feat: фаза 3 (часть 1) — disclaimer, очередь, initiator + IP

3.6 UI: убрать stat-minibar и heatmap с дашборда 3.2 AI disclaimer под каждым LLM-вердиктом 3.4 LLM_MAX_CONCURRENT_ANALYSES + Semaphore в llm.py 3.1 Scan.initiator + source_ip, webhook захватывает, UI показывает
2026-05-10 07:32:14 +03:00
parent 0069331119
commit 4ae893a025
13 changed files with 69 additions and 52 deletions
--- a/guarddog_nexus/routes/api_scans.py
+++ b/guarddog_nexus/routes/api_scans.py
@@ -153,5 +153,7 @@ async def get_scan(scan_id: int, session: AsyncSession = Depends(get_session)):
        "started_at": scan.started_at.isoformat() if scan.started_at else None,
        "finished_at": scan.finished_at.isoformat() if scan.finished_at else None,
        "error_message": scan.error_message,
+        "initiator": scan.initiator,
+        "source_ip": scan.source_ip,
        "findings": [{"id": f.id, **f.data, "report": f.report} for f in scan.findings],
    }
--- a/guarddog_nexus/routes/webhooks.py
+++ b/guarddog_nexus/routes/webhooks.py
@@ -96,9 +96,15 @@ async def nexus_webhook(
    if action not in RELEVANT_WEBHOOK_ACTIONS:
        return {"status": WEBHOOK_STATUS_IGNORED, "action": action}

+    # Log full payload for debugging (to discover available fields)
+    log.info("Webhook payload: initiator=%s nodeId=%s keys=%s",
+             data.get("initiator"), data.get("nodeId"), sorted(data.keys()))
+
    repository = data.get("repositoryName", "")
    asset = data.get("asset")
    component = data.get("component")
+    initiator = data.get("initiator")
+    source_ip = request.client.host if request.client else None

    if asset:
        asset_path = _extract_asset_path(asset)
@@ -113,7 +119,8 @@ async def nexus_webhook(
        log.info("Webhook: %s asset %s (%s) in %s", action, asset_path, ecosystem, repository)

        background_tasks.add_task(
-            _scan_in_background, download_url, repository, ecosystem, asset_path
+            _scan_in_background, download_url, repository, ecosystem, asset_path,
+            initiator=initiator, source_ip=source_ip,
        )
        return {"status": WEBHOOK_STATUS_ACCEPTED, "asset": asset_path, "action": action}

@@ -181,10 +188,15 @@ async def _scan_in_background(
    repository: str,
    format_: str,
    asset_path: str,
+    initiator: str | None = None,
+    source_ip: str | None = None,
 ):
    try:
        async for session in get_session():
-            await harvest(download_url, repository, format_, asset_path, session)
+            await harvest(
+                download_url, repository, format_, asset_path, session,
+                initiator=initiator, source_ip=source_ip,
+            )
            break
    except Exception as e:
        log.error("Background scan failed: %s", e)