diff --git a/.gitignore b/.gitignore
index 5b40464..cda953d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -90,3 +90,6 @@ junit-report.xml
coverage.xml
profile.cov
config.yaml
+
+### Goland ###
+.idea
diff --git a/README.md b/README.md
index 0f9955e..09f17f4 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ When run the scanner, we can privide a yaml file to customize the behavior of th
Here is a example yaml file
```yaml
---
+---
db:
total: 10000 # The total count of the vulnerabilities in db
scanner:
diff --git a/api/api.gen.go b/api/api.gen.go
index 87b551c..7ffc685 100644
--- a/api/api.gen.go
+++ b/api/api.gen.go
@@ -1,6 +1,6 @@
// Package api provides primitives to interact with the openapi HTTP API.
//
-// Code generated by github.com/deepmap/oapi-codegen DO NOT EDIT.
+// Code generated by github.com/deepmap/oapi-codegen/v2 version v2.1.0 DO NOT EDIT.
package api
import (
@@ -15,10 +15,9 @@ import (
"strings"
"time"
- "github.com/deepmap/oapi-codegen/pkg/runtime"
"github.com/getkin/kin-openapi/openapi3"
"github.com/labstack/echo/v4"
- "github.com/pkg/errors"
+ "github.com/oapi-codegen/runtime"
)
const (
@@ -26,50 +25,67 @@ const (
BearerAuthScopes = "BearerAuth.Scopes"
)
-// Defines values for Severity.
+// Defines values for HarborSbomReportMediaType.
const (
- SeverityCritical Severity = "Critical"
-
- SeverityHigh Severity = "High"
+ HarborSbomReportMediaTypeApplicationspdxJson HarborSbomReportMediaType = "application/spdx+json"
+ HarborSbomReportMediaTypeApplicationvndCyclonedxJson HarborSbomReportMediaType = "application/vnd.cyclonedx+json"
+)
- SeverityLow Severity = "Low"
+// Defines values for SbomParametersSbomMediaTypes.
+const (
+ SbomParametersSbomMediaTypesApplicationspdxJson SbomParametersSbomMediaTypes = "application/spdx+json"
+ SbomParametersSbomMediaTypesApplicationvndCyclonedxJson SbomParametersSbomMediaTypes = "application/vnd.cyclonedx+json"
+)
- SeverityMedium Severity = "Medium"
+// Defines values for ScanRequestEnabledCapabilitiesType.
+const (
+ ScanRequestEnabledCapabilitiesTypeSbom ScanRequestEnabledCapabilitiesType = "sbom"
+ ScanRequestEnabledCapabilitiesTypeVulnerability ScanRequestEnabledCapabilitiesType = "vulnerability"
+)
- SeverityNegligible Severity = "Negligible"
+// Defines values for ScannerCapabilityType.
+const (
+ ScannerCapabilityTypeSbom ScannerCapabilityType = "sbom"
+ ScannerCapabilityTypeVulnerability ScannerCapabilityType = "vulnerability"
+)
- SeverityUnknown Severity = "Unknown"
+// Defines values for Severity.
+const (
+ Critical Severity = "Critical"
+ High Severity = "High"
+ Low Severity = "Low"
+ Medium Severity = "Medium"
+ Negligible Severity = "Negligible"
+ Unknown Severity = "Unknown"
)
// Artifact defines model for Artifact.
type Artifact struct {
-
- // The artifact's digest, consisting of an algorithm and hex portion.
+ // Digest The artifact's digest, consisting of an algorithm and hex portion.
Digest *string `json:"digest,omitempty"`
- // The MIME type of the artifact.
+ // MimeType The MIME type of the artifact.
MimeType *string `json:"mime_type,omitempty"`
- // The name of the Docker Registry repository containing the artifact.
+ // Repository The name of the Docker Registry repository containing the artifact.
Repository *string `json:"repository,omitempty"`
- // The artifact's tag
+ // Tag The artifact's tag
Tag *string `json:"tag,omitempty"`
}
// CVSSDetails defines model for CVSSDetails.
type CVSSDetails struct {
-
- // The CVSS 2.0 score for the vulnerability.
+ // ScoreV2 The CVSS 2.0 score for the vulnerability.
ScoreV2 *float32 `json:"score_v2,omitempty"`
- // The CVSS 3.0 score for the vulnerability.
+ // ScoreV3 The CVSS 3.0 score for the vulnerability.
ScoreV3 *float32 `json:"score_v3,omitempty"`
- // The CVSS 2.0 vector for the vulnerability. The string is of the form AV:L/AC:M/Au:N/C:P/I:N/A:N
+ // VectorV2 The CVSS 2.0 vector for the vulnerability. The string is of the form AV:L/AC:M/Au:N/C:P/I:N/A:N
VectorV2 *string `json:"vector_v2,omitempty"`
- // The CVSS 3.0 vector for the vulnerability.
+ // VectorV3 The CVSS 3.0 vector for the vulnerability.
VectorV3 *string `json:"vector_v3,omitempty"`
}
@@ -83,15 +99,38 @@ type ErrorResponse struct {
Error *Error `json:"error,omitempty"`
}
+// HarborSbomReport defines model for HarborSbomReport.
+type HarborSbomReport struct {
+ Artifact *Artifact `json:"artifact,omitempty"`
+
+ // GeneratedAt The time of the report generated.
+ GeneratedAt *time.Time `json:"generated_at,omitempty"`
+
+ // MediaType The format of the sbom data.
+ MediaType *HarborSbomReportMediaType `json:"media_type,omitempty"`
+
+ // Sbom The raw data of the sbom generated by the scanner.
+ Sbom *map[string]interface{} `json:"sbom,omitempty"`
+
+ // Scanner Basic scanner properties such as name, vendor, and version.
+ Scanner *Scanner `json:"scanner,omitempty"`
+
+ // VendorAttributes The additional attributes of the vendor.
+ VendorAttributes *map[string]interface{} `json:"vendor_attributes,omitempty"`
+}
+
+// HarborSbomReportMediaType The format of the sbom data.
+type HarborSbomReportMediaType string
+
// HarborVulnerabilityReport defines model for HarborVulnerabilityReport.
type HarborVulnerabilityReport struct {
Artifact *Artifact `json:"artifact,omitempty"`
GeneratedAt *time.Time `json:"generated_at,omitempty"`
- // Basic scanner properties such as name, vendor, and version.
+ // Scanner Basic scanner properties such as name, vendor, and version.
Scanner *Scanner `json:"scanner,omitempty"`
- // A standard scale for measuring the severity of a vulnerability.
+ // Severity A standard scale for measuring the severity of a vulnerability.
//
// * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the
// scanner did not recognize.
@@ -111,122 +150,169 @@ type HarborVulnerabilityReport struct {
// Registry defines model for Registry.
type Registry struct {
-
- // An optional value of the HTTP Authorization header sent with each request to the Docker Registry v2 API.
+ // Authorization An optional value of the HTTP Authorization header sent with each request to the Docker Registry v2 API.
// It's used to exchange Base64 encoded robot account credentials to a short lived JWT access token which
// allows the underlying scanner to pull the artifact from the Docker Registry.
Authorization *string `json:"authorization,omitempty"`
- // A base URL or the Docker Registry v2 API.
+ // Url A base URL or the Docker Registry v2 API.
Url *string `json:"url,omitempty"`
}
+// SbomParameters defines model for SbomParameters.
+type SbomParameters struct {
+ SbomMediaTypes *[]SbomParametersSbomMediaTypes `json:"sbom_media_types,omitempty"`
+}
+
+// SbomParametersSbomMediaTypes defines model for SbomParameters.SbomMediaTypes.
+type SbomParametersSbomMediaTypes string
+
// ScanRequest defines model for ScanRequest.
type ScanRequest struct {
Artifact Artifact `json:"artifact"`
+
+ // EnabledCapabilities Enable which capabilities supported by scanner, for backward compatibility, without this field scanner can be considered to enable all capabilities by default.
+ EnabledCapabilities *[]struct {
+ // Parameters The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content.
+ Parameters *ScanRequest_EnabledCapabilities_Parameters `json:"parameters"`
+
+ // ProducesMimeTypes The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record, it is a subset or fullset of the
+ // produces_mime_types of the capability returned by the metadata API, used for client to fine grained control of the expected report type. It's a optional
+ // field, only applied when client needs to customize it, otherwise the scanner can think it's a fullset as before behavior if without this field.
+ ProducesMimeTypes *[]string `json:"produces_mime_types,omitempty"`
+
+ // Type The type of the scan capability.
+ Type ScanRequestEnabledCapabilitiesType `json:"type"`
+ } `json:"enabled_capabilities,omitempty"`
Registry Registry `json:"registry"`
}
-// A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the
+// ScanRequest_EnabledCapabilities_Parameters The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content.
+type ScanRequest_EnabledCapabilities_Parameters struct {
+ union json.RawMessage
+}
+
+// ScanRequestEnabledCapabilitiesType The type of the scan capability.
+type ScanRequestEnabledCapabilitiesType string
+
+// ScanRequestId A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the
// identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports.
-type ScanRequestId string
+type ScanRequestId = string
// ScanResponse defines model for ScanResponse.
type ScanResponse struct {
-
- // A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the
+ // Id A unique identifier returned by the [/scan](#/operation/AcceptScanRequest] operations. The format of the
// identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports.
Id ScanRequestId `json:"id"`
}
-// Basic scanner properties such as name, vendor, and version.
+// Scanner Basic scanner properties such as name, vendor, and version.
type Scanner struct {
-
- // The name of the scanner.
+ // Name The name of the scanner.
Name *string `json:"name,omitempty"`
- // The name of the scanner's provider.
+ // Vendor The name of the scanner's provider.
Vendor *string `json:"vendor,omitempty"`
- // The version of the scanner.
+ // Version The version of the scanner.
Version *string `json:"version,omitempty"`
}
-// Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capable
+// ScannerAdapterMetadata Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capabilities
// of scanning a given Artifact stored in its registry and making sure that it
// can interpret a returned result.
type ScannerAdapterMetadata struct {
Capabilities []ScannerCapability `json:"capabilities"`
- // A set of custom properties that can further describe capabilities of a given scanner.
+ // Properties A set of custom properties that can further describe capabilities of a given scanner.
Properties *ScannerProperties `json:"properties,omitempty"`
- // Basic scanner properties such as name, vendor, and version.
+ // Scanner Basic scanner properties such as name, vendor, and version.
Scanner Scanner `json:"scanner"`
}
-// Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types.
+// ScannerCapability Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types.
+//
// For example, a scanner capable of analyzing Docker images and producing a vulnerabilities report recognizable
// by Harbor web console might be represented with the following capability:
// - consumes MIME types:
// - `application/vnd.oci.image.manifest.v1+json`
// - `application/vnd.docker.distribution.manifest.v2+json`
+//
// - produces MIME types:
// - `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0`
+//
+// For example, a scanner capable of analyzing artifacts and producing a sbom report recognizable
+// by Harbor might be represented with the following capability:
+// - type: sbom
+// - consumes MIME types:
+// - `application/vnd.oci.image.manifest.v1+json`
+// - `application/vnd.docker.distribution.manifest.v2+json`
+//
+// - produces MIME types:
+// - `application/vnd.security.sbom.report+json; version=1.0`
type ScannerCapability struct {
+ AdditionalAttributes *map[string]interface{} `json:"additional_attributes,omitempty"`
- // The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given
+ // ConsumesMimeTypes The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given
// mime type should only be present in one capability item.
ConsumesMimeTypes []string `json:"consumes_mime_types"`
- // The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record.
+ // ProducesMimeTypes The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record.
ProducesMimeTypes []string `json:"produces_mime_types"`
-}
-// A set of custom properties that can further describe capabilities of a given scanner.
-type ScannerProperties struct {
- AdditionalProperties map[string]string `json:"-"`
+ // Type The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report,
+ // 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible,
+ // the field is optional, we think it's a original 'vulnerability' scan if no such field.
+ Type *ScannerCapabilityType `json:"type,omitempty"`
}
-// A standard scale for measuring the severity of a vulnerability.
+// ScannerCapabilityType The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report,
+// 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible,
+// the field is optional, we think it's a original 'vulnerability' scan if no such field.
+type ScannerCapabilityType string
+
+// ScannerProperties A set of custom properties that can further describe capabilities of a given scanner.
+type ScannerProperties map[string]string
+
+// Severity A standard scale for measuring the severity of a vulnerability.
//
-// * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the
-// scanner did not recognize.
-// * `Negligible` - technically a security problem, but is only theoretical in nature, requires a very special
-// situation, has almost no install base, or does no real damage.
-// * `Low` - a security problem, but is hard to exploit due to environment, requires a user-assisted attack,
-// a small install base, or does very little damage.
-// * `Medium` - a real security problem, and is exploitable for many people. Includes network daemon denial of
-// service attacks, cross-site scripting, and gaining user privileges.
-// * `High` - a real problem, exploitable for many people in a default installation. Includes serious remote denial
-// of service, local root privilege escalations, or data loss.
-// * `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes
-// remote root privilege escalations, or massive data loss.
