swagger: "2.0" info: description: "This is the Anchore Enterprise API. It provides additional external API routes and functionality for enterprise users." version: "0.2.1" title: "Anchore Enterprise API Server" contact: email: "dev@anchore.com" basePath: "/enterprise" schemes: - "http" - "https" consumes: - application/json produces: - application/json parameters: AsAccountParameter: name: x-anchore-account in: header required: false type: string description: An account name to change the resource scope of the request to that account, if permissions allow (admin only) paths: /images/{imageDigest}/check: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.images operationId: get_image_policy_check_by_digest x-anchore-authz-action: getImageEvaluation description: Get the policy evaluation for the given image summary: Check policy evaluation status for image parameters: - name: imageDigest in: path type: string required: true - name: policyId in: query type: string required: false - name: tag in: query type: string required: true - name: detail in: query type: boolean required: false default: true - name: history in: query type: boolean required: false default: false - name: interactive in: query type: boolean required: false default: false - name: base_digest in: query type: string required: false description: Digest of a base image. If specified the evaluation will indicate results inherited from the base image - $ref: "#/parameters/AsAccountParameter" responses: 200: description: Policy evaluation success schema: $ref: "#/definitions/EnterprisePolicyEvaluationList" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /images/{imageDigest}/vuln/{vtype}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.images operationId: get_image_vulnerabilities_by_digest x-anchore-authz-action: getImage summary: Get vulnerabilities by type parameters: - name: imageDigest in: path type: string required: true - name: vtype in: path type: string required: true - name: force_refresh in: query type: boolean required: false default: false - name: vendor_only in: query type: boolean required: false description: Filter results to include only vulnerabilities that are not marked as invalid by upstream OS vendor data. When set to true, it will filter out all vulnerabilities where `will_not_fix` is False. If false all vulnerabilities are returned regardless of `will_not_fix` default: true - name: base_digest in: query type: string required: false description: Digest of a base image. If specified the vulnerabilities will indicate inheritance from the base image - $ref: "#/parameters/AsAccountParameter" responses: 200: description: Vulnerability listing for the image schema: $ref: "#/definitions/EnterpriseVulnerabilityResponse" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /images/{image_digest}/ancestors: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.images operationId: get_image_ancestors x-anchore-authz-action: getImage summary: Return the list of ancestor images for the given image description: Returns list of ancestor images, which are the images that form the base layers of the image produces: - "application/json" parameters: - name: image_digest in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Ancestor list" schema: $ref: "#/definitions/ImageAncestry" 404: description: "Image not found" 500: description: "Internal Error" /inventories: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: get_image_inventory x-anchore-authz-action: listRuntimeInventories summary: "Return a list of the images in inventories for this account" description: "Returns a list of the images that are in use" produces: - "application/json" parameters: - name: inventory_type in: query type: string enum: - kubernetes - name: image_digest in: query type: string - name: context in: query type: string - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/InventoryItems" 500: description: "Internal Error" post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: sync_image_inventory x-anchore-authz-action: syncInventory summary: "synchronizes the list of the images in a given cluster for the inventory" description: "synchronizes the list of the images that are in use" produces: - "application/json" parameters: - name: inventory in: body required: true schema: $ref: "#/definitions/InventoryReport" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/InventoryItems" 500: description: "Internal Error" /inventories/clusters: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: list_inventory_clusters x-anchore-authz-action: listRuntimeInventories summary: "Return a list of the configured inventory clusters" description: "Returns a filterable list of the clusters that are configured for reporting image inventory" produces: - "application/json" parameters: - name: inventory_type in: query type: string enum: - kubernetes - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/InventoryClusters" 500: description: "Internal Error" post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: add_inventory_cluster x-anchore-authz-action: createRuntimeInventory summary: "Create a cluster inventory" description: "Create a new cluster inventory with the provided configuration" consumes: - "application/json" parameters: - name: cluster in: body required: true schema: $ref: "#/definitions/InventoryCluster" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/InventoryCluster" 500: description: "Internal Error" /inventories/clusters/{cluster_name}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: get_inventory_cluster_by_name x-anchore-authz-action: getRuntimeInventory summary: "Return a configured inventory cluster" description: "Returns a cluster that is configured for reporting image inventory" produces: - "application/json" parameters: - name: cluster_name in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/InventoryCluster" 500: description: "Internal Error" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_inventory operationId: del_inventory_cluster_by_name x-anchore-authz-action: deleteRuntimeInventory summary: "Delete a configured inventory clusters by cluster_name" description: "Removes a configured cluster for reporting image inventory by cluster_name" parameters: - name: cluster_name in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 204: description: "success" 500: description: "Internal Error" /actions: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.actions operationId: get_action_plans x-anchore-authz-action: getActions summary: "Gets a list of submitted action (remediation) plans" description: "Retrieves a list of action plans that have been completed" produces: - "application/json" parameters: - name: image_tag in: query type: string - name: image_digest in: query type: string - name: created_after in: query type: string format: date-time description: RFC 3339 formatted UTC timestamp to filter out action plans that were only created after this date - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/ActionPlans" 500: description: "Internal Error" post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.actions operationId: add_action_plan x-anchore-authz-action: addAction summary: "Submits an Action Plan" description: "Submits an Action Plan and saves upon completion" produces: - "application/json" parameters: - name: action_plan in: body required: true schema: $ref: "#/definitions/ActionPlan" responses: 200: description: "success" schema: $ref: "#/definitions/ActionPlan" 500: description: "Internal Error" /alerts/summaries: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.alerts operationId: get_alert_summaries x-anchore-authz-action: listAlerts summary: List all alert summaries scoped to the account description: Returns a paginated list of alert summaries in chronological order from the most to least recently generated alerts. Return alerts in the open state by default. Use query parameters for filtering produces: - "application/json" parameters: - name: page in: query required: false type: integer default: 1 minimum: 1 - name: limit in: query required: false type: integer default: 100 minimum: 1 maximum: 100 - name: type in: query required: false type: string enum: - all - compliance_violation default: all description: Filter for alerts based on the type such as compliance violation - name: state in: query required: false type: string default: open enum: - all - open - closed description: Filter for alerts by current state, defaults to open alerts unless specified - name: created_after in: query required: false type: string format: date-time description: Filter for alerts generated after the timestamp - name: created_before in: query required: false type: string format: date-time description: Filter for alerts generated before the timestamp - name: resource_label in: query required: false type: array items: type: string pattern: '^\S+=\S+$' collectionFormat: multi uniqueItems: true description: Filter for alerts associated with a resource where the label in key=value format such as tag=docker.io/library/alpine:latest or repository=library/alpine - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "List of alert summaries" schema: $ref: "#/definitions/AlertSummaryList" /alerts/compliance_violations: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.alerts operationId: get_compliance_violation_alerts x-anchore-authz-action: listAlerts summary: List all compliance violation alerts scoped to the account description: Returns a paginated list of compliance violation alerts in chronological order from the most to least recently generated alerts. Return alerts in the open state by default. Use query parameters for filtering produces: - "application/json" parameters: - name: page in: query required: false type: integer default: 1 minimum: 1 - name: limit in: query required: false type: integer default: 100 minimum: 1 maximum: 100 - name: state in: query required: false type: string default: open enum: - all - open - closed description: Filter for alerts by current state, defaults to open alerts unless specified - name: created_after in: query required: false type: string format: date-time description: Filter for alerts generated after the timestamp - name: created_before in: query required: false type: string format: date-time description: Filter for alerts generated before the timestamp - name: resource_image_digest in: query required: false type: string description: Filter for alerts associated with image digest - name: resource_image_tag in: query required: false type: string description: Filter for alerts generated for the tag - name: resource_registry in: query required: false type: string description: Filter for alerts associated with registry - name: resource_repository in: query required: false type: string description: Filter for alerts associated with repository - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "List of compliance violation alerts" schema: $ref: "#/definitions/ComplianceViolationAlertList" /alerts/compliance_violations/{uuid}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.alerts operationId: get_compliance_violation_alert x-anchore-authz-action: getAlert summary: Get compliance violation alert by id description: Returns a single compliance violation alert object produces: - "application/json" parameters: - name: uuid in: path type: string required: true description: Identifier for the alert - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Compliance violation alert" schema: $ref: "#/definitions/ComplianceViolationAlert" /alerts/compliance_violations/{uuid}/{state}: put: x-swagger-router-controller: anchore_enterprise.services.api.controllers.alerts operationId: update_compliance_violation_alert_state x-anchore-authz-action: updateAlert summary: Open or close a compliance violation alert description: Idempotent op for changing the alert state to open or closed produces: - "application/json" parameters: - name: uuid in: path type: string required: true description: Identifier for the alert - name: state in: path type: string required: true enum: - open - closed - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Alert state updated successfully" schema: $ref: "#/definitions/ComplianceViolationAlert" /corrections: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.corrections operationId: get_corrections x-anchore-authz-action: getCorrection summary: Retrieve a list of corrections description: Returns a list of corrections produces: - "application/json" parameters: - name: correction_type in: query type: string enum: - package - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Corrections retrieved successfully" schema: $ref: "#/definitions/CorrectionList" post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.corrections operationId: add_correction x-anchore-authz-action: addCorrection summary: Create a correction record description: Add a correction record that will be used to fix produces: - "application/json" parameters: - name: correction in: body required: true schema: $ref: "#/definitions/Correction" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Corrections retrieved successfully" schema: $ref: "#/definitions/CorrectionList" /corrections/{uuid}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.corrections operationId: get_correction_by_uuid x-anchore-authz-action: getCorrection summary: Retrieve a correction by UUID description: Returns a single correction, looked up via it's uuid produces: - "application/json" parameters: - name: uuid in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Correction retrieved successfully" schema: $ref: "#/definitions/Correction" put: x-swagger-router-controller: anchore_enterprise.services.api.controllers.corrections operationId: update_correction_by_uuid x-anchore-authz-action: updateCorrection summary: Update a correction by UUID description: Updates a single correction, looked up via it's uuid produces: - "application/json" parameters: - name: uuid in: path type: string required: true - name: correction in: body required: true schema: $ref: "#/definitions/Correction" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Correction updated successfully" schema: $ref: "#/definitions/Correction" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.corrections operationId: delete_correction_by_uuid x-anchore-authz-action: deleteCorrection summary: Delete a correction by UUID description: Delete a single correction, looked up via it's uuid produces: - "application/json" parameters: - name: uuid in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 204: description: "Correction deleted successfully" /runtime_compliance: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_compliance operationId: add_runtime_compliance_check x-anchore-authz-action: createRuntimeComplianceCheck summary: Post a runtime compliance check description: Post a runtime compliance check consumes: - multipart/form-data produces: - application/json parameters: - name: check_type in: formData type: string