2827b9342b
Feature extraction algorithm is changed to associate features with ancestry layer. Database is updated to keep the relationship.
479 lines
14 KiB
JSON
479 lines
14 KiB
JSON
{
|
|
"swagger": "2.0",
|
|
"info": {
|
|
"title": "api/v3/clairpb/clair.proto",
|
|
"version": "version not set"
|
|
},
|
|
"schemes": [
|
|
"http",
|
|
"https"
|
|
],
|
|
"consumes": [
|
|
"application/json"
|
|
],
|
|
"produces": [
|
|
"application/json"
|
|
],
|
|
"paths": {
|
|
"/ancestry": {
|
|
"post": {
|
|
"summary": "The RPC used to create a new scan of an ancestry.",
|
|
"operationId": "PostAncestry",
|
|
"responses": {
|
|
"200": {
|
|
"description": "",
|
|
"schema": {
|
|
"$ref": "#/definitions/clairPostAncestryResponse"
|
|
}
|
|
}
|
|
},
|
|
"parameters": [
|
|
{
|
|
"name": "body",
|
|
"in": "body",
|
|
"required": true,
|
|
"schema": {
|
|
"$ref": "#/definitions/clairPostAncestryRequest"
|
|
}
|
|
}
|
|
],
|
|
"tags": [
|
|
"AncestryService"
|
|
]
|
|
}
|
|
},
|
|
"/ancestry/{ancestry_name}": {
|
|
"get": {
|
|
"summary": "The RPC used to read the results of scanning for a particular ancestry.",
|
|
"operationId": "GetAncestry",
|
|
"responses": {
|
|
"200": {
|
|
"description": "",
|
|
"schema": {
|
|
"$ref": "#/definitions/clairGetAncestryResponse"
|
|
}
|
|
}
|
|
},
|
|
"parameters": [
|
|
{
|
|
"name": "ancestry_name",
|
|
"in": "path",
|
|
"required": true,
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "with_vulnerabilities",
|
|
"description": "Whether to include vulnerabilities or not in the response.",
|
|
"in": "query",
|
|
"required": false,
|
|
"type": "boolean",
|
|
"format": "boolean"
|
|
},
|
|
{
|
|
"name": "with_features",
|
|
"description": "Whether to include features or not in the response.",
|
|
"in": "query",
|
|
"required": false,
|
|
"type": "boolean",
|
|
"format": "boolean"
|
|
}
|
|
],
|
|
"tags": [
|
|
"AncestryService"
|
|
]
|
|
}
|
|
},
|
|
"/notifications/{name}": {
|
|
"get": {
|
|
"summary": "The RPC used to get a particularly Notification.",
|
|
"operationId": "GetNotification",
|
|
"responses": {
|
|
"200": {
|
|
"description": "",
|
|
"schema": {
|
|
"$ref": "#/definitions/clairGetNotificationResponse"
|
|
}
|
|
}
|
|
},
|
|
"parameters": [
|
|
{
|
|
"name": "name",
|
|
"in": "path",
|
|
"required": true,
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "old_vulnerability_page",
|
|
"description": "The current page of previous vulnerabilities for the ancestry.\nThis will be empty when it is the first page.",
|
|
"in": "query",
|
|
"required": false,
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "new_vulnerability_page",
|
|
"description": "The current page of vulnerabilities for the ancestry.\nThis will be empty when it is the first page.",
|
|
"in": "query",
|
|
"required": false,
|
|
"type": "string"
|
|
},
|
|
{
|
|
"name": "limit",
|
|
"description": "The requested maximum number of results per page.",
|
|
"in": "query",
|
|
"required": false,
|
|
"type": "integer",
|
|
"format": "int32"
|
|
}
|
|
],
|
|
"tags": [
|
|
"NotificationService"
|
|
]
|
|
},
|
|
"delete": {
|
|
"summary": "The RPC used to mark a Notification as read after it has been processed.",
|
|
"operationId": "MarkNotificationAsRead",
|
|
"responses": {
|
|
"200": {
|
|
"description": "",
|
|
"schema": {
|
|
"$ref": "#/definitions/clairMarkNotificationAsReadResponse"
|
|
}
|
|
}
|
|
},
|
|
"parameters": [
|
|
{
|
|
"name": "name",
|
|
"in": "path",
|
|
"required": true,
|
|
"type": "string"
|
|
}
|
|
],
|
|
"tags": [
|
|
"NotificationService"
|
|
]
|
|
}
|
|
},
|
|
"/status": {
|
|
"get": {
|
|
"summary": "The RPC used to show the internal state of current Clair instance.",
|
|
"operationId": "GetStatus",
|
|
"responses": {
|
|
"200": {
|
|
"description": "",
|
|
"schema": {
|
|
"$ref": "#/definitions/clairGetStatusResponse"
|
|
}
|
|
}
|
|
},
|
|
"tags": [
|
|
"StatusService"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"definitions": {
|
|
"GetAncestryResponseAncestry": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the desired ancestry."
