Skip to content

Treat findings memory as per-scan scratch#87

Closed
bakayolo wants to merge 1 commit into
mainfrom
bena/single-scan-scratch-memory
Closed

Treat findings memory as per-scan scratch#87
bakayolo wants to merge 1 commit into
mainfrom
bena/single-scan-scratch-memory

Conversation

@bakayolo

@bakayolo bakayolo commented Jun 10, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • clear worker-local findings at the start of each orchestrator scan and after successful snapshot persistence
  • use a singleton orchestrator workflow ID for manual and scheduled scans so overlapping scans are rejected/skipped
  • return HTTP 409 when a manual scan is triggered while another scan is already running

Verification

  • go test ./pkg/store/memory ./pkg/workflow/orchestrator ./pkg/scan ./pkg/schedule
  • make test
  • docker compose full scan with real Wiz creds from .env:
    • first POST /scan returned 202 for workflow version-guard-active-scan
    • immediate second POST /scan returned 409 Conflict
    • scan completed and persisted snapshot 86448667-4a76-4a80-9931-1858bc084bdf with 28,232 findings across 10 resource types
    • logs confirmed scan-start clear and post-snapshot clear

@bakayolo bakayolo requested a review from a team as a code owner June 10, 2026 21:26
@bakayolo

bakayolo commented Jun 10, 2026

Copy link
Copy Markdown
Collaborator Author

Closing in favor of #86. I’m moving the single-scan safeguards onto #86 so we keep the safer per-resource-type eviction fix plus the collector-level overlap protection.

@bakayolo bakayolo closed this Jun 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bakayolo