+// - `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the
+// scanner did not recognize.
+// - `Negligible` - technically a security problem, but is only theoretical in nature, requires a very special
+// situation, has almost no install base, or does no real damage.
+// - `Low` - a security problem, but is hard to exploit due to environment, requires a user-assisted attack,
+// a small install base, or does very little damage.
+// - `Medium` - a real security problem, and is exploitable for many people. Includes network daemon denial of
+// service attacks, cross-site scripting, and gaining user privileges.
+// - `High` - a real problem, exploitable for many people in a default installation. Includes serious remote denial
+// of service, local root privilege escalations, or data loss.
+// - `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes
+// remote root privilege escalations, or massive data loss.
type Severity string
// VulnerabilityItem defines model for VulnerabilityItem.
type VulnerabilityItem struct {
-
- // The Common Weakness Enumeration Identifiers associated with this vulnerability.
+ // CweIds The Common Weakness Enumeration Identifiers associated with this vulnerability.
CweIds *[]string `json:"cwe_ids,omitempty"`
- // The detailed description of the vulnerability.
+ // Description The detailed description of the vulnerability.
Description *string `json:"description,omitempty"`
- // The version of the package containing the fix if available.
+ // FixVersion The version of the package containing the fix if available.
FixVersion *string `json:"fix_version,omitempty"`
- // The unique identifier of the vulnerability.
+ // Id The unique identifier of the vulnerability.
Id *string `json:"id,omitempty"`
- // The list of links to the upstream databases with the full description of the vulnerability.
+ // Links The list of links to the upstream databases with the full description of the vulnerability.
Links *[]string `json:"links,omitempty"`
- // An operating system package containing the vulnerability.
+ // Package An operating system package containing the vulnerability.
Package *string `json:"package,omitempty"`
PreferredCvss *CVSSDetails `json:"preferred_cvss,omitempty"`
- // A standard scale for measuring the severity of a vulnerability.
+ // Severity A standard scale for measuring the severity of a vulnerability.
//
// * `Unknown` - either a security problem that has not been assigned to a priority yet or a priority that the
// scanner did not recognize.
@@ -240,127 +326,60 @@ type VulnerabilityItem struct {
// of service, local root privilege escalations, or data loss.
// * `Critical` - a world-burning problem, exploitable for nearly all people in a default installation. Includes
// remote root privilege escalations, or massive data loss.
- Severity *Severity `json:"severity,omitempty"`
- VendorAttributes *VulnerabilityItem_VendorAttributes `json:"vendor_attributes,omitempty"`
+ Severity *Severity `json:"severity,omitempty"`
+ VendorAttributes *map[string]interface{} `json:"vendor_attributes,omitempty"`
- // The version of the package containing the vulnerability.
+ // Version The version of the package containing the vulnerability.
Version *string `json:"version,omitempty"`
}
-// VulnerabilityItem_VendorAttributes defines model for VulnerabilityItem.VendorAttributes.
-type VulnerabilityItem_VendorAttributes struct {
- AdditionalProperties map[string]interface{} `json:"-"`
-}
-
// GetScanReportParams defines parameters for GetScanReport.
type GetScanReportParams struct {
- Accept *string `json:"Accept,omitempty"`
-}
-
-// Getter for additional properties for ScannerProperties. Returns the specified
-// element and whether it was found
-func (a ScannerProperties) Get(fieldName string) (value string, found bool) {
- if a.AdditionalProperties != nil {
- value, found = a.AdditionalProperties[fieldName]
- }
- return
-}
-
-// Setter for additional properties for ScannerProperties
-func (a *ScannerProperties) Set(fieldName string, value string) {
- if a.AdditionalProperties == nil {
- a.AdditionalProperties = make(map[string]string)
- }
- a.AdditionalProperties[fieldName] = value
-}
-
-// Override default JSON handling for ScannerProperties to handle AdditionalProperties
-func (a *ScannerProperties) UnmarshalJSON(b []byte) error {
- object := make(map[string]json.RawMessage)
- err := json.Unmarshal(b, &object)
- if err != nil {
- return err
- }
-
- if len(object) != 0 {
- a.AdditionalProperties = make(map[string]string)
- for fieldName, fieldBuf := range object {
- var fieldVal string
- err := json.Unmarshal(fieldBuf, &fieldVal)
- if err != nil {
- return errors.Wrap(err, fmt.Sprintf("error unmarshaling field %s", fieldName))
- }
- a.AdditionalProperties[fieldName] = fieldVal
- }
- }
- return nil
+ // SbomMediaType media_type specifies the format of SBOM to be retrieved from the scanner adapter, it should either SPDX SBOM or CycloneDX
+ SbomMediaType *string `form:"sbom_media_type,omitempty" json:"sbom_media_type,omitempty"`
+ Accept *string `json:"Accept,omitempty"`
}
-// Override default JSON handling for ScannerProperties to handle AdditionalProperties
-func (a ScannerProperties) MarshalJSON() ([]byte, error) {
- var err error
- object := make(map[string]json.RawMessage)
+// AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion10RequestBody defines body for AcceptScanRequest for application/vnd.scanner.adapter.scan.request+json; version=1.0 ContentType.
+type AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion10RequestBody = ScanRequest
- for fieldName, field := range a.AdditionalProperties {
- object[fieldName], err = json.Marshal(field)
- if err != nil {
- return nil, errors.Wrap(err, fmt.Sprintf("error marshaling '%s'", fieldName))
- }
- }
- return json.Marshal(object)
-}
+// AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion11RequestBody defines body for AcceptScanRequest for application/vnd.scanner.adapter.scan.request+json; version=1.1 ContentType.
+type AcceptScanRequestApplicationVndScannerAdapterScanRequestPlusJSONVersion11RequestBody = ScanRequest
-// Getter for additional properties for VulnerabilityItem_VendorAttributes. Returns the specified
-// element and whether it was found
-func (a VulnerabilityItem_VendorAttributes) Get(fieldName string) (value interface{}, found bool) {
- if a.AdditionalProperties != nil {
- value, found = a.AdditionalProperties[fieldName]
- }
- return
+// AsSbomParameters returns the union data inside the ScanRequest_EnabledCapabilities_Parameters as a SbomParameters
+func (t ScanRequest_EnabledCapabilities_Parameters) AsSbomParameters() (SbomParameters, error) {
+ var body SbomParameters
+ err := json.Unmarshal(t.union, &body)
+ return body, err
}
-// Setter for additional properties for VulnerabilityItem_VendorAttributes
-func (a *VulnerabilityItem_VendorAttributes) Set(fieldName string, value interface{}) {
- if a.AdditionalProperties == nil {
- a.AdditionalProperties = make(map[string]interface{})
- }
- a.AdditionalProperties[fieldName] = value
+// FromSbomParameters overwrites any union data inside the ScanRequest_EnabledCapabilities_Parameters as the provided SbomParameters
+func (t *ScanRequest_EnabledCapabilities_Parameters) FromSbomParameters(v SbomParameters) error {
+ b, err := json.Marshal(v)
+ t.union = b
+ return err
}
-// Override default JSON handling for VulnerabilityItem_VendorAttributes to handle AdditionalProperties
-func (a *VulnerabilityItem_VendorAttributes) UnmarshalJSON(b []byte) error {
- object := make(map[string]json.RawMessage)
- err := json.Unmarshal(b, &object)
+// MergeSbomParameters performs a merge with any union data inside the ScanRequest_EnabledCapabilities_Parameters, using the provided SbomParameters
+func (t *ScanRequest_EnabledCapabilities_Parameters) MergeSbomParameters(v SbomParameters) error {
+ b, err := json.Marshal(v)
if err != nil {
return err
}
- if len(object) != 0 {
- a.AdditionalProperties = make(map[string]interface{})
- for fieldName, fieldBuf := range object {
- var fieldVal interface{}
- err := json.Unmarshal(fieldBuf, &fieldVal)
- if err != nil {
- return errors.Wrap(err, fmt.Sprintf("error unmarshaling field %s", fieldName))
- }
- a.AdditionalProperties[fieldName] = fieldVal
- }
- }
- return nil
+ merged, err := runtime.JSONMerge(t.union, b)
+ t.union = merged
+ return err
}
-// Override default JSON handling for VulnerabilityItem_VendorAttributes to handle AdditionalProperties
-func (a VulnerabilityItem_VendorAttributes) MarshalJSON() ([]byte, error) {
- var err error
- object := make(map[string]json.RawMessage)