|
|
},
|
|
"scanned_listers": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
},
|
|
"description": "The configured list of feature listers used to scan this ancestry."
|
|
},
|
|
"scanned_detectors": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
},
|
|
"description": "The configured list of namespace detectors used to scan an ancestry."
|
|
},
|
|
"layers": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/GetAncestryResponseAncestryLayer"
|
|
},
|
|
"description": "The list of layers along with detected features in each."
|
|
}
|
|
}
|
|
},
|
|
"GetAncestryResponseAncestryLayer": {
|
|
"type": "object",
|
|
"properties": {
|
|
"layer": {
|
|
"$ref": "#/definitions/clairLayer",
|
|
"description": "The layer's information."
|
|
},
|
|
"detected_features": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/clairFeature"
|
|
},
|
|
"description": "The features detected in this layer."
|
|
}
|
|
}
|
|
},
|
|
"GetNotificationResponseNotification": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the requested notification."
|
|
},
|
|
"created": {
|
|
"type": "string",
|
|
"description": "The time at which the notification was created."
|
|
},
|
|
"notified": {
|
|
"type": "string",
|
|
"description": "The time at which the notification was last sent out."
|
|
},
|
|
"deleted": {
|
|
"type": "string",
|
|
"description": "The time at which a notification has been deleted."
|
|
},
|
|
"old": {
|
|
"$ref": "#/definitions/clairPagedVulnerableAncestries",
|
|
"description": "The previous vulnerability and a paginated view of the ancestries it affects."
|
|
},
|
|
"new": {
|
|
"$ref": "#/definitions/clairPagedVulnerableAncestries",
|
|
"description": "The newly updated vulnerability and a paginated view of the ancestries it affects."
|
|
}
|
|
}
|
|
},
|
|
"PagedVulnerableAncestriesIndexedAncestryName": {
|
|
"type": "object",
|
|
"properties": {
|
|
"index": {
|
|
"type": "integer",
|
|
"format": "int32",
|
|
"description": "The index is an ever increasing number associated with the particular ancestry.\nThis is useful if you're processing notifications, and need to keep track of the progress of paginating the results."
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the ancestry."
|
|
}
|
|
}
|
|
},
|
|
"PostAncestryRequestPostLayer": {
|
|
"type": "object",
|
|
"properties": {
|
|
"hash": {
|
|
"type": "string",
|
|
"description": "The hash of the layer."
|
|
},
|
|
"path": {
|
|
"type": "string",
|
|
"description": "The location of the layer (URL or filepath)."
|
|
},
|
|
"headers": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
},
|
|
"description": "Any HTTP Headers that need to be used if requesting a layer over HTTP(S)."
|
|
}
|
|
}
|
|
},
|
|
"clairClairStatus": {
|
|
"type": "object",
|
|
"properties": {
|
|
"listers": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
},
|
|
"description": "The configured list of feature listers used to scan an ancestry."
|
|
},
|
|
"detectors": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
},
|
|
"description": "The configured list of namespace detectors used to scan an ancestry."
|
|
},
|
|
"last_update_time": {
|
|
"type": "string",
|
|
"format": "date-time",
|
|
"description": "The time at which the updater last ran."
|
|
}
|
|
}
|
|
},
|
|
"clairFeature": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the feature."
|
|
},
|
|
"namespace_name": {
|
|
"type": "string",
|
|
"description": "The name of the namespace in which the feature is detected."
|
|
},
|
|
"version": {
|
|
"type": "string",
|
|
"description": "The specific version of this feature."
|
|
},
|
|
"version_format": {
|
|
"type": "string",
|
|
"description": "The format used to parse version numbers for the feature."
|
|
},
|
|
"vulnerabilities": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/clairVulnerability"
|
|
},
|
|
"description": "The list of vulnerabilities that affect the feature."
