-
Notifications
You must be signed in to change notification settings - Fork 3
/
openapi.yaml
211 lines (211 loc) · 6 KB
/
openapi.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
---
openapi: 3.0.3
info:
title: CBOMkit API
description: Service for generating and retrieving CBOMs
version: 1.0.0
paths:
/api:
get:
tags:
- Api Endpoint
summary: Health test
description: Health test endpoint
responses:
"200":
description: OK
content:
application/json:
schema:
example:
status: ok
/api/v1/cbom:
get:
tags:
- CBOM Resource
summary: Returns a list of CBOMs related to the provided package urls
description: Returns a list of stored CBOMs for each provided package url.
parameters:
- name: cbomVersion
in: query
schema:
default: "1.6"
type: string
- name: purls
in: query
schema:
type: array
items:
type: string
responses:
"200":
description: OK
content:
application/json:
schema:
example: "[{\"purl\": \"pkg:maven/commons-io/[email protected]\",\"\
cbom\": {\"id\": 251,\"gitUrl\": \"https://github.com/apache/commons-io\"\
,\"branch\": \"rel/commons-io-2.11.0\",\"cbomVersion\": \"1.4-cbom-1.0\"\
,\"createdAt\": \"2023-10-24T10:55:20.404+00:00\",\"bom: {}\"}}]"
"404":
description: Purl not found
/api/v1/cbom/algorithm/searchByName:
get:
tags:
- CBOM Resource
summary: Returns the git URLs of all CBOMs that use the specified algorithm
name.
description: Returns the git URLs of all CBOMs that use the specified algorithm
name.
parameters:
- name: algorithm
in: query
schema:
type: string
- name: limit
in: query
schema:
format: int32
default: 5
type: integer
responses:
"200":
description: OK
content:
application/json:
schema:
example:
- https://github.com/quarkusio/quarkus
/api/v1/cbom/algorithm/searchByOid:
get:
tags:
- CBOM Resource
summary: Returns the git URLs of all CBOMs that use the specified algorithm.
description: Returns the git URLs of all CBOMs that use the specified algorithm.
parameters:
- name: limit
in: query
schema:
format: int32
default: 5
type: integer
- name: oid
in: query
schema:
type: string
responses:
"200":
description: OK
content:
application/json:
schema:
example:
- https://github.com/quarkusio/quarkus
/api/v1/cbom/lastn:
get:
tags:
- CBOM Resource
summary: Return recently generated CBOMs from the repository
description: Returns a list of the most recently generated CBOMs. The length
of the list can by specified via the optional 'limit' parameter.
parameters:
- name: limit
in: query
schema:
format: int32
default: 5
type: integer
responses:
"200":
description: OK
content:
application/json:
schema:
example:
- id: 251
gitUrl: https://github.com/quarkusio/quarkus
branch: main
cbomVersion: 1.4-cbom-1.0
createdAt: 2023-10-24T10:55:20.404+00:00
base64: ewogICJib21Gb3JtY...
/api/v1/compliance/check:
post:
tags:
- Compliance Resource
summary: Verify the compliance of a provided CBOM against a policy
description: "Returns the JSON sent by the Regulator API, containing various\
\ information about the compliance of the CBOM for a set policy."
parameters:
- name: policyIdentifier
in: query
schema:
type: string
requestBody:
content:
application/json:
schema:
type: string
responses:
"200":
description: OK
content:
application/json:
schema:
example:
policyIdentifier: ipsec
policyDocumentTitle: Some Policy Detailed Name
policyDocumentVersion: v0.4
policyDocumentURL: https://example.com/...
compliant: false
findings: []
"503":
description: Not found
content:
application/json:
schema:
example:
regulator_url: some url
unavailable: true
/api/v1/compliance/check/purl:
get:
tags:
- Compliance Resource
summary: Verify the compliance of a stored CBOM identified by it's PURL against
a policy
description: "Returns the JSON sent by the Regulator API, containing various\
\ information about the compliance of the CBOM for a set policy."
parameters:
- name: cbomVersion
in: query
schema:
default: "1.6"
type: string
- name: policyIdentifier
in: query
schema:
type: string
- name: purl
in: query
schema:
type: string
responses:
"200":
description: OK
content:
application/json:
schema:
example:
policyIdentifier: quantum_safe
policyDocumentTitle: Some Policy Detailed Name
policyDocumentVersion: v0.4
policyDocumentURL: https://example.com/...
compliant: false
findings: []
"503":
description: Not found
content:
application/json:
schema:
example:
regulator_url: some url
unavailable: true