+func (t ScanRequest_EnabledCapabilities_Parameters) MarshalJSON() ([]byte, error) {
+ b, err := t.union.MarshalJSON()
+ return b, err
+}
- for fieldName, field := range a.AdditionalProperties {
- object[fieldName], err = json.Marshal(field)
- if err != nil {
- return nil, errors.Wrap(err, fmt.Sprintf("error marshaling '%s'", fieldName))
- }
- }
- return json.Marshal(object)
+func (t *ScanRequest_EnabledCapabilities_Parameters) UnmarshalJSON(b []byte) error {
+ err := t.union.UnmarshalJSON(b)
+ return err
}
// ServerInterface represents all server handlers.
@@ -385,11 +404,11 @@ type ServerInterfaceWrapper struct {
func (w *ServerInterfaceWrapper) GetMetadata(ctx echo.Context) error {
var err error
- ctx.Set(BasicAuthScopes, []string{""})
+ ctx.Set(BasicAuthScopes, []string{})
- ctx.Set(BearerAuthScopes, []string{""})
+ ctx.Set(BearerAuthScopes, []string{})
- // Invoke the callback with all the unmarshalled arguments
+ // Invoke the callback with all the unmarshaled arguments
err = w.Handler.GetMetadata(ctx)
return err
}
@@ -398,11 +417,11 @@ func (w *ServerInterfaceWrapper) GetMetadata(ctx echo.Context) error {
func (w *ServerInterfaceWrapper) AcceptScanRequest(ctx echo.Context) error {
var err error
- ctx.Set(BasicAuthScopes, []string{""})
+ ctx.Set(BasicAuthScopes, []string{})
- ctx.Set(BearerAuthScopes, []string{""})
+ ctx.Set(BearerAuthScopes, []string{})
- // Invoke the callback with all the unmarshalled arguments
+ // Invoke the callback with all the unmarshaled arguments
err = w.Handler.AcceptScanRequest(ctx)
return err
}
@@ -413,17 +432,23 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error {
// ------------- Path parameter "scan_request_id" -------------
var scanRequestId ScanRequestId
- err = runtime.BindStyledParameterWithLocation("simple", false, "scan_request_id", runtime.ParamLocationPath, ctx.Param("scan_request_id"), &scanRequestId)
+ err = runtime.BindStyledParameterWithOptions("simple", "scan_request_id", ctx.Param("scan_request_id"), &scanRequestId, runtime.BindStyledParameterOptions{ParamLocation: runtime.ParamLocationPath, Explode: false, Required: true})
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter scan_request_id: %s", err))
}
- ctx.Set(BasicAuthScopes, []string{""})
+ ctx.Set(BasicAuthScopes, []string{})
- ctx.Set(BearerAuthScopes, []string{""})
+ ctx.Set(BearerAuthScopes, []string{})
// Parameter object where we will unmarshal all parameters from the context
var params GetScanReportParams
+ // ------------- Optional query parameter "sbom_media_type" -------------
+
+ err = runtime.BindQueryParameter("form", true, false, "sbom_media_type", ctx.QueryParams(), ¶ms.SbomMediaType)
+ if err != nil {
+ return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter sbom_media_type: %s", err))
+ }
headers := ctx.Request().Header
// ------------- Optional header parameter "Accept" -------------
@@ -434,7 +459,7 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Expected one value for Accept, got %d", n))
}
- err = runtime.BindStyledParameterWithLocation("simple", false, "Accept", runtime.ParamLocationHeader, valueList[0], &Accept)
+ err = runtime.BindStyledParameterWithOptions("simple", "Accept", valueList[0], &Accept, runtime.BindStyledParameterOptions{ParamLocation: runtime.ParamLocationHeader, Explode: false, Required: false})
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter Accept: %s", err))
}
@@ -442,7 +467,7 @@ func (w *ServerInterfaceWrapper) GetScanReport(ctx echo.Context) error {
params.Accept = &Accept
}
- // Invoke the callback with all the unmarshalled arguments
+ // Invoke the callback with all the unmarshaled arguments
err = w.Handler.GetScanReport(ctx, scanRequestId, params)
return err
}
@@ -484,74 +509,92 @@ func RegisterHandlersWithBaseURL(router EchoRouter, si ServerInterface, baseURL
// Base64 encoded, gzipped, json marshaled Swagger object
var swaggerSpec = []string{
- "H4sIAAAAAAAC/9x7a28buZL2Xyl0DnDOnFdqyZIvGb1YYBXHO+ODjCewkxlgI8OmmiWJYzbZIdlyNIH/",
- "+6JIdqsltXzJ5MPZ/RJYzUs9Vaw7ma9JpvNCK1TOJqOvic0WmDP/59g4MWOZo78Lows0TqAf4WKO1n/n",
- "aDMjCie0SkbJhwUCi6v+biFM60CmlRXWCTUHPQOmgMm5NsItcmCKwwK/QKEN7ZEmnQS/sLyQmIwSu2CD",
- "o+PRcTbMjgeH06PXfDrN+DDrc/56MD3Mjoaz/uHBj4f8YHB4kh0jTjlj05Ps+KCfzU748fFJ/8fpcJp0",
- "Ercq/IbOCDVPHjpJLnK8CV/bmPjl/JczoGEC7BpcbQJkRSFFxmhhb6l4ynV2hyblgghNS89RzpSYoXXp",
- "cvD//rBataExWGgrnDardjiK5TWSt54GXOKcqKxgvZbk7JhQJOf9mKWYGmZWvVyruW4D49j8yZOlOc1N",
- "h+nBYfcLKsHk7pYP9Rc9/QMzR0ROf7u6eouOCWl31ctm2uDNctAOg5bCIO2DnwYzbTy3y1IqNGwqpHCr",
- "dEJynmmTM5eMkpnUzK2BqTKfoiEYkdLwEUrD51CqJTFMB8+hu8TMafM0i2HeHspAU4OQQdhKP4g4jH8b",
- "veuNT0e/9Mbl6KJ3OnrfOx9d9Maji024yfg3+nxKs8PEizjxfZtqVLCfktejsLcQ0KLRMO33Kszveu8v",
- "R+96HwnH1ehj73T0cwX+ebp1Zow2u1qVo7Vs7g1+Tf1K5wilwi8FZg45oF/7fDKXaAutLO6SwwrF3wzO",
- "klHyqrd2tL3oZXsBauv2PzMz1ea3pugukdzkLinWcNSPUasd+kMnmSPt65DfML+u1lnOHHadyLFNAWzG",
- "lMIn2bqK02gFLtEIt3pySTWP1KzBdGRROMztU3tsCOvcYZ6sBcuMYat2SVeutEWwpVtoI/5kQcm3dX6s",
- "QPu/mYQlk2Xto3/+8OE9jJuLYYGMowGLysG9cAtAli3A4OcSrQOnW337cgDj9+fpRJ2T0y0tcpqJX7IF",
- "U3OEN8zi8SGgyjRHDkZPtQOWZbpUDjKDHJUTTFpaxMAutHEgxRI5/Ov3DzQRLY3doYL7hcgWE8Wk1PfW",
- "YykVRyNX5FziqdM2RSnlRnCBmdF5G/htO3/DrMjgzfjq7Pjw5uzi9Ne3Z29vTi/P3p5dfDgfv7tqU7fS",
- "yBapw5RZhI+X7yD6lz1i2yC/cK6wo16PPHm68LaVcp0zoZ5n7aTSl+G0vo8BmobWPbam1s4Hv+hzKQzy",
- "ZPRpvUFnTf/6ceTnvE2cpRKfSwTh1WUm0IBBVxqFHKYrL+BPPVKB63+86hHXId8ZZxkWrrH5NdSDNsSm",
- "4FOiUUxUg4CwoLQDkRealHpaOhCONLSUHKZYQUKly/nC653BJZlOpqUUVisL9wtUUNBPNfeRhiD6bMg4",
- "u618wxl7fTQ7PuwenRycdA+Pjgfd6XCWdQfZj8fD2fExm7HjNgUM7O1z8YI/xxGuZb99goIn15FIdKqb",
- "RxNMprK+NW2wZbYAZn1e2IElKq5Nx+fSSzSWsk7P/yZamvx0ehmpbRrPByOWq/aEgEg/e9e/W+JiKfg2",
- "gfHnksEVZqUPAa2EPF/tlOLgoyz008O0/3xTV2jGnBUOzS/oGGeO7ZK+xMIgOXQLeZzk6xuIG0DcIThX",
- "iL41xHXSaan1XVmQZ47zM1awqcSJ0rPwjVSbwVwsUUHlO8A6bZCDUCCchcoL+NPP2Z3316VBcAtGRjVR",
- "ZBZCOTSFQQdsbdwGbSldm6p4IC+NvpHr02rtajf6btN5xnbv1wu+If/YMrhqeWeTw+v9StDgZuf812NV",
- "hVsn4Ra92zOY6bkSfyJfx8u6tLT+yBqzKzUIPqwxMZ2o/9IGojJ3djUmlNVMrv6k44/hUORsHokURvMy",
- "C9q0lVxV1CqoQQGnq0pP73HqudMSIRfzhSP3bCrNRx6SmVB4kIITkVq4q9FEdf3yMkfb4Gg0UQBduN0u",
- "oHUmUo+7UTYf+LL5ds+K55Tct4QiyOBZKCoHwoL9piSyNMgppg5+2/9fOZ7/OEj7t21mFBm/qbsNtt2B",
- "RQVoqMZW24FcfkH01zG5mZQF1vznGADBFphRrPWOggYmSSWBBpxJksI4OJiJos+h6REDsVZyRccdD5t2",
- "0gobxwvkGLZi7afk+YdKqcu3tFCuO2uXtNu/2HU522y/4BQqedb10rb8qyK35bBrb0CRsCE1sjXDn5Tb",
- "t6jhS0Sz5RzbtLVdeo/4y/ebeTHnItRHm993gG2npPEostI6nTczHx/VKKLNSuMWaCCsnDbkK4Lgq7hZ",
- "SXFT2l+TWAPE4W4Ucq/6XTFouwXL7tgcuxtdjKSzb4ONaV1KCqhc6ZYFFda862vsQf/gx27/dfdg+KH/",
- "enRwPBoO0+Hh0X8nrelIo4LekZNjijPDiUsZOlQ5MluaqgdYld9BItuNmIn6J9x+VHdK36tb6AIKL1MG",
- "NqZiJPqpxDzIfcFC2j5FVMCsFXMVKlIGhRHaL1jRyZnmF7/UFwBQGw0X3O9UB8jUQ7nAuRRzMZVIaBxm",
- "CyUyJuWqBVInVA02eCm3QG3Q0WxyU4q50mAHon5b4h3NKnhFJj0U4Upvax3PF5O5tg6UBqGsY1L6KrND",
- "vHCNxDcYZBI4857Mw32n7wnnI9gWdDa+ZC+kFg54if6nWgqjVY7KbWAsLSmSpVSCUgbnWHbXIbAMbE6Y",
- "2rF51qRwTuIGvl+QizIPED34XZyUHQhb4fO5hFciplZQoC4kpnCuMllykgG6e23ugDPMtQLu+72gZ16c",
- "aJYiwwjadiAz2tquFY5cpddZNQ/05rFHTdySmiyFxLnPcv4Jtz+L+aKBuAb6CEI6cAYcZ6yUrhKRP9oG",
- "dotG6JLSnVw7jNgJOCVeAXsHpCb9MVq7NS5Asq1Q1gaRU54vtY2AT43wahdA32sjeXdaGs/hXvQKmSGt",
- "lvIFPBDaCP8JiDnp0BI3oJL3U2VOnj5afNJJ1gaXdJJ3+j7pJEFpkk5CJ5F0koo/8vrrcirM3fHjux24",
- "naI5u8cbwfeE4FOdk2b9juxOobVwpso89hTgvG4fWHI+OhOskX8K+2ib+VNy+vtZ9/Dk+GW5wwbCNsDc",
- "32Egh8ZQFfYfbXvz4m7etbo0mT97+gkH6TDtg1sY3/U4SA9ep4MhmafXG6fJYoCB0qr708VHKJjLFqRj",
- "c8PyiSLTiq6KgucMgxfWDjOPKsdswZSwudfAqWTqrisUD1k8F7MZLEpFlrvZC4waF+yaZO805Tq8zBxw",
- "YXynfwXOMMpCmKwcACwFAwaZYTOHfKLe4lQwBZHjGFM7wCxwcibW1clVaeNFYVNEWsEFujdXb4Mcdw5u",
- "Jr7cvKRHEAFsX5nNxBcQM2BLJiQJffvU/Jn02wAI3k53t7nWqh1bVyJn3UH/4KT7evB62EZMCnW3x4Kk",
- "sD518lOqvnJZWGeQ5VClI7ZRtpVSvlR7P9Xt1CqidJ1hIXH355xqM+/FT71Ndq4b92OlEUnDHLe+P53Z",
- "h0Pc05j3fkPNwa6sw3zfiT9ppG1ACoMzNAb5Tba0T3Yymned33oj4vtsN8yFouix7NqZEluyyO9gHI+K",
- "6iA9OEkHJ8/psHkZBLW5Il4DN77ZOS7don6FQGum9HW9KakdcfMGmUGzO9t/3p5OBIWa6ViSu9iox5wJ",
- "mYySTGWzbkjmuzkTnmU09j/JkmxKo6nQu0XKq1fw65ISB7ynRPoDRaDx+3PIS+t7JIIEkwfvSoWz4aFY",
- "Dw0775wV3q/7QlVqLBR8Cr2X639UVjbXsdgQ+oe645cGso3u/CPN+R985hVm9r7Svzfx7ulG8IdeqCo3",
- "tvgJ43oa+aHR2wdmEExoiosqofHNisyVlGTWnUvFY7MxdqyqXlNoTVKICBvEDsVux+mFLNaDPmbalcoW",
- "Ritd2hTO69sFVJ9LLEOz5A899egLozO0NjTIItJwMdfggRas3XgK/sR3mrqFlpLinjZBRLy6QKuYrxzv",
- "RH2P00hrqQkpgWql77c3FJQz81iBbfwolRMShIuysTDo9ynxPOr3qSZ1pYVMc5/TVwdYtci3SVf99Sbh",
- "KFVWMcd4TjriE4+ZmJcG48HUphStJ2ZBwmZ6Sbbk7EZfwMN59Qqu6mZabHrwRteH5ry0NfntjcktPLHd",
- "8gw839ikbNspOuN008GHvZrrD25fjMSw+9AZlSLDeIkWLqKSccGyBcLA51P+ptf761Gvd39/nzI/6vOI",
- "uNT23p2fnl1cnXUHaT9duFz6nEA4H3+ipmxfvYzfnyeN4EdhilbpAhUrhH+51PcACuYWPg7Viko/5tjy",
- "yu1jvIefIeXf66ut+hKIdHBD7fxt6IZ3Emqp78I201JIDv6ShuOXxkWAnajt/r5t3ghV79PWTeLWO6Dm",