required: true description: The type of runtime compliance check - name: image_digest in: formData type: string required: true description: The digest of the pod the check was run against - name: result in: formData type: string description: The result of the runtime compliance check - name: pod in: formData type: string description: The pod the check was run against - name: namespace in: formData type: string description: The namespace of the pod the check was run against - name: image_tag in: formData type: string description: The tag of the image in the pod the check was run against - name: start_time in: formData type: string format: date-time description: The type of runtime compliance check - name: end_time in: formData type: string format: date-time description: The type of runtime compliance check - name: result_file in: formData type: file required: false description: The file with the check results - name: report_file in: formData type: file required: false description: The file with the check port - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/RuntimeComplianceCheck" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_compliance operationId: get_runtime_compliance_checks x-anchore-authz-action: getRuntimeComplianceCheck description: Get all runtime compliance checks or just those for a given image digest summary: Get all runtime compliance checks or just those for a given image digest produces: - application/json parameters: - name: image_digest in: query type: string required: false - $ref: "#/parameters/AsAccountParameter" responses: 200: description: Compliance evaluation retrieval success schema: $ref: "#/definitions/RuntimeComplianceCheckList" 404: description: No runtime compliance checks found 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /runtime_compliance/result/{compliance_file_id}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.runtime_compliance operationId: get_runtime_compliance_result x-anchore-authz-action: getRuntimeComplianceCheck description: Get the results of a specific runtime compliance check summary: Check the results of a a specific runtime compliance check produces: - text/html parameters: - name: compliance_file_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: Compliance evaluation retrieval success schema: type: file 404: description: No runtime compliance results found 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /applications: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: add_application x-anchore-authz-action: createApplication summary: Create an application description: Create an application produces: - application/json parameters: - name: application in: body required: true schema: $ref: "#/definitions/Application" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/Application" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: get_applications x-anchore-authz-action: getApplication description: List all applications summary: List all applications produces: - application/json parameters: - name: include_versions in: query required: false type: boolean default: false - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Applications retrieved successfully" schema: $ref: "#/definitions/ApplicationList" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /applications/{application_id}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: get_application x-anchore-authz-action: getApplication summary: Get an application by application_id description: Get an application by application_id produces: - application/json parameters: - name: application_id in: path type: string required: true - name: include_versions in: query required: false type: boolean default: false - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Successfully retrieved application" schema: $ref: "#/definitions/Application" 404: description: "Application not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" put: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: update_application x-anchore-authz-action: updateApplication summary: Update application details description: Updates application details for given application_id produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application in: body required: true schema: $ref: "#/definitions/Application" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Application updated successfully" schema: $ref: "#/definitions/Application" 404: description: "Application not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: delete_application x-anchore-authz-action: deleteApplication summary: Delete an application by application_id description: Delete an application by application_id produces: - application/json parameters: - name: application_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 204: description: "Application deleted successfully" /applications/{application_id}/versions: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: add_application_version x-anchore-authz-action: createApplication summary: Create an application version description: Create an application version produces: - application/json parameters: - name: application_id in: path type: string required: true - name: application_version in: body required: true schema: $ref: "#/definitions/ApplicationVersion" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "success" schema: $ref: "#/definitions/ApplicationVersion" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: get_application_versions x-anchore-authz-action: getApplication summary: List all application verions description: List all application verions produces: - application/json parameters: - name: application_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Successfully retrieved application versions" schema: $ref: "#/definitions/ApplicationVersionList" 404: description: "Application not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /applications/{application_id}/versions/{application_version_id}: put: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: update_application_version x-anchore-authz-action: updateApplication summary: Update application version details description: Updates application version details for given application_id and application_version_id produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - name: application_version in: body required: true schema: $ref: "#/definitions/ApplicationVersion" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Application updated successfully" schema: $ref: "#/definitions/ApplicationVersion" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: get_application_version x-anchore-authz-action: getApplication summary: Get an application version description: Get an application version by application_id and application_version_id produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Successfully retrieved application version" schema: $ref: "#/definitions/ApplicationVersion" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: delete_application_version x-anchore-authz-action: deleteApplication summary: Delete an application version by application_id and application_version_id description: Delete an application version by application_id and application_version_id produces: - application/json parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 204: description: "Application version deleted successfully" 404: description: "Application version not found" /applications/{application_id}/versions/{application_version_id}/artifacts: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: