feat: Add logic to implement timeout and scheduling

The m_scanOnStart and m_scanInterval SCA class members are propagated to
determine whether a scan should run at startup and to control the
interval between scans.

Author: sdvendramini

src/modules/sca/include/sca_policy.hpp

@@ -24,7 +24,7 @@ class SCAPolicy
     };
 
     /// @brief Constructor
-    explicit SCAPolicy(Check requirements, std::vector<Check> checks);
+    explicit SCAPolicy(Check requirements, std::vector<Check> checks, std::time_t scanInterval, bool scanOnStart);
 
     SCAPolicy(SCAPolicy&& other) noexcept;
 
@@ -42,4 +42,6 @@ class SCAPolicy
     std::vector<Check> m_checks;
     std::atomic<bool> m_keepRunning {true};
     std::function<int(Message)> m_pushMessage;
+    std::time_t m_scanInterval;
+    bool m_scanOnStart;
 };

src/modules/sca/include/sca_policy_loader.hpp

@@ -46,7 +46,9 @@ class SCAPolicyLoader : public ISCAPolicyLoader
     /// maps:
     ///   - modifiedPoliciesMap: maps policy ID to the JSON data of the created, modified or deleted policy
     ///   - modifiedChecksMap: maps check ID to the JSON data of the created, modified or deleted check
-    std::vector<SCAPolicy> GetPolicies(const CreateEventsFunc& createEvents) const;
+    /// @param
+    std::vector<SCAPolicy>
+    GetPolicies(const CreateEventsFunc& createEvents, std::time_t scanInterval, bool scanOnStart) const;
 
     /// @brief Saves SCA Policies into the database
     /// @param data All SCA policies and its checks

src/modules/sca/src/sca.cpp

@@ -71,7 +71,9 @@ void SecurityConfigurationAssessment::Setup(
             {
                 const SCAEventHandler eventHandler(m_agentUUID, m_dBSync, m_pushMessage);
                 eventHandler.CreateEvents(policyData, checksData);
-            });
+            },
+            m_scanInterval,
+            m_scanOnStart);
     }();
 }
 

src/modules/sca/src/sca_policy.cpp

@@ -1,28 +1,49 @@
 #include <sca_policy.hpp>
 
 #include <check_condition_evaluator.hpp>
+#include <logger.hpp>
 
 #include <boost/asio/steady_timer.hpp>
 #include <boost/asio/this_coro.hpp>
 #include <boost/asio/use_awaitable.hpp>
 
-SCAPolicy::SCAPolicy(Check requirements, std::vector<Check> checks)
+SCAPolicy::SCAPolicy(Check requirements, std::vector<Check> checks, std::time_t scanInterval, bool scanOnStart)
     : m_requirements(std::move(requirements))
     , m_checks(std::move(checks))
+    , m_scanInterval(scanInterval)
+    , m_scanOnStart(scanOnStart)
 {
 }
 
 SCAPolicy::SCAPolicy(SCAPolicy&& other) noexcept
     : m_requirements(std::move(other.m_requirements))
     , m_checks(std::move(other.m_checks))
     , m_keepRunning(other.m_keepRunning.load())
+    , m_scanInterval(other.m_scanInterval)
+    , m_scanOnStart(other.m_scanOnStart)
 {
 }
 
 boost::asio::awaitable<void> SCAPolicy::Run()
 {
+    auto firstRun = true;
+
     while (m_keepRunning)
     {
+        if (!firstRun)
+        {
+            auto executor = co_await boost::asio::this_coro::executor;
+            boost::asio::steady_timer timer(executor);
+            timer.expires_after(std::chrono::milliseconds(m_scanInterval));
+            co_await timer.async_wait(boost::asio::use_awaitable);
+        }
+
+        if (firstRun && !m_scanOnStart)
+        {
+            firstRun = false;
+            continue;
+        }
+
         auto requirementsOk = true;
 
         if (!m_requirements.rules.empty())
@@ -54,10 +75,10 @@ boost::asio::awaitable<void> SCAPolicy::Run()
             }
         }
 
