Add scanchain endpoint

Copied the PSSaaS approach, did try inheritance on the `git` class for `scanChainGit` but caused problems with deserialization not matching `Component` so hack was to duplicate it, will need to sort out the structures at some point see #11
3 years ago · 2fb746abae
4 changed files with 97 additions and 1 deletions
--- a/src/main/java/com/redhat/pctsec/model/ScanRequests.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanRequests.java
@ -44,8 +44,11 @@ public class ScanRequests {
        pssaas.componentList.stream().filter(c -> c.getType().equals("pnc")).forEach(g -> this.addPNCBuild(g.getBuildId()));
    }

-    public ScanRequests(scanChain scanchain){
+
+    public ScanRequests(scanChain scanChain){
+
        this();
+        scanChain.urls.stream().forEach(g -> this.addGit(g.getRepo().toString(), g.getRef()));
    }

    //public ScanRequests(String repo, String rev){
--- a/src/main/java/com/redhat/pctsec/model/api/request/scanChain.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/scanChain.java
@ -1,4 +1,35 @@
 package com.redhat.pctsec.model.api.request;

+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyDescription;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+import java.util.List;
+import java.util.Set;
+
+
 public class scanChain {
+
+    @JsonProperty("product_name")
+    @JsonPropertyDescription("The product name associated with the scan.")
+    @NotNull
+    public String productName;
+
+    @JsonProperty("urls")
+    @JsonDeserialize(as = java.util.LinkedHashSet.class)
+    @JsonPropertyDescription("List of source urls to be scanned")
+    @Size(min = 1)
+    @Valid
+    @NotNull
+    public Set<scanChainGit> urls;
+
+    @JsonProperty("requestor")
+    @JsonPropertyDescription("The requesting user")
+    @NotNull
+    public String requestor;
 }
+
--- a/src/main/java/com/redhat/pctsec/model/api/request/scanChainGit.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/scanChainGit.java
@ -0,0 +1,34 @@
+package com.redhat.pctsec.model.api.request;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.validation.constraints.NotNull;
+
+import java.net.URI;
+
+
+public class scanChainGit {
+
+
+    private URI repo;
+    private String ref;
+    public scanChainGit(@NotNull URI repo, @NotNull String ref) {
+        this.repo = repo;
+        this.ref = ref;
+    }
+
+
+    @NotNull
+    @JsonProperty("url")
+    public URI getRepo() {
+        return this.repo;
+    }
+
+    @NotNull
+    @JsonProperty("branch")
+        public String getRef() {
+
+        return this.ref;
+    }
+
+}
--- a/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java
+++ b/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java
@ -2,6 +2,7 @@ package com.redhat.pctsec.rest.v1alpha1;

 import com.redhat.pctsec.model.*;
 import com.redhat.pctsec.model.api.request.pssaas;
+import com.redhat.pctsec.model.api.request.scanChain;
 import com.redhat.pctsec.model.jpa.ScanRepository;
 import io.quarkus.security.Authenticated;
 import io.vertx.mutiny.core.eventbus.EventBus;
@ -12,6 +13,7 @@ import jakarta.validation.Valid;
 import jakarta.ws.rs.*;
 import org.jboss.resteasy.reactive.RestQuery;

+
 import java.util.HashMap;
 import java.util.List;
 import java.util.Set;
@ -37,6 +39,7 @@ public class ScanResource {
        ScanRequests scanRequests = new ScanRequests(scanRequest);
        Scan s = new Scan();
        s.setRequestor("cpaas");
+        s.setProductName(scanRequest.productId);
        s.setScanRequests(scanRequests);
        sr.persist(s);
        return s;
@ -52,6 +55,31 @@ public class ScanResource {
        return s.scanRequests.execute(bus);
    }

+    @POST
+    @Path("ScanChain")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public Scan createScanChain(@Valid scanChain scanRequest)
+    {
+        ScanRequests scanRequests = new ScanRequests(scanRequest);
+        Scan s = new Scan();
+        s.setRequestor(scanRequest.requestor);
+        s.setProductName(scanRequest.productName);
+        s.setScanRequests(scanRequests);
+        sr.persist(s);
+        return s;
+    }
+    @POST
+    @Path("ScanChain/run")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public List<ScanTask> createRunScanChain(@Valid scanChain scanRequest)
+    {
+        Scan s = this.createScanChain(scanRequest);
+        return s.scanRequests.execute(bus);
+    }
    @GET
    @Path("All")
    @Produces({"application/json"})