|
|
}
|
|
}
|
|
},
|
|
"clairGetAncestryResponse": {
|
|
"type": "object",
|
|
"properties": {
|
|
"ancestry": {
|
|
"$ref": "#/definitions/GetAncestryResponseAncestry",
|
|
"description": "The ancestry requested."
|
|
},
|
|
"status": {
|
|
"$ref": "#/definitions/clairClairStatus",
|
|
"description": "The status of Clair at the time of the request."
|
|
}
|
|
}
|
|
},
|
|
"clairGetNotificationResponse": {
|
|
"type": "object",
|
|
"properties": {
|
|
"notification": {
|
|
"$ref": "#/definitions/GetNotificationResponseNotification",
|
|
"description": "The notification as requested."
|
|
}
|
|
}
|
|
},
|
|
"clairGetStatusResponse": {
|
|
"type": "object",
|
|
"properties": {
|
|
"status": {
|
|
"$ref": "#/definitions/clairClairStatus",
|
|
"description": "The status of the current Clair instance."
|
|
}
|
|
}
|
|
},
|
|
"clairLayer": {
|
|
"type": "object",
|
|
"properties": {
|
|
"hash": {
|
|
"type": "string",
|
|
"description": "The sha256 tarsum for the layer."
|
|
}
|
|
}
|
|
},
|
|
"clairMarkNotificationAsReadResponse": {
|
|
"type": "object"
|
|
},
|
|
"clairPagedVulnerableAncestries": {
|
|
"type": "object",
|
|
"properties": {
|
|
"current_page": {
|
|
"type": "string",
|
|
"description": "The identifier for the current page."
|
|
},
|
|
"next_page": {
|
|
"type": "string",
|
|
"description": "The token used to request the next page.\nThis will be empty when there are no more pages."
|
|
},
|
|
"limit": {
|
|
"type": "integer",
|
|
"format": "int32",
|
|
"description": "The requested maximum number of results per page."
|
|
},
|
|
"vulnerability": {
|
|
"$ref": "#/definitions/clairVulnerability",
|
|
"description": "The vulnerability that affects a given set of ancestries."
|
|
},
|
|
"ancestries": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/PagedVulnerableAncestriesIndexedAncestryName"
|
|
},
|
|
"description": "The ancestries affected by a vulnerability."
|
|
}
|
|
}
|
|
},
|
|
"clairPostAncestryRequest": {
|
|
"type": "object",
|
|
"properties": {
|
|
"ancestry_name": {
|
|
"type": "string",
|
|
"description": "The name of the ancestry being scanned.\nIf scanning OCI images, this should be the hash of the manifest."
|
|
},
|
|
"format": {
|
|
"type": "string",
|
|
"description": "The format of the image being uploaded."
|
|
},
|
|
"layers": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/PostAncestryRequestPostLayer"
|
|
},
|
|
"description": "The layers to be scanned for this Ancestry, ordered in the way that i th\nlayer is the parent of i + 1 th layer."
|
|
}
|
|
}
|
|
},
|
|
"clairPostAncestryResponse": {
|
|
"type": "object",
|
|
"properties": {
|
|
"status": {
|
|
"$ref": "#/definitions/clairClairStatus",
|
|
"description": "The status of Clair at the time of the request."
|
|
}
|
|
}
|
|
},
|
|
"clairVulnerability": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the vulnerability."
|
|
},
|
|
"namespace_name": {
|
|
"type": "string",
|
|
"description": "The name of the namespace in which the vulnerability was detected."
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"description": "A description of the vulnerability according to the source for the namespace."
|
|
},
|
|
"link": {
|
|
"type": "string",
|
|
"description": "A link to the vulnerability according to the source for the namespace."
|
|
},
|
|
"severity": {
|
|
"type": "string",
|
|
"description": "How dangerous the vulnerability is."
|
|
},
|
|
"metadata": {
|
|
"type": "string",
|
|
"description": "Namespace agnostic metadata about the vulnerability."
|
|
},
|
|
"fixed_by": {
|
|
"type": "string",
|
|
"description": "The feature that fixes this vulnerability.\nThis field only exists when a vulnerability is a part of a Feature."
|
|
},
|
|
"affected_versions": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/clairFeature"
|
|
},
|
|
"description": "The Features that are affected by the vulnerability.\nThis field only exists when a vulnerability is a part of a Notification."
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|