- "vahvnU0pwhtiIhiR4mgwtiNrkOc8GSUN80w6SfT5IVwP+v0qnqLyQnpKLSrxtDQt63eHz7zY2b6a8yF+",
- "85Cunj4WUoSjF7Ph3/X8FR423w21QD9XDo3y7RpDXgzrR0K2zHNmVuFk6owhXx+RY3NL6Xl1AXZNq3wo",
- "8IW4bnu0OfYF5VTqzCvOWk3DtWWMl7aKjBQz11HRgshz5FSKy5UPs9V3FkufjXv/sGVUwuo9iw+ZFIbX",
- "PfYNna0vo9pUdCcNSEJXG617o/nqhYdLv9O4/K/qaYWn5YRPQ2JtQ4OmasJvvK8JJl5nhyRxy5ZIMbd6",
- "7OCTrJg7zYTEqtKhgKlWoN2CAqLUWQyq/r2PiK2E5kX5RIUHKRvmPfg20YU9/rrs9pvH1UZ+5o8fOTFw",
- "+G9oy5eYoX9xJdSSScHhX1e/XlTvlu6NptIqunE/4p+Rec90OBj8+3MzEyj5/2Y/GtzHVhVGdmVqb7Lf",
- "p+5Nr/emDj/5FxjNcqAqntaXVbVuN4oNygFPpfBvTXymv5maa+80hG2m0BTsFpjdwe3fKqtMQ2p+W6fv",
- "Nj5bxM8lkxZuB/3+LSnn7VG/f7snIViXCj5rMixHh4Yk1NZZ2O17tVZGlax9n5xjMpoxaZHK9mTkU7Ok",
- "U6WNWyJPmpeYoffxYhd97lXYulX4Xwe+ck8eOl8feen//Jw5iVyEB6BrPoLmJU24252T67+ccz3ryvjZ",
- "Frf/STKZxAvLgk2ya0l/nSiASdXxis8Yskkyoo+bb1duwm6TZKIeJu3vOP/CuX0XseyLXmG4kwz7Lf8F",
- "4CpU0EJxD726ym14DWFhijSwTpmqx0SV91g/pjTojECeJp2ohF6ZLnFm0C6645lre3t4HohjeAzs348t",
- "mQQ2Wz9oe5LajmbTNnP/LuvBx+vDtkdVSmkHMxHZ2e8uGr7l/0ImXylFa8BptEy9o200Sz9dk6dqNkQ/",
- "XZPnCCSDXw7VdY8Vorc8SB6uH/4nAAD//03Ne132NQAA",
+ "H4sIAAAAAAAC/+xce3Pbtpb/KhjmzrS9K1Gy7Dipdu7sKo639Z0k9cRJe2cjjw0ShxJqEmAAULKa+rvv",
+ "HAB8SdTDabqbu3PzRxKTBM4BcB6/84A/BbHMcilAGB2MPwU6nkNG7X8nyvCExgb/nyuZgzIc7BvGZ6Dt",
+ "cwY6Vjw3XIpgHLybA6F+1DeauM96JJZCc224mBGZECoITWdScTPPCBWMzOGe5FLhHGHQC+CeZnkKwTjQ",
+ "czp6ejo+jY/j09FJ9PQ5i6KYHcdDxp6PopP46XEyPDn6/oQdjU6exacAEaM0ehafHg3j5Bk7PX02/D46",
+ "joJeYFa5ndAoLmbBQy/IeAY37mnXIl5fvD4n+BoZNo1VtRmkeZ7ymOLAwUKwkMn4DlTIOBKKCruijAqe",
+ "gDbhYvRvv2opurhRkEvNjVSrbnYEzSpOXloa5C3MkMqK1GNxnw3lAvd5O88pjxRVq0EmxUx2MWPobO/J",
+ "4jfNSY/Do5P+PQhO080pH6onMvoVYoNEzn6+unoJhvJUb4qXjqWCm8Womw0cSkbhkNjPSCKVXe2iSAUo",
+ "GvGUm1U4xX1OpMqoCcZBkkpqasZEkUWgkA1P6XgHpeNDKFU7cRyODqG7gNhItX+J7rstlAl+6jaZcF3K",
+ "BxInk5/HrwaTs/HrwaQYvxmcjS8HF+M3g8n4TZvdYPIzPj7Dr92Hb/yHl12iUbK9b792sr3GAQ4aH4fD",
+ "Qcnzq8Hl2/GrwXvk42r8fnA2/rFk/jDZOldKqk2pykBrOrMKX1O/khmQQsB9DrEBRsCOPZzMW9C5FBo2",
+ "yUHJxV8UJME4eDKoDe3AW9mBY7Vz+h+piqS6imT2FtA6blKgDfu8i0hlxx96wQzwJAywG7rFfhte2xpl",
+ "KZNqUNhUKkYN9PHrTvsKjNMdBtbNUtLRkcwIo4ZaUyWKLBh/aBlXnbP70nquG914FadSQPnBdQc3OL/d",
+ "McY4jqPpZWMnjSqg18GjokvLVIvLai9ItHJPYyoEqDDoOEP/bt8BXfnPrIYJJtUNNc6B+IN+FNv116Se",
+ "plyDm7+D2e0i+HNTe/9MWTxMsh6/pxoWoLhZ7R1Sfofn0Fi0XyI3kOl9c7Q268JAFtQbS5Wiq+6dLr15",
+ "x8YWZi4V/426E17XpYkgMvenvaBpUanuj+/eXZJJczCZA2WgiAZhyJKbOQEaz4mCjwVoQ4zshBeLEZlc",
+ "XoRTcYF+v9DA8Eu4j+dUzIC8oBpOTwiIWDJgRMlIGkLjWBbCkFgBA2E4TTUOokTP0ZykfAGM/P2Xd/gh",
+ "aHx3B4Is5zyeTwVNU7nUlpdCMFDpCv2bP3WcJi/StIVvSKJk1sX8uqt5QTWPyYvJ1fnpyc35m7OfXp6/",
+ "vDl7e/7y/M27i8mrqy5xK1TaseskohrI+7eviHdxW7atRX5uTK7HgwGCiXBudStkMqO8hVWQ4EH+B13D",
+ "JVU0AwOqC0VFMrup7XBbhv8EI7tfylEn3zpx+zIWBASNUmA3Mc1bqto+rXP7lZMv0vyU6CJHc+aMuRex",
+ "noUtEY3vllQxghxQw51C96zeyMIQM+eaJBxSVolmTAWJwAU7DJRXFEebpmmbcrQiDBJapBadV8fS3pK8",
+ "dbo7LX39aYW6kK9Su3vV06sXP722kU2POBEkS26ZU2rlrMLtuuDc4kJ0DjFPnMur0JITWkfSTowRCIi1",
+ "iOPTVBAy3ZDHaTAmH/AVvuyUw2nQ63q/KY/TAL+7nooHq/GiSFPc9tJHSgE/JcH4wx7z39anh+uHHp4H",
+ "K2LQN1W8uOUoNFgwU8WN1uE6+KS3YobqUFBmiqxFpgIdGPpVooPhXiwV6xFuEPNToovI0lYkKdLUs2Hm",
+ "MBUdvJeTtuYzhRI1axkYakHP5PKi5+w9chmnHN2GkSThAshMUY6D8LyVTMt5K8HwwBGJhsR6Dlr5qamw",
+ "etMjUqQrYg8WGFnOQZRUBACzHiMutJEZ/w0INz0izRzUkmto7SFKuZlzcUe4o1PuA9UkggQDtwjmdMGl",
+ "IjzpUOA1L/FhQ9Y0xAXighAlOHRLs2L372QBSnMp/nYUDtEmVnq8xziWP3fi70bWwapwfVhNdNyKqQIP",
+ "ca9b2RN80uVJ0CZwBQynsW+vO2z1OsOqgVB2aVGFZNYpVRP0alN/vdtJXLAu11sI/rEAwi20SDioDRn+",
+ "MMCNu/72yQCtqTvISRxDbhqTX5PqpXahdCsmmYoGAa6JkIbwLJeoEFFhUP/0XBYpQ5vvWQIhi9ncYhQF",
+ "C5TkWKYp11JoJ985/ihmVqO8ebYWYh2oHCf0+dPk9KT/9NnRs/7J09NRPzpO4v4o/v70ODk9pQk97QIr",
+ "bnnbIlLODgHN9d6vnyBnwbUn4gF4+2gcvCr1sqZNdBHPUR0FzaDnQ5CeTf15/XHrb3OLH+/PhjWir3r7",
+ "3im+WHXnL5D0wbN+o3EVC/TmbQKTjwUlV94sdBOy6+qm5F/uXMIwPAmHB+JAN37CaG5Avfb2e5P0W8gV",
+ "IPjXtZGXCaHET0D8DB4oeRzuYkCU6VTKuyJHl1NZ3hrQTIVM3AuUb0pmfAGClFiNaCMREHFBuNGkNAVW",
+ "BDJ6ZwF+odCuU9SsqUDd4MKAyhVa8lrDFWjETB3yso4B671EkPGpBBK4fYg8pm0L2oAaHc64AVW6wIiM",
+ "ecgzOoNGsveojWC6hh2SLXbIhpDrir0Ot76HvVLAqDvfEBfu3ZgPQza9WUUX/3mwxDu2EF3M/+udO8jz",
+ "b1KqgXkjk4O0PtW0dsDhQyDx4bC4OkZCHuxpTsW11Z+DEhreOJxVIKQLHLQ18YDpGnmsz0jprPmlcniv",
+ "bQOut9vKxmo2zGT9rqxb1VjcoWuE4DPBfwNWpyAawB+NWuPr0lp6SFx/GE7FVPyXVMRbqt66aU3Blcto",
+ "uvoNTaTPMVh9cWScRDuLu5axKumVzOJ0UxGtSoO+hMiuT6ZAMj6bG8QxqnQRCMgxFnQFBfQESKRGouOp",
+ "6FdRS2NNYxSwPrk9XM9vt4w4RMVvkYtSqw/g4nMM4e1jT6kUic0TsvnjPcfymUeByx5bAv+cB3OQnb3t",
+ "8PqdlnZNqfXOxHiJxdcRTUgunNbbgIxru7s9fIIgxiOSZgrJ2nLSirNtTsSFFf/HKZENS9jhqx+R2Wim",
+ "X9fSaM3Y3EZCVgoa5STtc0ncAUJ8scU3h2TigORU4GN3Ej7qssmDCIjXEpxJilZmA93b3th+u/x3JEEP",
+ "Ku8/Kg3wteaX9udEPsOU/hkZkppzl+KsrPQ3LXj/TW1PdcNWt6oIVrNre71euK59am8qvkHNbU3qz6Ac",
+ "GUulbCDObHCDlr88jIqgi7Oi8rhYSC4EkYo5xcFPqyw0upJEqlZGOoXeVFivYNPQXFcZth5ZQjsnJhWf",
+ "cTR869tisxA8IUK6KL2ZEduTadqdWOqyL93yvgOnXW6x9e3nG6K0njHyyuOyic3EhI03cQeSQpk5KOJG",
+ "RtBO1tso2UW0pdy39eNT4Ms5/nXfq8Wg/LlcoO7nNL6jM+iv7+qWCVqf9TFmj6iGfpEz1Pe+rRiNhkff",
+ "94fP+0fH74bPx0en4+Pj8Pjk6X8HndmCRjF0Y58MFQxFTMc0df0uGVBdqFKqy0qq25H1to6p+Cu5fS/u",
+ "hFyKW9InwO2eUlK6d9z6KIXM7fucuqxaBCAI1ZrPhKuZUJIrLu2AlUttN57YoTY/RyozxzizM1XAPLSs",
+ "vIFZymeoKMiNgXgueEzTdNXBUs8l9bTzK2YOUoHBr9GxCGoKBT3i5RsVagFq5fwYTS0r3BTWOvbsumia",
+ "SW1Qq7jQhqapLRj2cC1MAq6bKKApYdT6HsvuK7lEPnfwNsezsdXXPJXcEFaAqzEtuJIiA2FaPBYaBUlj",
+ "CIOhijE0vrPogRKdIU/dvNmlpdyYFFr8vQbGi8yxaJnf5BPNFNclfxYbWyGiYkVykHkKaOPitGC4B2CW",
+ "Ut0RRiGTgjDbPUZkYrcT1ILH4JnWPRIrqXVfc4PW0sqsmDl6M9/xhqtFMVnwFGY2uvoruf2Rz+YNjitG",
+ "d3CIB07L4ly5RfZoG7xrUFwW6BAyacDzjoxjwOd475FUovwoKU3NFwHULZd1dltODSWp1J7hM8Wt2Dmm",
+ "l1KlrB8Vyq5wK/cCqEKpTtNHrAG59ezvYTFDGVpAi9WGf/AaH/SCWuGCXvBKLoNe4IQm6AV4EkEvKNfX",
+ "LlW4bzfs+GYzxUZOO17CDWdbQNOZzFCyfgF6J0Brci6KzKf8yUWV3ddofGTMaSPU4npn09qH4OyX8/7J",
+ "s9PHQZoWh10MM9sRCYw0XlWdO7ua6Fh+N+trWajYnj3+SI7C43BIzFzZosRRePQ8HB3boiHKjZGoMYQS",
+ "IUX/hzfvSU5NPEcZmymaTQWqljdV6DwTcFZYGogtVxnEcyq4drgmSqm463PBXMDKeJKQeSFQc9ttHV7i",
+ "nF7j3huJ6JQVsSGMK9s3uCJGUcSNLlBDA0AWnBJKYkUTA2wqXkLEqSB+xd6n9gjVhKEx0aaCw4X2bcfN",
+ "LZKCvAHz4uplOO3sx034/c1jUviegfUG3ITfI7aiC8ptPXr91OyZDLsY4Kyb7mbtq1M61hosz/uj4dGz",
+ "/vPR8+MuYikXd1s0KOXaQif7SYlKi1wbBdR17KHv0I0MRZGmj5XeD1VnTOlR+kZRF2rZcw6lmg38o0F7",
+ "OdetzhnezGquPd8fi7lD3NJjVYJ7vdIGsm0nvldJuxjJFSSgFLCbeKH3ZlCbndOf29z22CbDDRT5BZRj",
+ "51YdhUfPwtGzQwpgdg+c2FzhWt1qbC1yUph5dacBx0T4tJ4UxQ5X8wKoArX5tX28/jkS5CKR1vvgklzL",
+ "EmSUp8E4iEWc9B2Y72eU2yWD0v+JmqRDfBtyuRmkPHlCflogcIAlAul36IEmlxckK7RNB3LcmMxZV96I",
+ "El0pzRpnAcs6tiyhMRfkg0stXn9batlM+mCDy++qWlzoyDaK5ztq599Z5OW+HHzCv298o9ENZw8DFya3",
+ "pvgB/Hh8812j9E6oAuJCZc1LQGPD5NgUCDKrmqJgPunmM7BVk4ktGqKLcBP4nNJmnvuRS6xeWp+pVyKe",
+ "KylkoUNyURX/QXwsoHDprV9lZLnPlYxBa5/0bXRhNdeAA2ozHhJ74hs111ymKfq9djahsfjS8E7FlziN",
+ "sNo11xPmGi2/zNwkR8zMfARWCMPTZh51NBwi1nw6HGIYagpNYsl8kcSdWVm0XqdWVrybtPxG0nI9lGUo",
+ "FhZrJHxWKPBnUWmPVxgPfLiO5QLVx+h2UhjZefKEnLVK31PxO2mUjd6tciC/k6sqK+pzIayZvmu+91mR",
+ "9nuctN/+QzaePPY9Ttq2vIT8/riqQDEcHseRsv/C51UHukh+Xm1mNzNVWaHta9yszZmO9s60gztFl7du",
+ "YwlxmT7/5yvZ2MNqKygbAWLBGHzzkGvACSY5jedARhao2m5o6wjHg8FyuQypfWsBmh+qB68uzs7fXJ33",
+ "R+EwnJsstWCLG+vYvT6ut5xMLi+CBqoIjsIRjpI5CJpze8FsaBnIqZlbB1+ZA/xhBh2XWd77XvUEMLCp",
+ "W3qq5hfU9HbFBw1Ny+xzsZB3bpqo4Ckjti+FwX2jsqunYr0QqJtNMGW6ul0Y3Gh7afaDlb3EOVW4CGeq",
+ "hG0qdkipYvKCBeOgYQSDXuCdqcNBo+GwBCog7CbtE+1yezry99X10AMr9estSQidPpv80RcgvwG7rvZL",
+ "Bcrh00fvor399Ue2sH27rIP1C2FACZuGU+iqoLpKposso2rlBKNCglktIYbONIZdZUPFNY6yLt4mWGTX",
+ "1d6JTRREqYyt3NZa4qoYHgfpEvEgFqrRjiY8s2VOA+nKwqfyOfUhbavdsuzUtzpQXjmxUAjhVV3taqlM",
+ "VUPv0pANeBe4agVo80Ky1SMPF38O/fA/qiYlP4foxk66R59Ld0Oyzlygpl3CryzqtK7eOMtWRRt40pou",
+ "AAFdVU+311KFT4SkUEbOiMbEyjVzT0UqY4/Y7FUg7lNTzb7IqXD9xy2rNvq8I3Nz/PEz266WVy28b8UO",
+ "GC7g5Cu0IW8hBnsZi4sFTTkjf7/66U15pWmpJIbq3nvZN/aGmbWIJ6PR178aW8z8J7PfyOzRV8fsu0ZT",
+ "gavbNXsGjCRzKlgKG/eO1vyRM8NrWQq0E6qyytt909bwcysC/MH2DjfD5TK5UBdzK11tBOMY0Z3Zqyja",
+ "RcKt0NU6IlsiaMSbCBrmEN+R27+UViZ0cextFetqf0MTPhY01eR2NBzeorLdPh0Ob7fgujqUtuC3vg/2",
+ "oSvztpkX7swclHtt60gMgnFCUw29gOM8iLCDXon+17Y8aBb5XW7w0S7nwqqkNit3S8VmtoKH3qcdv1fj",
+ "8EAu8Ktwd13rdTjJC5rsbmQW13e0bsyqOpZ09SsW3EURd5tOuoY9ozig+amuo5Ya4/W017g04mvjV5cv",
+ "/+EmkYqcuQaul//4Ipfg7TZ8LMDeuClPs91vtnM7rv9wJHFQT9DBNmr7ZfRDoNNawN4mu9GX5xPk/tTj",
+ "zfsCHPSNm20arLXYNTLVn3mR7JFb0vgVETuJ7tedL3IW2xCRe90Ljocdv/TkyqX8uGCW9bLdpGG5uSYR",
+ "4Isa/peN1qUFr+9jOV20v67CGQIrwW8hUaDn/Uliuq4vXTjiXsft7ZMFTQlN6jsxe6ltqBNOM7M96w9f",
+ "KQZ8QVm1pspy1dc9rQUpD8G2/UydO54G5bCQtPqj7Qg8KWvXyr44WZ6k62YR0pCcuiS5I1E5N/Ltf6zZ",
+ "qb/d399/1ytx6R2sBq1fdbA+3t/WsxiwaXN95v1kOAwdID/p6v4XODbhXra2+8+Gs/0XxPxfhphVN/CW",
+ "fEdpbjrhZKNgaGFUo1T44RpRQLMc+OEaHaHbP4e6XAp0QHM+WBwFD9cP/xMAAP//07Ks5UJNAAA=",
}
// GetSwagger returns the content of the embedded swagger specification file
@@ -559,16 +602,16 @@ var swaggerSpec = []string{
func decodeSpec() ([]byte, error) {
