feat: implement compliance orchestrator backend client and evaluation logic

elmilan06 · elmilan06 · commit 07cc80af2140 · 2026-03-12T17:31:53.000-05:00
diff --git a/plugins/compliance-orchestrator/client/opensearch.go b/plugins/compliance-orchestrator/client/opensearch.go
@@ -66,7 +66,6 @@ func (b *BackendClient) ExecuteSQLQuery(ctx context.Context, sql string) (SQLRes
 		return SQLResult{}, fmt.Errorf("failed to decode SQL response: %w", err)
 	}
 
-	// Convertir a tu tipo interno
 	return SQLResult{
 		Rows:  result.DataRows,
 		Count: result.Total,
diff --git a/plugins/compliance-orchestrator/evaluator/evaluator.go b/plugins/compliance-orchestrator/evaluator/evaluator.go
@@ -18,22 +18,20 @@ func NewEvaluator(backend *client.BackendClient) *Evaluator {
 }
 
 func (e *Evaluator) Evaluate(ctx context.Context, cfg models.ControlConfig) (models.ControlEvaluation, error) {
-	// 1. Obtener index patterns activos
+
 	patterns, err := e.backend.GetActiveIndexPatterns(ctx)
 	if err != nil {
 		return models.ControlEvaluation{}, fmt.Errorf("failed to get index patterns: %w", err)
 	}
 
 	results := make([]models.QueryEvaluation, 0)
-	applicable := make([]models.QueryEvaluation, 0) // solo queries con indexPattern activo
+	applicable := make([]models.QueryEvaluation, 0)
 
-	// 2. Evaluar cada QueryConfig
 	for _, q := range cfg.QueriesConfigs {
 		catcher.Info("Evaluating query", map[string]any{
 			"query_id": q.ID,
 		})
 
-		// 2.1 Si el index pattern NO está activo → NOT_APPLICABLE
 		if !patternExists(int(q.IndexPatternID), patterns) {
 			reason := "Index pattern not active"
 			qr := models.QueryEvaluation{
@@ -47,20 +45,16 @@ func (e *Evaluator) Evaluate(ctx context.Context, cfg models.ControlConfig) (mod
 			continue
 		}
 
-		// 2.2 Evaluar query normalmente
 		qr := e.evaluateQuery(ctx, q)
 		results = append(results, qr)
 
-		// 2.3 Solo las queries aplicables participan en la estrategia ALL/ANY
 		if qr.Status != models.QueryStatusNotApplicable {
 			applicable = append(applicable, qr)
 		}
 	}
 
-	// 3. Combinar resultados según la estrategia del control
 	finalStatus := computeControlStatus(cfg.ControlStrategy, applicable)
 
-	// 4. Construir evaluación final
 	return models.ControlEvaluation{
 		ControlConfigID:  cfg.ID,
 		ControlName:      cfg.ControlName,
@@ -70,7 +64,6 @@ func (e *Evaluator) Evaluate(ctx context.Context, cfg models.ControlConfig) (mod
 }
 
 func (e *Evaluator) evaluateQuery(ctx context.Context, q models.QueryConfig) models.QueryEvaluation {
-	// Ejecutar la query SQL real contra OpenSearch
 	res, err := e.backend.ExecuteSQLQuery(ctx, q.SQLQuery)
 	if err != nil {
 		msg := fmt.Sprintf("query execution failed: %v", err)
@@ -84,14 +77,12 @@ func (e *Evaluator) evaluateQuery(ctx context.Context, q models.QueryConfig) mod
 		}
 	}
 
-	// Limitar evidencia (por ejemplo, a 50 filas)
 	const evidenceLimit = 50
 	rawRows := res.Rows
 	if len(rawRows) > evidenceLimit {
 		rawRows = rawRows[:evidenceLimit]
 	}
 
-	// Convertir [][]any → []map[string]any para OpenSearch
 	evidence := make([]map[string]any, 0, len(rawRows))
 	for _, row := range rawRows {
 		rowMap := map[string]any{}
@@ -101,7 +92,6 @@ func (e *Evaluator) evaluateQuery(ctx context.Context, q models.QueryConfig) mod
 		evidence = append(evidence, rowMap)
 	}
 
