From 9b98a32216ceb69dee6a2547d0b93042a51e9e69 Mon Sep 17 00:00:00 2001 From: Marker689 Date: Mon, 11 May 2026 21:00:15 +0300 Subject: [PATCH] fix: propagate initiator/source_ip to _scan_component for component webhooks --- guarddog_nexus/routes/webhooks.py | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/guarddog_nexus/routes/webhooks.py b/guarddog_nexus/routes/webhooks.py index cec7d6a..1bf7982 100644 --- a/guarddog_nexus/routes/webhooks.py +++ b/guarddog_nexus/routes/webhooks.py @@ -149,7 +149,9 @@ async def nexus_webhook( if ecosystem is None: return {"status": WEBHOOK_STATUS_IGNORED, "reason": "unknown_ecosystem"} - background_tasks.add_task(_scan_component, repository, name, version, ecosystem) + background_tasks.add_task( + _scan_component, repository, name, version, ecosystem, initiator, source_ip + ) return { "status": WEBHOOK_STATUS_ACCEPTED, "component": f"{name}=={version}", @@ -162,7 +164,14 @@ async def nexus_webhook( } -async def _scan_component(repository: str, name: str, version: str, ecosystem: str): +async def _scan_component( + repository: str, + name: str, + version: str, + ecosystem: str, + initiator: str | None = None, + source_ip: str | None = None, +): try: from ..core.nexus import nexus_get @@ -198,7 +207,15 @@ async def _scan_component(repository: str, name: str, version: str, ecosystem: s ) log.info("Scanning component asset: %s", asset_path) async for session in get_session(): - await harvest(download_url, repository, ecosystem, asset_path, session) + await harvest( + download_url, + repository, + ecosystem, + asset_path, + session, + initiator=initiator, + source_ip=source_ip, + ) break except Exception as e: log.error("Component scan failed for %s==%s: %s", name, version, e)