zipped, err := base64.StdEncoding.DecodeString(strings.Join(swaggerSpec, ""))
if err != nil {
- return nil, fmt.Errorf("error base64 decoding spec: %s", err)
+ return nil, fmt.Errorf("error base64 decoding spec: %w", err)
}
zr, err := gzip.NewReader(bytes.NewReader(zipped))
if err != nil {
- return nil, fmt.Errorf("error decompressing spec: %s", err)
+ return nil, fmt.Errorf("error decompressing spec: %w", err)
}
var buf bytes.Buffer
_, err = buf.ReadFrom(zr)
if err != nil {
- return nil, fmt.Errorf("error decompressing spec: %s", err)
+ return nil, fmt.Errorf("error decompressing spec: %w", err)
}
return buf.Bytes(), nil
@@ -586,7 +629,7 @@ func decodeSpecCached() func() ([]byte, error) {
// Constructs a synthetic filesystem for resolving external references when loading openapi specifications.
func PathToRawSpec(pathToFile string) map[string]func() ([]byte, error) {
- var res = make(map[string]func() ([]byte, error))
+ res := make(map[string]func() ([]byte, error))
if len(pathToFile) > 0 {
res[pathToFile] = rawSpec
}
@@ -599,13 +642,13 @@ func PathToRawSpec(pathToFile string) map[string]func() ([]byte, error) {
// The logic of resolving external references is tightly connected to "import-mapping" feature.
// Externally referenced files must be embedded in the corresponding golang packages.
// Urls can be supported but this task was out of the scope.
-func GetSwagger() (swagger *openapi3.Swagger, err error) {
- var resolvePath = PathToRawSpec("")
+func GetSwagger() (swagger *openapi3.T, err error) {
+ resolvePath := PathToRawSpec("")
- loader := openapi3.NewSwaggerLoader()
+ loader := openapi3.NewLoader()
loader.IsExternalRefsAllowed = true
- loader.ReadFromURIFunc = func(loader *openapi3.SwaggerLoader, url *url.URL) ([]byte, error) {
- var pathToFile = url.String()
+ loader.ReadFromURIFunc = func(loader *openapi3.Loader, url *url.URL) ([]byte, error) {
+ pathToFile := url.String()
pathToFile = path.Clean(pathToFile)
getSpec, ok := resolvePath[pathToFile]
if !ok {
@@ -619,7 +662,7 @@ func GetSwagger() (swagger *openapi3.Swagger, err error) {
if err != nil {
return
}
- swagger, err = loader.LoadSwaggerFromData(specData)
+ swagger, err = loader.LoadFromData(specData)
if err != nil {
return
}
diff --git a/api/openapi.yaml b/api/openapi.yaml
index 531fd26..5b3cb76 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -10,37 +10,34 @@ info:
The [/scan](#operation/AcceptScanRequest) operation is asynchronous. It should enqueue the job for processing a scan request and return the identifier. This allows Harbor to poll a corresponding scan report with the
[/scan/{scan_request_id}/report](#operation/GetScanReport) operation. Harbor will call the
- [/scan/{scan_request_id}/report](#operation/GetScanReport) operation periodically periodically until it returns 200 or 500 status codes.
+ [/scan/{scan_request_id}/report](#operation/GetScanReport) operation periodically until it returns 200 or 500 status codes.
The [/metadata](#operation/GetMetadata) operation allows a Harbor admin to configure and register a scanner
and discover its capabilities.
- ## Supported consumed MIME types
+ ## Capabilities
- - `application/vnd.oci.image.manifest.v1+json`
- - `application/vnd.docker.distribution.manifest.v2+json`
+ | Capability Type | Supported consumed MIME types | Supported produced MIME types |
+ | --------------- | ----------------------------- | ----------------------------- |
+ | vulnerability | `application/vnd.oci.image.manifest.v1+json`
`application/vnd.docker.distribution.manifest.v2+json` | `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0`
`application/vnd.security.vulnerability.report; version=1.1`
`application/vnd.scanner.adapter.vuln.report.raw`|
+ | sbom | `application/vnd.oci.image.manifest.v1+json`
`application/vnd.docker.distribution.manifest.v2+json` | `application/vnd.security.sbom.report+json; version=1.0` |
- ## Supported produced MIME types
-
- - `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0`
- - `application/vnd.security.vulnerability.report; version=1.1`
- - `application/vnd.scanner.adapter.vuln.report.raw`
contact:
email: cncf-harbor-maintainers@lists.cncf.io
license:
name: Apache 2.0
url: http://www.apache.org/licenses/LICENSE-2.0.html
- version: "1.1"
+ version: "1.2"
servers:
- - url: /api/v1
+- url: /api/v1
security:
- - BasicAuth: []
- - BearerAuth: []
+- BasicAuth: []
+- BearerAuth: []
paths:
/metadata:
get:
tags:
- - Scanner
+ - Scanner
summary: Get scanner metadata
description: |
Used to fetch scanner's metadata and capabilities. The operation is invoked to build an index of scanners
@@ -50,6 +47,9 @@ paths:
200:
description: Scanner's metadata and capabilities
content:
+ "application/vnd.scanner.adapter.metadata+json; version=1.1":
+ schema:
+ $ref: '#/components/schemas/ScannerAdapterMetadata'
"application/vnd.scanner.adapter.metadata+json; version=1.0":
schema:
$ref: '#/components/schemas/ScannerAdapterMetadata'
@@ -62,7 +62,7 @@ paths:
/scan:
post:
tags:
- - Scanner
+ - Scanner
summary: Accept artifact scanning request
description: |
A non-blocking operation which enqueues a scan job and returns immediately. It returns a unique
@@ -73,6 +73,9 @@ paths:
Contains data required to pull the given artifact and save it for scanning in the file system or any other
location accessible to the scanner.
content:
+ "application/vnd.scanner.adapter.scan.request+json; version=1.1":
+ schema:
+ $ref: '#/components/schemas/ScanRequest'
"application/vnd.scanner.adapter.scan.request+json; version=1.0":
schema:
$ref: '#/components/schemas/ScanRequest'
@@ -101,10 +104,16 @@ paths:
"application/vnd.scanner.adapter.error+json; version=1.0":
schema:
$ref: '#/components/schemas/ErrorResponse'
+ 501:
+ description: The scanner has no capability to handle the scan request
+ content:
+ "application/vnd.scanner.adapter.error+json; version=1.0":
+ schema:
+ $ref: '#/components/schemas/ErrorResponse'
/scan/{scan_request_id}/report:
get:
tags:
- - Scanner
+ - Scanner
summary: Get scan report
description: |
Get a scan report for the given scan request identifier.
@@ -112,19 +121,28 @@ paths:
Clients will periodically poll this operation and check `$response.status` until its value equals `200` or `500`.
operationId: GetScanReport
parameters:
- - name: scan_request_id
- in: path
- description: The identifier of the corresponding scan request
- required: true
- style: simple
- explode: false
- schema:
- $ref: '#/components/schemas/ScanRequestId'
- - name: Accept
- in: header
- schema:
- type: string
- example: "application/vnd.security.vulnerability.report; version=1.1"
+ - name: scan_request_id
+ in: path
+ description: The identifier of the corresponding scan request
+ required: true
+ style: simple
+ explode: false
+ schema:
+ $ref: '#/components/schemas/ScanRequestId'
+ - name: Accept
+ in: header
+ schema:
+ type: string
+ example: "application/vnd.security.vulnerability.report; version=1.1"
+ - name: sbom_media_type
+ in: query
+ description: media_type specifies the format of SBOM to be retrieved from the scanner adapter, it should either SPDX SBOM or CycloneDX
+ required: false
+ schema:
+ type: string
+ enum:
+ - application/spdx+json
+ - application/vnd.cyclonedx+json
responses:
200:
description: Scan report
@@ -142,6 +160,9 @@ paths:
{
"vendor_specific": "vulnerabilities_report"
}
+ "application/vnd.security.sbom.report+json; version=1.0":
+ schema:
+ $ref: '#/components/schemas/HarborSbomReport'
302:
description: Status indicating the scan report is being generated and the request should be retried.
headers:
@@ -149,6 +170,13 @@ paths:
description: Indicates the interval after which the request should be retried.
schema:
type: integer
+ 400:
+ description: Bad request from the client to query report of a "/scan" request. For example, querying SBOM generation report, but not passing
+ query parameter (?sbom_media_type=xxx), or the key/value of the query parameter is not valid, it should return 400.
+ content:
+ "application/vnd.scanner.adapter.error+json; version=1.0":
+ schema:
+ $ref: '#/components/schemas/ErrorResponse'
404:
description: Cannot find the corresponding scan request identifier
500:
@@ -157,6 +185,12 @@ paths:
"application/vnd.scanner.adapter.error+json; version=1.0":
schema:
$ref: '#/components/schemas/ErrorResponse'
+ 501:
+ description: The scanner has no capability to handle the mime type
+ content:
+ "application/vnd.scanner.adapter.error+json; version=1.0":
+ schema:
+ $ref: '#/components/schemas/ErrorResponse'
components:
schemas:
Scanner:
@@ -178,8 +212,8 @@ components:
Basic scanner properties such as name, vendor, and version.