add_artifact_to_application_version x-anchore-authz-action: updateApplication summary: Add an artifact to an application version description: Add artifact to given application_id and application_version_id produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - name: artifact_request in: body required: true schema: $ref: "#/definitions/ArtifactAssociationRequest" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Artifact successfully added to application version" schema: $ref: "#/definitions/ArtifactAssociationResponse" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: list_artifacts x-anchore-authz-action: getApplication summary: List artifacts present on a given application version description: List artifacts present on a given application version produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - name: artifact_types in: query type: array required: false items: type: string enum: - source - image - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Successfully retrieved artifacts" schema: $ref: "#/definitions/ArtifactListResponse" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /applications/{application_id}/versions/{application_version_id}/artifacts/{association_id}: delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: remove_artifact_from_application_version x-anchore-authz-action: deleteApplication summary: Delete an artifact from specified application version description: Delete an artifact from specified application version produces: - application/json parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - name: association_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 204: description: "Artifact successfully removed from application version" 500: description: "Internal Error" /applications/{application_id}/versions/{application_version_id}/sboms/json: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.applications operationId: get_application_version_sbom x-anchore-authz-action: getApplication summary: Get the combined sbom for the given application version, optionally filtered by artifact type description: Get the combined sbom for the given application version, optionally filtered by artifact type produces: - "application/json" parameters: - name: application_id in: path type: string required: true - name: application_version_id in: path type: string required: true - name: artifact_types in: query type: array required: false items: type: string enum: - source - image - $ref: "#/parameters/AsAccountParameter" responses: 200: description: "Successfully retrieved combined sbom" schema: $ref: "#/definitions/ApplicationVersionSbom" 404: description: "Application version not found" 500: description: Internal Error schema: $ref: "#/definitions/ApiErrorResponse" /imports/sources: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: create_operation x-anchore-authz-action: importSource summary: "Begin the import of a source code repository analyzed by Syft into the system" produces: - "application/json" responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportOperation" 500: description: "Internal Error" get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: list_operations x-anchore-authz-action: importSource summary: "Lists in-progress imports" produces: - "application/json" responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportList" 500: description: "Internal Error" /imports/sources/{operation_id}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: get_operation x-anchore-authz-action: importSource summary: "Get detail on a single import" produces: - "application/json" parameters: - name: operation_id in: path type: string required: true responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportOperation" 500: description: "Internal Error" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: invalidate_operation x-anchore-authz-action: importSource summary: "Invalidate operation ID so it can be garbage collected" produces: - "application/json" parameters: - name: operation_id in: path type: string required: true responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportOperation" 500: description: "Internal Error" /imports/sources/{operation_id}/sbom: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: get_import_sources_sbom x-anchore-authz-action: importSource summary: "list the packages of an imported source code repository" produces: - "application/json" parameters: - name: operation_id in: path type: string required: true responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportContentResponse" 500: description: "Internal Error" post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: upload_import_sources_sbom x-anchore-authz-action: importSource summary: "Begin the import of a source code repository analyzed by Syft into the system" produces: - "application/json" consumes: - "application/json" parameters: - name: operation_id in: path type: string required: true - name: sbom in: body required: true schema: $ref: "#/definitions/NativeSBOM" responses: 200: description: "success" schema: $ref: "#/definitions/SourceImportContentResponse" 500: description: "Internal Error" /imports/sources/{operation_id}/finalize: post: x-swagger-router-controller: anchore_enterprise.services.api.controllers.source_imports operationId: finalize_operation x-anchore-authz-action: importSource summary: "Add source records to catalog db" produces: - "application/json" consumes: - "application/json" parameters: - name: operation_id in: path type: string required: true - name: metadata in: body required: true schema: $ref: "#/definitions/SourceImportMetadata" responses: 200: description: "success" schema: $ref: "#/definitions/SourceManifest" 500: description: "Internal Error" /sources: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: list_sources x-anchore-authz-action: listSources summary: "List the source repository analysis records" produces: - "application/json" parameters: [] responses: 200: description: "success" schema: $ref: "#/definitions/SourcesList" 500: description: "Internal Error" /sources/{source_id}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source x-anchore-authz-action: getSource summary: "Get a detailed source repository analysis metadata record" produces: - "application/json" parameters: - name: source_id in: path type: string required: true responses: 200: description: "success" schema: $ref: "#/definitions/SourceManifest" 500: description: "Internal Error" delete: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: delete_source x-anchore-authz-action: getSource summary: "Delete source record from DB" description: "" parameters: - name: source_id in: path type: string description: "UUID of source to delete" required: true - name: 'force' in: query type: boolean description: "force delete" required: false produces: - "application/json" responses: 200: description: "success" schema: $ref: "#/definitions/SourceManifest" 500: description: "Internal Error" /sources/{source_id}/sbom: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_sbom_types x-anchore-authz-action: getSource summary: "Get a detailed source repository analysis metadata record" produces: - "application/json" parameters: - name: source_id in: path type: string required: true responses: 200: description: "success" schema: type: array description: Array of available types items: type: string 500: description: "Internal Error" /sources/{source_id}/sbom/native: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_sbom_native