diff --git a/src/main/jastadd/RandomRequestGenerator.jrag b/src/main/jastadd/RandomRequestGenerator.jrag
index eb6c12a63510c3e856a8dde6979fe863c1a93e50..b747bafeada4604e556ee96c2a260a3cb7d5acfd 100644
--- a/src/main/jastadd/RandomRequestGenerator.jrag
+++ b/src/main/jastadd/RandomRequestGenerator.jrag
@@ -26,6 +26,10 @@ aspect RandomRequestGenerator{
try {
PathItemObject p = getP(i).getP().pathItemObject();
String path = getServ(0).getUrl();
+ if (getServ(0).getNumSt() != 0){
+ for ( ServerVariablesTuple t : getServ(0).getStList() )
+ path = path.replace("{" + t.getName() + "}", t.getS().getE(0).getEnumValue());
+ }
if (p.hasG()) {
urls.add(p.getG().generateRandomUrl(path + getP(i).getRef()));
diff --git a/src/main/resources/APIs/anchore.io/0.1.19/openapi.yaml b/src/main/resources/APIs/anchore.io/0.1.19/openapi.yaml
deleted file mode 100644
index c0d5f59a90b54d15f4660c0c9e52a9fce6942196..0000000000000000000000000000000000000000
--- a/src/main/resources/APIs/anchore.io/0.1.19/openapi.yaml
+++ /dev/null
@@ -1,5589 +0,0 @@
-openapi: 3.0.0
-servers:
- - url: /
- - url: http://anchore.local
-info:
- contact:
- email: nurmi@anchore.com
- x-twitter: anchore
- description: This is the Anchore Engine API. Provides the primary external API for users of the service.
- license:
- name: Apache 2.0
- url: http://www.apache.org/licenses/LICENSE-2.0.html
- title: Anchore Engine API Server
- version: 0.1.19
- x-apisguru-categories:
- - developer_tools
- x-logo:
- url: https://twitter.com/anchore/profile_image?size=original
- x-origin:
- - format: openapi
- url: https://raw.githubusercontent.com/anchore/anchore-engine/master/anchore_engine/services/apiext/swagger/swagger.yaml
- version: "3.0"
- x-providerName: anchore.io
-tags:
- - description: Subscription Management
- name: Subscriptions
- - description: Policy Management
- name: Policies
- - description: Image Management
- name: Images
- - description: View Image Content
- name: Image Content
- - description: Vulnerability checks and reports
- name: Vulnerabilities
- - description: Evaluate images against policies
- name: Policy Evaluation
- - description: Registry Management
- name: Registries
- - description: Repository Credential Management
- name: Repository Credentials
- - description: System Management
- name: System
- - description: Service Management
- name: Services
- - description: Resource Summaries
- name: Summaries
- - description: View and delete events
- name: Events
- - description: Resource Queries
- name: Queries
- - description: Manage Accounts, Users, and Credentials
- name: User Management
- - description: Get and operate on the authenticated user's identity
- name: Identity
- - description: Data Archiving Management
- name: Archives
-paths:
- /:
- get:
- description: Simple status check
- operationId: ping
- responses:
- "200":
- content:
- application/json:
- schema:
- type: string
- description: Version check response, returns the api version prefix (e.g. 'v1')
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /account:
- get:
- operationId: get_users_account
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/Account"
- description: User details for caller's user
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: List the account for the authenticated user
- tags:
- - Identity
- x-anchore-authz-action: getAccount
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- /accounts:
- get:
- operationId: list_accounts
- parameters:
- - description: Filter accounts by state
- in: query
- name: state
- required: false
- schema:
- enum:
- - enabled
- - disabled
- - deleting
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AccountList"
- description: Accound summary listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: List user summaries. Only available to the system admin user.
- tags:
- - User Management
- x-anchore-authz-action: listAccounts
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- post:
- operationId: create_account
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AccountCreationRequest"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/Account"
- description: Account Record
- "409":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Conflicting user information. User already exists.
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Create a new user. Only avaialble to admin user.
- tags:
- - User Management
- x-anchore-authz-action: createAccount
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- "/accounts/{accountname}":
- delete:
- operationId: delete_account
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- responses:
- "204":
- description: Successful deletion
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Delete the specified account, only allowed if the account is in the disabled state. All users will be deleted along with the account and all resources will be garbage collected
- tags:
- - User Management
- x-anchore-authz-action: deleteAccount
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- get:
- operationId: get_account
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/Account"
- description: Get user information
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get info about an user. Only available to admin user. Uses the main user Id, not a username.
- tags:
- - User Management
- x-anchore-authz-action: getAccount
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- "/accounts/{accountname}/state":
- put:
- operationId: update_account_state
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AccountStatus"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AccountStatus"
- description: Updated state of the account
- "400":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: State requested is invalid based on current state of the account
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Update the state of an account to either enabled or disabled. For deletion use the DELETE route
- tags:
- - User Management
- x-anchore-authz-action: updateAccount
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- "/accounts/{accountname}/users":
- get:
- operationId: list_users
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- description: List of user credential records
- items:
- $ref: "#/components/schemas/User"
- type: array
- description: User listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: List accounts for the user
- tags:
- - User Management
- x-anchore-authz-action: listUsers
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- post:
- operationId: create_user
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/UserCreationRequest"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/User"
- description: Credential summary
- summary: Create a new user
- tags:
- - User Management
- x-anchore-authz-action: createUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- "/accounts/{accountname}/users/{username}":
- delete:
- operationId: delete_user
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- - in: path
- name: username
- required: true
- schema:
- type: string
- responses:
- "204":
- description: Deleted credential
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Delete a specific user credential by username of the credential. Cannot be the credential used to authenticate the request.
- tags:
- - User Management
- x-anchore-authz-action: deleteUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- get:
- operationId: get_account_user
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- - in: path
- name: username
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/User"
- description: User record
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get a specific user in the specified account
- tags:
- - User Management
- x-anchore-authz-action: getUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- "/accounts/{accountname}/users/{username}/credentials":
- delete:
- operationId: delete_user_credential
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- - in: path
- name: username
- required: true
- schema:
- type: string
- - in: query
- name: credential_type
- required: true
- schema:
- enum:
- - password
- type: string
- responses:
- "204":
- description: Successful deletion
- "400":
- description: Conflict, cannot delete the credential used to authenticate this request
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Delete a credential by type
- tags:
- - User Management
- x-anchore-authz-action: updateUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- get:
- operationId: list_user_credentials
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- - in: path
- name: username
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/CredentialList"
- description: User credential listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get current credential summary
- tags:
- - User Management
- x-anchore-authz-action: getUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- post:
- operationId: create_user_credential
- parameters:
- - in: path
- name: accountname
- required: true
- schema:
- type: string
- - in: path
- name: username
- required: true
- schema:
- type: string
- requestBody:
- $ref: "#/components/requestBodies/AccessCredential"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/User"
- description: Add a credential, overwritting if already exists
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: add/replace credential
- tags:
- - User Management
- x-anchore-authz-action: updateUser
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.accounts
- /archives:
- get:
- operationId: list_archives
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ArchiveSummary"
- description: Archive summary listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: listArchives
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- /archives/images:
- get:
- operationId: list_analysis_archive
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ArchivedAnalyses"
- description: Image analysis archive listing for the requesting account (not the whole system)
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: listArchivedImageAnalysis
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- post:
- operationId: archive_image_analysis
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageAnalysisReferences"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AddAnalysisArchiveResult"
- description: Archive statuses
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: createArchivedImageAnalysis
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- "/archives/images/{imageDigest}":
- delete:
- description: Performs a synchronous archive deletion
- operationId: delete_archived_analysis
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: query
- name: force
- required: false
- schema:
- type: boolean
- responses:
- "200":
- description: ArchivdImageAnalysis successfully deleted
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: deleteArchivedImageAnalysis
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- get:
- description: Returns the archive metadata record identifying the image and tags for the analysis in the archive.
- operationId: get_archived_analysis
- parameters:
- - description: The image digest to identify the image analysis
- in: path
- name: imageDigest
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ArchivedAnalysis"
- description: Archived Image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: getArchivedImageAnalysis
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- /archives/rules:
- get:
- operationId: list_analysis_archive_rules
- parameters:
- - description: If true include system global rules (owned by admin) even for non-admin users. Defaults to true if not set. Can be set to false to exclude globals
- in: query
- name: system_global
- required: false
- schema:
- type: boolean
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnalysisArchiveRules"
- description: Archive transition rules
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: listArchiveTransitionRules
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- post:
- operationId: create_analysis_archive_rule
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnalysisArchiveTransitionRule"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnalysisArchiveTransitionRule"
- description: Archive transition rule
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: createArchiveTransitionRule
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- "/archives/rules/{ruleId}":
- delete:
- operationId: delete_analysis_archive_rule
- parameters:
- - in: path
- name: ruleId
- required: true
- schema:
- type: string
- responses:
- "200":
- description: Analysis archive rule succesfuly deleted
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: deleteArchiveTransitionRule
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- get:
- operationId: get_analysis_archive_rule
- parameters:
- - in: path
- name: ruleId
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnalysisArchiveTransitionRule"
- description: Archive transition rule
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- tags:
- - Archives
- x-anchore-authz-action: getArchiveTransitionRule
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.archive
- /event_types:
- get:
- description: Returns list of event types in the category hierarchy
- operationId: list_event_types
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/EventTypesList"
- description: List of event types
- summary: List Event Types
- tags:
- - Events
- x-anchore-authz-action: listEvents
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.events
- /events:
- delete:
- description: Delete all or a subset of events filtered using the optional query parameters
- operationId: delete_events
- parameters:
- - description: Delete events that occurred before the timestamp
- in: query
- name: before
- required: false
- schema:
- type: string
- - description: Delete events that occurred after the timestamp
- in: query
- name: since
- required: false
- schema:
- type: string
- - description: Delete events that match the level - INFO or ERROR
- in: query
- name: level
- required: false
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- type: string
- type: array
- description: List of deleted event IDs
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Delete Events
- tags:
- - Events
- x-anchore-authz-action: deleteEvents
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.events
- get:
- description: Returns a paginated list of events in the descending order of their occurrence. Optional query parameters may be used for filtering results
- operationId: list_events
- parameters:
- - description: Filter events by the originating service
- in: query
- name: source_servicename
- required: false
- schema:
- type: string
- - description: Filter events by the originating host ID
- in: query
- name: source_hostid
- required: false
- schema:
- type: string
- - description: Filter events by a prefix match on the event type (e.g. "user.image.")
