Skip to content

Releases: GACWR/OpenUBA

OpenUBA v0.0.2

18 Feb 07:59
@Jovonni Jovonni
v0.0.2-r1
0d37784
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
OpenUBA v0.0.2 Pre-release
Pre-release

complete ground-up modernization of the openuba platform.

video walkthrough:
https://youtu.be/tMppVt2v1nI

backend:

  • migrated from flask to fastapi with uvicorn asgi server
  • full rest api with interactive swagger/redoc docs
  • pydantic schema validation on all endpoints
  • sqlalchemy 2.0 orm with postgresql as system of record
  • postgraphile auto-generated graphql api from postgres schema
  • jwt authentication with bcrypt password hashing
  • role-based access control (admin, manager, triage, analyst)
  • per-page granular permissions configurable by admins
  • apscheduler-based model execution scheduling

database:

  • postgresql with 15+ tables (models, model_versions, model_artifacts, model_runs, anomalies, cases, rules, users, roles, permissions, integration_settings, notifications, system_logs, etc.)
  • sql triggers for audit logging and data consistency
  • schema migration system with backward compatibility from v1 json files
  • default rbac roles seeded on initialization

model lifecycle:

  • model installation system with multi-registry adapters (github, openuba hub, huggingface, local filesystem)
  • model manifest system with sha hash verification at install and pre-execution
  • multi-version model support with artifact tracking
  • model orchestrator dispatching training and inference as ephemeral jobs
  • cron-based scheduled model execution
  • framework-aware artifact serialization (sklearn/joblib, pytorch/torch.save, tensorflow/savedmodel, networkx/pickle)

kubernetes-native execution:

  • custom openuba operator (kopf) watching ubatraining and ubainference crds
  • ephemeral k8s jobs for all model execution (no long-lived per-model services)
  • dual execution drivers: kubernetesjobexecutiondriver and localdockerexecutiondriver
  • framework-specific runner images (model-runner:sklearn, model-runner:pytorch, model-runner:tensorflow, model-runner:networkx)
  • shared persistent volumes for model library, saved artifacts, and datasets
  • kind cluster support for local development with host mount

data integration:

  • elasticsearch connector for event storage, search, and anomaly indexing
  • apache spark integration for distributed data processing
  • data loader abstraction (local pandas csv, elasticsearch, spark)
  • data source management with connection testing
  • source groups for organizing data sources
  • data ingestion pipeline with status monitoring

frontend:

  • migrated from react/electron to next.js 14 with app router
  • typescript throughout with tailwindcss and shadcn/ui component library
  • dark mode default with light mode toggle
  • comprehensive page structure: home dashboard, models, anomalies, cases, data, entities, rules, alerts, schedules, settings, user management
  • real-time updates via graphql subscriptions
  • apollo client for graphql data layer, axios for rest
  • recharts for data visualization
  • zustand for ui state management
  • responsive layout with mobile support
  • global command palette, system log dock, toast notifications
  • login page with jwt session management

rules engine:

  • flow-based visual rule builder with drag-and-drop canvas
  • rule composition combining model outputs with logical operators
  • deterministic json serialization of rule logic circuits
  • rule-triggered alert generation
  • rule enable/disable toggle
  • crud api for rules management

llm assistant:

  • always-available draggable/resizable chat overlay
  • multi-provider support (ollama, openai, claude, gemini)
  • streaming response handling with sse
  • context-aware of current route, selected entities, and filters
  • conversation persistence across sessions
  • provider/model selection dropdown
  • integration settings ui with connectivity testing

alerting and notifications:

  • alert generation from rule execution
  • persistent notification system with channels
  • notification management ui

cases and anomalies:

  • case management with anomaly linking and timeline
  • anomaly detection result browsing with filtering and pagination
  • feedback system for true/false positive marking
  • case status tracking and assignment

infrastructure:

  • kubernetes manifests for all components (backend, frontend, operator, postgres, elasticsearch, postgraphile, spark)
  • crd definitions for ubatraining and ubainference
  • persistent volume setup for model library, saved models, datasets
  • docker images for backend, frontend, operator, and all runner variants
  • makefile-driven workflow for all build, deploy, and test operations

testing:

  • comprehensive pytest test suite
  • end-to-end tests for model lifecycle, anomalies, cases, rules, data display
  • unit tests for api routers, repositories, services
  • integration tests for registry adapters and database operations
  • k8s integration tests with crd and job monitoring

cleanup:

  • removed accidentally committed pycache, .mypy_cache, and .ds_store files
  • updated .gitignore for build artifacts and runtime data
Loading
0 Join discussion