Class: Archsight::Analysis::Executor

Inherits:

Object

• Object
• Archsight::Analysis::Executor

Defined in:

lib/archsight/analysis/executor.rb

Overview

Executor runs Analysis scripts in a sandboxed environment with timeout enforcement

Constant Summary

DEFAULT_TIMEOUT =

Default timeout in seconds

30

DURATION_PATTERNS =

Duration parsing patterns

{
  /^(\d+)s$/ => 1,
  /^(\d+)m$/ => 60,
  /^(\d+)h$/ => 3600
}.freeze

Instance Attribute Summary

• #database ⇒ Object readonly

  Returns the value of attribute database.

Instance Method Summary

• #execute(analysis) ⇒ Archsight::Analysis::Result

  Execute an Analysis resource.

• #execute_all(filter: nil) ⇒ Array<Archsight::Analysis::Result>

  Execute all enabled Analysis resources.

• #initialize(database) ⇒ Executor constructor

  A new instance of Executor.

Constructor Details

#initialize(database) ⇒ Executor

Returns a new instance of Executor.

Parameters:

• database (Archsight::Database) —

  Loaded database instance

# File 'lib/archsight/analysis/executor.rb', line 24

def initialize(database)
  @database = database
end

Instance Attribute Details

#database ⇒ Object (readonly)

Returns the value of attribute database.

# File 'lib/archsight/analysis/executor.rb', line 21

def database
  @database
end

Instance Method Details

#execute(analysis) ⇒ Archsight::Analysis::Result

Execute an Analysis resource

Parameters:

• analysis (Archsight::Resources::Analysis) —

  Analysis to execute

Returns:

• (Archsight::Analysis::Result) —

  Execution result

# File 'lib/archsight/analysis/executor.rb', line 31

def execute(analysis)
  script = analysis.annotations["analysis/script"]
  timeout_seconds = parse_timeout(analysis.annotations["analysis/timeout"])

  return Result.new(analysis, success: false, error: "No script defined") if script.nil? || script.empty?

  sandbox = Sandbox.new(@database)
  sandbox._set_analysis(analysis)

  start_time = Time.now
  begin
    Timeout.timeout(timeout_seconds) do
      # Execute script in sandbox context
      # Using instance_eval ensures script only has access to sandbox methods
      sandbox.instance_eval(script, "analysis:#{analysis.name}", 1)
    end

    duration = Time.now - start_time
    Result.new(
      analysis,
      success: true,
      sections: sandbox.sections,
      duration: duration
    )
  rescue Timeout::Error
    Result.new(
      analysis,
      success: false,
      error: "Execution timed out after #{timeout_seconds}s",
      sections: sandbox.sections
    )
  rescue StandardError, SyntaxError => e
    Result.new(
      analysis,
      success: false,
      error: "#{e.class}: #{e.message}",
      error_backtrace: e.backtrace&.first(5),
      sections: sandbox.sections
    )
  end
end

#execute_all(filter: nil) ⇒ Array<Archsight::Analysis::Result>

Execute all enabled Analysis resources

Parameters:

• filter (Regexp, nil) (defaults to: nil) —

  Optional filter for analysis names

Returns:

• (Array<Archsight::Analysis::Result>) —

  Array of results

# File 'lib/archsight/analysis/executor.rb', line 76

def execute_all(filter: nil)
  analyses = @database.instances_by_kind("Analysis").values

  # Filter by name pattern if provided
  analyses = analyses.select { |a| filter.match?(a.name) } if filter

  analyses.map { |analysis| execute(analysis) }
end