- in: query
- name: event_type
- required: false
- schema:
- pattern: ^[a-z0-9-_.*]+$
- type: string
- - description: Filter events by the type of resource - tag, imageDigest, repository etc
- in: query
- name: resource_type
- required: false
- schema:
- type: string
- - description: Filter events by the id of the resource
- in: query
- name: resource_id
- required: false
- schema:
- type: string
- - description: Filter events by the level - INFO or ERROR
- in: query
- name: level
- required: false
- schema:
- type: string
- - description: Return events that occurred after the timestamp
- in: query
- name: since
- required: false
- schema:
- type: string
- - description: Return events that occurred before the timestamp
- in: query
- name: before
- required: false
- schema:
- type: string
- - description: Pagination controls - return the nth page of results. Defaults to first page if left empty
- in: query
- name: page
- required: false
- schema:
- default: 1
- type: integer
- - description: Number of events in the result set. Defaults to 100 if left empty
- in: query
- name: limit
- required: false
- schema:
- default: 100
- type: integer
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/EventsList"
- description: Paginated list of event records and the next token
- summary: List Events
- tags:
- - Events
- x-anchore-authz-action: listEvents
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.events
- "/events/{eventId}":
- delete:
- description: Delete an event by its event ID
- operationId: delete_event
- parameters:
- - description: Event ID of the event to be deleted
- in: path
- name: eventId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- description: Delete success
- summary: Delete Event
- tags:
- - Events
- x-anchore-authz-action: getEvent
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.events
- get:
- description: Lookup an event by its event ID
- operationId: get_event
- parameters:
- - description: Event ID of the event for lookup
- in: path
- name: eventId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/EventResponse"
- description: Single event record
- summary: Get Event
- tags:
- - Events
- x-anchore-authz-action: getEvent
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.events
- /health:
- get:
- description: Health check, returns 200 and no body if service is running
- operationId: health_check
- responses:
- "200":
- description: Empty body on success
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.apis.common
- /images:
- delete:
- description: Delete analysis for image digests in the list asynchronously
- operationId: delete_images_async
- parameters:
- - explode: false
- in: query
- name: imageDigests
- required: true
- schema:
- items:
- type: string
- type: array
- style: form
- x-nullable: false
- - in: query
- name: force
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/DeleteImageResponseList"
- description: successful operation
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Bulk mark images for deletion
- tags:
- - Images
- x-anchore-authz-action: deleteImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- get:
- description: List all images visible to the user
- operationId: list_images
- parameters:
- - description: Include image history in the response
- in: query
- name: history
- required: false
- schema:
- type: boolean
- - description: Full docker-pull string to filter results by (e.g. docker.io/library/nginx:latest, or myhost.com:5000/testimages:v1.1.1)
- in: query
- name: fulltag
- required: false
- schema:
- type: string
- - description: Filter by image_status value on the record. Default if omitted is 'active'.
- in: query
- name: image_status
- required: false
- schema:
- default: active
- enum:
- - all
- - active
- - deleting
- type: string
- - description: Filter by analysis_status value on the record.
- in: query
- name: analysis_status
- required: false
- schema:
- enum:
- - not_analyzed
- - analyzed
- - analyzing
- - analysis_failed
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageList"
- description: successful operation
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List all visible images
- tags:
- - Images
- x-anchore-authz-action: listImages
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- post:
- description: Creates a new analysis task that is executed asynchronously
- operationId: add_image
- parameters:
- - description: Override any existing entry in the system
- in: query
- name: force
- required: false
- schema:
- type: boolean
- - description: Instruct engine to automatically begin watching the added tag for updates from registry
- in: query
- name: autosubscribe
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageAnalysisRequest"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageList"
- description: Successfully added image to analysis queue
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Submit a new image for analysis by the engine
- tags:
- - Images
- x-anchore-authz-action: createImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}":
- delete:
- operationId: delete_image_by_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - in: query
- name: force
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/DeleteImageResponse"
- description: Image deletion success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Delete image by docker imageId
- tags:
- - Images
- x-anchore-authz-action: deleteImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- get:
- operationId: get_image_by_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageList"
- description: Image lookup success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Lookup image by docker imageId
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/check":
- get:
- description: Get the policy evaluation for the given image
- operationId: get_image_policy_check_by_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - in: query
- name: policyId
- required: false
- schema:
- type: string
- - in: query
- name: tag
- required: true
- schema:
- type: string
- - in: query
- name: detail
- required: false
- schema:
- type: boolean
- - in: query
- name: history
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyEvaluationList"
- description: Policy evaluation success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Check policy evaluation status for image
- tags:
- - Images
- x-anchore-authz-action: getImageEvaluation
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/content":
- get:
- operationId: list_image_content_by_imageid
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- type: string
- type: array
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: List image content types
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/content/files":
- get:
- operationId: get_image_content_by_type_imageId_files
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentFilesResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type files
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/content/java":
- get:
- operationId: get_image_content_by_type_imageId_javapackage
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentJAVAPackageResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type java
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/content/{ctype}":
- get:
- operationId: get_image_content_by_type_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - in: path
- name: ctype
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentPackageResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/vuln":
- get:
- operationId: get_image_vulnerability_types_by_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- enum:
- - all
- - os
- - non-os
- type: string
- type: array
- description: Vulnerability listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get vulnerability types
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/by_id/{imageId}/vuln/{vtype}":
- get:
- operationId: get_image_vulnerabilities_by_type_imageId
- parameters:
- - in: path
- name: imageId
- required: true
- schema:
- type: string
- - in: path
- name: vtype
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/VulnerabilityResponse"
- description: Vulnerability listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get vulnerabilities by type
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}":
- delete:
- operationId: delete_image
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: query
- name: force
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/DeleteImageResponse"
- description: Image deletion success
- summary: Delete an image analysis
- tags:
- - Images
- x-anchore-authz-action: deleteImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- get:
- operationId: get_image
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageList"
- description: Image lookup success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get image metadata
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/artifacts/file_content_search":
- get:
- operationId: list_file_content_search_results
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/FileContentSearchList"
- description: List of file metadata objects
- "404":
- description: Image not found in this service
- summary: Return a list of analyzer artifacts of the specified type
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/artifacts/retrieved_files":
- get:
- operationId: list_retrieved_files
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RetrievedFileList"
- description: List of file metadata objects
- "404":
- description: Image not found in this service
- summary: Return a list of analyzer artifacts of the specified type
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/artifacts/secret_search":
- get:
- operationId: list_secret_search_results
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SecretSearchList"
- description: List of file metadata objects
- "404":
- description: Image not found in this service
- summary: Return a list of analyzer artifacts of the specified type
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/check":
- get:
- description: Get the policy evaluation for the given image
- operationId: get_image_policy_check
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: query
- name: policyId
- required: false
- schema:
- type: string
- - in: query
- name: tag
- required: true
- schema:
- type: string
- - in: query
- name: detail
- required: false
- schema:
- type: boolean
- - in: query
- name: history
- required: false
- schema:
- type: boolean
- - in: query
- name: interactive
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyEvaluationList"
- description: Policy evaluation success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Check policy evaluation status for image
- tags:
- - Images
- x-anchore-authz-action: getImageEvaluation
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/content":
- get:
- operationId: list_image_content
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- type: string
- type: array
- description: Content listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List image content types
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/content/files":
- get:
- operationId: get_image_content_by_type_files
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentFilesResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type files
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/content/java":
- get:
- operationId: get_image_content_by_type_javapackage
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentJAVAPackageResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type java
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/content/malware":
- get:
- operationId: get_image_content_by_type_malware
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentMalwareResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type malware
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/content/{ctype}":
- get:
- operationId: get_image_content_by_type
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: path
- name: ctype
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ContentPackageResponse"
- description: Content of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the content of an image by type
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/metadata":
- get:
- operationId: list_image_metadata
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- type: string
- type: array
- description: Metadata listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List image metadata types
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/metadata/{mtype}":
- get:
- operationId: get_image_metadata_by_type
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: path
- name: mtype
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/MetadataResponse"
- description: Metadata of specified type from the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get the metadata of an image by type
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/vuln":
- get:
- operationId: get_image_vulnerability_types
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- enum:
- - all
- - os
- - non-os
- type: string
- type: array
- description: Vulnerability listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get vulnerability types
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- "/images/{imageDigest}/vuln/{vtype}":
- get:
- operationId: get_image_vulnerabilities_by_type
- parameters:
- - in: path
- name: imageDigest
- required: true
- schema:
- type: string
- - in: path
- name: vtype
- required: true
- schema:
- type: string
- - in: query
- name: force_refresh
- required: false
- schema:
- type: boolean
- - description: Filter results to include only vulnerabilities that are not marked as invalid by upstream OS vendor data. When set to true, it will filter out all vulnerabilities where `will_not_fix` is False. If false all vulnerabilities are returned regardless of `will_not_fix`
- in: query
- name: vendor_only
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/VulnerabilityResponse"
- description: Vulnerability listing for the image
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get vulnerabilities by type
- tags:
- - Images
- x-anchore-authz-action: getImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- /import/images:
- post:
- operationId: import_image_archive
- requestBody:
- content:
- multipart/form-data:
- schema:
- properties:
- archive_file:
- description: anchore image tar archive.