-        auto executor = co_await boost::asio::this_coro::executor;
-        boost::asio::steady_timer timer(executor);
-        timer.expires_after(std::chrono::seconds(5)); // NOLINT(cppcoreguidelines-avoid-magic-numbers)
-        co_await timer.async_wait(boost::asio::use_awaitable);
+        // To do: add policy id to class members and log
+        LogDebug("Policy checks completed for policy {}", m_requirements.title);
+
+        firstRun = false;
     }
     co_return;
 }

src/modules/sca/src/sca_policy_loader.cpp

@@ -39,7 +39,8 @@ SCAPolicyLoader::SCAPolicyLoader(std::shared_ptr<IFileSystemWrapper> fileSystemW
     m_disabledPoliciesPaths = loadPoliciesPathsFromConfig("policies_disabled");
 }
 
-std::vector<SCAPolicy> SCAPolicyLoader::GetPolicies(const CreateEventsFunc& createEvents) const
+std::vector<SCAPolicy>
+SCAPolicyLoader::GetPolicies(const CreateEventsFunc& createEvents, std::time_t scanInterval, bool scanOnStart) const
 {
     std::vector<std::filesystem::path> allPolicyPaths;
 
@@ -71,7 +72,7 @@ std::vector<SCAPolicy> SCAPolicyLoader::GetPolicies(const CreateEventsFunc& crea
                 };
 
                 const PolicyParser parser(path, loadFunc);
-                auto policy = parser.ParsePolicy(policiesAndChecks);
+                auto policy = parser.ParsePolicy(policiesAndChecks, scanInterval, scanOnStart);
                 if (policy)
                 {
                     policies.emplace_back(std::move(policy.value()));

src/modules/sca/src/sca_policy_parser.cpp

@@ -115,7 +115,8 @@ bool PolicyParser::isValidYamlFile(const std::filesystem::path& filename) const
     }
 }
 
-std::optional<SCAPolicy> PolicyParser::ParsePolicy(nlohmann::json& policiesAndChecks) const
+std::optional<SCAPolicy>
+PolicyParser::ParsePolicy(nlohmann::json& policiesAndChecks, std::time_t scanInterval, bool scanOnStart) const
 {
     std::vector<SCAPolicy::Check> checks;
     SCAPolicy::Check requirements;
@@ -219,7 +220,7 @@ std::optional<SCAPolicy> PolicyParser::ParsePolicy(nlohmann::json& policiesAndCh
         return std::nullopt;
     }
 
-    return SCAPolicy(std::move(requirements), std::move(checks));
+    return SCAPolicy(std::move(requirements), std::move(checks), scanInterval, scanOnStart);
 }
 
 // NOLINTNEXTLINE(misc-no-recursion)

src/modules/sca/src/sca_policy_parser.hpp

@@ -56,7 +56,8 @@ class PolicyParser
     ///
     /// @param policiesAndChecks JSON object to be filled with extracted data.
     /// @return A populated SCAPolicy object.
-    std::optional<SCAPolicy> ParsePolicy(nlohmann::json& policiesAndChecks) const;
+    std::optional<SCAPolicy>
+    ParsePolicy(nlohmann::json& policiesAndChecks, std::time_t scanInterval, bool scanOnStart) const;
 
 private:
     /// @brief Recursively replaces variables in the YAML node with their values.

src/modules/sca/tests/sca_policy_loader_test.cpp

@@ -24,6 +24,8 @@ TEST(ScaPolicyLoaderTest, NoPolicies)
     auto configurationParser = std::make_shared<configuration::ConfigurationParser>(std::string(R"()"));
     auto dbSync = std::make_shared<MockDBSync>();
 
+    const std::time_t scanInterval {3600};
+
     const SCAPolicyLoader loader(fsMock, configurationParser, dbSync);
-    ASSERT_EQ(loader.GetPolicies([](auto, auto) { return; }).size(), 0);
+    ASSERT_EQ(loader.GetPolicies([](auto, auto) { return; }, scanInterval, true).size(), 0);
 }