Jimmy Zelinskie
d4522e9c6e
api/v1: indexed layers for notifications
...
This change deprecates the old LayersIntroducingVulnerability for a new
one that orders output and contains an Index. This index is not
guaranteed to be consistent across multiple notifications, despite the
current Postgres implementation using the primary key of Layer table.
2016-12-06 19:23:33 -05:00
Jimmy Zelinskie
eb6117c372
Merge pull request #235 from jzelinskie/doc-move
...
docs: move to standard Documentation dir
2016-09-06 15:08:08 -04:00
Jimmy Zelinskie
b45b625fc8
improve v1 api docs header legibility
...
GitHub has changed fonts and as a result h6s are extremely small.
2016-07-11 14:35:35 -04:00
Tobias Sarnowski
ad11393a28
Updated API documentation to reflect changes to authentication scheme. ( #180 )
...
With #167 , the API was changed to provide a more generic way of how Clair can retrieve the layers from a registry. This change reflects it in the documentation.
2016-05-19 10:09:43 -04:00
Jimmy Zelinskie
53e62577bc
api/worker: s/Authorization/Headers ( #167 )
...
This allows clients to specify any HTTP headers that need to be used in
order to allow Clair to download a layer, rather than just the
Authorization header.
2016-05-05 13:48:10 -04:00
Jimmy Zelinskie
9b5afc79ca
api/worker: introduce optional authorization
...
This allows clients to specify the contents of the HTTP Authorization
header so that Clair can access protected resources.
2016-05-04 15:47:14 -04:00
Jimmy Zelinskie
7aa88690af
api: WriteHeader on health endpoint
...
Fixes #141 .
2016-04-19 12:17:13 -04:00
Jimmy Zelinskie
68250f392b
api/v1: create namespace type
...
This change creates a struct type for namespaces rather than using a
string. This enables us to extend namespaces in the future to contain
metadata. This change also required renaming other field references of
namespaces to "NamespaceName".
Fixes #99
2016-03-16 15:28:59 -04:00
Quentin Machu
f14e4de4d8
api: fix anchor link in docs
2016-03-15 12:46:56 -04:00
liangchenye
1a863a06cf
remove the useless pointer of NextPage field; check namespace notfound error
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-08 11:48:52 +08:00
liangchenye
27e5e42340
use tokenMarshal/unmarshal in page encoding
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:59:26 +08:00
liangchenye
48ffb2687a
use encrypt page in listVuln api
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:07:07 +08:00
liangchenye
a541e964e0
New API: list vulnerabilities by namespace
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-03-07 14:07:07 +08:00
liangchenye
d47616a339
readme: make API description consistence
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2016-02-26 15:54:59 +08:00
Jimmy Zelinskie
af0ddceaa2
readme: s/notification/notifications
2016-02-25 15:52:21 -05:00
Jimmy Zelinskie
2140995a54
readme: clarify "marked as read" notifications
2016-02-25 13:49:24 -05:00
Jimmy Zelinskie
1557a27a8c
Revert "v1: pagination now deterministic"
...
This reverts commit 24f329fea674e04c76f5e87c22eea1800e6bc413.
This was unnecessary.
2016-02-24 16:40:40 -05:00
Quentin Machu
3563cf9061
api: fix pagination token that's returned to match what has been passed
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
4fd4049fee
v1: update documented error codes
2016-02-24 16:40:40 -05:00
Quentin Machu
e78d076d02
api/worker: adjust error codes in postLayer
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
452c32d7d7
v1: pagination now deterministic
...
The standard JSON encoding has no guarantee of the order of keys, thus
token values could differ, but still be equivalent.
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
dc431c22f3
v1: add readme
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
771e35def0
v1: return object on PUT/POST
...
This change also improves error handling around InsertVulnerability.
2016-02-24 16:40:40 -05:00
Jimmy Zelinskie
c06df1affd
v1: 200 on PUT
2016-02-24 16:40:40 -05:00
Quentin Machu
274a1620a5
api: log instead of panic when a response could not be marshaled
...
In order to avoid killing Clair when there is simply a broken pipe..
2016-02-24 16:40:40 -05:00
Quentin Machu
8d76700506
api: add call duration in logs
2016-02-24 16:40:40 -05:00
Quentin Machu
418ab08c4b
api: adjust postLayer error codes
...