- format: binary
- type: string
- required:
- - archive_file
- type: object
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageList"
- description: Successfully imported image to the engine
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Import an anchore image tar.gz archive file. This is a deprecated API replaced by the "/imports/images" route
- tags:
- - Import
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- /imports/images:
- get:
- operationId: list_operations
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImports"
- description: success
- "500":
- description: Internal Error
- summary: Lists in-progress imports
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: create_operation
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportOperation"
- description: success
- "500":
- description: Internal Error
- summary: Begin the import of an image analyzed by Syft into the system
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}":
- delete:
- operationId: invalidate_operation
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportOperation"
- description: success
- "500":
- description: Internal Error
- summary: Invalidate operation ID so it can be garbage collected
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- get:
- operationId: get_operation
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportOperation"
- description: success
- "500":
- description: Internal Error
- summary: Get detail on a single import
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}/dockerfile":
- get:
- operationId: list_import_dockerfiles
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImportContentDigestList"
- description: success
- "500":
- description: Internal Error
- summary: List uploaded dockerfiles
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: import_image_dockerfile
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- requestBody:
- content:
- text/plain; utf-8:
- schema:
- type: string
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportContentResponse"
- description: success
- "500":
- description: Internal Error
- summary: Begin the import of an image analyzed by Syft into the system
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}/image_config":
- get:
- operationId: list_import_image_configs
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImportContentDigestList"
- description: success
- "500":
- description: Internal Error
- summary: List uploaded image configs
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: import_image_config
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/json:
- schema:
- type: object
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportContentResponse"
- description: success
- "500":
- description: Internal Error
- summary: Import a docker or OCI image config to associate with the image
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}/manifest":
- get:
- operationId: list_import_image_manifests
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImportContentDigestList"
- description: success
- "500":
- description: Internal Error
- summary: List uploaded image manifests
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: import_image_manifest
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/vnd.docker.distribution.manifest.v1+json:
- schema:
- type: object
- application/vnd.docker.distribution.manifest.v1+prettyjws:
- schema:
- type: object
- application/vnd.docker.distribution.manifest.v2+json:
- schema:
- type: object
- application/vnd.oci.image.manifest.v1+json:
- schema:
- type: object
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportContentResponse"
- description: success
- "500":
- description: Internal Error
- summary: Import a docker or OCI distribution manifest to associate with the image
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}/packages":
- get:
- operationId: list_import_packages
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImportContentDigestList"
- description: success
- "500":
- description: Internal Error
- summary: List uploaded package manifests
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: import_image_packages
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImagePackageManifest"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportContentResponse"
- description: success
- "500":
- description: Internal Error
- summary: Begin the import of an image analyzed by Syft into the system
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- "/imports/images/{operation_id}/parent_manifest":
- get:
- operationId: list_import_parent_manifests
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImportContentDigestList"
- description: success
- "500":
- description: Internal Error
- summary: List uploaded parent manifests (manifest lists for a tag)
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- post:
- operationId: import_image_parent_manifest
- parameters:
- - in: path
- name: operation_id
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/vnd.docker.distribution.manifest.list.v2+json:
- schema:
- type: object
- application/vnd.oci.image.index.v1+json:
- schema:
- type: object
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ImageImportContentResponse"
- description: success
- "500":
- description: Internal Error
- summary: Import a docker or OCI distribution manifest list to associate with the image
- tags:
- - Imports
- x-anchore-authz-action: importImage
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.image_imports
- /oauth/token:
- post:
- description: Request a jwt token for subsequent operations, this request is authenticated with normal HTTP auth
- operationId: get_oauth_token
- requestBody:
- content:
- application/x-www-form-urlencoded:
- schema:
- properties:
- client_id:
- default: anonymous
- description: The type of client used for the OAuth token
- type: string
- grant_type:
- default: password
- description: OAuth Grant type for token
- type: string
- password:
- description: Password for corresponding user
- type: string
- username:
- description: User to assign OAuth token to
- type: string
- type: object
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/TokenResponse"
- description: Resulting JWT token
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.oauth
- /policies:
- get:
- description: List all saved policy bundles
- operationId: list_policies
- parameters:
- - description: Include policy bundle detail in the form of the full bundle content for each entry
- in: query
- name: detail
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundleList"
- description: Policy listing
- summary: List policies
- tags:
- - Policies
- x-anchore-authz-action: listPolicies
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.policies
- post:
- description: Adds a new policy bundle to the system
- operationId: add_policy
- parameters:
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundle"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundleRecord"
- description: Saved bundle
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Add a new policy
- tags:
- - Policies
- x-anchore-authz-action: createPolicy
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.policies
- "/policies/{policyId}":
- delete:
- description: Delete the specified policy
- operationId: delete_policy
- parameters:
- - in: path
- name: policyId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- description: Delete success
- "404":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Policy not found to delete
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Delete policy
- tags:
- - Policies
- x-anchore-authz-action: deletePolicy
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.policies
- get:
- description: Get the policy bundle content
- operationId: get_policy
- parameters:
- - in: path
- name: policyId
- required: true
- schema:
- type: string
- - description: Include policy bundle detail in the form of the full bundle content for each entry
- in: query
- name: detail
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundleList"
- description: A list with a single fetched policy bundle record
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get specific policy
- tags:
- - Policies
- x-anchore-authz-action: getPolicy
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.policies
- put:
- description: Update/replace and existing policy
- operationId: update_policy
- parameters:
- - in: path
- name: policyId
- required: true
- schema:
- type: string
- - description: Mark policy as active
- in: query
- name: active
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundleRecord"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PolicyBundleList"
- description: A list with a single updated policy bundle record
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Update policy
- tags:
- - Policies
- x-anchore-authz-action: updatePolicy
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.policies
- /query/images/by_package:
- get:
- description: Filterable query interface to search for images containing specified package
- operationId: query_images_by_package
- parameters:
- - description: Name of package to search for (e.g. sed)
- in: query
- name: name
- required: true
- schema:
- type: string
- - description: Type of package to filter on (e.g. dpkg)
- in: query
- name: package_type
- required: false
- schema:
- type: string
- - description: Version of named package to filter on (e.g. 4.4-1)
- in: query
- name: version
- required: false
- schema:
- type: string
- - description: The page of results to fetch. Pages start at 1
- in: query
- name: page
- required: false
- schema:
- type: string
- - description: Limit the number of records for the requested page. If omitted or set to 0, return all results in a single page
- in: query
- name: limit
- required: false
- schema:
- type: integer
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PaginatedImageList"
- description: Image listing
- "400":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Bad filter parameters
- summary: List of images containing given package
- tags:
- - Query
- x-anchore-authz-action: listImages
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.query
- /query/images/by_vulnerability:
- get:
- description: Returns a listing of images and their respective packages vulnerable to the given vulnerability ID
- operationId: query_images_by_vulnerability
- parameters:
- - description: The ID of the vulnerability to search for within all images stored in anchore-engine (e.g. CVE-1999-0001)
- in: query
- name: vulnerability_id
- required: true
- schema:
- type: string
- - description: Filter results to images within the given vulnerability namespace (e.g. debian:8, ubuntu:14.04)
- in: query
- name: namespace
- required: false
- schema:
- type: string
- - description: Filter results to images with vulnable packages with the given package name (e.g. libssl)
- in: query
- name: affected_package
- required: false
- schema:
- type: string
- - description: Filter results to vulnerable package/vulnerability with the given severity
- in: query
- name: severity
- required: false
- schema:
- enum:
- - Unknown
- - Negligible
- - Low
- - Medium
- - High
- - Critical
- type: string
- - description: Filter results to include only vulnerabilities that are not marked as invalid by upstream OS vendor data
- in: query
- name: vendor_only
- required: false
- schema:
- default: true
- type: boolean
- - description: The page of results to fetch. Pages start at 1
- in: query
- name: page
- required: false
- schema:
- type: integer
- - description: Limit the number of records for the requested page. If omitted or set to 0, return all results in a single page
- in: query
- name: limit
- required: false
- schema:
- type: integer
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PaginatedVulnerableImageList"
- description: Image lookup success
- "400":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Invalid filter parameters
- summary: List images vulnerable to the specific vulnerability ID.
- tags:
- - Query
- x-anchore-authz-action: listImages
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.query
- /query/vulnerabilities:
- get:
- description: List (w/filters) vulnerability records known by the system, with affected packages information if present
- operationId: query_vulnerabilities
- parameters:
- - description: The ID of the vulnerability (e.g. CVE-1999-0001)
- explode: false
- in: query
- name: id
- required: true
- schema:
- items:
- type: string
- type: array
- style: form
- - description: Filter results by specified package name (e.g. sed)
- in: query
- name: affected_package
- required: false
- schema:
- type: string
- - description: Filter results by specified package version (e.g. 4.4-1)
- in: query
- name: affected_package_version
- required: false
- schema:
- type: string
- - description: The page of results to fetch. Pages start at 1
- in: query
- name: page
- required: false
- schema:
- default: "1"
- type: string
- - description: Limit the number of records for the requested page. If omitted or set to 0, return all results in a single page
- in: query
- name: limit
- required: false
- schema:
- type: integer
- - description: Namespace(s) to filter vulnerability records by
- explode: false
- in: query
- name: namespace
- required: false
- schema:
- items:
- type: string
- type: array
- style: form
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/PaginatedVulnerabilityList"
- description: Vulnerability listing paginated
- "400":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Invalid filter parameters
- summary: Listing information about given vulnerability
- tags:
- - Query
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.query
- /registries:
- get:
- description: List all configured registries the system can/will watch
- operationId: list_registries
- parameters:
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RegistryConfigurationList"
- description: Registry listing
- summary: List configured registries
- tags:
- - Registries
- x-anchore-authz-action: listRegistries
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.registries
- post:
- description: Adds a new registry to the system
- operationId: create_registry
- parameters:
- - description: flag to determine whether or not to validate registry/credential at registry add time
- in: query
- name: validate
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- $ref: "#/components/requestBodies/RegistryConfigurationRequest"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RegistryConfigurationList"
- description: Saved registry configuration
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Add a new registry
- tags:
- - Registries
- x-anchore-authz-action: createRegistry
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.registries
- "/registries/{registry}":
- delete:
- description: Delete a registry configuration record from the system. Does not remove any images.
- operationId: delete_registry
- parameters:
- - in: path
- name: registry
- required: true
- schema:
- format: path
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- description: Delete success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Delete a registry configuration
- tags:
- - Registries
- x-anchore-authz-action: deleteRegistry
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.registries
- get:
- description: Get information on a specific registry
- operationId: get_registry
- parameters:
- - in: path
- name: registry
- required: true
- schema:
- format: path
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RegistryConfigurationList"
- description: Registry configuration
- summary: Get a specific registry configuration
- tags:
- - Registries
- x-anchore-authz-action: getRegistry
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.registries
- put:
- description: Replaces an existing registry record with the given record
- operationId: update_registry
- parameters:
- - in: path
- name: registry
- required: true
- schema:
- format: path
- type: string
- - description: flag to determine whether or not to validate registry/credential at registry update time
- in: query
- name: validate
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- $ref: "#/components/requestBodies/RegistryConfigurationRequest"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RegistryConfigurationList"
- description: Updated registry configuration
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Update/replace a registry configuration
- tags:
- - Registries
- x-anchore-authz-action: updateRegistry
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.registries
- /repositories:
- post:
- description: ""
- operationId: add_repository
- parameters:
- - description: full repository to add e.g. docker.io/library/alpine
- in: query
- name: repository
- required: true
- schema:
- type: string
- - description: flag to enable/disable auto tag_update activation when new images from a repo are added
- in: query
- name: autosubscribe
- required: false
- schema:
- type: boolean
- - description: flag to return tags in the repository without actually watching the repository, default is false
- in: query
- name: dryrun
- required: false
- schema:
- type: boolean
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionList"
- description: Repository and discovered tags added
- summary: Add repository to watch
- tags:
- - Repository Credentials
- x-anchore-authz-action: createRepository
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- /status:
- get:
- description: Get the API service status
- operationId: get_status
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/StatusResponse"
- description: Status listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Service status
- tags:
- - System
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /subscriptions:
- get:
- operationId: list_subscriptions
- parameters:
- - description: filter only subscriptions matching key
- in: query
- name: subscription_key
- required: false
- schema:
- type: string
- - description: filter only subscriptions matching type
- in: query
- name: subscription_type
- required: false
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionList"
- description: Subscription listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List all subscriptions
- tags:
- - Subscriptions
- x-anchore-authz-action: listSubscriptions
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.subscriptions
- post:
- description: Create a new subscription to watch a tag and get notifications of changes
- operationId: add_subscription
- parameters:
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionRequest"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionList"
- description: Subscription add success
- summary: Add a subscription of a specific type
- tags:
- - Subscriptions
- x-anchore-authz-action: createSubscription
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.subscriptions
- "/subscriptions/{subscriptionId}":
- delete:
- operationId: delete_subscription
- parameters:
- - in: path
- name: subscriptionId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- description: Delete success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Delete subscriptions of a specific type
- tags:
- - Subscriptions
- x-anchore-authz-action: deleteSubscription
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.subscriptions
- get:
- operationId: get_subscription
- parameters:
- - in: path
- name: subscriptionId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionList"
- description: Filtered subscription list by type
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get a specific subscription set
- tags:
- - Subscriptions
- x-anchore-authz-action: getSubscription
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.subscriptions
- put:
- operationId: update_subscription
- parameters:
- - in: path
- name: subscriptionId
- required: true
- schema:
- type: string
- - $ref: "#/components/parameters/AsAccountParameter"
- requestBody:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionUpdate"
- required: true
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SubscriptionList"
- description: Subscription add success
- summary: Update an existing and specific subscription
- tags:
- - Subscriptions
- x-anchore-authz-action: updateSubscription
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.subscriptions
- /summaries/imagetags:
- get:
- description: List all image tags visible to the user
- operationId: list_imagetags
- parameters:
- - description: Filter images in one or more states such as active, deleting. Defaults to active images only if unspecified
- explode: false
- in: query
- name: image_status
- required: false
- schema:
- default:
- - active
- items:
- enum:
- - all
- - active
- - deleting
- type: string
- type: array
- style: form
- - $ref: "#/components/parameters/AsAccountParameter"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AnchoreImageTagSummaryList"
- description: successful operation
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List all visible image digests and tags
- tags:
- - Summaries
- x-anchore-authz-action: listImages
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.images
- /system:
- get:
- description: Get the system status including queue lengths
- operationId: get_service_detail
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/SystemStatusResponse"
- description: Status listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: System status
- tags:
- - System
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /system/error_codes:
- get:
- description: Describe anchore engine error codes.
