, elements, nil, true)
}

if !autolockEnabled {
if !reprocessRisk {
_, err := m.baselines.UpdateProcessBaselineElements(lifecycleMgrCtx, key, elements, nil, true, false)
if err != nil {
return false, err
}
}
return userBaseline, nil
}

// If this point is reached AutoLockProcessBaselines is enabled.
Copy link
Copy Markdown
Contributor

@dashrews78 dashrews78 Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't this section violate our discussion of allowing the user to unlock an auto locked baseline? If I'm following this code correctly, if a baseline exists as unlocked but autolock is on, this will lock it. I don't think that is what we want. As we stated in the meeting on August 26 we only want to lock baselines from point forward.

Copy link
Copy Markdown
Contributor Author

@JoukoVirtanen JoukoVirtanen Aug 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think what you are saying is that if a user locks a process baseline and then unlocks before the deployment leaves the observation period, it will be auto-locked, which is probably not what the user intended when they unlocked it. There is currently no mechanism to tell if a process baseline is unlocked, because it has always been unlocked, or if it was locked and then unlocked.

I don't know how we could distinguish between those two cases. I think distinguishing between those two cases requires much more work and is probably outside of the scope of this PR.

Copy link
Copy Markdown
Contributor Author

@JoukoVirtanen JoukoVirtanen Aug 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There might be other cases where this causes the process baseline to be locked, then the corner case I mentioned above. One difficulty is that there are two paths that can lead to checkAndUpdateBaseline, one through flushBaselineQueue and the other via flushIndicatorQueue. We only want to auto-lock the process baseline if checkAndUpdateBaseline was reached via flushBaselineQueue. Sometimes I think it might be better to have separate versions of checkAndUpdateBaseline for those cases.

I might need to take some time, to make sure everything works as it should.

Copy link
Copy Markdown
Contributor

@dashrews78 dashrews78 Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually I was talking about the case where user unlocked after the observation period was over and then the indicators were flushed.

// When AutoLockProcessBaselines we don't need to do anything if the baseline is user or stackrox locked.
// However, if the feature is enabled we need to user lock it if it is not user locked. It also needs to be
// stackrox locked if it is neither user locked or stackrox locked.
if !userBaseline {
// If the baseline is out of observation it needs to be user locked.
// Since we are here the baseline is not user locked and if it isn't stackrox locked either,
// it needs to be updated.
userLock := !inObservation
if userLock || !roxBaseline {
upsertedBaseline, err := m.baselines.UpdateProcessBaselineElements(lifecycleMgrCtx, key, elements, nil, true, userLock)
if err != nil {
return false, err
}
if userLock {
err := m.SendBaselineToSensor(upsertedBaseline)
if err != nil {
return false, err
}
}
}
}

return userBaseline, err
Expand Down
53 changes: 50 additions & 3 deletions central/detection/lifecycle/manager_impl_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,10 @@ import (
alertManagerMocks "github.com/stackrox/rox/central/detection/alertmanager/mocks"
processBaselineDataStoreMocks "github.com/stackrox/rox/central/processbaseline/datastore/mocks"
reprocessorMocks "github.com/stackrox/rox/central/reprocessor/mocks"
connectionMocks "github.com/stackrox/rox/central/sensor/service/connection/mocks"
"github.com/stackrox/rox/generated/storage"
"github.com/stackrox/rox/pkg/env"
"github.com/stackrox/rox/pkg/features"
"github.com/stackrox/rox/pkg/fixtures"
"github.com/stackrox/rox/pkg/protoassert"
"github.com/stackrox/rox/pkg/protocompat"
Expand All @@ -34,6 +36,7 @@ type ManagerTestSuite struct {
deploymentObservationQueue *queueMocks.MockDeploymentObservationQueue
manager *managerImpl
mockCtrl *gomock.Controller
connectionManager *connectionMocks.MockManager
}

func (suite *ManagerTestSuite) SetupTest() {
Expand All @@ -43,12 +46,14 @@ func (suite *ManagerTestSuite) SetupTest() {
suite.reprocessor = reprocessorMocks.NewMockLoop(suite.mockCtrl)
suite.alertManager = alertManagerMocks.NewMockAlertManager(suite.mockCtrl)
suite.deploymentObservationQueue = queueMocks.NewMockDeploymentObservationQueue(suite.mockCtrl)
suite.connectionManager = connectionMocks.NewMockManager(suite.mockCtrl)

suite.manager = &managerImpl{
baselines: suite.baselines,
reprocessor: suite.reprocessor,
alertManager: suite.alertManager,
deploymentObservationQueue: suite.deploymentObservationQueue,
connectionManager: suite.connectionManager,
}
}

