Skip to content

feat: Add Lighthouse recommendations and caching #8207

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open

feat: Add Lighthouse recommendations and caching #8207

wants to merge 10 commits into from

Conversation

Chan9390
Copy link
Contributor

@Chan9390 Chan9390 commented Jul 8, 2025
edited
Loading

Context

Lighthouse provides a chat interface to interact with findings. This PR provides recommendations and insights for cloud security findings of most recent scans.

Description

This PR adds the following:

  • Create a summary of recent completed scans
  • Generate recommendation on the next steps to improve cloud security
  • Cache scan summary, recommendation (and recommendation banner heading) and answers to suggested questions in Valkey

With this PR, NextJS directly integrates with Valkey. It stores data with tenant key in it. All valkey keys have the following format: _lighthouse:<TENANTUUID>:<KEYNAME> (ex: _lighthouse:70bd85f3-6446-4bb5-bd68-ad52264fcc87:processed_scan_ids)

Different keys and their purpose:

  • processed_scan_ids - Most recent scans IDs that were processed
  • scan-summary - Contains scan summary of scans completed in last 24 hours. It highlights newly detected issues in the last scans ordered by severity. It also list top 10 issues based on severity.
  • recommendations - Short title that will be displayed in banner
  • cached-messages:recommendation - The long description & explanation showed when user clicks on banner
  • cached-messages:question_1 - Answer to suggested question 1
  • cached-messages:question_2 - Answer to suggested question 2
  • cached-messages:question_3 - Answer to suggested question 3
  • cached-messages:question_4 - Answer to suggested question 4
graph TD
    A[Start: User refreshes overview page] --> B{Is Lighthouse configured?}
    
    B -->|No| C["Print banner: Enable Lighthouse to Secure Your Cloud with AI Insights"]
    B -->|Yes| D{Are there completed scans in last 24 hours?}
    
    D -->|No| E{Does recommendations key exist in valkey?}
    D -->|Yes| F{Are scan IDs present in processed_scan_ids key?}
    
    E -->|No| G[No banner displayed]
    E -->|Yes| H[Display cached recommendation banner]
    
    F -->|Yes| H
    F -->|No| I["Print banner: Lighthouse is reviewing your findings for insights"]
    
    I --> J[Start async background processing]
    
    J --> K["Create summary:<br/>- Newly detected failed findings in last 24h<br/>- Top 10 failed findings by severity"]
    
    K --> L[Generate single recommendation for banner]
    
    L --> M[Store recommendation in <b>recommendations</b> key]
    
    M --> N[Store full recommendation in <b>cached-messages:recommendation</b> key]
    
    N --> O[Generate responses to suggested questions and cache in valkey]
    
    O --> P[Add scan IDs to <b>processed_scan_ids</b> key]
    
    P --> H
    
    C --> Q[End]
    G --> Q
    H --> Q
Loading

How to test

Create a new instance of Prowler (without Lighthouse configuration). You should find a banner as follows:

image

Without adding any providers, configure valid lighthouse keys. The dashboard shouldn't have any banner (as there's no completed scan in last 24 hours)

image

Add a provider and then initiate a scan. The dashboard would have the following banner:

image

Once the processing is done, you would have a banner with recommendation from your environment (the recommendation would differ based on your findings):

image

When you click on the banner, it will take you to a chat interface with detailed information about the recommendation:

image

You can then continue interacting with the recommendation:

image

Checklist

API

  • Verify if API specs need to be regenerated.
  • Check if version updates are required (e.g., specs, Poetry, etc.).
  • Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@Chan9390 Chan9390 requested a review from a team as a code owner July 8, 2025 08:01
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 8, 2025

⚠️ Changes detected in the following folders without a corresponding update to the CHANGELOG.md:

  • ui

Please add an entry to the corresponding CHANGELOG.md file to maintain a clear history of changes.

@jfagoagas jfagoagas added the no-merge Please, DO NOT MERGE this PR. label Jul 17, 2025
alejandrobailo
alejandrobailo requested changes Jul 18, 2025
View reviewed changes
Copy link
Contributor

@alejandrobailo alejandrobailo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please @Chan9390 , can you add the CHANGELOG.md and resolve the conflicts with master

@cesararroba cesararroba requested a review from a team as a code owner July 31, 2025 13:36
@github-actions github-actions bot added github_actions Pull requests that update GitHub Actions code component/ui labels Jul 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alejandrobailo alejandrobailo alejandrobailo requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
component/ui github_actions Pull requests that update GitHub Actions code no-merge Please, DO NOT MERGE this PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Chan9390 @alejandrobailo @paabloLC @jfagoagas @cesararroba