- operationId: describe_error_codes
- responses:
- "200":
- content:
- application/json:
- schema:
- description: List of Error Code Descriptions
- items:
- $ref: "#/components/schemas/AnchoreErrorCode"
- type: array
- description: Error Codes Description
- summary: Describe anchore engine error codes.
- tags:
- - System
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /system/feeds:
- get:
- description: Return a list of feed and their groups along with update and record count information. This data reflects the state of the policy engine, not the upstream feed service itself.
- operationId: get_system_feeds
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- $ref: "#/components/schemas/FeedMetadata"
- type: array
- description: success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: list feeds operations and information
- tags:
- - System
- x-anchore-authz-action: listFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- post:
- description: Execute a synchronous feed sync operation. The response will block until complete, then return the result summary.
- operationId: post_system_feeds
- parameters:
- - description: instruct system to flush existing data feeds records from anchore-engine
- in: query
- name: flush
- required: false
- schema:
- type: boolean
- - description: instruct system to re-sync data feeds
- in: query
- name: sync
- required: false
- schema:
- type: boolean
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/FeedSyncResults"
- description: Feeds operation success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: trigger feeds operations
- tags:
- - System
- x-anchore-authz-action: updateFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- "/system/feeds/{feed}":
- delete:
- description: Delete the groups and data for the feed and disable the feed itself
- operationId: delete_feed
- parameters:
- - in: path
- name: feed
- required: true
- schema:
- type: string
- responses:
- "200":
- description: Successfully deleted
- "404":
- description: Not found
- "500":
- description: Internal server error processing the request. Retry expected
- tags:
- - System
- x-anchore-authz-action: updateFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- put:
- description: Disable the feed so that it does not sync on subsequent sync operations
- operationId: toggle_feed_enabled
- parameters:
- - in: path
- name: feed
- required: true
- schema:
- type: string
- - in: query
- name: enabled
- required: true
- schema:
- type: boolean
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/FeedMetadata"
- description: FeedInfo
- "400":
- description: Bad request, fix and resend
- "500":
- description: Internal server error processing the request. Retry expected
- tags:
- - System
- x-anchore-authz-action: updateFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- "/system/feeds/{feed}/{group}":
- delete:
- description: Delete the group data and disable the group itself
- operationId: delete_feed_group
- parameters:
- - in: path
- name: feed
- required: true
- schema:
- type: string
- - in: path
- name: group
- required: true
- schema:
- type: string
- responses:
- "200":
- description: Successfully deleted
- "404":
- description: Not found
- "500":
- description: Internal server error processing the request. Retry expected
- tags:
- - System
- x-anchore-authz-action: updateFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- put:
- description: Disable a specific group within a feed to not sync
- operationId: toggle_group_enabled
- parameters:
- - in: path
- name: feed
- required: true
- schema:
- type: string
- - in: path
- name: group
- required: true
- schema:
- type: string
- - in: query
- name: enabled
- required: true
- schema:
- type: boolean
- responses:
- "200":
- content:
- application/json:
- schema:
- items:
- $ref: "#/components/schemas/FeedMetadata"
- type: array
- description: FeedInfo listing
- "400":
- description: Bad request, fix and resend
- "500":
- description: Internal server error processing the request. Retry expected
- tags:
- - System
- x-anchore-authz-action: updateFeeds
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /system/policy_spec:
- get:
- description: Get the policy language spec for this service
- operationId: describe_policy
- responses:
- "200":
- content:
- application/json:
- schema:
- description: List of Gate specifications
- items:
- $ref: "#/components/schemas/GateSpec"
- type: array
- description: Policy Language Description
- summary: Describe the policy language spec implemented by this service.
- tags:
- - System
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /system/services:
- get:
- operationId: list_services
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ServiceList"
- description: Service listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: List system services
- tags:
- - System
- x-anchore-authz-action: listServices
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- "/system/services/{servicename}":
- get:
- operationId: get_services_by_name
- parameters:
- - in: path
- name: servicename
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ServiceList"
- description: Service Info
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal Error
- summary: Get a service configuration and state
- tags:
- - System
- x-anchore-authz-action: getService
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- "/system/services/{servicename}/{hostid}":
- delete:
- operationId: delete_service
- parameters:
- - in: path
- name: servicename
- required: true
- schema:
- type: string
- - in: path
- name: hostid
- required: true
- schema:
- type: string
- responses:
- "200":
- description: Delete success
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Delete the service config
- tags:
- - System
- x-anchore-authz-action: deleteService
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- get:
- operationId: get_services_by_name_and_host
- parameters:
- - in: path
- name: servicename
- required: true
- schema:
- type: string
- - in: path
- name: hostid
- required: true
- schema:
- type: string
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ServiceList"
- description: Listing of registered services
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get service config for a specific host
- tags:
- - System
- x-anchore-authz-action: getService
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- "/system/webhooks/{webhook_type}/test":
- post:
- description: Loads the Webhook configuration for webhook_type, and sends the notification out as a test
- operationId: test_webhook
- parameters:
- - description: The Webhook Type that we should test
- in: path
- name: webhook_type
- required: true
- schema:
- type: string
- - description: What kind of Notification to send
- in: query
- name: notification_type
- required: false
- schema:
- default: tag_update
- enum:
- - tag_update
- - analysis_update
- - vuln_update
- - policy_eval
- type: string
- responses:
- "200":
- description: The Webhook was sent successfully. Schemas may be found under Models (PolicyEvalNotification, TagUpdateNotification, VulnUpdateNotification, AnalysisUpdateNotification)
- "400":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: The Webhook failed to send due to misconfiguration
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: The Webhook failed to send due to an Internal Error
- summary: Adds the capabilities to test a webhook delivery for the given notification type
- tags:
- - System
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.system
- /user:
- get:
- operationId: get_user
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/User"
- description: User details for caller's user
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: List authenticated user info
- tags:
- - Identity
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.user
- /user/credentials:
- get:
- operationId: get_credentials
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/CredentialList"
- description: User credential listing
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: Get current credential summary
- tags:
- - Identity
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.user
- post:
- operationId: add_credential
- requestBody:
- $ref: "#/components/requestBodies/AccessCredential"
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/User"
- description: Add a credential, overwritting if already exists
- "500":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ApiErrorResponse"
- description: Internal error
- summary: add/replace credential
- tags:
- - Identity
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.services.apiext.api.controllers.user
- /version:
- get:
- description: Returns the version object for the service, including db schema version info
- operationId: version_check
- responses:
- "200":
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/ServiceVersion"
- description: Version object describing version state
- x-anchore-authz-action: None
- x-swagger-router-controller: anchore_engine.apis.common
-components:
- parameters:
- AsAccountParameter:
- description: An account name to change the resource scope of the request to that account, if permissions allow (admin only)
- in: header
- name: x-anchore-account
- required: false
- schema:
- type: string
- requestBodies:
- AccessCredential:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/AccessCredential"
- required: true
- RegistryConfigurationRequest:
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/RegistryConfigurationRequest"
- required: true
- schemas:
- AccessCredential:
- description: A login credential mapped to a user identity. For password credentials, the username to present for Basic auth is the user's username from the user record
- properties:
- created_at:
- description: The timestamp of creation of the credential
- type: string
- type:
- description: The type of credential
- enum:
- - password
- type: string
- value:
- description: The credential value (e.g. the password)
- type: string
- required:
- - type
- - value
- type: object
- Account:
- description: Account information
- properties:
- created_at:
- description: The timestamp when the account was created
- format: date-time
- type: string
- email:
- description: Optional email address associated with the account
- type: string
- last_updated:
- description: The timestamp of the last update to the account metadata itself (not users or creds)
- format: date-time
- type: string
- name:
- description: The account identifier, not updatable after creation
- type: string
- state:
- description: State of the account. Disabled accounts prevent member users from logging in, deleting accounts are disabled and pending deletion and will be removed once all owned resources are garbage collected by the system
- enum:
- - enabled
- - disabled
- - deleting
- type: string
- type:
- description: The user type (admin vs user). If not specified in a POST request, 'user' is default
- enum:
- - user
- - admin
- - service
- type: string
- required:
- - name
- type: object
- AccountCreationRequest:
- description: An account to create/add to the system. If already exists will return 400.
- properties:
- email:
- description: An optional email to associate with the account for contact purposes
- pattern: "[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?"
- type: string
- name:
- description: The account name to use. This will identify the account and must be globally unique in the system.
- pattern: ^[a-zA-Z0-9][a-zA-Z0-9@.!#$+-=^_`~;]{1,126}[a-zA-Z0-9]$
- type: string
- required:
- - name
- type: object
- AccountList:
- items:
- $ref: "#/components/schemas/Account"
- type: array
- AccountStatus:
- description: A summary of account status
- properties:
- state:
- description: The status of the account
- enum:
- - enabled
- - disabled
- type: string
- type: object
- AddAnalysisArchiveResult:
- description: List of analysis archive add results
- items:
- $ref: "#/components/schemas/AnalysisArchiveAddResult"
- type: array
- AnalysisArchiveAddResult:
- description: The result of adding a single digest to the archive
- properties:
- detail:
- description: Details on the status, e.g. the error message
- type: string
- digest:
- description: The image digest requested to be added
- type: string
- status:
- description: The status of the archive add operation. Typically either 'archived' or 'error'
- enum:
- - archived
- - archiving
- - error
- type: string
- type: object
- AnalysisArchiveRules:
- description: Rule set for automatic archiving of system objects and flushing of archived objects (permament delete).
- items:
- $ref: "#/components/schemas/AnalysisArchiveTransitionRule"
- type: array
- AnalysisArchiveRulesSummary:
- description: Summary of the transition rule set
- properties:
- count:
- description: The number of rules for this account
- type: integer
- last_updated:
- description: The newest last_updated timestamp from the set of rules
- format: date-time
- type: string
- type: object
- AnalysisArchiveSource:
- description: An image reference in the analysis archive for the purposes of loading analysis from the archive into th working set
- nullable: true
- properties:
- digest:
- description: The image digest identify the analysis. Archived analyses are based on digest, tag records are restored as analysis is restored.
- pattern: ^sha256:[a-fA-F0-9]{64}$
- type: string
- required:
- - digest
- type: object
- AnalysisArchiveSummary:
- description: A summarization of the analysis archive, including size, counts, etc. This archive stores image analysis only, never the actual image content or layers.
- properties:
- last_updated:
- description: The timestamp of the most recent archived image
- format: date-time
- type: string
- total_data_bytes:
- description: The total sum of all the bytes stored to the backing storage. Accounts for anchore-applied compression, but not compression by the underlying storage system.
- type: integer
- total_image_count:
- description: The number of unique images (digests) in the archive
- type: integer
- total_tag_count:
- description: The number of tag records (registry/repo:tag pull strings) in the archive. This may include repeated tags but will always have a unique tag->digest mapping per record.
- type: integer
- type: object
- AnalysisArchiveTransitionHistory:
- description: A rule for auto-archiving image analysis by time and/or tag-history
- properties:
- created_at:
- format: date-time
- type: string
- imageDigest:
- type: string
- last_updated:
- format: date-time
- type: string
- rule_id:
- type: string
- transition:
- enum:
- - archive
- - delete
- type: string
- transition_task_id:
- description: The task that created & updated this entry
- type: string
- type: object
- AnalysisArchiveTransitionRule:
- description: A rule for auto-archiving image analysis by time and/or tag-history
- properties:
- analysis_age_days:
- description: Matches if the analysis is strictly older than this number of days
- type: integer
- created_at:
- format: date-time
- type: string
- exclude:
- $ref: "#/components/schemas/AnalysisArchiveTransitionRuleExclude"
- last_updated:
- format: date-time
- type: string
- max_images_per_account:
- description: This is the maximum number of image analyses an account can have. Can only be set on system_global rules
- type: integer
- rule_id:
- description: Unique identifier for archive rule
- type: string
- selector:
- $ref: "#/components/schemas/ImageSelector"
- system_global:
- description: True if the rule applies to all accounts in the system. This is only available to admin users to update/modify, but all users with permission to list rules can see them
- type: boolean
- tag_versions_newer:
- description: Number of images mapped to the tag that are newer
- type: integer
- transition:
- description: The type of transition to make. If "archive", then archive an image from the working set and remove it from the working set. If "delete", then match against archived images and delete from the archive if match.
