chore: pre-cache computers with localgroup data - BED-8365

[StephenHinck]

Description

PostCanRDP and PostLocalGroups iterate over localGroupData.Computers — the set of all computer node IDs in the graph. For each computer, they check local group membership to determine RDP/DCOM/PSRemote access. However, computers that have no LocalToComputer edges have no local group data and produce no results, making their processing pure overhead. This will reduce the local edge (AdminTo, CanRDP, etc) post-processing time universally by whatever percentage of computers have local privilege data; in certain cases, this will reduce local post-processing by 100%.

Motivation and Context

Resolves BED-8365

Why is this change required? What problem does it solve?

How Has This Been Tested?

Test suites have remained unchanged. Multiple datasets were validated locally.

Screenshots (optional):

Types of changes

• Chore (a change that does not modify the application functionality)

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed

Summary by CodeRabbit

• Performance
  • Local group analysis now only processes computers that actually have local group data, reducing unnecessary work.
  • Leads to lower compute overhead and faster analysis/relationship generation for affected datasets.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR restricts local-group post-processing to computers that have local group data by adding a helper that computes a bitmap of computers with inbound ad.LocalToComputer edges, caching it in LocalGroupData, and updating post-processing to iterate that cached set.

Changes

Local groups processing scope optimization

Layer / File(s)	Summary
Fetch and cache computers with local groups packages/go/analysis/ad/post.go	New FetchComputerIDsWithLocalToComputer helper returns a bitmap of computers with inbound ad.LocalToComputer edges. LocalGroupData gains a ComputersWithLocalGroups field populated by FetchLocalGroupData during its read transaction.
Optimize post-processing iterations with cached computer set packages/go/analysis/ad/local_groups.go	PostCanRDP and PostLocalGroups iterate localGroupData.ComputersWithLocalGroups instead of all computers when enqueuing computer IDs for processing.

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: pre-caching computers with local group data, and includes the ticket reference BED-8365.
Description check	✅ Passed	The description covers all key template sections: detailed explanation of changes, motivation/context with ticket reference, testing approach, change type selection, and completed checklist items.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch BED-8365

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/go/analysis/ad/post.go`:
- Line 282: Replace the short variable declarations with a grouped var block at
the top of the enclosing function: hoist the new computers variable (currently
created with computers := cardinality.NewBitmap64()) and the variables
introduced in the block around lines 711–715 into a single var (...) declaration
so they are initialized in one place and follow the repository’s Go
initialization rule; use the existing names (e.g., computers and the other local
variable names in that region) and initialize any with zero values or
constructor calls as appropriate inside the var block.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 577955dd-4608-483f-84df-35340f1cb1c6

📥 Commits

Reviewing files that changed from the base of the PR and between 916ea3d and 9d8cda9.

📒 Files selected for processing (2)

• packages/go/analysis/ad/local_groups.go
• packages/go/analysis/ad/post.go

[coderabbitai]

♻️ Duplicate comments (1)

packages/go/analysis/ad/post.go (1)

713-717: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Group variable initializations in a var (...) block at the top of the function.

The short variable declaration should be hoisted to a var block at the top of the anonymous function to align with the repository's Go initialization guideline.

♻️ Proposed fix

 	if err := graphDB.ReadTransaction(ctx, func(tx graph.Transaction) error {
+		var (
+			computersWithLocalGroups cardinality.Duplex[uint64]
+			err                      error
+		)
+
 		if excludedGroups, err := FetchAuthUsersAndEveryoneGroups(tx); err != nil {
 			return err
 		} else {
 			localGroupData.ExcludedShortcutGroups = excludedGroups.IDBitmap()
 			localGroupData.ExcludedShortcutGroupsSlice = localGroupData.ExcludedShortcutGroups.Slice()
 		}
 
 		if computerIDs, err := FetchNodeIDsByKind(tx, ad.Computer); err != nil {
 			return err
 		} else {
 			localGroupData.Computers = computerIDs
 		}
 
-		if computersWithLocalGroups, err := FetchComputerIDsWithLocalToComputer(tx); err != nil {
+		if computersWithLocalGroups, err = FetchComputerIDsWithLocalToComputer(tx); err != nil {
 			return err
 		} else {
 			localGroupData.ComputersWithLocalGroups = computersWithLocalGroups
 		}

As per coding guidelines, "Group variable initializations in a var ( ... ) block and hoist them to the top of the function when possible".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/go/analysis/ad/post.go` around lines 713 - 717, Hoist the short var
decl from the if into a var block at the top of the anonymous function: declare
variables (e.g., var computersWithLocalGroups <appropriate type>; var err error)
near the start of the function, then replace the short-declaration if (if
computersWithLocalGroups, err := FetchComputerIDsWithLocalToComputer(tx); err !=
nil { ... }) with an assignment and error check (computersWithLocalGroups, err =
FetchComputerIDsWithLocalToComputer(tx); if err != nil { return err } else {
localGroupData.ComputersWithLocalGroups = computersWithLocalGroups }),
referencing FetchComputerIDsWithLocalToComputer, computersWithLocalGroups, err
and localGroupData.ComputersWithLocalGroups.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In `@packages/go/analysis/ad/post.go`:
- Around line 713-717: Hoist the short var decl from the if into a var block at
the top of the anonymous function: declare variables (e.g., var
computersWithLocalGroups <appropriate type>; var err error) near the start of
the function, then replace the short-declaration if (if
computersWithLocalGroups, err := FetchComputerIDsWithLocalToComputer(tx); err !=
nil { ... }) with an assignment and error check (computersWithLocalGroups, err =
FetchComputerIDsWithLocalToComputer(tx); if err != nil { return err } else {
localGroupData.ComputersWithLocalGroups = computersWithLocalGroups }),
referencing FetchComputerIDsWithLocalToComputer, computersWithLocalGroups, err
and localGroupData.ComputersWithLocalGroups.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: a94101e7-c609-4069-bca4-6541d2e9c5b8

📥 Commits

Reviewing files that changed from the base of the PR and between 9d8cda9 and 450a0ed.

📒 Files selected for processing (1)

• packages/go/analysis/ad/post.go