Anchore Enterprise Feeds Advanced API Access

Anchore Enterprise Feeds offers a RESTful API.

API definition is documented using the OpenAPI/Swagger specification and can be accessed at: hostname:port/v1/swagger.json in a deployment or here

The API is read-only and does not require any authentication.

Feed Data API

Data is organized into ‘feeds’ and ‘groups’ within a given feed. A feed is a semantic grouping of data but allows different schemas for the data within each group of the feed and allows for finer-grained updates by allowing clients to select the data of interest.

Examples of feeds:

• vulnerabilities - CVE data from upstream sources such as Debian, Red Hat, Alpine, Ubuntu, and Oracle
• packages - Metadata and manifests for upstream application packages, such as npmjs.org and rubygems.org
• nvd - NIST National Vulnerability Database records (CVEs)

Following examples highlight the routes exposed by the service for querying feed data:

• List the available feeds:

  $ curl -s "http://feeds.example.com:8448/v1/feeds"
    
  {
      "feeds": [
        {
          "access_tier": 0,
          "description": "Feed record for type nvd",
          "name": "nvd"
        },
        {
          "access_tier": 0,
          "description": "Feed record for type vulnerabilities",
          "name": "vulnerabilities"
        }
      ],
      "next_token": ""
  }
  

• List the groups available for vulnerability feed data:

  $ curl -s "http://feeds.example.com:8448/v1/feeds/vulnerabilities"
    
  {
      "groups": [
        {
          "access_tier": 0,
          "description": "Group record for namespace: alpine:3.3 and feed type: vulnerabilities",
          "name": "alpine:3.3"
        }
      ],
      "next_token": ""
  }
  

• Fetch the vulnerability feed data for debian:9 group:

  $ curl "http://feeds.example.com:8448/v1/feeds/vulnerabilities/debian:9"
    
  {
      "data": [
        {
          "Vulnerability": {
            "Description": "",
            "FixedIn": [],
            "Link": "https://security-tracker.debian.org/tracker/CVE-2004-1653",
            "Metadata": {
              "NVD": {
                "CVSSv2": {
                  "Score": 6.4,
                  "Vectors": null
                }
              }
            },
            "Name": "CVE-2004-1653",
            "NamespaceName": "debian:9",
            "Severity": "Negligible"
          }
        }
      ],
      "next_token": "MjAxOC0wMi0xNFQyMTowNToxNC40NjIwMjU="
  }        
  

Responses are paginated and return only up to 1000 records in each page. If there are more than 1000 records in the result set, the server responds with a truncated set of results and a marker encoded in next_token. The client must invoke the request with next_token as a path parameter to receive the next page of results and so on. An empty value for next_token is an indication that the service has exhausted the results for the query

$ curl "http://feeds.example.com:8448/v1/feeds/vulnerabilities/debian:9?next_token=MjAxOC0wMi0xNFQyMTowNToxNC40NjIwMjU="

{
    "data": [
      {
        "Vulnerability": {
          "Description": "",
          "FixedIn": [],
          "Link": "https://security-tracker.debian.org/tracker/CVE-2016-2811",
          "Metadata": {
            "NVD": {
              "CVSSv2": {
                "Score": 6.8,
                "Vectors": "AV:N/AC:M/Au:N/C:P/I:P"
              }
            }
          },
          "Name": "CVE-2016-2811",
          "NamespaceName": "debian:9",
          "Severity": "Negligible"
        }
      }
    ],
    "next_token": "MjAxOC0wNC0yMVQwMzoyNjowNy4xMTYzNzI="
  }

Tasks API

Anchore Feed Service provides a tasks API to track periodic execution of drivers processing feed data from upstream sources. Currently, there are two types of tasks

• FeedSyncTask - A meta-task that contains the set of DriverExecutionTasks that are run for each periodic update check for upstream data. The task_id of the FeedSyncTask is used as the parent_task_id of its subtasks.
• DriverExecutionTask - An execution of a single driver which may provide data for one or more feeds and multiple groups of data. The parent_task_id of each record points to the FeedSyncTask that initiated it.

The API can be used to fetch all tasks, a specific task or filter tasks using comma separated criteria. A few examples are listed below

• List all tasks

  $ curl "http://feeds.example.com:8448/v1/tasks"
    
  [
    {
      "driver_id": "nvddb",
      "end_time": "2018-02-14T20:00:32.955063+00:00",
      "feed_id": "nvd",
      "parent_task_id": 1,
      "start_time": "2018-02-14T19:54:18.065878+00:00",
      "started_by": "system",
      "status": "completed",
      "task_id": 2,
      "task_type": "DriverExecutionTask"
    },
    {
      "end_time": "2018-02-14T21:16:49.846366+00:00",
      "start_time": "2018-02-14T19:54:18.058655+00:00",
      "started_by": "system",
      "status": "completed",
      "task_id": 1,
      "task_type": "FeedSyncTask"
    }
  ]    
  

• Get information about a specific task using its ID

  $ curl "http://feeds.example.com:8448/v1/tasks/8
  
  {
    "driver_id": "ubuntu",
    "end_time": "2019-10-17T07:16:05.900521+00:00",
    "feed_id": "vulnerabilities",
    "parent_task_id": 1,
    "result": {
      "changes": {
        "ubuntu:14.04": {
          "created": 73,
          "deleted": 0,
          "updated": 0
        },
        "ubuntu:15.04": {
          "created": 29,
          "deleted": 0,
          "updated": 0
        },
        "ubuntu:16.04": {
          "created": 73,
          "deleted": 0,
          "updated": 0
        },
        "ubuntu:18.04": {
          "created": 73,
          "deleted": 0,
          "updated": 0
        },
        "ubuntu:19.04": {
          "created": 73,
          "deleted": 0,
          "updated": 0
        }
      }
    },
    "start_time": "2019-10-17T06:59:56.427552+00:00",
    "started_by": "system",
    "status": "completed",
    "task_id": 8,
    "task_type": "DriverExecutionTask"
  }
  

• Fetch a subset of tasks using filter query parameter

  • Format for the query parameter is filter=<parameter><operator><value>,...<parameterN><operatorN><valueN>
  • Supported filter parameters are feed_id, driver_id and task_type with = operator, and task_id with > or < operators.
  • For a detailed view of every task, add details=True to the query parameters

  $ curl "http://feeds.example.com:8448/v1/tasks?&details=True&filter=driver_id=centos,task_id>470"
  
  [
    {
      "driver_id": "centos", 
      "end_time": "2018-05-06T17:41:54.304455+00:00", 
      "feed_id": "vulnerabilities", 
      "parent_task_id": 492, 
      "result": {
        "changes": {}
      }, 
      "start_time": "2018-05-06T17:41:44.980816+00:00", 
      "started_by": "system", 
      "status": "completed", 
      "task_id": 495, 
      "task_type": "DriverExecutionTask"
    }, 
    {
      "driver_id": "centos", 
      "end_time": "2018-05-04T18:06:12.222140+00:00", 
      "feed_id": "vulnerabilities", 
      "parent_task_id": 474, 
      "result": {
        "changes": {
          "centos:7": {
            "created": 0, 
            "deleted": 0, 
            "updated": 1
          }
        }
      }, 
      "start_time": "2018-05-04T18:06:02.787274+00:00", 
      "started_by": "system", 
      "status": "completed", 
      "task_id": 477, 
      "task_type": "DriverExecutionTask"
    }
  ]
  

Feedback

Was this page helpful?

Yes No

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.