- enum:
- - archive
- - delete
- type: string
- required:
- - transition
- type: object
- AnalysisArchiveTransitionRuleExclude:
- description: Which Images to exclude from auto-archiving logic
- properties:
- expiration_days:
- default: -1
- description: How long the image selected will be excluded from the archive transition
- type: integer
- selector:
- $ref: "#/components/schemas/ImageSelector"
- type: object
- AnalysisUpdateEval:
- description: Evaluation Results for an entity (current or last)
- properties:
- analysis_status:
- type: string
- annotations:
- type: object
- image_digest:
- type: string
- type: object
- AnalysisUpdateNotification:
- allOf:
- - $ref: "#/components/schemas/NotificationBase"
- - description: The Notification Object definition for Tag Update Notifications
- properties:
- data:
- $ref: "#/components/schemas/AnalysisUpdateNotificationData"
- type: object
- AnalysisUpdateNotificationData:
- allOf:
- - $ref: "#/components/schemas/BaseNotificationData"
- - properties:
- notification_payload:
- $ref: "#/components/schemas/AnalysisUpdateNotificationPayload"
- type: object
- AnalysisUpdateNotificationPayload:
- allOf:
- - $ref: "#/components/schemas/GenericNotificationPayload"
- - properties:
- annotations:
- description: List of Corresponding Image Annotations
- nullable: true
- type: object
- curr_eval:
- $ref: "#/components/schemas/AnalysisUpdateEval"
- last_eval:
- $ref: "#/components/schemas/AnalysisUpdateEval"
- type: object
- AnchoreErrorCode:
- description: A description of an anchore error code (name, description)
- properties:
- description:
- description: Description of the error code
- type: string
- name:
- description: Error code name
- type: string
- type: object
- AnchoreImage:
- description: A unique image in the engine. May have multiple tags or references. Unique to an image content across registries or repositories.
- properties:
- analysis_status:
- description: A state value for the current status of the analysis progress of the image
- enum:
- - not_analyzed
- - analyzing
- - analyzed
- - analysis_failed
- type: string
- annotations:
- type: object
- created_at:
- format: date-time
- type: string
- imageDigest:
- type: string
- image_content:
- $ref: "#/components/schemas/ImageContent"
- image_detail:
- description: Details specific to an image reference and type such as tag and image source
- items:
- $ref: "#/components/schemas/ImageDetail"
- type: array
- image_status:
- description: State of the image
- enum:
- - active
- - inactive
- - disabled
- type: string
- last_updated:
- format: date-time
- type: string
- userId:
- type: string
- type: object
- AnchoreImageList:
- description: A list of Anchore Images
- items:
- $ref: "#/components/schemas/AnchoreImage"
- type: array
- AnchoreImageTagSummary:
- description: A unique image in the engine.
- properties:
- analysis_status:
- type: string
- analyzed_at:
- type: integer
- created_at:
- type: integer
- fulltag:
- type: string
- imageDigest:
- type: string
- imageId:
- type: string
- image_status:
- type: string
- parentDigest:
- type: string
- tag_detected_at:
- type: integer
- type: object
- AnchoreImageTagSummaryList:
- description: a list of AnchoreImageTagSummary objects
- items:
- $ref: "#/components/schemas/AnchoreImageTagSummary"
- type: array
- Annotations:
- description: Simple key/value pairs where the value may be optional
- type: object
- ApiErrorResponse:
- description: Generic HTTP API error response
- properties:
- code:
- format: int32
- type: integer
- detail:
- description: Details structure for additional information about the error if available. Content and structure will be error specific.
- type: object
- error_type:
- type: string
- message:
- type: string
- type: object
- ArchiveSummary:
- description: A summarization of the available archives, a place to for long-term storage of audit, analysis, or other data to remove it from the system's working set but keep it available.
- properties:
- images:
- $ref: "#/components/schemas/AnalysisArchiveSummary"
- rules:
- $ref: "#/components/schemas/AnalysisArchiveRulesSummary"
- type: object
- ArchivedAnalyses:
- description: List of archived analyses
- items:
- $ref: "#/components/schemas/ArchivedAnalysis"
- type: array
- ArchivedAnalysis:
- properties:
- analyzed_at:
- format: date-time
- type: string
- annotations:
- description: User provided annotations as key-value pairs
- type: object
- archive_size_bytes:
- description: The size, in bytes, of the analysis archive file
- type: integer
- created_at:
- format: date-time
- type: string
- imageDigest:
- description: The image digest (digest of the manifest describing the image, per docker spec)
- type: string
- image_detail:
- description: List of tags associated with the image digest
- items:
- $ref: "#/components/schemas/TagEntry"
- type: array
- last_updated:
- format: date-time
- type: string
- parentDigest:
- description: The digest of a parent manifest (for manifest-list images)
- type: string
- status:
- description: The archival status
- enum:
- - archiving
- - archived
- - deleting
- - deleted
- type: string
- type: object
- BaseNotificationData:
- description: Every notification has a payload, which follows this basic structure
- properties:
- notification_type:
- type: string
- notification_user:
- type: string
- notification_user_email:
- type: string
- type: object
- CVSSV2Scores:
- properties:
- base_score:
- nullable: true
- type: number
- exploitability_score:
- nullable: true
- type: number
- impact_score:
- nullable: true
- type: number
- type: object
- CVSSV3Scores:
- properties:
- base_score:
- nullable: true
- type: number
- exploitability_score:
- nullable: true
- type: number
- impact_score:
- nullable: true
- type: number
- type: object
- ContentFilesResponse:
- description: File content listings from images
- properties:
- content:
- items:
- properties:
- filename:
- type: string
- gid:
- type: integer
- linkdest:
- nullable: true
- type: string
- mode:
- type: string
- sha256:
- nullable: true
- type: string
- size:
- type: integer
- type:
- type: string
- uid:
- type: integer
- type: object
- type: array
- content_type:
- type: string
- imageDigest:
- type: string
- type: object
- ContentJAVAPackageResponse:
- description: Java package content listings from images
- properties:
- content:
- items:
- properties:
- cpes:
- description: A list of Common Platform Enumerations that may uniquely identify the package
- items:
- type: string
- type: array
- implementation-version:
- type: string
- location:
- type: string
- maven-version:
- type: string
- origin:
- type: string
- package:
- type: string
- specification-version:
- type: string
- type:
- type: string
- type: object
- type: array
- content_type:
- type: string
- imageDigest:
- type: string
- type: object
- ContentMalwareResponse:
- description: Malware listing response
- properties:
- content:
- description: List of malware scan results, one per scanner configured to run
- items:
- $ref: "#/components/schemas/MalwareScan"
- type: array
- content_type:
- type: string
- imageDigest:
- type: string
- type: object
- ContentPackageResponse:
- description: Package content listings from images
- properties:
- content:
- items:
- properties:
- cpes:
- description: A list of Common Platform Enumerations that may uniquely identify the package
- items:
- type: string
- type: array
- license:
- description: Deprecated in favor of the 'licenses' field"
- type: string
- licenses:
- items:
- type: string
- type: array
- location:
- type: string
- origin:
- type: string
- package:
- type: string
- size:
- type: string
- type:
- type: string
- version:
- type: string
- type: object
- type: array
- content_type:
- type: string
- imageDigest:
- type: string
- type: object
- ContentResponse:
- description: Generic wrapper for content listings from images
- properties:
- content:
- items:
- type: object
- type: array
- content_type:
- type: string
- imageDigest:
- type: string
- type: object
- CredentialList:
- items:
- $ref: "#/components/schemas/AccessCredential"
- type: array
- DeleteImageResponse:
- description: Image deletion response containing status and details
- properties:
- detail:
- type: string
- digest:
- type: string
- status:
- description: Current status of the image deletion
- enum:
- - not_found
- - deleting
- - delete_failed
- type: string
- required:
- - digest
- - status
- type: object
- DeleteImageResponseList:
- description: A list of delete image responses
- items:
- $ref: "#/components/schemas/DeleteImageResponse"
- type: array
- EventCategory:
- description: A collection of event subcategories
- properties:
- category:
- type: string
- description:
- type: string
- subcategories:
- items:
- $ref: "#/components/schemas/EventSubcategory"
- type: array
- type: object
- EventDescription:
- description: A description of an event type
- properties:
- message:
- description: The message associated with the event type
- type: string
- name:
- description: The event type. The last component of the fully-qualified event_type (category.subcategory.event)
- type: string
- resource_type:
- description: The type of resource this event is generated from
- type: string
- type:
- description: The fully qualified event type as would be seen in the event payload
- type: string
- type: object
- EventResponse:
- description: A record of occurance of an asynchronous event triggered either by system or by user activity
- properties:
- created_at:
- format: date-time
- type: string
- event:
- properties:
- category:
- type: string
- details:
- type: object
- level:
- type: string
- message:
- type: string
- resource:
- properties:
- id:
- type: string
- type:
- type: string
- user_id:
- type: string
- type: object
- source:
- properties:
- base_url:
- type: string
- hostid:
- type: string
- request_id:
- type: string
- servicename:
- type: string
- type: object
- timestamp:
- format: date-time
- type: string
- type:
- type: string
- type: object
- generated_uuid:
- type: string
- type: object
- EventSubcategory:
- description: A collection of events related to each other
- properties:
- description:
- type: string
- events:
- items:
- $ref: "#/components/schemas/EventDescription"
- type: array
- name:
- type: string
- type: object
- EventTypesList:
- description: Array of EventCategory objects
- items:
- $ref: "#/components/schemas/EventCategory"
- type: array
- EventsList:
- description: Response envelope for paginated listing of events
- properties:
- item_count:
- description: Number of events in this page
- type: integer
- next_page:
- description: Boolean flag, True indicates there are more events and False otherwise
- type: boolean
- page:
- description: Page number of this result set
- type: integer
- results:
- description: List of events
- items:
- $ref: "#/components/schemas/EventResponse"
- type: array
- type: object
- FeedGroupMetadata:
- properties:
- created_at:
- format: date-time
- type: string
- last_sync:
- format: date-time
- type: string
- name:
- type: string
- record_count:
- type: integer
- type: object
- FeedMetadata:
- description: Metadata on a single feed based on what the engine finds from querying the endpoints
- properties:
- created_at:
- description: Date the metadata record was created in engine (first seen on source)
- format: date-time
- type: string
- groups:
- items:
- $ref: "#/components/schemas/FeedGroupMetadata"
- type: array
- last_full_sync:
- format: date-time
- type: string
- name:
- description: name of the feed
- type: string
- updated_at:
- description: Date the metadata was last updated
- format: date-time
- type: string
- type: object
- FeedSyncResult:
- description: The result of a sync of a single feed
- properties:
- feed:
- description: The name of the feed synced
- type: string
- groups:
- description: Array of group sync results
- items:
- $ref: "#/components/schemas/GroupSyncResult"
- type: array
- status:
- description: The result of the sync operations, either co
- enum:
- - success
- - failure
- type: string
- total_time_seconds:
- description: The duratin, in seconds, of the sync of the feed, the sum of all the group syncs
- type: number
- type: object
- FeedSyncResults:
- description: An array of feed sync summaries representing the result of an explicit feed sync operation
- items:
- $ref: "#/components/schemas/FeedSyncResult"
- type: array
- FileContentSearchList:
- description: Simple array of RetrievedFileMetadata objects
- items:
- $ref: "#/components/schemas/FileContentSearchResult"
- type: array
- FileContentSearchResult:
- description: The retrieved file entry including content (b64 encoded)
- properties:
- matches:
- items:
- $ref: "#/components/schemas/RegexContentMatch"
- type: array
- path:
- type: string
- type: object
- GateSpec:
- description: A description of the set of gates available in this engine and the triggers and parameters supported
- properties:
- description:
- description: Description of the gate
- type: string
- name:
- description: Gate name, as it would appear in a policy document
- type: string
- state:
- description: State of the gate and transitively all triggers it contains if not 'active'
- enum:
- - active
- - deprecated
- - eol
- type: string
- superceded_by:
- description: The name of another trigger that supercedes this on functionally if this is deprecated
- nullable: true
- type: string
- triggers:
- description: List of the triggers that can fire for this Gate
- items:
- $ref: "#/components/schemas/TriggerSpec"
- type: array
- type: object
- GenericNotificationPayload:
- description: Parent class for Notification Payloads
- properties:
- notificationId:
- type: string
- subscription_key:
- type: string
- subscription_type:
- type: string
- userId:
- type: string
- type: object
- GroupSyncResult:
- properties:
- group:
- description: The name of the group
- type: string
- status:
- enum:
- - success
- - failure
- type: string
- total_time_seconds:
- description: The duration of the group sync in seconds
- type: number
- updated_image_count:
- description: The number of images updated by the this group sync, across all accounts. This is typically only non-zero for vulnerability feeds which update images' vulnerability results during the sync.