- return 422 when layer could not be analyzed (extraction failed or layer unsupported)
- return 404 if the parent is not found or the download path leads to a 404 page
2016-02-24 16:40:40 -05:00
Quentin Machu
f40f6a5ab6
api: add missing link field in vulnerability in getLayer
2016-02-24 16:39:25 -05:00
Quentin Machu
6d2eedf121
api/database: add the layer name that add each feature in getLayer
2016-02-24 16:39:25 -05:00
Quentin Machu
0e9a7e1740
api: close gzip writer to flush it
2016-02-24 16:36:45 -05:00
Quentin Machu
db974ae722
api: fix postLayer response headers
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
6f02119c56
api: add bad requests to insert layer
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
ca2b0ccfcb
api: support gzip responses
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
c7aa7c4db4
api: reorder constants and add comments
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
4516d6fd73
api: make postLayer returns a Layer
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
d19a4348df
api: implement fernet encryption of pagination tokens
2016-02-24 16:36:45 -05:00
Quentin Machu
b8c534cd0d
api: fix putVulnerability (fill missing Namespace.Name and Name fields)
2016-02-24 16:36:45 -05:00
Quentin Machu
c2061dc69e
api: fix negative timestamps in notifications
2016-02-24 16:36:45 -05:00
Quentin Machu
f68012de00
api: fix 404->500 and NPE issues
2016-02-24 16:36:45 -05:00
Quentin Machu
7c11e4eb5d
updater/database: do not create notifications during the initial update
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
c504d2ed0e
api: add FeatureFromDatabaseModel
...
This also handles replacing the DB identifier for a maximum version with
the string "None".
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
83b19b6179
api/prometheus: add prometheus metrics to API routes
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
f351d6304e
api: add "Content-Type" and "Server" headers
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
2d8d9ca401
api: finish initial work on v1 API
2016-02-24 16:36:45 -05:00
Quentin Machu
94ece7bf2b
database: fix notification design and add vulnerability history
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
b9a6da4a57
api: implement delete notification
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
96e96d948d
api: handle last page for notifications
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
3eaae478f9
api: implement get notification
2016-02-24 16:36:45 -05:00
Quentin Machu
116ce1a806
api: fix log message when stopping the API server
2016-02-24 16:36:45 -05:00
Quentin Machu
5fdd9d1a07
*: add metadata support along with NVD CVSS
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
c05848e32d
api: implement put vulnerability
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
8209922c0c
api: implement delete vulnerability
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
dc99d45f47
api: refactor endpoints and implement get vulnerability
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
6ac9b5e645
api: fix graceful stop
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
9a8d4aa591
api: implement post vulnerability
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
38aeed4f2c
api: implement get namespaces route
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
b916fba4c6
api: implement delete layer route
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
04c7351911
api: use pointers in models to get proper omitempty
semantics
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
1a5aa88b18
api: use only one layer envelope
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
fa45d516df
api: add JSON tags to API models
2016-02-24 16:36:45 -05:00
Jimmy Zelinskie
d130d2fab4
api: implement getLayer
2016-02-24 16:36:45 -05:00
Quentin Machu
6b3f95dc03
api: fix /v1 router and some status codes
2016-02-24 16:34:54 -05:00
Jimmy Zelinskie
be9423b489
api: add request / response types and rename some fields
2016-02-24 16:34:54 -05:00
Jimmy Zelinskie
822ac7ab4c
api: add initial work on the new API
2016-02-24 16:34:54 -05:00
Quentin Machu
b8b7be3f81
*: remove health checker
2016-02-24 16:34:54 -05:00
Quentin Machu
726bd3c0c6
database/api: add layer deletion support
2016-02-24 16:34:54 -05:00
Quentin Machu
6e20993bac
api: simplify getLayer route and JSON output
2016-02-24 16:34:54 -05:00
Quentin Machu
77387af2ac
updater: port updater and its fetchers
2016-02-24 16:34:54 -05:00
Quentin Machu
2c150b015e
*: refactor & do initial work towards PostgreSQL implementation
2016-02-24 16:32:21 -05:00
Quentin Machu
e834301941
Merge pull request #49 from liangchenye/master
...
Add DataDetector to support ACI and other layout format
2016-01-07 10:44:40 -05:00
Quentin Machu
8c1d3c9a86
*: Fix authentification
typo
2015-12-16 12:01:51 -05:00
Jimmy Zelinskie
34870a2a2b
move LoadTLSClientConfigForServer into API package
...
This isn't reused any where just yet, so we're best off leaving it local
to the place that needs it.
2015-12-15 12:09:46 -05:00
liangchenye
d402ae818e
use imageFormat in params for consistence
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2015-12-11 19:41:32 +08:00
liangchenye
b1775ed3dc
add data detector to support ACI and other format in the future
...
Signed-off-by: liangchenye <liangchenye@huawei.com>
2015-12-11 19:37:25 +08:00
Quentin Machu
eb7e5d5c74
main: Use configuration file instead of flags and simplify app extension.
...
Clair will now use a YAML configuration file instead of command line
arguments as the number of parameters grows.
Also, Clair now exposes a Boot() func that allows everyone to easily
create their own project and load dynamically their own fetchers/updaters.
2015-12-08 11:50:52 -05:00
Quentin Machu
9946382223
api: Extracted client cert & HTTP JSON Render to utils.
2015-12-04 16:56:20 -05:00
Quentin Machu
e444e93c97
api/database: Add the ability to delete layers
2015-12-04 14:42:21 -05:00
Quentin Machu
9db0e63401
api: Specify what packages cause the layer to have vulnerabilities.
2015-12-01 17:02:49 -05:00
Quentin Machu
3ec262dd51
Initial commit
2015-11-13 14:11:28 -05:00