carrtech/ct-cve
2
0
Fork 0
Code Issues Pull requests 3 Projects Releases 6 Packages Wiki Activity Actions

feat(ctops): add CT Ops inventory connector #21

Merged
simonjcarr merged 1 commit from feat/ctops-integration-mvp into main 2026-05-08 07:18:44 +00:00
Conversation 0 Commits 1 Files changed 12 +2198 -2
simonjcarr commented 2026-05-08 07:16:29 +00:00 (Migrated from github.com)
Copy link

Summary

  • add CT Ops service-token auth, inventory snapshot API, and connection health endpoint to CT-CVE
  • persist CT Ops host/package inventory, snapshot idempotency, nonce replay state, and connector health
  • match accepted inventory snapshots immediately and deliver signed finding batches back to CT Ops
  • document CT_CVE_CT_OPS_CONNECTIONS configuration

Validation

  • go test ./...
  • CTOPS targeted connector validation: node --experimental-strip-types --test lib/integrations/ct-cve/connection-status.test.mjs lib/integrations/ct-cve/finding-ingest.test.mjs lib/integrations/ct-cve/inventory-export.test.mjs lib/integrations/ct-cve/inventory-push-job.test.mjs lib/integrations/ct-cve/service-token.test.mjs lib/integrations/ct-cve/setup-status.test.mjs

Notes

  • Docker-backed migration smoke testing could not run because the local Docker daemon is unavailable.
  • Full CTOPS pnpm --filter web test:unit was attempted and failed in unrelated existing areas: agent binary integrity assertion, Docker-dependent CT-CVE nonce-store test, and missing bcrypt-pbkdf for password-manager SSH-key tests.
## Summary - add CT Ops service-token auth, inventory snapshot API, and connection health endpoint to CT-CVE - persist CT Ops host/package inventory, snapshot idempotency, nonce replay state, and connector health - match accepted inventory snapshots immediately and deliver signed finding batches back to CT Ops - document CT_CVE_CT_OPS_CONNECTIONS configuration ## Validation - go test ./... - CTOPS targeted connector validation: node --experimental-strip-types --test lib/integrations/ct-cve/connection-status.test.mjs lib/integrations/ct-cve/finding-ingest.test.mjs lib/integrations/ct-cve/inventory-export.test.mjs lib/integrations/ct-cve/inventory-push-job.test.mjs lib/integrations/ct-cve/service-token.test.mjs lib/integrations/ct-cve/setup-status.test.mjs ## Notes - Docker-backed migration smoke testing could not run because the local Docker daemon is unavailable. - Full CTOPS pnpm --filter web test:unit was attempted and failed in unrelated existing areas: agent binary integrity assertion, Docker-dependent CT-CVE nonce-store test, and missing bcrypt-pbkdf for password-manager SSH-key tests.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
autorelease: pending

   
autorelease: tagged

   
bug
Something isn't working

  
documentation
Improvements or additions to documentation

  
duplicate
This issue or pull request already exists

  
enhancement
New feature or request

  
good first issue
Good for newcomers

  
help wanted
Extra attention is needed

  
invalid
This doesn't seem right

  
question
Further information is requested

  
wontfix
This will not be worked on

No labels
autorelease: pending
autorelease: tagged
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
carrtech/ct-cve!21
No description provided.