x-anchore-authz-action: getSource summary: "" produces: - "application/gzip" parameters: - name: source_id in: path type: string required: true responses: 200: description: "success" schema: type: file 500: description: "Internal Error" /sources/{source_id}/content: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_content_types x-anchore-authz-action: getSource summary: "Get a detailed source repository analysis metadata record" produces: - "application/json" parameters: - name: source_id in: path type: string required: true responses: 200: description: "success" schema: type: array description: Array of available types items: type: string 500: description: "Internal Error" /sources/{source_id}/content/{content_type}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_content_by_type x-anchore-authz-action: getSource summary: Get the content of an analyzed source repository parameters: - name: source_id in: path type: string required: true - name: content_type in: path type: string required: true responses: 200: description: Content of specified type from the image schema: $ref: "#/definitions/SourceContentPackageResponse" 500: description: Internal error schema: $ref: "#/definitions/ApiErrorResponse" /sources/{source_id}/vuln: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_vulnerability_types x-anchore-authz-action: getSource summary: "Get the available vulnerability types for source" produces: - "application/json" parameters: - name: source_id in: path type: string required: true - $ref: "#/parameters/AsAccountParameter" responses: 200: description: List of vulnerability types for the source schema: type: array items: type: string enum: - all - os - non-os 500: description: "Internal Error" /sources/{source_id}/vuln/{vtype}: get: x-swagger-router-controller: anchore_enterprise.services.api.controllers.sources operationId: get_source_vulnerabilities x-anchore-authz-action: getSource summary: "Get vulnerabilities for the source by type" produces: - "application/json" parameters: - name: source_id in: path type: string required: true - name: vtype in: path type: string required: true - name: force_refresh in: query type: boolean required: false - name: will_not_fix in: query type: boolean required: false description: "Vulnerability data publishers explicitly won't fix some vulnerabilities. This is captured by will_not_fix attribute of each result. If the query parameter is set, results matching it's value will be filtered. Results are not filtered if the query parameter is unset" - $ref: "#/parameters/AsAccountParameter" responses: 200: description: Vulnerability listing for the source schema: $ref: "#/definitions/SourceVulnerabilitiesResponse" 500: description: "Internal Error" /sources/{source_id}/check: get: x-anchore-authz-action: getSourceEvaluation x-swagger-router-controller: "anchore_enterprise.services.api.controllers.sources" operationId: "get_source_policy_check" summary: "Fetch or calculate policy evaluation for a source" description: "" parameters: - name: source_id in: path type: string description: "UUID of source to get" required: true - name: policy_id type: string in: query required: false produces: - "application/json" responses: 200: description: "success" schema: $ref: "#/definitions/PolicyEvaluationListResponse" definitions: # TODO: fill out PolicyEvaluationListResponse result schema PolicyEvaluationListResponse: type: array items: type: object properties: account_id: type: string policy_id: type: string evaluation_id: type: string source_id: type: string vcs_host: type: string repository_name: type: string final_action: type: string evaluation_url: type: string created_at: type: string format: date-time last_updated: type: string format: date-time result: type: object SourceManifest: type: object properties: uuid: type: string account_id: type: string vcs_type: type: string host: type: string repository_name: type: string revision: type: string created_at: type: string format: date-time last_updated: type: string format: date-time analysis_status: type: string enum: - not_analyzed - analyzed - analyzing - analysis_failed source_status: type: string enum: - active - inactive - deleting metadata_records: type: array description: Array of metadata available items: type: object description: Metadata associated with a source upload properties: uuid: type: string ci_workflow_name: type: string x-nullable: True ci_workflow_execution_time: type: string format: date-time x-nullable: True branch_name: type: string x-nullable: True change_author: type: string x-nullable: True SourcesList: type: array items: $ref: "#/definitions/Source" Source: type: object properties: uuid: type: string description: A system-assigned identifier unique for each source analysis account_id: type: string description: The anchore account id that owns this resource host: type: string description: Host name for the repository location (e.g. github.com) repository_name: type: string description: The name of the repository on the host (e.g. 'anchore/anchore-engine') revision: type: string description: The commit ID for a git repository analysis_status: type: string description: The analysis state of the source enum: - not_analyzed - analyzed - analyzing - analysis_failed source_status: type: string description: The state of the source enum: - active - inactive - deleting created_at: type: string format: date-time last_updated: type: string format: date-time ApiErrorResponse: description: "Generic HTTP API error response" type: object properties: code: type: integer format: int32 error_type: type: "string" message: type: "string" detail: type: object description: Details structure for additional information about the error if available. Content and structure will be error specific. EnterprisePolicyEvaluation: description: Evaluation response object type: object EnterprisePolicyEvaluationList: description: Evaluation response object type: array items: $ref: "#/definitions/EnterprisePolicyEvaluation" EnterpriseVulnerability: type: object properties: vuln: type: string description: The vulnerability identifier, such as CVE-2017-100, or RHSA-2017123 fix: type: string description: The package containing a fix, if available severity: type: string description: The severity of the vulnerability package: type: string description: The package name and version that are vulnerable in the image url: type: string description: The url for more information about the vulnerability feed: type: string description: The name of the feed where vulnerability match was made feed_group: type: string description: The name of the feed group where vulnerability match was made package_name: type: string description: The name of the vulnerable package artifact package_version: type: string description: The version of the vulnerable package artifact package_type: type: string description: The type of vulnerable package package_cpe: type: string description: The CPE string (if applicable) describing the package to vulnerability match package_path: type: string description: The location (if applicable) of the vulnerable package in the container filesystem will_not_fix: type: boolean description: Whether a vendor will fix or not fix the vulnerability nvd_data: $ref: "#/definitions/NvdDataList" vendor_data: $ref: "#/definitions/VendorDataList" inherited_from_base: type: boolean description: True if the vulnerable artifact is found in the base image. False otherwise NvdDataList: type: array description: List of