Bugfix: Missing Software Aggregation in vuln processing command (#15954)

changes/15930-bugfix-vuln-cmd

@@ -0,0 +1,2 @@
+- fixed issue where software title aggregation was not running when triggering a vulnerability scan
+  via `fleet vuln_processing`

cmd/fleet/cron.go

@@ -55,35 +55,17 @@ func newVulnerabilitiesSchedule(
 	const name = string(fleet.CronVulnerabilities)
 	interval := config.Periodicity
 	vulnerabilitiesLogger := kitlog.With(logger, "cron", name)
-	s := schedule.New(
-		ctx, name, instanceID, interval, ds, ds,
-		schedule.WithLogger(vulnerabilitiesLogger),
-		schedule.WithJob(
-			"cron_vulnerabilities",
-			func(ctx context.Context) error {
-				// TODO(lucas): Decouple cronVulnerabilities into multiple jobs.
-				return cronVulnerabilities(ctx, ds, vulnerabilitiesLogger, config)
-			},
-		),
-		schedule.WithJob(
-			"cron_sync_host_software",
-			func(ctx context.Context) error {
-				return ds.SyncHostsSoftware(ctx, time.Now())
-			},
-		),
-		schedule.WithJob(
-			"cron_reconcile_software_titles",
-			func(ctx context.Context) error {
-				return ds.ReconcileSoftwareTitles(ctx)
-			},
-		),
-		schedule.WithJob(
-			"cron_sync_host_software_titles",
-			func(ctx context.Context) error {
-				return ds.SyncHostsSoftwareTitles(ctx, time.Now())
-			},
-		),
-	)
+
+	var options []schedule.Option
+
+	options = append(options, schedule.WithLogger(vulnerabilitiesLogger))
+
+	vulnFuncs := getVulnFuncs(ctx, ds, vulnerabilitiesLogger, config)
+	for _, fn := range vulnFuncs {
+		options = append(options, schedule.WithJob(fn.Name, fn.VulnFunc))
+	}
+
+	s := schedule.New(ctx, name, instanceID, interval, ds, ds, options...)
 
 	return s, nil
 }

cmd/fleet/vuln_process.go

@@ -110,16 +110,11 @@ by an exit code of zero.`,
 			}
 			level.Info(logger).Log("msg", "scanning vulnerabilities")
 			start := time.Now()
-			err = scanVulnerabilities(ctx, ds, logger, &vulnConfig, appConfig, vulnPath)
-			if err != nil {
-				// errors during vuln processing should bubble up, so you know the job is failing without having to scour logs, e.g. non-zero exit code
-				return fmt.Errorf("scanning vulnerabilities err: %w", err)
-			}
-
-			err = ds.SyncHostsSoftware(ctx, time.Now())
-			if err != nil {
-				// though vulnerability processing succeeded, we'll still fatally error here to indicate there was a problem
-				return fmt.Errorf("sync hosts software err: %w", err)
+			vulnFuncs := getVulnFuncs(ctx, ds, logger, &vulnConfig)
+			for _, vulnFunc := range vulnFuncs {
+				if err := vulnFunc.VulnFunc(ctx); err != nil {
+					return err
+				}
 			}
 			level.Info(logger).Log("msg", "vulnerability processing finished", "took", time.Now().Sub(start))
 
@@ -156,3 +151,39 @@ func configureVulnPath(vulnConfig config.VulnerabilitiesConfig, appConfig *fleet
 	}
 	return vulnPath
 }
+
+type NamedVulnFunc struct {
+	Name     string
+	VulnFunc func(ctx context.Context) error
+}
+
+func getVulnFuncs(ctx context.Context, ds fleet.Datastore, logger kitlog.Logger, config *config.VulnerabilitiesConfig) []NamedVulnFunc {
+	vulnFuncs := []NamedVulnFunc{
+		{
+			Name: "cron_vulnerabilities",
+			VulnFunc: func(ctx context.Context) error {
+				return cronVulnerabilities(ctx, ds, logger, config)
+			},
+		},
+		{
+			Name: "cron_sync_host_software",
+			VulnFunc: func(ctx context.Context) error {
+				return ds.SyncHostsSoftware(ctx, time.Now())
+			},
+		},
+		{
+			Name: "cron_reconcile_software_titles",
+			VulnFunc: func(ctx context.Context) error {
+				return ds.ReconcileSoftwareTitles(ctx)
+			},
+		},
+		{
+			Name: "cron_sync_hosts_software_titles",
+			VulnFunc: func(ctx context.Context) error {
+				return ds.SyncHostsSoftwareTitles(ctx, time.Now())
+			},
+		},
+	}
+
+	return vulnFuncs
+}