ScannerAdapterMetadata:
required:
- - scanner
- - capabilities
+ - scanner
+ - capabilities
type: object
properties:
scanner:
@@ -188,10 +222,39 @@ components:
type: array
items:
$ref: '#/components/schemas/ScannerCapability'
+ example: |
+ [
+ {
+ "type": "vulnerability",
+ "consumes_mime_types": [
+ "application/vnd.oci.image.manifest.v1+json",
+ "application/vnd.docker.distribution.manifest.v2+json"
+ ],
+ "produces_mime_types": [
+ "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0"
+ ]
+ },
+ {
+ "type": "sbom",
+ "consumes_mime_types": [
+ "application/vnd.oci.image.manifest.v1+json",
+ "application/vnd.docker.distribution.manifest.v2+json"
+ ],
+ "produces_mime_types": [
+ "application/vnd.security.sbom.report+json; version=1.0"
+ ],
+ "additional_attributes": {
+ "sbom_media_types": [
+ "application/spdx+json",
+ "application/vnd.cyclonedx+json"
+ ]
+ }
+ }
+ ]
properties:
$ref: "#/components/schemas/ScannerProperties"
description: |
- Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capable
+ Represents metadata of a Scanner Adapter which allows Harbor to lookup a scanner capabilities
of scanning a given Artifact stored in its registry and making sure that it
can interpret a returned result.
ScannerProperties:
@@ -206,6 +269,7 @@ components:
ScannerCapability:
description: |
Capability consists of the set of recognized artifact MIME types and the set of scanner report MIME types.
+
For example, a scanner capable of analyzing Docker images and producing a vulnerabilities report recognizable
by Harbor web console might be represented with the following capability:
- consumes MIME types:
@@ -213,11 +277,29 @@ components:
- `application/vnd.docker.distribution.manifest.v2+json`
- produces MIME types:
- `application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0`
+
+ For example, a scanner capable of analyzing artifacts and producing a sbom report recognizable
+ by Harbor might be represented with the following capability:
+ - type: sbom
+ - consumes MIME types:
+ - `application/vnd.oci.image.manifest.v1+json`
+ - `application/vnd.docker.distribution.manifest.v2+json`
+ - produces MIME types:
+ - `application/vnd.security.sbom.report+json; version=1.0`
required:
- - consumes_mime_types
- - produces_mime_types
+ - consumes_mime_types
+ - produces_mime_types
type: object
properties:
+ type:
+ type: string
+ enum:
+ - vulnerability
+ - sbom
+ description: |
+ The type of the capability, for example, 'vulnerability' represents analyzing the artifact then producing the vulnerabilities report,
+ 'sbom' represents generating the corresponding sbom for the artifact which be scanned. In order to the backward and forward compatible,
+ the field is optional, we think it's a original 'vulnerability' scan if no such field.
consumes_mime_types:
type: array
items:
@@ -226,8 +308,8 @@ components:
The set of MIME types of the artifacts supported by the scanner to produce the reports specified in the "produces_mime_types". A given
mime type should only be present in one capability item.
example:
- - "application/vnd.oci.image.manifest.v1+json"
- - "application/vnd.docker.distribution.manifest.v2+json"
+ - "application/vnd.oci.image.manifest.v1+json"
+ - "application/vnd.docker.distribution.manifest.v2+json"
produces_mime_types:
type: array
items:
@@ -235,20 +317,67 @@ components:
description: |
The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record.
example:
- - "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0"
+ - "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0"
+ additional_attributes:
+ type: object
+ descriptions: The additional attributes for scanner capabilities. If the type is sbom, then it returns supported media types of the SBOM format.
+ example: |
+ {
+ "sbom_media_types": [
+ "application/spdx+json",
+ "application/vnd.cyclonedx+json"
+ ]
+ }
ScanRequest:
required:
- - registry
- - artifact
+ - registry
+ - artifact
type: object
properties:
registry:
$ref: '#/components/schemas/Registry'
artifact:
$ref: '#/components/schemas/Artifact'
+ enabled_capabilities:
+ type: array
+ description: Enable which capabilities supported by scanner, for backward compatibility, without this field scanner can be considered to enable all capabilities by default.
+ items:
+ type: object
+ required:
+ - type
+ properties:
+ type:
+ type: string
+ enum:
+ - vulnerability
+ - sbom
+ description: The type of the scan capability.
+ example: sbom
+ produces_mime_types:
+ type: array
+ items:
+ type: string
+ description: |
+ The set of MIME types of reports generated by the scanner for the consumes_mime_types of the same capability record, it is a subset or fullset of the
+ produces_mime_types of the capability returned by the metadata API, used for client to fine grained control of the expected report type. It's a optional
+ field, only applied when client needs to customize it, otherwise the scanner can think it's a fullset as before behavior if without this field.
+ example:
+ - "application/vnd.security.sbom.report+json; version=1.0"
+ parameters:
+ oneOf:
+ - $ref: '#/components/schemas/SbomParameters'
+ nullable: true
+ description: The additional parameters for the scan request, for the SBOM type, harbor will carry with `sbom_media_types` to specify the expected formats for SBOM content.
+ example: |
+ {
+ "sbom_media_types": [
+ "application/spdx+json",
+ "application/vnd.cyclonedx+json"
+ ]
+ }
ScanResponse:
required:
- - id
+ - id
properties:
id:
$ref: '#/components/schemas/ScanRequestId'
@@ -258,12 +387,23 @@ components:
identifier is not imposed but it should be unique enough to prevent collisons when polling for scan reports.
type: string
example: "3fa85f64-5717-4562-b3fc-2c963f66afa6"
+ SbomParameters:
+ type: object
+ properties:
+ sbom_media_types:
+ type: array
+ items:
+ type: string
+ enum:
+ - application/spdx+json
+ - application/vnd.cyclonedx+json
Registry:
type: object
properties:
url:
type: string
description: A base URL or the Docker Registry v2 API.
+ format: url
example: https://core.harbor.domain
authorization:
type: string
@@ -349,7 +489,7 @@ components:
The list of links to the upstream databases with the full description of the vulnerability.
format: uri
example:
- - https://security-tracker.debian.org/tracker/CVE-2017-8283
+ - https://security-tracker.debian.org/tracker/CVE-2017-8283
preferred_cvss:
$ref: "#/components/schemas/CVSSDetails"
cwe_ids:
@@ -357,7 +497,7 @@ components:
items:
type: string
example:
- - CWE-476
+ - CWE-476
description: |
The Common Weakness Enumeration Identifiers associated with this vulnerability.
vendor_attributes:
@@ -382,12 +522,37 @@ components:
remote root privilege escalations, or massive data loss.
example: Low
enum:
- - Unknown
- - Negligible
- - Low
- - Medium
- - High
- - Critical
+ - Unknown
+ - Negligible
+ - Low
+ - Medium
+ - High
+ - Critical
+ HarborSbomReport:
+ type: object
+ properties:
+ generated_at:
+ type: string
+ format: 'date-time'
+ description: 'The time of the report generated.'
+ artifact:
+ $ref: '#/components/schemas/Artifact'
+ scanner:
+ $ref: '#/components/schemas/Scanner'
+ vendor_attributes:
+ type: object
+ additionalProperties: true
+ description: 'The additional attributes of the vendor.'
+ media_type:
+ type: string
+ enum:
+ - application/spdx+json
+ - application/vnd.cyclonedx+json
+ description: 'The format of the sbom data.'
+ sbom:
+ type: object
+ additionalProperties: true
+ description: 'The raw data of the sbom generated by the scanner.'
ErrorResponse:
type: object
properties:
diff --git a/go.mod b/go.mod
index 5447123..8621776 100644
--- a/go.mod
+++ b/go.mod
@@ -5,65 +5,71 @@ go 1.20
require (
github.com/brianvoe/gofakeit/v6 v6.4.1
github.com/containerd/containerd v1.3.2
- github.com/deepmap/oapi-codegen v1.6.1
github.com/deislabs/oras v0.8.1
- github.com/getkin/kin-openapi v0.53.0
- github.com/google/uuid v1.2.0
+ github.com/getkin/kin-openapi v0.122.0
+ github.com/google/uuid v1.5.0
github.com/heetch/confita v0.10.0
- github.com/labstack/echo/v4 v4.2.1
+ github.com/labstack/echo/v4 v4.11.4
github.com/mborders/artifex v0.4.0
github.com/mroth/weightedrand v0.4.1
- github.com/pkg/errors v0.9.1
- github.com/sirupsen/logrus v1.6.0
+ github.com/oapi-codegen/echo-middleware v1.0.1
+ github.com/oapi-codegen/runtime v1.1.1
+ github.com/sirupsen/logrus v1.8.1
)
require (
- github.com/BurntSushi/toml v0.3.1 // indirect
+ github.com/BurntSushi/toml v1.3.2 // indirect
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 // indirect
github.com/Microsoft/hcsshim v0.8.7 // indirect
+ github.com/apapsch/go-jsonmerge/v2 v2.0.0 // indirect
github.com/bugsnag/bugsnag-go v1.5.2 // indirect
github.com/bugsnag/panicwrap v1.2.0 // indirect
+ github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f // indirect
- github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect
+ github.com/deepmap/oapi-codegen/v2 v2.1.0 // indirect
github.com/docker/distribution v2.7.1+incompatible // indirect
github.com/docker/go-metrics v0.0.0-20181218153428-b84716841b82 // indirect
github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect
- github.com/ghodss/yaml v1.0.0 // indirect
- github.com/go-openapi/jsonpointer v0.19.5 // indirect
- github.com/go-openapi/swag v0.19.13 // indirect
+ github.com/go-openapi/jsonpointer v0.19.6 // indirect
+ github.com/go-openapi/swag v0.22.4 // indirect
github.com/gofrs/uuid v3.2.0+incompatible // indirect
github.com/gogo/protobuf v1.3.1 // indirect
+ github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
- github.com/golang/protobuf v1.4.2 // indirect
- github.com/google/go-cmp v0.5.2 // indirect
+ github.com/golang/protobuf v1.5.2 // indirect
github.com/gorilla/handlers v1.4.2 // indirect
+ github.com/gorilla/mux v1.8.0 // indirect
+ github.com/invopop/yaml v0.2.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect
- github.com/konsorten/go-windows-terminal-sequences v1.0.3 // indirect
- github.com/labstack/gommon v0.3.0 // indirect
- github.com/mailru/easyjson v0.7.6 // indirect
- github.com/mattn/go-colorable v0.1.8 // indirect
- github.com/mattn/go-isatty v0.0.12 // indirect
+ github.com/labstack/gommon v0.4.2 // indirect
+ github.com/mailru/easyjson v0.7.7 // indirect
+ github.com/mattn/go-colorable v0.1.13 // indirect
+ github.com/mattn/go-isatty v0.0.20 // indirect
+ github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.0.1 // indirect
github.com/opencontainers/runc v0.1.1 // indirect
+ github.com/perimeterx/marshmallow v1.1.5 // indirect
+ github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus/client_golang v1.7.1 // indirect
github.com/robfig/cron/v3 v3.0.1 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
- github.com/valyala/fasttemplate v1.2.1 // indirect
+ github.com/valyala/fasttemplate v1.2.2 // indirect
go.opencensus.io v0.22.3 // indirect
- golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad // indirect
- golang.org/x/net v0.0.0-20210119194325-5f4716e94777 // indirect
- golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect
- golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c // indirect
- golang.org/x/text v0.3.6 // indirect
- golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
- golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+ golang.org/x/crypto v0.17.0 // indirect
+ golang.org/x/mod v0.12.0 // indirect
+ golang.org/x/net v0.19.0 // indirect
+ golang.org/x/sync v0.3.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
+ golang.org/x/time v0.5.0 // indirect
+ golang.org/x/tools v0.12.0 // indirect
google.golang.org/genproto v0.0.0-20200903010400-9bfcb5116336 // indirect
google.golang.org/grpc v1.31.1 // indirect
- google.golang.org/protobuf v1.24.0 // indirect
- gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
+ gopkg.in/yaml.v3 v3.0.1 // indirect
rsc.io/letsencrypt v0.0.3 // indirect
)
diff --git a/go.sum b/go.sum
index c217538..a12fde1 100644
--- a/go.sum
+++ b/go.sum
@@ -4,19 +4,23 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT
github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
-github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
+github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/DataDog/datadog-go v2.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 h1:ygIc8M6trr62pF5DucadTWGdEB4mEyvzi0e2nbcmcyA=
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw=
github.com/Microsoft/hcsshim v0.8.7 h1:ptnOoufxGSzauVTsdE+wMYnCWA301PdoN4xg5oRdZpg=
github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ=