Nvd Data objects items: $ref: "#/definitions/NvdDataObject" NvdDataObject: type: object properties: id: type: string description: NVD Vulnerability ID cvss_v2: $ref: "#/definitions/CVSSV2Scores" cvss_v3: $ref: "#/definitions/CVSSV3Scores" VendorDataList: type: array description: List of Vendor Data objects items: $ref: "#/definitions/VendorDataObject" VendorDataObject: type: object properties: id: type: string description: Vendor Vulnerability ID cvss_v2: $ref: "#/definitions/CVSSV2Scores" cvss_v3: $ref: "#/definitions/CVSSV3Scores" CVSSV2Scores: type: object properties: base_score: type: number x-nullable: True exploitability_score: type: number x-nullable: True impact_score: type: number x-nullable: True CVSSV3Scores: type: object properties: base_score: type: number x-nullable: True exploitability_score: type: number x-nullable: True impact_score: type: number x-nullable: True EnterpriseVulnerabilityList: type: array description: List of Vulnerability objects items: $ref: "#/definitions/EnterpriseVulnerability" EnterpriseVulnerabilityResponse: description: envelope containing list of vulnerabilities type: object properties: image_digest: type: string base_digest: type: string vulnerability_type: type: string vulnerabilities: $ref: "#/definitions/EnterpriseVulnerabilityList" ImageAncestry: type: array description: Array of ancestor objects. Sorted by the length of the layers array in each entry, effectively returning them in increasing order of number of common layers. items: $ref: "#/definitions/ImageAncestor" ImageAncestor: type: object description: An summary of an image and it's layers. properties: imageDigest: type: string description: The digest of the image example: "sha256:55cffbd26dbe2e79252dd3283b1adef4459441e7b4fc2fe5ccd2bd5b52670474" tags: type: array items: type: string description: Full tag reference that is known at any time previoiusly for the digest. example: "docker.io/library/node:latest" layers: type: array description: The full set of layers for this image items: type: string description: The layer ID example: "sha256:03810167880e863d81dc60fc7771c975b93dfdf982d5677fb2c23d11b02c644b" InventoryClusters: type: array items: $ref: "#/definitions/InventoryCluster" InventoryCluster: type: object description: Cluster configured for reporting Image Inventory properties: cluster_name: type: string inventory_type: type: string enum: - kubernetes cluster_config: $ref: "#/definitions/InventoryClusterConfig" InventoryClusterConfig: type: object description: Cluster specific configuration properties: credential_type: type: string enum: - private_key - token namespaces: type: array items: type: string description: Namespaces to search for images within this cluster cluster_server: type: string description: FQDN of the cluster API server cluster_certificate: type: string description: Base64 Encoded Public Certificate for the cluster client_certificate: type: string description: Base64 Encoded Public Certificate for the client. Not required if credential_type == token credential: type: string description: Base64 Encoded credential for the client InventoryReport: type: object description: Defines the object that Anchore expects to be provided for a given Image Inventory properties: cluster_name: type: string inventory_type: type: string timestamp: type: string format: date-time results: type: array items: $ref: "#/definitions/InventoryReportItem" InventoryReportItem: type: object description: Defines a particular context for an inventory properties: namespace: type: string images: type: array items: $ref: "#/definitions/InventoryReportImage" InventoryReportImage: type: object description: defines an image that may be provided for image inventory properties: tag: type: string repoDigest: type: string InventoryItems: type: array description: Inventory report for Images in Use items: $ref: "#/definitions/InventoryItem" InventoryItem: type: object description: Inventory result for a specific Namespace properties: inventory_type: type: string context: type: string image_tag: type: string image_digest: type: string created_at: type: string format: date-time last_updated: type: string format: date-time last_seen: type: string format: date-time ActionPlans: type: array description: List of Action Plans items: $ref: "#/definitions/ActionPlan" ActionPlan: type: object description: describes a remediation action plan object properties: type: type: string image_tag: type: string image_digest: type: string policy_id: type: string resolutions: type: array items: $ref: "#/definitions/ActionPlanResolution" endpoint: type: string configuration_id: type: string subject: type: string message: type: string uuid: type: string created_at: type: string format: date-time last_updated: type: string format: date-time ActionPlanResolution: type: object description: defines the trigger IDs and content of a resolution for an action plan properties: trigger_ids: type: array items: type: string content: type: string ResourceLabel: description: Label on the resource in the key value format type: object properties: key: type: string example: tag value: type: string example: "docker.io/library/alpine:latest" AlertSummary: description: A summary of the stateful indicator of a specific event in the system type: object properties: uuid: type: string description: Identifier for the alert example: 56c2463b-49e5-49d7-b9a4-0c5c78faec6e type: type: string description: Type of the alert enum: - compliance_violation example: compliance_violation state: type: string description: Current state of the alert enum: - open - closed example: open resource_labels: type: array items: $ref: "#/definitions/ResourceLabel" closed_by: type: string description: Account that closed the alert example: system closed_reason: type: string description: Reason for closing the alert example: closed by action plan id created_at: type: string description: RFC 3339 formatted UTC timestamp when the alert was generated format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the alert was last modified format: date-time example: 2020-10-20T01:20:11.378022Z AlertSummaryList: type: array description: Array of alert summaries items: $ref: "#/definitions/AlertSummary" ComplianceResource: description: A resource that ties compliance related artifacts - image digest, tag and policy bundle type: object properties: image_digest: type: string policy_id: type: string image_tag: type: string registry: type: string repository: type: string evaluation_id: type: string evaluated_at: type: string format: date-time ComplianceViolationAlert: description: Alert raised by the system on a compliance check failure type: object properties: uuid: type: string description: Identifier for the alert example: 56c2463b-49e5-49d7-b9a4-0c5c78faec6e type: type: string description: Type of alert generated enum: - compliance_violation example: compliance_violation state: type: string description: Current state of the alert enum: - open - closed example: open resource: $ref: "#/definitions/ComplianceResource" closed_by: type: string description: Account that closed the alert example: system closed_reason: type: string description: Reason for closing the alert example: closed by action plan id created_at: type: string description: RFC 3339 formatted UTC timestamp when the alert was generated format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the alert was last modified format: date-time example: 2020-10-20T01:20:11.378022Z compliance_status_reason: type: string description: Reason