- type: integer
- updated_record_count:
- description: The number of feed data records synced down as either updates or new records
- type: integer
- type: object
- ImageAnalysisReferences:
- description: List of image digests to archive
- items:
- description: Image digest
- type: string
- type: array
- ImageAnalysisReport:
- description: Analysis report json to be imported
- type: object
- ImageAnalysisRequest:
- description: A request to add an image to be watched and analyzed by the engine. Optionally include the dockerfile content. Either source, digest or tag must be present.
- properties:
- annotations:
- description: Annotations to be associated with the added image in key/value form
- type: object
- created_at:
- description: Optional override of the image creation time, only honored when both tag and digest are also supplied e.g. 2018-10-17T18:14:00Z. Deprecated in favor of the 'source' field
- format: date-time
- type: string
- digest:
- description: A digest string for an image, maybe a pull string or just a digest. e.g. nginx@sha256:123 or sha256:abc123. If a pull string, it must have same regisry/repo as the tag field. Deprecated in favor of the 'source' field
- type: string
- dockerfile:
- description: Base64 encoded content of the dockerfile for the image, if available. Deprecated in favor of the 'source' field.
- pattern: ^[a-zA-Z0-9+/=]+$
- type: string
- image_type:
- description: Optional. The type of image this is adding, defaults to "docker". This can be ommitted until multiple image types are supported.
- type: string
- source:
- $ref: "#/components/schemas/ImageSource"
- tag:
- description: Full pullable tag reference for image. e.g. docker.io/nginx:latest. Deprecated in favor of the 'source' field
- type: string
- type: object
- ImageContent:
- description: A metadata content record for a specific image, containing different content type entries
- type: object
- ImageContentDeleteResponse:
- type: object
- ImageDetail:
- description: A metadata detail record for a specific image. Multiple detail records may map a single catalog image.
- properties:
- created_at:
- format: date-time
- type: string
- dockerfile:
- nullable: true
- type: string
- fulldigest:
- description: Full docker-pullable digest string including the registry url and repository necessary get the image
- type: string
- fulltag:
- description: Full docker-pullable tag string referencing the image
- type: string
- imageDigest:
- description: The parent Anchore Image record to which this detail maps
- type: string
- imageId:
- type: string
- last_updated:
- format: date-time
- type: string
- registry:
- type: string
- repo:
- type: string
- userId:
- type: string
- type: object
- ImageFilter:
- description: Filter for an image list by id, tag, or digest, but not both
- properties:
- digest:
- type: string
- tag:
- type: string
- type: object
- ImageImportContentResponse:
- properties:
- created_at:
- format: date-time
- type: string
- digest:
- type: string
- type: object
- ImageImportManifest:
- nullable: true
- properties:
- contents:
- $ref: "#/components/schemas/ImportContentDigests"
- digest:
- type: string
- local_image_id:
- description: An "imageId" as used by Docker if available
- type: string
- operation_uuid:
- type: string
- parent_digest:
- description: The digest of the images's manifest-list parent if it was accessed from a multi-arch tag where the tag pointed to a manifest-list. This allows preservation of that relationship in the data
- type: string
- tags:
- items:
- description: Full docker reference tags
- example: docker.io/library/nginx:latest
- type: string
- type: array
- type: object
- ImageImportOperation:
- description: An import record, creating a unique identifier for referencing the operation as well as its state
- properties:
- created_at:
- format: date-time
- type: string
- expires_at:
- format: date-time
- type: string
- status:
- enum:
- - pending
- - queued
- - processing
- - complete
- - failed
- - expired
- type: string
- uuid:
- type: string
- type: object
- ImageImports:
- items:
- $ref: "#/components/schemas/ImageImportOperation"
- type: array
- ImagePackageManifest:
- additionalProperties: true
- properties:
- artifactRelationships:
- items:
- $ref: "#/components/schemas/ImportPackageRelationship"
- type: array
- artifacts:
- items:
- $ref: "#/components/schemas/ImportPackage"
- type: array
- descriptor:
- $ref: "#/components/schemas/ImportDescriptor"
- distro:
- $ref: "#/components/schemas/ImportDistribution"
- schema:
- $ref: "#/components/schemas/ImportSchema"
- source:
- $ref: "#/components/schemas/ImportSource"
- required:
- - artifacts
- - source
- - distro
- type: object
- ImageRef:
- description: A reference to an image
- properties:
- type:
- enum:
- - tag
- - digest
- - id
- value:
- type: string
- required:
- - type
- - value
- type: object
- ImageReference:
- description: A summary of an image identity, including digest, id (if available), and any tags known to have ever been mapped to the digest
- properties:
- analyzed_at:
- description: Timestamp, in rfc3339 format, indicating when the image state became 'analyzed' in Anchore Engine.
- type: string
- digest:
- description: The image digest
- type: string
- id:
- description: The image id if available
- type: string
- tag_history:
- items:
- $ref: "#/components/schemas/TagEntry"
- type: array
- type: object
- ImageSelectionRule:
- properties:
- id:
- type: string
- image:
- $ref: "#/components/schemas/ImageRef"
- name:
- type: string
- registry:
- type: string
- repository:
- type: string
- required:
- - name
- - registry
- - repository
- - image
- type: object
- ImageSelector:
- description: A set of selection criteria to match an image by a tagged pullstring based on its components, with regex support in each field
- properties:
- registry:
- description: The registry section of a pull string. e.g. with "docker.io/anchore/anchore-engine:latest", this is "docker.io"
- type: string
- repository:
- description: The repository section of a pull string. e.g. with "docker.io/anchore/anchore-engine:latest", this is "anchore/anchore-engine"
- type: string
- tag:
- description: The tag-only section of a pull string. e.g. with "docker.io/anchore/anchore-engine:latest", this is "latest"
- type: string
- type: object
- ImageSource:
- description: A set of analysis source types. Only one may be set in any given request.
- properties:
- archive:
- $ref: "#/components/schemas/AnalysisArchiveSource"
- digest:
- $ref: "#/components/schemas/RegistryDigestSource"
- import:
- $ref: "#/components/schemas/ImageImportManifest"
- tag:
- $ref: "#/components/schemas/RegistryTagSource"
- type: object
- ImageWithPackages:
- description: An image record that contains packages
- properties:
- image:
- $ref: "#/components/schemas/ImageReference"
- packages:
- items:
- $ref: "#/components/schemas/PackageReference"
- type: array
- type: object
- ImportContentDigestList:
- items:
- description: String digest of an uploaded content
- type: string
- type: array
- ImportContentDigests:
- description: Digest of content to use in the final import
- properties:
- dockerfile:
- description: Digest for reference content for dockerfile
- type: string
- image_config:
- description: Digest for reference content for image config
- type: string
- manifest:
- description: Digest to reference content for the image manifest
- type: string
- packages:
- description: Digest to use for the packages content
- type: string
- parent_manifest:
- description: Digest for reference content for parent manifest
- type: string
- required:
- - packages
- - manifest
- - image_config
- type: object
- ImportDescriptor:
- additionalProperties: true
- properties:
- name:
- type: string
- version:
- type: string
- required:
- - name
- - version
- type: object
- ImportDistribution:
- additionalProperties: true
- properties:
- idLike:
- type: string
- name:
- type: string
- version:
- type: string
- required:
- - name
- - version
- - idLike
- type: object
- ImportPackage:
- additionalProperties: true
- properties:
- cpes:
- items:
- type: string
- type: array
- foundBy:
- type: string
- id:
- type: string
- language:
- type: string
- licenses:
- items:
- type: string
- type: array
- locations:
- items:
- $ref: "#/components/schemas/ImportPackageLocation"
- type: array
- metadata:
- type: object
- metadataType:
- type: string
- name:
- type: string
- purl:
- type: string
- type:
- type: string
- version:
- type: string
- required:
- - name
- - version
- - type
- - locations
- - licenses
- - language
- - cpes
- - metadataType
- type: object
- ImportPackageLocation:
- additionalProperties: true
- properties:
- layerID:
- type: string
- path:
- type: string
- required:
- - path
- type: object
- ImportPackageRelationship:
- additionalProperties: true
- properties:
- child:
- type: string
- metadata:
- additionalProperties: true
- type: object
- parent:
- type: string
- type:
- type: string
- required:
- - parent
- - child
- - type
- type: object
- ImportSchema:
- additionalProperties: true
- properties:
- url:
- type: string
- version:
- type: string
- required:
- - version
- - url
- type: object
- ImportSource:
- additionalProperties: true
- properties:
- target:
- additionalProperties: true
- type:
- type: string
- required:
- - type
- - target
- type: object
- LocalAnalysisSource:
- properties:
- digest:
- type: string
- type: object
- MalwareScan:
- description: A single scan from a scanner
- properties:
- enabled:
- description: Indicates if the scanner is enabled
- type: boolean
- findings:
- items:
- properties:
- path:
- description: A path for a file in the image's rootfs
- type: string
- signature:
- description: The malware signature found at the path
- type: string
- type: object
- type: array
- metadata:
- description: Open schema for scanner-specific metadata related to the scan result
- type: object
- scanner:
- description: The name of the scanner that produced the finding
- type: string
- type: object
- MappingRule:
- properties:
- id:
- type: string
- image:
- $ref: "#/components/schemas/ImageRef"
- name:
- type: string
- policy_id:
- description: Optional single policy to evalute, if set will override any value in policy_ids, for backwards compatibility. Generally, policy_ids should be used even with a array of length 1.