Expand Down Expand Up @@ -91,12 +96,13 @@ func makeIndicator() (*storage.ProcessBaselineKey, *storage.ProcessIndicator) {
}

func (suite *ManagerTestSuite) TestBaselineNotFound() {
suite.T().Setenv(features.AutoLockProcessBaselines.EnvVar(), "false")
suite.T().Setenv(env.BaselineGenerationDuration.EnvVar(), time.Millisecond.String())
key, indicator := makeIndicator()
elements := fixtures.MakeBaselineItems(indicator.GetSignal().GetExecFilePath())
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(nil, false, nil)
suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(false).AnyTimes()
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true).Return(nil, nil)
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true, false).Return(nil, nil)
_, err := suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.NoError(err)
suite.mockCtrl.Finish()
Expand All @@ -110,24 +116,26 @@ func (suite *ManagerTestSuite) TestBaselineNotFound() {

suite.mockCtrl = gomock.NewController(suite.T())
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(nil, false, nil)
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true).Return(nil, expectedError)
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true, false).Return(nil, expectedError)
_, err = suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.Equal(expectedError, err)
}

func (suite *ManagerTestSuite) TestBaselineNotFoundInObservation() {
suite.T().Setenv(features.AutoLockProcessBaselines.EnvVar(), "false")
suite.T().Setenv(env.BaselineGenerationDuration.EnvVar(), time.Millisecond.String())
key, indicator := makeIndicator()
elements := fixtures.MakeBaselineItems(indicator.GetSignal().GetExecFilePath())
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(nil, false, nil)
suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(true).AnyTimes()
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true).Return(nil, nil).MaxTimes(0)
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, elements, true, true, false).Return(nil, nil).MaxTimes(0)
_, err := suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.NoError(err)
suite.mockCtrl.Finish()
}

func (suite *ManagerTestSuite) TestBaselineShouldPass() {
suite.T().Setenv(features.AutoLockProcessBaselines.EnvVar(), "false")
key, indicator := makeIndicator()
baseline := &storage.ProcessBaseline{Elements: fixtures.MakeBaselineElements(indicator.Signal.GetExecFilePath())}
suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(false).AnyTimes()
Expand All @@ -136,6 +144,45 @@ func (suite *ManagerTestSuite) TestBaselineShouldPass() {
suite.NoError(err)
}

func (suite *ManagerTestSuite) TestBaselineAutolock() {
key, indicator := makeIndicator()
baseline := &storage.ProcessBaseline{Elements: fixtures.MakeBaselineElements(indicator.Signal.GetExecFilePath())}

suite.T().Setenv(features.AutoLockProcessBaselines.EnvVar(), "true")

suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(false)
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(baseline, true, nil)
suite.baselines.EXPECT().UpdateProcessBaselineElements(gomock.Any(), key, gomock.Any(), nil, true, true).Return(nil, nil)
suite.connectionManager.EXPECT().SendMessage(gomock.Any(), gomock.Any())
_, err := suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.NoError(err)
suite.mockCtrl.Finish()

suite.mockCtrl = gomock.NewController(suite.T())
expectedError := errors.New("Expected error")
suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(false)
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(baseline, true, nil)
suite.baselines.EXPECT().UpdateProcessBaselineElements(gomock.Any(), key, gomock.Any(), nil, true, true).Return(nil, nil)
suite.connectionManager.EXPECT().SendMessage(gomock.Any(), gomock.Any()).Return(expectedError)
_, err = suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.Equal(expectedError, err)
suite.mockCtrl.Finish()

suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(false)
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(nil, false, nil)
suite.baselines.EXPECT().UpsertProcessBaseline(gomock.Any(), key, gomock.Any(), true, true, true).Return(nil, nil)
suite.connectionManager.EXPECT().SendMessage(gomock.Any(), gomock.Any())
_, err = suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.NoError(err)
suite.mockCtrl.Finish()

suite.deploymentObservationQueue.EXPECT().InObservation(key.GetDeploymentId()).Return(true)
suite.baselines.EXPECT().GetProcessBaseline(gomock.Any(), key).Return(nil, false, nil)
_, err = suite.manager.checkAndUpdateBaseline(indicatorToBaselineKey(indicator), []*storage.ProcessIndicator{indicator})
suite.NoError(err)
suite.mockCtrl.Finish()
}

func (suite *ManagerTestSuite) TestHandleDeploymentAlerts() {
alerts := []*storage.Alert{fixtures.GetAlert()}
depID := alerts[0].GetDeployment().Id
Expand Down
14 changes: 14 additions & 0 deletions central/detection/lifecycle/mocks/manager.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions central/detection/lifecycle/singleton.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
processDatastore "github.com/stackrox/rox/central/processindicator/datastore"
"github.com/stackrox/rox/central/processindicator/filter"
"github.com/stackrox/rox/central/reprocessor"
"github.com/stackrox/rox/central/sensor/service/connection"
"github.com/stackrox/rox/pkg/sync"
"github.com/stackrox/rox/pkg/utils"
)
Expand All @@ -36,6 +37,7 @@ func initialize() {
cache.DeletedDeploymentsSingleton(),
filter.Singleton(),
aggregator.Singleton(),
connection.ManagerSingleton(),
)

policies, err := policyDataStore.Singleton().GetAllPolicies(lifecycleMgrCtx)
Expand Down
11 changes: 8 additions & 3 deletions central/processbaseline/datastore/datastore.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,14 @@ import (
v1 "github.com/stackrox/rox/generated/api/v1"
"github.com/stackrox/rox/generated/storage"
"github.com/stackrox/rox/pkg/concurrency"
"github.com/stackrox/rox/pkg/logging"
pkgSearch "github.com/stackrox/rox/pkg/search"
)

var (
log = logging.LoggerForModule()
)

// DataStore wraps storage, and searcher for ProcessBaselines.
//
//go:generate mockgen-wrapper
Expand All @@ -25,9 +30,9 @@ type DataStore interface {
RemoveProcessBaseline(ctx context.Context, key *storage.ProcessBaselineKey) error
RemoveProcessBaselinesByDeployment(ctx context.Context, deploymentID string) error
RemoveProcessBaselinesByIDs(ctx context.Context, ids []string) error
UpdateProcessBaselineElements(ctx context.Context, key *storage.ProcessBaselineKey, addElements []*storage.BaselineItem, removeElements []*storage.BaselineItem, auto bool) (*storage.ProcessBaseline, error)
UpsertProcessBaseline(ctx context.Context, key *storage.ProcessBaselineKey, addElements []*storage.BaselineItem, auto bool, lock bool) (*storage.ProcessBaseline, error)
UserLockProcessBaseline(ctx context.Context, key *storage.ProcessBaselineKey, locked bool) (*storage.ProcessBaseline, error)
UpdateProcessBaselineElements(ctx context.Context, key *storage.ProcessBaselineKey, addElements []*storage.BaselineItem, removeElements []*storage.BaselineItem, auto bool, userLock bool) (*storage.ProcessBaseline, error)
UpsertProcessBaseline(ctx context.Context, key *storage.ProcessBaselineKey, addElements []*storage.BaselineItem, auto bool, stackroxLock bool, userLock bool) (*storage.ProcessBaseline, error)
UserLockProcessBaseline(ctx context.Context, key *storage.ProcessBaselineKey, stackroxLocked bool) (*storage.ProcessBaseline, error)

WalkAll(ctx context.Context, fn func(baseline *storage.ProcessBaseline) error) error

Expand Down
Loading
Loading