cqrenet/aoc
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 29 Wiki Activity
Files
9271b4e4615a0731ae04b71015f0c519ae6bf669
aoc/ROADMAP.md
Tomas Kracmar 9271b4e461
Some checks failed
CI / lint-and-test (push) Has been cancelled
Details
feat: implement Phase 2 stabilization 
- Cache Graph API tokens with expiry-aware reuse in graph/auth.py
- Add tenacity-based retry/backoff wrapper (utils/http.py) and apply to all Graph/source API calls
- Add Pydantic request/response models (models/api.py) and FastAPI query constraints
- Add unit tests for event_model, auth and integration tests for API endpoints
- Configure ruff linter/formatter in pyproject.toml
- Add GitHub Actions CI pipeline (.github/workflows/ci.yml)
- Add requirements-dev.txt with pytest, mongomock, httpx, ruff
- Clean up typing imports and fix ruff linting across codebase
2026-04-14 12:02:28 +02:00

2.8 KiB
Raw Blame History

AOC Roadmap

This roadmap tracks planned improvements for the Admin Operations Center (AOC) project, organized by phase.

Phase 1: Harden

Goal: fix critical security and reliability gaps before production use.

  • Fix JWT signature verification in auth.py
  • Fix broken frontend auth button references (loginBtn / logoutBtn)
  • Add MongoDB indexes (dedupe_key, timestamp, service+timestamp, id, text search)
  • Add MongoDB TTL index for data retention (RETENTION_DAYS)
  • Add /health endpoint with database connectivity check
  • Replace manual os.getenv parsing with Pydantic Settings (pydantic-settings)
  • Add structured JSON logging (structlog)
  • Configure CORS middleware via CORS_ORIGINS environment variable
  • Escape user input before MongoDB $regex queries (routes/events.py)
  • Fix incorrect return value in maintenance.py dedupe()

Phase 2: Stabilize

Goal: improve resilience, code quality, and development experience.

  • Cache Graph API tokens and reuse them until near expiry
  • Add exponential backoff / retry logic for Graph API and Office 365 API calls
  • Add unit tests for normalize_event(), _make_dedupe_key(), and auth.py
  • Add integration tests for /api/events and /api/fetch-audit-logs
  • Configure linter/formatter (ruff) and pre-commit hooks
  • Set up GitHub Actions CI pipeline (lint + test)
  • Add Pydantic request/response models for API endpoints
  • Validate page_size and hours with strict FastAPI constraints

Phase 3: Scale

Goal: handle larger data volumes and support real-time ingestion.

  • Replace skip-based pagination with cursor-based (search-after) pagination
  • Add Prometheus /metrics endpoint and a Grafana dashboard
  • Implement incremental fetch watermarking per source (store last fetch timestamp)
  • Add webhook endpoints to receive Microsoft Graph change notifications
  • Evaluate Elasticsearch or Azure Cognitive Search for advanced full-text search
  • Add request ID / correlation ID middleware for distributed tracing

Phase 4: Enhance

Goal: evolve from a polling dashboard into a full security operations tool.

  • Migrate frontend to a maintainable framework (Vue 3, React, or HTMX + Alpine.js)
  • Add rule-based alerting (e.g., alert on privileged operations, after-hours activity)
  • Add SIEM export (Splunk, Sentinel, syslog webhook)
  • Build an audit trail for AOC itself (who queried what, who triggered fetches)
  • Add event tagging and commenting (e.g., investigating, false_positive)
  • Add export functionality (CSV / JSON) from the UI
  • Add source health dashboard showing last fetch time and status per source

Completed in this PR

All Phase 1 items were implemented in the latest changes.

Reference in New Issue View Git Blame Copy Permalink