+github.com/RaveNoX/go-jsoncommentstrip v1.0.0/go.mod h1:78ihd09MekBnJnxpICcwzCMzGrKSKYe4AqU6PDYYpjk=
github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs=
github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/apapsch/go-jsonmerge/v2 v2.0.0 h1:axGnT1gRIfimI7gJifB699GoE/oq+F2MU7Dml6nw9rQ=
+github.com/apapsch/go-jsonmerge/v2 v2.0.0/go.mod h1:lvDnEdqiQrp0O42VQGgmlKpxL1AP2+08jFMw88y4klk=
github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
@@ -32,6 +36,7 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
+github.com/bmatcuk/doublestar v1.1.1/go.mod h1:UD6OnuiIn0yFxxA2le/rnRU1G4RaI4UvFv1sNto9p6w=
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
github.com/brianvoe/gofakeit/v6 v6.4.1 h1:u4lPnxVNr648hEyoIz31A8zrQl5woUQbCgqjAj/n/Y4=
github.com/brianvoe/gofakeit/v6 v6.4.1/go.mod h1:palrJUk4Fyw38zIFB/uBZqsgzW5VsNllhHKKwAebzew=
@@ -45,8 +50,9 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3k
github.com/bugsnag/panicwrap v1.2.0 h1:OzrKrRvXis8qEvOkfcxNcYbOd2O7xXS2nnKMEMABFQA=
github.com/bugsnag/panicwrap v1.2.0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
@@ -74,17 +80,15 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/deepmap/oapi-codegen v1.6.1 h1:2BvsmRb6pogGNtr8Ann+esAbSKFXx2CZN18VpAMecnw=
-github.com/deepmap/oapi-codegen v1.6.1/go.mod h1:ryDa9AgbELGeB+YEXE1dR53yAjHwFvE9iAUlWl9Al3M=
+github.com/deepmap/oapi-codegen/v2 v2.1.0 h1:I/NMVhJCtuvL9x+S2QzZKpSjGi33oDZwPRdemvOZWyQ=
+github.com/deepmap/oapi-codegen/v2 v2.1.0/go.mod h1:R1wL226vc5VmCNJUvMyYr3hJMm5reyv25j952zAVXZ8=
github.com/deislabs/oras v0.8.1 h1:If674KraJVpujYR00rzdi0QAmW4BxzMJPVAZJKuhQ0c=
github.com/deislabs/oras v0.8.1/go.mod h1:Mx0rMSbBNaNfY9hjpccEnxkOqJL6KGjtxNHPLC4G4As=
github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0=
github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
github.com/docker/cli v0.0.0-20200130152716-5d0cf8839492/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
@@ -112,24 +116,28 @@ github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7 h1:LofdAjjjqCSXMwLGgOgnE+rdPuvX9DxCqaHwKy7i/ko=
github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
-github.com/getkin/kin-openapi v0.53.0 h1:7WzP+MZRRe7YQz2Kc74Ley3dukJmXDvifVbElGmQfoA=
-github.com/getkin/kin-openapi v0.53.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4=
-github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
+github.com/getkin/kin-openapi v0.118.0 h1:z43njxPmJ7TaPpMSCQb7PN0dEYno4tyBPQcrFdHoLuM=
+github.com/getkin/kin-openapi v0.118.0/go.mod h1:l5e9PaFUo9fyLJCPGQeXI2ML8c3P8BHOEV2VaAVf/pc=
+github.com/getkin/kin-openapi v0.122.0 h1:WB9Jbl0Hp/T79/JF9xlSW5Kl9uYdk/AWD0yAd9HOM10=
+github.com/getkin/kin-openapi v0.122.0/go.mod h1:PCWw/lfBrJY4HcdqE3jj+QFkaFK8ABoqo7PvqVhXXqw=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs=
github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
github.com/go-ldap/ldap v3.0.2+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
-github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY=
github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
+github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
+github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
-github.com/go-openapi/swag v0.19.13 h1:233UVgMy1DlmCYYfOiFpta6e2urloh+sEs5id6lyzog=
-github.com/go-openapi/swag v0.19.13/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
+github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
+github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
+github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
+github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
+github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
github.com/gofrs/uuid v3.2.0+incompatible h1:y12jRkkFxsd7GpqdSZ+/KCs/fJbqpEXSGd4+jfEaewE=
github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
@@ -138,6 +146,8 @@ github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -154,21 +164,22 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golangci/lint-1 v0.0.0-20181222135242-d2cdd8c08219/go.mod h1:/X8TswGSh1pIozq4ZwCfxS0WA5JGXguxk94ar/4c87Y=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM=
-github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
-github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
+github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg=
@@ -220,6 +231,9 @@ github.com/heetch/confita v0.10.0/go.mod h1:W6GDCVPvi2LpvdEriwZTu2fyxuK+Grx1vY30
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/invopop/yaml v0.1.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q=
+github.com/invopop/yaml v0.2.0 h1:7zky/qH+O0DwAyoobXUqvVBwgBFRxKoQ/3FjcVpjTMY=
+github.com/invopop/yaml v0.2.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q=
github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
@@ -229,6 +243,7 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/juju/gnuflag v0.0.0-20171113085948-2ce1bb71843d/go.mod h1:2PavIy+JPciBPrBUjwbNvtwB6RQlve+hkpll6QSNmOE=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 h1:iQTw/8FWTuc7uiaSepXwyf3o52HaUYcV+Tu66S3F5GA=
github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8=
@@ -236,8 +251,6 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
-github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
@@ -246,27 +259,23 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/labstack/echo/v4 v4.2.1 h1:LF5Iq7t/jrtUuSutNuiEWtB5eiHfZ5gSe2pcu5exjQw=
-github.com/labstack/echo/v4 v4.2.1/go.mod h1:AA49e0DZ8kk5jTOOCKNuPR6oTnBS0dYiM4FW1e6jwpg=
-github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0=
-github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
+github.com/labstack/echo/v4 v4.11.4 h1:vDZmA+qNeh1pd/cCkEicDMrjtrnMGQ1QFI9gWN1zGq8=
+github.com/labstack/echo/v4 v4.11.4/go.mod h1:noh7EvLwqDsmh/X/HWKPUl1AjzJrhyptRyEbQJfxen8=
+github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
+github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
-github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA=
-github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
+github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho=
-github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
-github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
-github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
-github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
-github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
-github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
-github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
-github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
-github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
github.com/mborders/artifex v0.4.0 h1:hhdWwq23dVzQe/2r9aeHdE2SdJKCWmXqBIQDP0NOqg8=
@@ -289,12 +298,17 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJ
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/mroth/weightedrand v0.4.1 h1:rHcbUBopmi/3x4nnrvwGJBhX9d0vk+KgoLUZeDP6YyI=
github.com/mroth/weightedrand v0.4.1/go.mod h1:3p2SIcC8al1YMzGhAIoXD+r9olo/g/cdJgAD905gyNE=
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
-github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
+github.com/oapi-codegen/echo-middleware v1.0.1 h1:edYGScq1phCcuDoz9AqA9eHX+tEI1LNL5PL1lkkQh1k=
+github.com/oapi-codegen/echo-middleware v1.0.1/go.mod h1:DBQKRn+D/vfXOFbaX5GRwFttoJY64JH6yu+pdt7wU3o=
+github.com/oapi-codegen/runtime v1.1.1 h1:EXLHh0DXIJnWhdRPN2w4MXAzFyE4CskzhNLUmtpMYro=
+github.com/oapi-codegen/runtime v1.1.1/go.mod h1:SK9X900oXmPWilYR5/WKPzt3Kqxn/uS/+lbpREv+eCg=
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
@@ -315,6 +329,10 @@ github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mo
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/perimeterx/marshmallow v1.1.4 h1:pZLDH9RjlLGGorbXhcaQLhfuV0pFMNfPO55FuFkxqLw=
+github.com/perimeterx/marshmallow v1.1.4/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw=
+github.com/perimeterx/marshmallow v1.1.5 h1:a2LALqQ1BlHM8PZblsDdidgv1mWi1DgC2UmX50IvK2s=
+github.com/perimeterx/marshmallow v1.1.5/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw=
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc=
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
@@ -367,8 +385,8 @@ github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvH
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
-github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
-github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
+github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
+github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
@@ -384,25 +402,32 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
+github.com/spkg/bom v0.0.0-20160624110644-59b7046e48ad/go.mod h1:qLr4V1qq6nMqFKkMo8ZTx3f+BZEkzsRUY10Xsm2mwU0=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
-github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
+github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo=
+github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
+github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY=
+github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
-github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4=
-github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
+github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=
+github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs=
@@ -425,14 +450,14 @@ golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnf
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad h1:DN0cp81fZ3njFcrLCytUHRSUkqBjfTo4Tx9RJTWs0EY=
-golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
+golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -449,9 +474,8 @@ golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn
golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
-golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
+golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -459,8 +483,9 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
+golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -471,7 +496,6 @@ golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5h
golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -479,31 +503,22 @@ golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20190508220229-2d0786266e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c h1:VwygUrnw9jn88c4u8GD3rZQbqrP/tgas88tPUbBxQrk=
-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE=
-golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
+golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -512,11 +527,10 @@ golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss=
+golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f h1:GGU+dLjvlC3qDwqYgL6UgRmHXhOOgns0bZu2Ty5mm6U=
google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -546,8 +560,11 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA=
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw=
@@ -555,7 +572,6 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
@@ -568,12 +584,12 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
diff --git a/main.go b/main.go
index 23d3ca9..ea68d0f 100644
--- a/main.go
+++ b/main.go
@@ -3,16 +3,16 @@ package main
import (
"flag"
- oapi "github.com/deepmap/oapi-codegen/pkg/middleware"
"github.com/goharbor/harbor-scanner-fake/api"
"github.com/goharbor/harbor-scanner-fake/pkg/config"
"github.com/goharbor/harbor-scanner-fake/pkg/server"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
+ mw "github.com/oapi-codegen/echo-middleware"
log "github.com/sirupsen/logrus"
)
-//go:generate go run github.com/deepmap/oapi-codegen/cmd/oapi-codegen -generate types,server,spec -package api -o ./api/api.gen.go ./api/openapi.yaml
+//go:generate go run github.com/deepmap/oapi-codegen/v2/cmd/oapi-codegen -generate types,server,spec -package api -o ./api/api.gen.go ./api/openapi.yaml
var (
configPath string
@@ -56,7 +56,8 @@ func main() {
e.Use(middleware.TimeoutWithConfig(middleware.TimeoutConfig{Timeout: cfg.Server.Timeout}))
}
- e.Use(oapi.OapiRequestValidator(swagger))
+ // Validate requests against the OpenAPI spec
+ e.Use(mw.OapiRequestValidator(swagger))
api.RegisterHandlersWithBaseURL(e, s, "/api/v1")
diff --git a/pkg/config/config.go b/pkg/config/config.go
index bb7ae32..2691886 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -69,6 +69,9 @@ type Config struct {
// The vulnerabilities count in the artifact
VulnerabilitiesPerReport int64 `config:"scanner-vulnerabilities-per-report" yaml:"vulnerabilitiesPerReport"`