for compliance check status. Compliance check could fail due to policy evaluation or blacklisting or errors evaluating compliance example: policy_evaluation violations_count: type: integer description: Number of STOP action results in the compliance check report ComplianceViolationAlertList: type: array description: Array of compliance violation alerts items: $ref: "#/definitions/ComplianceViolationAlert" CorrectionList: type: array description: Array of Corrections items: $ref: "#/definitions/Correction" Correction: type: object description: Defines a correction object for false positive management required: - type - match - replace properties: uuid: type: string description: Identifier for the correction example: 56c2463b-49e5-49d7-b9a4-0c5c78faec6e type: type: string description: Type of correction enum: - package description: type: string match: $ref: "#/definitions/CorrectionMatch" replace: type: array items: $ref: "#/definitions/CorrectionFieldMatch" created_at: type: string description: RFC 3339 formatted UTC timestamp when the correction was generated format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the correction was last modified format: date-time example: 2020-10-20T01:20:11.378022Z CorrectionMatch: type: object description: Defines how a particular correction can match depending on type required: - type properties: type: type: string description: type of match [supports os, npm, gem, python, java, go] example: npm field_matches: type: array description: list of field matches that are required in order for this correction to match items: $ref: "#/definitions/CorrectionFieldMatch" CorrectionFieldMatch: type: object description: Defines a particular field name and value to match for a Correction required: - field_name - field_value properties: field_name: type: string description: The package field name to match example: name field_value: type: string description: The package field value for the corresponding field_name above to match. If field_name corresponds to a list value, this will search the list RuntimeComplianceCheckList: type: array description: List of runtime compliance checks items: $ref: "#/definitions/RuntimeComplianceCheck" RuntimeComplianceCheck: description: The result of a runtime compliance check type: object required: - check_type properties: check_type: type: string description: The type of runtime compliance check enum: - oscap result: type: string description: The result of the runtime compliance check pod: type: string description: The pod the check was run against namespace: type: string description: The namespace of the pod the check was run against image_tag: type: string description: The tag of image in the pod the check was run against image_digest: type: string description: The digest of the pod the check was run against start_time: type: string description: RFC 3339 formatted UTC timestamp when the runtime check started format: date-time example: 2020-10-20T01:20:11.378022Z end_time: type: string description: RFC 3339 formatted UTC timestamp when the runtime check ended format: date-time example: 2020-10-20T01:20:11.378022Z compliance_file_ids: description: Ids of the files generated by the runtime compliance check type: object additionalProperties: { type: string } ApplicationList: type: array description: List of applications items: $ref: "#/definitions/Application" Application: description: A representation of an SLDC application type: object properties: application_id: type: string description: The id of the application name: type: string description: The name of the application description: type: string description: The description of the application application_versions: description: List of versions associated with application $ref: "#/definitions/ApplicationVersionList" created_at: type: string description: RFC 3339 formatted UTC timestamp when the application was created format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the application was last updated format: date-time example: 2020-10-20T01:20:11.378022Z ApplicationVersionList: type: array description: List of application versions items: $ref: "#/definitions/ApplicationVersion" ApplicationVersion: description: A representation of an SLDC application type: object required: - version_name properties: application_version_id: type: string description: The id of the application version application_id: type: string description: The id of the application version_name: type: string description: The name of the application created_at: type: string description: RFC 3339 formatted UTC timestamp when the application was created format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the application was last updated format: date-time example: 2020-10-20T01:20:11.378022Z ArtifactAssociationRequest: description: Request body for an artifact to associate with an application version type: object required: - artifact_type - artifact_keys properties: artifact_type: type: string description: The type of the artifact enum: - image - source artifact_keys: type: object description: A json with key-pair values to query on ArtifactAssociationMetadata: description: Metadata for an artifact association to an application version type: object properties: association_id: type: string description: The id of the association between the application version and the artifact created_at: type: string description: RFC 3339 formatted UTC timestamp when the artifact was associated with the application version format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the artifact association was last updated format: date-time example: 2020-10-20T01:20:11.378022Z ArtifactAssociationResponse: description: Response body for an artifact to associate with an application version. Only one artifact type (matching the value of the type field) will be populated. type: object properties: source: $ref: "#/definitions/Source" image: $ref: "#/definitions/ImageArtifact" artifact_association_metadata: $ref: "#/definitions/ArtifactAssociationMetadata" ImageArtifact: description: Model for an image artifact type: object properties: account_id: type: string description: The account id image_digest: type: string description: The digest of the image distro: type: string description: The distro of the image distro_version: type: string description: The distro version of the image analysis_status: type: string description: the analysis status of image image_status: type: string description: The status of the image analyzed_at: type: string description: RFC 3339 formatted UTC timestamp when the image was analyzed format: date-time example: 2020-10-20T01:20:11.378022Z created_at: type: string description: RFC 3339 formatted UTC timestamp when the image was created format: date-time example: 2020-10-20T01:20:11.378022Z last_updated: type: string description: RFC 3339 formatted UTC timestamp when the image was last updated format: date-time example: 2020-10-20T01:20:11.378022Z AssociatedImageArtifact: description: Model for an associated image artifact. Composites the artifact with the association metadata type: object properties: artifact_association_metadata: $ref: "#/definitions/ArtifactAssociationMetadata" image: $ref: "#/definitions/ImageArtifact" AssociatedSourceArtifact: description: Model for an associated source artifact. Composite of the source artifact and its asssociation metadata type: object properties: artifact_association_metadata: $ref: "#/definitions/ArtifactAssociationMetadata" source: $ref: "#/definitions/Source" ArtifactListResponse: description: The response provided when querying for the artifacts on an application version type: object properties: associated_source_artifacts: type: array items: $ref: "#/definitions/AssociatedSourceArtifact" associated_image_artifacts: type: array items: $ref: "#/definitions/AssociatedImageArtifact" ApplicationVersionSbom: description: A combined sbom for the artifacts associated with an application version type: object properties: application: $ref: "#/definitions/Application" application_version: $ref: "#/definitions/ApplicationVersion" created_at: type: string description: RFC 3339 formatted UTC timestamp when the application version sbom was created format: date-time example: 2020-10-20T01:20:11.378022Z source_sboms: type: array items: type: object image_sboms: type: array items: type: object SourceImportOperation: type: object description: An import record, creating a unique identifier for referencing the operation as well as its state properties: uuid: type: string status: type: string enum: - pending - queued - processing - complete - failed - expired expires_at: type: string format: date-time created_at: type: string format: date-time last_updated: type: string format: date-time SourceImportList: type: array items: $ref: "#/definitions/SourceImportOperation" NativeSBOM: required: - artifacts - source - distro properties: artifacts: items: "$ref": "#/definitions/NativeSBOMPackage" type: array source: "$ref": "#/definitions/NativeSBOMSource" distro: "$ref": "#/definitions/NativeSBOMDistribution" descriptor: "$ref": "#/definitions/NativeSBOMDescriptor" schema: "$ref": "#/definitions/NativeSBOMSchema" artifactRelationships: items: "$ref": "#/definitions/NativeSBOMPackageRelationship" type: array additionalProperties: true type: object NativeSBOMDescriptor: required: - name - version properties: name: type: string version: type: string additionalProperties: true type: object NativeSBOMDistribution: properties: name: type: string x-nullable: true id: type: string x-nullable: true version: type: string x-nullable: true versionID: type: string x-nullable: true # Prior to syft v0.36.0, idLike was a space-separated string. Now it is a List of strings. Swagger 2.0 doesn't # support multiple schemas, so for now we will allow the idLike property to be any value to support both schemas. idLike: {} additionalProperties: true type: object NativeSBOMPackageLocation: required: - path properties: path: type: string layerID: type: string additionalProperties: true type: object NativeSBOMPackage: required: - name - version - type - locations - licenses - language - cpes properties: id: type: string name: type: string version: type: string type: type: string foundBy: type: string locations: items: "$schema": http://json-schema.org/draft-04/schema# "$ref": "#/definitions/NativeSBOMPackageLocation" type: array licenses: items: type: string type: array language: type: string cpes: items: type: string type: array purl: type: string metadataType: type: string x-nullable: true metadata: type: object x-nullable: true additionalProperties: true type: object NativeSBOMSchema: required: - version - url properties: version: type: string url: type: string additionalProperties: true type: object NativeSBOMSource: required: - type - target properties: type: type: string target: additionalProperties: true additionalProperties: true type: object NativeSBOMPackageRelationship: required: - parent - child - type properties: parent: type: string child: type: string type: type: string metadata: additionalProperties: true type: object additionalProperties: true type: object SourceImportContentResponse: type: object properties: digest: type: string created_at: type: string format: date-time SourceImportMetadata: type: object required: - host - repository_name - revision - contents properties: ci_workflow_name: x-nullable: true type: string ci_workflow_execution_time: x-nullable: true type: string format: date-time host: type: string repository_name: type: string branch_name: x-nullable: true type: string revision: type: string change_author: x-nullable: true type: string contents: type: object required: - sbom description: Digest of content to use in the final import properties: sbom: type: string description: Digest to use for the sbom ContentJAVAPackageResponse: type: object description: "Java package content listings from images" properties: imageDigest: type: string content_type: type: string content: type: array items: type: object properties: package: type: string implementation-version: type: string specification-version: type: string maven-version: type: string location: type: string type: type: string origin: type: string cpes: type: array items: type: string description: A list of Common Platform Enumerations that may uniquely identify the package SourceContentPackageResponse: type: object description: "Package content listings from analysis sbom" properties: source_id: type: string content_type: type: string content: type: array items: type: object properties: package: type: string version: type: string size: type: string type: type: string origin: type: string license: type: string description: Deprecated in favor of the 'licenses' field" licenses: type: array items: type: string location: type: string cpes: type: array items: type: string description: A list of Common Platform Enumerations that may uniquely identify the package ContentFilesResponse: type: object description: "File content listings from images" properties: imageDigest: type: string content_type: type: string content: type: array items: type: object properties: filename: type: string gid: type: integer linkdest: type: string x-nullable: True mode: type: string sha256: type: string x-nullable: True size: type: integer type: type: string uid: type: integer Vulnerability: type: object properties: vuln: type: string description: The vulnerability identifier, such as CVE-2017-100, or RHSA-2017123 fix: type: string description: The package containing a fix, if available severity: type: string description: The severity of the vulnerability package: type: string description: The package name and version that are vulnerable in the image url: type: string description: The url for more information about the vulnerability feed: type: string description: The name of the feed where vulnerability match was made feed_group: type: string description: The name of the feed group where vulnerability match was made package_name: type: string description: The name of the vulnerable package artifact package_version: type: string description: The version of the vulnerable package artifact package_type: type: string description: The type of vulnerable package package_cpe: type: string description: The CPE string (if applicable) describing the package to vulnerability match package_path: type: string description: The location (if applicable) of the vulnerable package in the container filesystem will_not_fix: type: boolean description: Whether a vendor will fix or not fix the vulnerability nvd_data: $ref: "#/definitions/NvdDataList" vendor_data: $ref: "#/definitions/VendorDataList" VulnerabilityList: type: array description: List of Vulnerability objects items: $ref: "#/definitions/Vulnerability" SourceVulnerabilitiesResponse: description: "Envelope containing list of vulnerabilities for a source repo" type: object properties: source_id: type: string vulnerability_type: type: string vulnerabilities: $ref: "#/definitions/VulnerabilityList"