jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make EXPECTED_BUS configurable via IVANTI_MANAGED_BUS env var for multi-tenant drift classification

Browse Source
This commit is contained in:
Jordan Ramos
2026-05-12 15:27:58 -06:00
parent 97d378033b
commit 4416f6a25d
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/routes/ivantiFindings.js
View File

@@ -638,7 +638,11 @@ async function syncFPWorkflowCounts(openFindings, apiKey, clientId, skipTls) {
// ---------------------------------------------------------------------------
// BU Drift Checker — post-sync classification of newly archived findings
// ---------------------------------------------------------------------------
const EXPECTED_BUS = new Set(['NTS-AEO-ACCESS-ENG', 'NTS-AEO-STEAM']);
// Managed BUs for drift classification — derived from IVANTI_MANAGED_BUS env var.
// Findings leaving these BUs are classified as bu_reassignment.
// Each tenant deployment sets this to their own managed teams.
const MANAGED_BUS_VALUE = process.env.IVANTI_MANAGED_BUS || 'NTS-AEO-ACCESS-ENG,NTS-AEO-STEAM';
const EXPECTED_BUS = new Set(MANAGED_BUS_VALUE.split(',').map(b => b.trim()).filter(Boolean));
async function runBUDriftChecker(newlyArchivedIds, apiKey, clientId, skipTls) {
const summary = { bu_reassignment: 0, severity_drift: 0, closed_on_platform: 0, decommissioned: 0 };