55 lines
1.6 KiB
Markdown
55 lines
1.6 KiB
Markdown
---
|
|
title: "[bojemoi] refactor(zap-scanner): Redis queue + zap_scan_log + Faraday + concurrency"
|
|
date: 2026-03-26T18:51:18+01:00
|
|
draft: false
|
|
tags: ["commit", "bojemoi", "main"]
|
|
categories: ["Git Activity"]
|
|
summary: "Commit 2a51f30 par Betty dans bojemoi"
|
|
author: "Betty"
|
|
---
|
|
|
|
## Commit `2a51f30`
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Repository** | bojemoi |
|
|
| **Branch** | `main` |
|
|
| **Author** | Betty |
|
|
| **Hash** | `2a51f3001b29121a572207ae8f42aa46964ac772` |
|
|
|
|
|
|
### Description
|
|
|
|
Architecture v2:
|
|
- DbFeeder thread: charge hosts web non scannés depuis msf.hosts
|
|
(NOT IN zap_scan_log) → Redis queue zap:targets toutes les 300s
|
|
- ScanWorker: N scans ZAP concurrents (défaut 3), spider→active scan,
|
|
DOES_NOT_EXIST/timeout gérés proprement
|
|
- zap_scan_log table: tracking persistant (host_id PK, alerts, status)
|
|
— plus de rescans aléatoires des mêmes hosts
|
|
- Faraday export: POST vulns via API v3 après chaque scan
|
|
- Fix: DB_NAME 'msg' → 'msf', Redis connection error ne crashe plus
|
|
- Stack: add REDIS_HOST/PORT, ZAP_CONCURRENCY, FARADAY_WORKSPACE,
|
|
scanner sur réseau pentest+backend pour atteindre Redis et ZAP
|
|
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
|
|
### Files Changed
|
|
|
|
```
|
|
M oblast-1/Dockerfile.oblast-1
|
|
M oblast-1/requirements.txt
|
|
M oblast-1/zap_scanner.py
|
|
M stack/40-service-borodino.yml
|
|
```
|
|
|
|
### Diff Summary
|
|
|
|
```
|
|
oblast-1/Dockerfile.oblast-1 | 31 +-
|
|
oblast-1/requirements.txt | 2 +-
|
|
oblast-1/zap_scanner.py | 737 ++++++++++++++++++++----------------------
|
|
stack/40-service-borodino.yml | 42 ++-
|
|
4 files changed, 388 insertions(+), 424 deletions(-)
|
|
```
|