-	// Evaluar la regla con los hits obtenidos
 	status, errMsg := evaluateQueryRule(q, res.Count)
 
 	return models.QueryEvaluation{
@@ -116,7 +106,6 @@ func (e *Evaluator) evaluateQuery(ctx context.Context, q models.QueryConfig) mod
 
 func evaluateQueryRule(q models.QueryConfig, hits int) (models.QueryEvaluationStatus, *string) {
 	switch q.EvaluationRule {
-
 	case models.NoHitsAllowed:
 		if hits == 0 {
 			return models.QueryStatusCompliant, nil
@@ -152,9 +141,7 @@ func evaluateQueryRule(q models.QueryConfig, hits int) (models.QueryEvaluationSt
 func computeControlStatus(strategy models.ComplianceStrategy, results []models.QueryEvaluation) models.ControlEvaluationStatus {
 
 	switch strategy {
-
 	case models.StrategyAll:
-		// ALL → todas deben ser COMPLIANT
 		for _, r := range results {
 			if r.Status != models.QueryStatusCompliant {
 				return models.ControlStatusNonCompliant
@@ -163,7 +150,6 @@ func computeControlStatus(strategy models.ComplianceStrategy, results []models.Q
 		return models.ControlStatusCompliant
 
 	case models.StrategyAny:
-		// ANY → basta con que una sea COMPLIANT
 		for _, r := range results {
 			if r.Status == models.QueryStatusCompliant {
 				return models.ControlStatusCompliant
@@ -172,7 +158,6 @@ func computeControlStatus(strategy models.ComplianceStrategy, results []models.Q
 		return models.ControlStatusNonCompliant
 
 	default:
-		// fallback seguro
 		return models.ControlStatusNonCompliant
 	}
 }
diff --git a/plugins/compliance-orchestrator/scheduler/scheduler.go b/plugins/compliance-orchestrator/scheduler/scheduler.go
@@ -14,12 +14,24 @@ var Jobs chan models.ControlConfig
 func StartScheduler(ctx context.Context, backend *client.BackendClient) {
 	Jobs = make(chan models.ControlConfig, 1000)
 
-	ticker := time.NewTicker(30 * time.Second)
+	ticker := time.NewTicker(24 * time.Hour)
+
+	// TODO: ELENA QUITAR - Ejecutar inmediatamente
+	configs, err := backend.GetControlConfigs(ctx)
+	if err == nil {
+		catcher.Info("Scheduler: sending configs", map[string]any{
+			"cantidad":  len(configs),
+			"timestamp": time.Now().String(),
+		})
+
+		for _, cfg := range configs {
+			Jobs <- cfg
+		}
+	} // HASTA AQUI
 
 	for {
 		select {
 		case <-ctx.Done():
-			// Shutdown limpio
 			return
 
 		case <-ticker.C:
diff --git a/plugins/compliance-orchestrator/workers/worker.go b/plugins/compliance-orchestrator/workers/worker.go
@@ -28,7 +28,6 @@ func StartWorkers(ctx context.Context, backend *client.BackendClient) {
 					"control": cfg.ID,
 				})
 
-				// Ejecutar evaluación del control (incluye todas las queries)
 				result, err := eval.Evaluate(ctx, cfg)
 				if err != nil {
 					catcher.Error("evaluation failed", err, map[string]any{
@@ -38,7 +37,6 @@ func StartWorkers(ctx context.Context, backend *client.BackendClient) {
 					continue
 				}
 
-				// Construir documento para guardar en OpenSearch
 				doc := models.EvaluationDocument{
 					ControlID:        cfg.ID,
 					ControlName:      cfg.ControlName,
@@ -47,7 +45,6 @@ func StartWorkers(ctx context.Context, backend *client.BackendClient) {
 					QueryEvaluations: result.QueryEvaluations,
 				}
 
-				// Guardar en OpenSearch
 				fmt.Println("Evaluation Document:", doc)
 				err = backend.IndexEvaluationResult(ctx, "v11-log-compliance-evaluation", doc)
 				if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,6 @@ func (b *BackendClient) ExecuteSQLQuery(ctx context.Context, sql string) (SQLRes`
`66`	`66`	`return SQLResult{}, fmt.Errorf("failed to decode SQL response: %w", err)`
`67`	`67`	`}`
`68`	`68`
`69`		`- // Convertir a tu tipo interno`
`70`	`69`	`return SQLResult{`
`71`	`70`	`Rows: result.DataRows,`
`72`	`71`	`Count: result.Total,`