+ // The package count in the SBOM of an artifact
+ SbomPackagesPerReport int64 `config:"sbom-packages-per-report" yaml:"sbomPackagesPerReport"`
+
// The duration to generate the scan report after artifact pulled
ReportGeneratingDuration time.Duration `config:"scanner-report-generating-duration" yaml:"reportGeneratingDuration"`
}
@@ -107,6 +110,10 @@ func (cfg *Config) Validate() error {
return fmt.Errorf("scanner.vulnerabilitiesPerReport %d must less or equal with db.Total %d", cfg.Scanner.VulnerabilitiesPerReport, cfg.DB.Total)
}
+ if cfg.Scanner.SbomPackagesPerReport <= 0 {
+ return fmt.Errorf("scanner.SbomPackagesPerReport %d must be larger than 0", cfg.Scanner.SbomPackagesPerReport)
+ }
+
return nil
}
@@ -119,6 +126,7 @@ func Load(paths ...string) (*Config, error) {
cfg.Scanner.SkipPulling = true
cfg.Scanner.VulnerableRate = 1
cfg.Scanner.VulnerabilitiesPerReport = 100
+ cfg.Scanner.SbomPackagesPerReport = 10
cfg.Server.Address = "0.0.0.0:8080"
cfg.Server.AsscessLog = true
diff --git a/pkg/scanner/scanner.go b/pkg/scanner/scanner.go
index 85261cb..37586c6 100644
--- a/pkg/scanner/scanner.go
+++ b/pkg/scanner/scanner.go
@@ -14,16 +14,17 @@ import (
"github.com/containerd/containerd/content/local"
clog "github.com/containerd/containerd/log"
"github.com/deislabs/oras/pkg/oras"
+ "github.com/google/uuid"
+ "github.com/mborders/artifex"
+ wr "github.com/mroth/weightedrand"
+ "github.com/sirupsen/logrus"
+
"github.com/goharbor/harbor-scanner-fake/api"
"github.com/goharbor/harbor-scanner-fake/pkg/config"
"github.com/goharbor/harbor-scanner-fake/pkg/db"
"github.com/goharbor/harbor-scanner-fake/pkg/log"
"github.com/goharbor/harbor-scanner-fake/pkg/store"
"github.com/goharbor/harbor-scanner-fake/pkg/util"
- "github.com/google/uuid"
- "github.com/mborders/artifex"
- wr "github.com/mroth/weightedrand"
- "github.com/sirupsen/logrus"
)
var (
@@ -35,6 +36,9 @@ func init() {
}
const (
+ CapabilityTypeSBOM = "sbom"
+ CapabilityTypeVulnerability = "vulnerability"
+
VulnerabilityDatabaseUpdatedAt = "harbor.scanner-adapter/vulnerability-database-updated-at"
MimeTypeOCIArtifact = "application/vnd.oci.image.manifest.v1+json"
@@ -42,12 +46,20 @@ const (
MimeTypeNativeReport = "application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0"
MimeTypeGenericVulnerabilityReport = "application/vnd.security.vulnerability.report; version=1.1"
+ MimeTypeSbomReport = "application/vnd.security.sbom.report+json; version=1.0"
)
var (
ErrReportNotFound = errors.New("report not found")
)
+type SbomPkg struct {
+ Name string `json:"name"`
+ VersionInfo string `json:"versionInfo"`
+ LicenseConcluded string `json:"licenseConcluded"`
+ LicenseDeclared string `json:"licenseDeclared"`
+}
+
type Scanner struct {
cfg *config.Config
db *db.DB
@@ -79,17 +91,17 @@ func (s *Scanner) Scan(scanRequest *api.ScanRequest) (api.ScanRequestId, error)
return scanRequestId, nil
}
-func (s *Scanner) GetReport(scanRequestId api.ScanRequestId) (*api.HarborVulnerabilityReport, error) {
+func (s *Scanner) GetReport(scanRequestId api.ScanRequestId) (*api.HarborVulnerabilityReport, *api.HarborSbomReport, error) {
reportOrError, err := s.store.GetReportOrError(scanRequestId)
if err != nil {
if errors.Is(err, store.ErrNotFound) {
- return nil, ErrReportNotFound
+ return nil, nil, ErrReportNotFound
}
- return nil, err
+ return nil, nil, err
}
- return reportOrError.Report, reportOrError.Error
+ return reportOrError.VulnReport, reportOrError.SbomReport, reportOrError.Error
}
func (s *Scanner) do(ctx context.Context, scanRequestId api.ScanRequestId) {
@@ -107,12 +119,12 @@ func (s *Scanner) do(ctx context.Context, scanRequestId api.ScanRequestId) {
}
}
- report, err := s.generateReport(req)
+ vulnReport, sbomReport, err := s.generateReport(req)
if err != nil {
log.G(ctx).WithField("artifact", mustGetArtifact(req)).Error("generate report failed")
}
- s.store.SetReportOrError(scanRequestId, &store.ReportOrError{Report: report, Error: err})
+ s.store.SetReportOrError(scanRequestId, &store.ReportOrError{VulnReport: vulnReport, SbomReport: sbomReport, Error: err})
}
func (s *Scanner) pull(ctx context.Context, req *api.ScanRequest) error {
@@ -165,7 +177,76 @@ func (s *Scanner) pull(ctx context.Context, req *api.ScanRequest) error {
return err
}
-func (s *Scanner) generateReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, error) {
+func (s *Scanner) generateReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, *api.HarborSbomReport, error) {
+ // backward compatibility with pluggable-scanner-spec prior to v1.2
+ if len(*req.EnabledCapabilities) == 0 {
+ vulnReport, err := s.generateVulnerabilityReport(req)
+ return vulnReport, nil, err
+ }
+
+ // for pluggable-scanner-spec v1.2 and onwards
+ var vulnReport *api.HarborVulnerabilityReport
+ var sbomReport *api.HarborSbomReport
+ var err error
+ for _, capbility := range *req.EnabledCapabilities {
+ switch capbility.Type {
+ case CapabilityTypeVulnerability:
+ vulnReport, err = s.generateVulnerabilityReport(req)
+ if err != nil {
+ return nil, nil, err
+ }
+ case CapabilityTypeSBOM:
+ sbomReport, err = s.generateSbomReport(req)
+ if err != nil {
+ return nil, nil, err
+ }
+ default:
+ return nil, nil, fmt.Errorf("the capability type is not supported, type=%s", capbility.Type)
+ }
+ }
+ return vulnReport, sbomReport, err
+}
+
+func (s *Scanner) generateSbomReport(req *api.ScanRequest) (*api.HarborSbomReport, error) {
+ time.Sleep(s.cfg.Scanner.ReportGeneratingDuration)
+
+ now := time.Now()
+ var mediaType api.SbomParametersSbomMediaTypes
+ //Harbor currently only asks SPDX format of SBOM
+ mediaType = api.SbomParametersSbomMediaTypesApplicationspdxJson
+ artifactName := (*req.Artifact.Repository) + ":" + (*req.Artifact.Digest)
+ if req.Artifact.Tag != nil {
+ artifactName = (*req.Artifact.Repository) + ":" + (*req.Artifact.Tag)
+ }
+ var pkgs []*SbomPkg
+ sbomPkgNumPerReport := s.cfg.Scanner.SbomPackagesPerReport
+ for int64(len(pkgs)) < sbomPkgNumPerReport {
+ pkgs = append(pkgs, generateSbomPkgRecord())
+ }
+ sbomData := map[string]interface{}{
+ "SPDXID": "SPDXRef-DOCUMENT",
+ "createionInfo": struct {
+ Created string `json:"created"`
+ Creators []string `json:"creators"`
+ }{
+ Created: time.Now().Format("2006-01-02T15:04:05.999999999Z"),
+ Creators: []string{"Tool: " + *s.metadata.Scanner.Name, "Organization: " + *s.metadata.Scanner.Vendor},
+ },
+ "name": artifactName,
+ "packages": pkgs,
+ }
+
+ return &api.HarborSbomReport{
+ Artifact: &req.Artifact,
+ GeneratedAt: &now,
+ MediaType: (*api.HarborSbomReportMediaType)(&mediaType),
+ Sbom: &sbomData,
+ Scanner: &s.metadata.Scanner,
+ VendorAttributes: nil,
+ }, nil
+}
+
+func (s *Scanner) generateVulnerabilityReport(req *api.ScanRequest) (*api.HarborVulnerabilityReport, error) {
time.Sleep(s.cfg.Scanner.ReportGeneratingDuration)
if s.errorChooser.Pick().(bool) {
@@ -224,20 +305,28 @@ func New(cfg *config.Config, db *db.DB) *Scanner {
wr.Choice{Item: false, Weight: uint(100 - cfg.Scanner.VulnerableRate*100)},
)
+ vulnType := api.ScannerCapabilityType(CapabilityTypeVulnerability)
+ sbomType := api.ScannerCapabilityType(CapabilityTypeSBOM)
metadata := api.ScannerAdapterMetadata{
- Capabilities: []api.ScannerCapability{{
- ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact},
- ProducesMimeTypes: []string{MimeTypeNativeReport, MimeTypeGenericVulnerabilityReport},
- }},
- Properties: &api.ScannerProperties{
- AdditionalProperties: map[string]string{
- VulnerabilityDatabaseUpdatedAt: time.Now().Format(time.RFC3339),
+ Capabilities: []api.ScannerCapability{
+ {
+ ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact},
+ ProducesMimeTypes: []string{MimeTypeNativeReport, MimeTypeGenericVulnerabilityReport},
+ Type: &vulnType,
+ },
+ {
+ ConsumesMimeTypes: []string{MimeTypeOCIArtifact, MimeTypeDockerArtifact},
+ ProducesMimeTypes: []string{MimeTypeSbomReport},
+ Type: &sbomType,
},
},
+ Properties: &api.ScannerProperties{
+ VulnerabilityDatabaseUpdatedAt: time.Now().Format(time.RFC3339),
+ },
Scanner: api.Scanner{
- Name: util.String("Fake"),
- Vendor: util.String("Fake Scanner"),
- Version: util.String("v1.0.0"),
+ Name: util.String("Fake-Scanner"),
+ Vendor: util.String("Fake-Scanner-Vendor"),
+ Version: util.String("v1.1.0"),
},
}
diff --git a/pkg/scanner/util.go b/pkg/scanner/util.go
index 95cf631..411d7fc 100644
--- a/pkg/scanner/util.go
+++ b/pkg/scanner/util.go
@@ -10,6 +10,8 @@ import (
"github.com/containerd/containerd/remotes"
"github.com/containerd/containerd/remotes/docker"
+ "github.com/google/uuid"
+
"github.com/goharbor/harbor-scanner-fake/api"
"github.com/goharbor/harbor-scanner-fake/pkg/util"
)
@@ -78,3 +80,30 @@ func mustGetArtifact(req *api.ScanRequest) string {
return fmt.Sprintf("%s/%s@%s", u.Host, *req.Artifact.Repository, *req.Artifact.Digest)
}
+
+func generateSbomPkgRecord() *SbomPkg {
+ pkgName := "pkg-name-" + uuid.NewString()
+ pkgVersionInfo := getVersionInfo()
+ licenseConcluded := getLicense()
+ licenseDeclared := getLicense()
+
+ return &SbomPkg{
+ Name: pkgName,
+ VersionInfo: pkgVersionInfo,
+ LicenseConcluded: licenseConcluded,
+ LicenseDeclared: licenseDeclared,
+ }
+}
+
+func getVersionInfo() string {
+ major := randSeed.Intn(5)
+ minor := randSeed.Intn(10)
+ patch := randSeed.Intn(20)
+ rNum := randSeed.Intn(20)
+ return fmt.Sprintf("%d.%d.%d-r%d", major, minor, patch, rNum)
+}
+
+func getLicense() string {
+ licenseList := []string{"GPL-2.0-only", "MIT", "MPL-2.0 AND MIT", "BSD-2-Clause AND BSD-3-Clause", "BSD-3-Clause AND MIT", "MIT AND BSD-3-Clause AND GPL-2.0-only"}
+ return licenseList[randSeed.Intn(len(licenseList))]
+}
diff --git a/pkg/server/server.go b/pkg/server/server.go
index 4117fd8..733d511 100644
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -52,7 +52,7 @@ func (s *Server) AcceptScanRequest(ctx echo.Context) error {
func (s *Server) GetScanReport(ctx echo.Context, scanRequestId api.ScanRequestId, params api.GetScanReportParams) error {
time.Sleep(s.cfg.Server.Delay.GetScanReport)
- report, err := s.scanner.GetReport(scanRequestId)
+ vulnReport, sbomReport, err := s.scanner.GetReport(scanRequestId)
if err != nil {
if errors.Is(err, scanner.ErrReportNotFound) {
return ctx.NoContent(http.StatusNotFound)
@@ -61,11 +61,20 @@ func (s *Server) GetScanReport(ctx echo.Context, scanRequestId api.ScanRequestId
return s.sendError(ctx, err)
}
- if report == nil {
- return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI)
+ switch *params.Accept {
+ case scanner.MimeTypeSbomReport:
+ if sbomReport == nil {
+ return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI)
+ }
+ return ctx.JSON(http.StatusOK, sbomReport)
+ case scanner.MimeTypeNativeReport, scanner.MimeTypeGenericVulnerabilityReport:
+ if vulnReport == nil {
+ return ctx.Redirect(http.StatusFound, ctx.Request().RequestURI)
+ }
+ return ctx.JSON(http.StatusOK, vulnReport)
+ default:
+ return ctx.JSON(http.StatusBadRequest, `{"errorMessage": "the Accept Header in the Request to get scan report is not supported"}`)
}
-
- return ctx.JSON(http.StatusOK, report)
}
func New(cfg *config.Config) api.ServerInterface {
diff --git a/pkg/store/memory.go b/pkg/store/memory.go
index abefd98..c77f882 100644
--- a/pkg/store/memory.go
+++ b/pkg/store/memory.go
@@ -10,7 +10,8 @@ import (
type memoryItem struct {
CreatedAt time.Time
ScanRequest *api.ScanRequest
- ScanReport *api.HarborVulnerabilityReport
+ VulnReport *api.HarborVulnerabilityReport
+ SbomReport *api.HarborSbomReport
Error error
}
@@ -50,7 +51,8 @@ func (s *memoryStore) SetReportOrError(scanRequestId api.ScanRequestId, reportOr
return
}
- item.ScanReport = reportOrError.Report
+ item.VulnReport = reportOrError.VulnReport
+ item.SbomReport = reportOrError.SbomReport
item.Error = reportOrError.Error
s.m.Store(scanRequestId, item)
@@ -62,5 +64,9 @@ func (s *memoryStore) GetReportOrError(scanRequestId api.ScanRequestId) (*Report
return nil, err
}
- return &ReportOrError{Report: item.ScanReport, Error: item.Error}, nil
+ return &ReportOrError{
+ Error: err,
+ VulnReport: item.VulnReport,
+ SbomReport: item.SbomReport,
+ }, nil
}
diff --git a/pkg/store/store.go b/pkg/store/store.go
index 62adfcc..88f6974 100644
--- a/pkg/store/store.go
+++ b/pkg/store/store.go
@@ -12,8 +12,9 @@ var (
)
type ReportOrError struct {
- Error error
- Report *api.HarborVulnerabilityReport
+ Error error
+ VulnReport *api.HarborVulnerabilityReport
+ SbomReport *api.HarborSbomReport
}
type Store interface {