- type: string
- policy_ids:
- description: List of policyIds to evaluate in order, to completion
- items:
- description: PolicyId to evaluate
- type: string
- type: array
- registry:
- type: string
- repository:
- type: string
- whitelist_ids:
- items:
- type: string
- type: array
- required:
- - name
- - registry
- - repository
- - image
- type: object
- MetadataResponse:
- description: Generic wrapper for metadata listings from images
- properties:
- imageDigest:
- type: string
- metadata: {}
- metadata_type:
- type: string
- type: object
- NotificationBase:
- description: base object for Notifications (every notification has this basic structure)
- properties:
- created_at:
- type: integer
- dataId:
- type: string
- last_updated:
- type: integer
- max_tries:
- type: integer
- queueId:
- type: string
- record_state_key:
- default: active
- type: string
- record_state_val:
- nullable: true
- type: string
- tries:
- type: integer
- userId:
- type: string
- type: object
- NvdDataList:
- description: List of Nvd Data objects
- items:
- $ref: "#/components/schemas/NvdDataObject"
- type: array
- NvdDataObject:
- properties:
- cvss_v2:
- $ref: "#/components/schemas/CVSSV2Scores"
- cvss_v3:
- $ref: "#/components/schemas/CVSSV3Scores"
- id:
- description: NVD Vulnerability ID
- type: string
- type: object
- PackageReference:
- description: A record of a software item which is vulnerable or carries a fix for a vulnerability
- properties:
- name:
- description: Package name
- type: string
- type:
- description: Package type (e.g. package, rpm, deb, apk, jar, npm, gem, ...)
- type: string
- version:
- description: A version for the package. If null, then references all versions
- nullable: true
- type: string
- will_not_fix:
- description: Whether a vendor will or will not fix a vulnerabitlity
- type: boolean
- type: object
- PaginatedImageList:
- allOf:
- - $ref: "#/components/schemas/PaginationProperties"
- - properties:
- images:
- items:
- $ref: "#/components/schemas/ImageWithPackages"
- type: array
- type: object
- description: Pagination wrapped list of images that match some filter
- PaginatedVulnerabilityList:
- allOf:
- - $ref: "#/components/schemas/PaginationProperties"
- - properties:
- vulnerabilities:
- description: The listing of matching vulnerabilities for the query subject to pagination
- items:
- $ref: "#/components/schemas/StandaloneVulnerability"
- type: array
- type: object
- description: A paginated listing of vulnerability records sorted by ID in descending order
- PaginatedVulnerableImageList:
- allOf:
- - $ref: "#/components/schemas/PaginationProperties"
- - properties:
- images:
- items:
- $ref: "#/components/schemas/VulnerableImage"
- type: array
- type: object
- description: Pagination wrapped list of images with vulnerabilties that match some filter
- PaginationProperties:
- description: Properties for common pagination handling to be included in any wrapping object that needs pagination elements
- properties:
- next_page:
- description: True if additional pages exist (page + 1) or False if this is the last page
- type: string
- page:
- description: The page number returned (should match the requested page query string param)
- type: string
- returned_count:
- description: The number of items sent in this response
- type: integer
- type: object
- Policy:
- properties:
- comment:
- type: string
- id:
- type: string
- name:
- type: string
- rules:
- items:
- $ref: "#/components/schemas/PolicyRule"
- type: array
- version:
- type: string
- required:
- - id
- - version
- type: object
- PolicyBundle:
- description: A bundle containing a set of policies, whitelists, and rules for mapping them to specific images
- properties:
- blacklisted_images:
- description: List of mapping rules that define which images should always result in a STOP/FAIL policy result regardless of policy content or presence in whitelisted_images
- items:
- $ref: "#/components/schemas/ImageSelectionRule"
- type: array
- comment:
- description: Description of the bundle, human readable
- type: string
- id:
- description: Id of the bundle
- type: string
- mappings:
- description: Mapping rules for defining which policy and whitelist(s) to apply to an image based on a match of the image tag or id. Evaluated in order.
- items:
- $ref: "#/components/schemas/MappingRule"
- type: array
- name:
- description: Human readable name for the bundle
- type: string
- policies:
- description: Policies which define the go/stop/warn status of an image using rule matches on image properties
- items:
- $ref: "#/components/schemas/Policy"
- type: array
- version:
- description: Version id for this bundle format
- type: string
- whitelisted_images:
- description: List of mapping rules that define which images should always be passed (unless also on the blacklist), regardless of policy result.
- items:
- $ref: "#/components/schemas/ImageSelectionRule"
- type: array
- whitelists:
- description: Whitelists which define which policy matches to disregard explicitly in the final policy decision
- items:
- $ref: "#/components/schemas/Whitelist"
- type: array
- required:
- - id
- - version
- - policies
- - mappings
- type: object
- PolicyBundleList:
- description: List of PolicyBundleRecord objects
- items:
- $ref: "#/components/schemas/PolicyBundleRecord"
- type: array
- PolicyBundleRecord:
- description: A policy bundle plus some metadata
- properties:
- active:
- description: True if the bundle is currently defined to be used automatically
- type: boolean
- created_at:
- format: date-time
- type: string
- last_updated:
- format: date-time
- type: string
- policyId:
- description: The bundle's identifier
- type: string
- policy_source:
- description: Source location of where the policy bundle originated
- type: string
- policybundle:
- $ref: "#/components/schemas/PolicyBundle"
- userId:
- description: UserId of the user that owns the bundle
- type: string
- type: object
- PolicyEvalNotification:
- allOf:
- - $ref: "#/components/schemas/NotificationBase"
- - description: The Notification Object definition for Policy Eval Notifications
- properties:
- data:
- $ref: "#/components/schemas/PolicyEvalNotificationData"
- type: object
- PolicyEvalNotificationData:
- allOf:
- - $ref: "#/components/schemas/BaseNotificationData"
- - properties:
- notification_payload:
- $ref: "#/components/schemas/PolicyEvalNotificationPayload"
- type: object
- PolicyEvalNotificationPayload:
- allOf:
- - $ref: "#/components/schemas/GenericNotificationPayload"
- - properties:
- annotations:
- description: List of Corresponding Image Annotations
- nullable: true
- type: object
- curr_eval:
- description: The Current Policy Evaluation result
- type: object
- last_eval:
- description: The Previous Policy Evaluation result
- type: object
- type: object
- PolicyEvaluation:
- description: Evaluation response object
- type: object
- PolicyEvaluationList:
- description: Evaluation response object
- items:
- $ref: "#/components/schemas/PolicyEvaluation"
- type: array
- PolicyRule:
- description: A rule that defines and decision value if the match is found true for a given image.
- properties:
- action:
- enum:
- - GO
- - STOP
- - WARN
- gate:
- type: string
- id:
- type: string
- params:
- items:
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- trigger:
- type: string
- required:
- - gate
- - trigger
- - action
- type: object
- RegexContentMatch:
- description: Match of a named regex on a file
- properties:
- lines:
- description: A list of line numbers in the file that matched the regex
- items:
- type: integer
- type: array
- name:
- description: The name associated with the regular expression
- type: string
- regex:
- description: The regular expression used for the match
- type: string
- type: object
- RegistryConfiguration:
- description: A registry entry describing the endpoint and credentials for a registry to pull images from
- properties:
- created_at:
- format: date-time
- type: string
- last_upated:
- format: date-time
- type: string
- registry:
- description: hostname:port string for accessing the registry, as would be used in a docker pull operation
- type: string
- registry_name:
- description: human readable name associated with registry record
- type: string
- registry_type:
- description: Type of registry
- type: string
- registry_user:
- description: Username portion of credential to use for this registry
- type: string
- registry_verify:
- description: Use TLS/SSL verification for the registry URL
- type: boolean
- userId:
- description: Engine user that owns this registry entry
- type: string
- type: object
- RegistryConfigurationList:
- description: List of registry configurations
- items:
- $ref: "#/components/schemas/RegistryConfiguration"
- type: array
- RegistryConfigurationRequest:
- description: A registry record describing the endpoint and credentials for a registry
- properties:
- registry:
- description: hostname:port string for accessing the registry, as would be used in a docker pull operation. May include some or all of a repository and wildcards (e.g. docker.io/library/* or gcr.io/myproject/myrepository)
- type: string
- registry_name:
- description: human readable name associated with registry record
- type: string
- registry_pass:
- description: Password portion of credential to use for this registry
- type: string
- registry_type:
- description: Type of registry
- type: string
- registry_user:
- description: Username portion of credential to use for this registry
- type: string
- registry_verify:
- description: Use TLS/SSL verification for the registry URL
- type: boolean
- type: object
- RegistryDigestSource:
- description: An image reference using a digest in a registry, includes some extra tag and timestamp info in addition to the pull string to allow proper tag history reconstruction.
- nullable: true
- properties:
- creation_timestamp_override:
- description: Optional override of the image creation time to support proper tag history construction in cases of out-of-order analysis compared to registry history for the tag
- format: date-time
- type: string
- dockerfile:
- description: Base64 encoded content of the dockerfile used to build the image, if available.
- pattern: ^[a-zA-Z0-9+/=]+$
- type: string
- pullstring:
- description: A digest-based pullstring (e.g. docker.io/nginx@sha256:123abc)
- type: string
- tag:
- description: A valid docker tag reference (e.g. docker.io/nginx:latest) that will be associated with the image but not used to pull the image.
- type: string
- required:
- - pullstring
- - tag
- type: object
- RegistryTagSource:
- description: An image reference using a tag in a registry, this is the most common source type.
- nullable: true
- properties:
- dockerfile:
- description: Base64 encoded content of the dockerfile used to build the image, if available.
- pattern: ^[a-zA-Z0-9+/=]+$
- type: string
- pullstring:
- description: A docker pull string (e.g. docker.io/nginx:latest, or docker.io/nginx@sha256:abd) to retrieve the image
- type: string
- required:
- - pullstring
- type: object
- RepositoryTagList:
- description: List of discovered tags in a repository
- items:
- type: string
- type: array
- RetrievedFile:
- description: The retrieved file entry including content (b64 encoded)
- properties:
- b64_content:
- type: string
- path:
- type: string
- type: object
- RetrievedFileList:
- description: Simple array of RetrievedFileMetadata objects
- items:
- $ref: "#/components/schemas/RetrievedFile"
- type: array
- SecretSearchList:
- description: Simple array of RetrievedFileMetadata objects
- items:
- $ref: "#/components/schemas/SecretSearchResult"
- type: array
- SecretSearchResult:
- description: The retrieved file entry including content (b64 encoded)
- properties:
- matches:
- items:
- $ref: "#/components/schemas/RegexContentMatch"
- type: array
- path:
- type: string
- type: object
- Service:
- description: A service status record
- properties:
- base_url:
- description: The url to reach the service, including port as needed
- type: string
- hostid:
- description: The unique id of the host on which the service is executing
- type: string
- service_detail:
- $ref: "#/components/schemas/StatusResponse"
- servicename:
- description: Registered service name
- type: string
- status:
- type: boolean
- status_message:
- description: A state indicating the condition of the service. Normal operation is 'registered'
- type: string
- version:
- description: The version of the service as reported by the service implementation on registration
- type: string
- type: object
- ServiceList:
- description: A list of service objects
- items:
- $ref: "#/components/schemas/Service"
- type: array
- ServiceVersion:
- description: Version information for a service
- properties:
- api:
- description: Api Version string
- properties:
- version:
- description: Semantic version of the api
- type: string
- type: object
- db:
- properties:
- schema_version:
- description: Semantic version of the db schema
- type: string
- type: object
- service:
- properties:
- version:
- description: Semantic Version string of the service implementation
- type: string
- type: object
- type: object
- StandaloneVulnerability:
- description: A single vulnerability record in a single namespace, the unique key is the combination of the id and namespace
- properties:
- affected_packages:
- description: The array of packages (typically packages) that are vulnerable-to or provide fixes-for this vulnerability
- items:
- $ref: "#/components/schemas/PackageReference"
- type: array
- description:
- description: Description of the vulnerability if available
- type: string
- id:
- description: Vulnerability identifier. May be CVE-X, RHSA-X, etc. Not necessarily unique across namespaces
- type: string
- link:
- description: URL for the upstream CVE record in the reporting source (e.g. ubuntu security tracker)
- type: string
- namespace:
- description: The namespace for the vulnerability record to avoid conflicts for the same id in different distros or sources (e.g. deb vs ubuntu for same CVE)
- type: string
- nvd_data:
- $ref: "#/components/schemas/NvdDataList"
- references:
- description: List of references including
- items:
- $ref: "#/components/schemas/VulnerabilityReference"
- type: array
- severity:
- description: Severity label specific to the namepsace
- enum:
- - Unknown
- - Negligible
- - Low
- - Medium
- - High
- - Critical
- type: string
- vendor_data:
- $ref: "#/components/schemas/VendorDataList"
- type: object
- StatusResponse:
- description: System status response
- properties:
- available:
- type: boolean
- busy:
- type: boolean
- db_version:
- type: string
- detail:
- type: object
- message:
- type: string
- up:
- type: boolean
- version:
- type: string
- type: object
- Subscription:
- description: Subscription entry
- properties:
- active:
- description: Is the subscription currently active
- type: boolean
- subscription_id:
- description: the unique id for this subscription record
- type: string
- subscription_key:
- description: The key value that the subscription references. E.g. a tag value or a repo name.
- type: string
- subscription_type:
- description: The type of the subscription
- type: string
- subscription_value:
- description: The value of the subscription target
- nullable: true
- type: string
- userId:
- description: The userId of the subscribed user
- type: string
- type: object
- SubscriptionList:
- description: List of subscriptions
- items:
- $ref: "#/components/schemas/Subscription"
- type: array
- SubscriptionRequest:
- description: A subscription entry to add to the system
- properties:
- subscription_key:
- type: string
- subscription_type:
- type: string
- subscription_value:
- nullable: true
- type: string
- type: object
- SubscriptionUpdate:
- description: A modification to a subscription entry to change its status or value
- properties:
- active:
- description: Toggle the subscription processing on or off
- type: boolean
- subscription_value:
- description: The new subscription value, e.g. the new tag to be subscribed to
- nullable: true
- type: string
- type: object
- SystemStatusResponse:
- description: System status response
- properties:
- service_states:
- $ref: "#/components/schemas/ServiceList"
- type: object
- TagEntry:
- description: A docker-pullable tag value as well as deconstructed components
- properties:
- detected_at:
- description: The timestamp at which the Anchore Engine detected this tag was mapped to the image digest. Does not necessarily indicate when the tag was actually pushed to the registry.
- format: date-time
- type: string
- pullstring:
- description: The pullable string for the tag. E.g. "docker.io/library/node:latest"
- type: string
- registry:
- description: The registry hostname:port section of the pull string
- type: string
- repository:
- description: The repository section of the pull string
- type: string
- tag:
- description: The tag-only section of the pull string
- type: string
- type: object
- TagUpdateNotification:
- allOf:
- - $ref: "#/components/schemas/NotificationBase"
- - description: The Notification Object definition for Tag Update Notifications
- properties:
- data:
- $ref: "#/components/schemas/TagUpdateNotificationData"
- type: object
- TagUpdateNotificationData:
- allOf:
- - $ref: "#/components/schemas/BaseNotificationData"
- - properties:
- notification_payload:
- $ref: "#/components/schemas/TagUpdateNotificationPayload"
- type: object
- TagUpdateNotificationPayload:
- allOf:
- - $ref: "#/components/schemas/GenericNotificationPayload"
- - properties:
- annotations:
- description: List of Corresponding Image Annotations
- nullable: true
- type: object
- curr_eval:
- description: A list containing the current image digest
- items: {}
- type: array
- last_eval:
- description: A list containing the previous image digests
- items: {}
- type: array
- type: object
- TokenResponse:
- properties:
- token:
- description: The token content
- type: string
- required:
- - token
- type: object
- TriggerParamSpec:
- properties:
- description:
- type: string
- example:
- description: An example value for the parameter (encoded as a string if the parameter is an object or list type)
- nullable: true
- type: string
- name:
- description: Parameter name as it appears in policy document
- type: string
- required:
- description: Is this a required parameter or optional
- type: boolean
- state:
- description: State of the trigger parameter
- enum:
- - active
- - deprecated
- - eol
- type: string
- superceded_by:
- description: The name of another trigger that supercedes this on functionally if this is deprecated
- nullable: true
- type: string
- validator:
- description: If present, a definition for validation of input. Typically a jsonschema object that can be used to validate an input against.
- type: object
- type: object
- TriggerSpec:
- description: Definition of a trigger and its parameters
- properties:
- description:
- description: Trigger description for what it tests and when it will fire during evaluation
- type: string
- name:
- description: Name of the trigger as it would appear in a policy document
- type: string
- parameters:
- description: The list of parameters that are valid for this trigger
- items:
- $ref: "#/components/schemas/TriggerParamSpec"
- type: array
- state:
- description: State of the trigger
- enum:
- - active
- - deprecated
- - eol
- type: string
- superceded_by:
- description: The name of another trigger that supercedes this on functionally if this is deprecated
- nullable: true
- type: string
- type: object
- User:
- description: A username for authenticating with one or more types of credentials. User type defines the expected credentials allowed for the user. Native users have passwords, External users have no credential internally. Internal users are service/system users for inter-service communication.
- properties:
- created_at:
- description: The timestampt the user record was created
- format: date-time
- type: string
- last_updated:
- description: The timestamp of the last update to this record
- format: date-time
- type: string
- source:
- description: If the user is external, this is the source that the user was initialized from. All other user types have this set to null
- type: string
- type:
- description: The user's type
- enum:
- - native
- - internal
- - external
- type: string
- username:
- description: The username to authenticate with
- type: string
- required:
- - username
- type: object
- UserCreationRequest:
- description: A payload for creating a new user, includes the username and password in a single request
- properties:
- password:
- description: The initial password for the user, must be at least 6 characters, up to 128
- pattern: .{6,128}$
- type: string
- username:
- description: The username to create
- pattern: ^[a-zA-Z0-9][a-zA-Z0-9@.!#$+-=^_`~;]{1,126}[a-zA-Z0-9]$
- type: string
- required:
- - username
- - password
- type: object
- UserList:
- items:
- $ref: "#/components/schemas/User"
- type: array
- VendorDataList:
- description: List of Vendor Data objects
- items:
- $ref: "#/components/schemas/VendorDataObject"
- type: array
- VendorDataObject:
- properties:
- cvss_v2:
- $ref: "#/components/schemas/CVSSV2Scores"
- cvss_v3:
- $ref: "#/components/schemas/CVSSV3Scores"
- id:
- description: Vendor Vulnerability ID
- type: string
- type: object
- VulnDiffResult:
- description: The results of the comparing two vulnerability records during an update
- properties:
- added:
- items: {}
- type: array
- removed:
- items: {}
- type: array
- updated:
- items: {}
- type: array
- type: object
- VulnUpdateNotification:
- allOf:
- - $ref: "#/components/schemas/NotificationBase"
- - description: The Notification Object definition for Tag Update Notifications
- properties:
- data:
- $ref: "#/components/schemas/VulnUpdateNotificationData"
- type: object
- VulnUpdateNotificationData:
- allOf:
- - $ref: "#/components/schemas/BaseNotificationData"
- - properties:
- notification_payload:
- $ref: "#/components/schemas/VulnUpdateNotificationPayload"
- type: object
- VulnUpdateNotificationPayload:
- allOf:
- - $ref: "#/components/schemas/GenericNotificationPayload"
- - properties:
- annotations:
- description: List of Corresponding Image Annotations
- nullable: true
- type: object
- diff_vulnerability_result:
- $ref: "#/components/schemas/VulnDiffResult"
- imageDigest:
- type: string
- type: object
- Vulnerability:
- properties:
- feed:
- description: The name of the feed where vulnerability match was made
- type: string
- feed_group:
- description: The name of the feed group where vulnerability match was made
- type: string
- fix:
- description: The package containing a fix, if available
- type: string
- nvd_data:
- $ref: "#/components/schemas/NvdDataList"
- package:
- description: The package name and version that are vulnerable in the image
- type: string
- package_cpe:
- description: The CPE string (if applicable) describing the package to vulnerability match
- type: string
- package_name:
- description: The name of the vulnerable package artifact
- type: string
- package_path:
- description: The location (if applicable) of the vulnerable package in the container filesystem
- type: string
- package_type:
- description: The type of vulnerable package
- type: string
- package_version:
- description: The version of the vulnerable package artifact
- type: string
- severity:
- description: The severity of the vulnerability
- type: string
- url:
- description: The url for more information about the vulnerability
- type: string
- vendor_data:
- $ref: "#/components/schemas/VendorDataList"
- vuln:
- description: The vulnerability identifier, such as CVE-2017-100, or RHSA-2017123
- type: string
- will_not_fix:
- description: Whether a vendor will fix or not fix the vulnerability
- type: string
- type: object
- VulnerabilityList:
- description: List of Vulnerability objects
- items:
- $ref: "#/components/schemas/Vulnerability"
- type: array
- VulnerabilityReference:
- description: An external link/reference
- properties:
- source:
- description: The reference source
- type: string
- tags:
- items:
- type: string
- type: array
- url:
- description: The reference url
- type: string
- type: object
- VulnerabilityResponse:
- description: envelope containing list of vulnerabilities
- properties:
- imageDigest:
- type: string
- vulnerabilities:
- $ref: "#/components/schemas/VulnerabilityList"
- vulnerability_type:
- type: string
- type: object
- VulnerableImage:
- description: A record of an image vulnerable to some known vulnerability. Includes vulnerable package information
- properties:
- affected_packages:
- items:
- $ref: "#/components/schemas/VulnerablePackageReference"
- type: array
- image:
- $ref: "#/components/schemas/ImageReference"
- type: object
- VulnerablePackageReference:
- description: A record of a software item which is vulnerable or carries a fix for a vulnerability
- properties:
- name:
- description: Package name
- type: string
- namespace:
- description: Vulnerability namespace of affected package
- type: string
- severity:
- description: Severity of vulnerability affecting package
- type: string
- type:
- description: Package type (e.g. package, rpm, deb, apk, jar, npm, gem, ...)
- type: string
- version:
- description: A version for the package. If null, then references all versions
- nullable: true
- type: string
- type: object
- Whitelist:
- description: A collection of whitelist items to match a policy evaluation against.
- properties:
- comment:
- type: string
- id:
- type: string
- items:
- items:
- $ref: "#/components/schemas/WhitelistItem"
- type: array
- name:
- type: string
- version:
- type: string
- required:
- - id
- - version
- type: object
- WhitelistItem:
- description: Identifies a specific gate and trigger match from a policy against an image and indicates it should be ignored in final policy decisions
- properties:
- expires_on:
- format: date-time
- pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?(?:\:\d+)?[A-Z]?$
- type: string
- gate:
- type: string
- id:
- type: string
- trigger_id:
- type: string
- required:
- - gate
- - trigger_id
- type: object