Add scanchain endpoint

Copied the PSSaaS approach, did try inheritance on the `git` class for
`scanChainGit` but caused problems with deserialization not matching
`Component` so hack was to duplicate it, will need to sort out the
structures at some point see #11

pom.xml

@@ -12,7 +12,7 @@
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <quarkus.platform.artifact-id>quarkus-bom</quarkus.platform.artifact-id>
     <quarkus.platform.group-id>io.quarkus.platform</quarkus.platform.group-id>
-    <quarkus.platform.version>3.1.2.Final</quarkus.platform.version>
+    <quarkus.platform.version>3.1.3.Final</quarkus.platform.version>
     <skipITs>true</skipITs>
     <surefire-plugin.version>3.0.0</surefire-plugin.version>
   </properties>
@@ -87,6 +87,24 @@
       <groupId>io.quarkus</groupId>
       <artifactId>quarkus-kubernetes-config</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.jboss.pnc</groupId>
+      <artifactId>common</artifactId>
+      <version>2.5.1</version>
+    </dependency>
+    <dependency>
+      <groupId>org.jboss.pnc</groupId>
+      <artifactId>rest-client</artifactId>
+      <version>2.5.1</version>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-rest-client-reactive-jackson</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-rest-client-reactive</artifactId>
+    </dependency>
     <dependency>
       <groupId>io.quarkus</groupId>
       <artifactId>quarkus-junit5</artifactId>

src/main/java/com/redhat/pctsec/model/PNCBuild.java

@@ -1,15 +1,48 @@
 package com.redhat.pctsec.model;
 
+import com.redhat.pctsec.model.api.service.AltPncService;
+//import com.redhat.pctsec.model.api.service.PncService;
+import io.quarkus.rest.client.reactive.QuarkusRestClientBuilder;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
 import jakarta.persistence.Entity;
+import jakarta.persistence.Transient;
+import org.eclipse.microprofile.config.ConfigProvider;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
+import org.jboss.pnc.dto.Build;
 
 import java.net.URI;
 import java.net.URL;
 
 @Entity
 public class PNCBuild extends BuildType{
+
+
+    @Transient
+    public static final String apiUrl = ConfigProvider.getConfig().getValue("pnc.api-url",String.class);
+    @Transient
+    private static final AltPncService pnc = QuarkusRestClientBuilder.newBuilder().baseUri(URI.create(apiUrl)).build(AltPncService.class);
+
+
+    /*
+    @Transient
+    PncService pnc;
+    */
+
+    @Transient
+    Build build;
+
+    private URI SCMURL;
+    private String revision;
+
     public PNCBuild() {
         super();
     }
+    public Build getBuild() {
+        if(build == null)
+            build = pnc.getBuild(this.buildRef);
+        return build;
+    }
 
     public PNCBuild(String buildRef) {
         super(buildRef);
@@ -17,7 +50,10 @@ public class PNCBuild extends BuildType{
 
     @Override
     public URI SCMURL() {
-        return null;
+        if(SCMURL == null)
+            SCMURL = URI.create(getBuild().getScmUrl());
+
+        return this.SCMURL;
     }
 
     @Override
@@ -27,7 +63,9 @@ public class PNCBuild extends BuildType{
 
     @Override
     public String revision() {
-        return null;
+        if(revision == null)
+            revision = getBuild().getScmTag();
+        return revision;
     }
 
     public static boolean isValidRef(String ref){

src/main/java/com/redhat/pctsec/model/ScanRequests.java

@@ -44,8 +44,11 @@ public class ScanRequests {
         pssaas.componentList.stream().filter(c -> c.getType().equals("pnc")).forEach(g -> this.addPNCBuild(g.getBuildId()));
     }
 
-    public ScanRequests(scanChain scanchain){
+
+    public ScanRequests(scanChain scanChain){
+
         this();
+        scanChain.urls.stream().forEach(g -> this.addGit(g.getRepo().toString(), g.getRef()));
     }
 
     //public ScanRequests(String repo, String rev){

src/main/java/com/redhat/pctsec/model/api/request/scanChain.java

@@ -1,4 +1,35 @@
 package com.redhat.pctsec.model.api.request;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyDescription;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+import java.util.List;
+import java.util.Set;
+
+
 public class scanChain {
+
+    @JsonProperty("product_name")
+    @JsonPropertyDescription("The product name associated with the scan.")
+    @NotNull
+    public String productName;
+
+    @JsonProperty("urls")
+    @JsonDeserialize(as = java.util.LinkedHashSet.class)
+    @JsonPropertyDescription("List of source urls to be scanned")
+    @Size(min = 1)
+    @Valid
+    @NotNull
+    public Set<scanChainGit> urls;
+
+    @JsonProperty("requestor")
+    @JsonPropertyDescription("The requesting user")
+    @NotNull
+    public String requestor;
 }
+

src/main/java/com/redhat/pctsec/model/api/request/scanChainGit.java

@@ -0,0 +1,34 @@
+package com.redhat.pctsec.model.api.request;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.validation.constraints.NotNull;
+
+import java.net.URI;
+
+
+public class scanChainGit {
+
+
+    private URI repo;
+    private String ref;
+    public scanChainGit(@NotNull URI repo, @NotNull String ref) {
+        this.repo = repo;
+        this.ref = ref;
+    }
+
+
+    @NotNull
+    @JsonProperty("url")
+    public URI getRepo() {
+        return this.repo;
+    }
+
+    @NotNull
+    @JsonProperty("branch")
+        public String getRef() {
+
+        return this.ref;
+    }
+
+}

src/main/java/com/redhat/pctsec/model/api/service/AltPncService.java

@@ -0,0 +1,12 @@
+package com.redhat.pctsec.model.api.service;
+import jakarta.ws.rs.*;
+import org.eclipse.microprofile.rest.client.inject.RegisterRestClient;
+import org.jboss.pnc.dto.Build;
+
+@Path("pnc-rest/v2/builds")
+@RegisterRestClient
+public interface AltPncService {
+    @GET
+    @Path("{id}")
+    Build getBuild(@PathParam("id") String id);
+}

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestsResource.java

@@ -9,7 +9,7 @@ import io.quarkus.security.Authenticated;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
 import jakarta.ws.rs.*;
-import org.jboss.resteasy.reactive.common.NotImplementedYet;
+//import org.jboss.resteasy.reactive.common.NotImplementedYet;
 
 import java.util.UUID;
 
@@ -35,7 +35,7 @@ public class ScanRequestsResource {
     @Authenticated
     public ScanRequests addScanRequest(String id, ScanRequest scanRequest)
     {
-        throw new NotImplementedYet();
+        throw new WebApplicationException("Not implemented");
     }
 
 }

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java

@@ -2,6 +2,7 @@ package com.redhat.pctsec.rest.v1alpha1;
 
 import com.redhat.pctsec.model.*;
 import com.redhat.pctsec.model.api.request.pssaas;
+import com.redhat.pctsec.model.api.request.scanChain;
 import com.redhat.pctsec.model.jpa.ScanRepository;
 import io.quarkus.security.Authenticated;
 import io.vertx.mutiny.core.eventbus.EventBus;
@@ -12,6 +13,7 @@ import jakarta.validation.Valid;
 import jakarta.ws.rs.*;
 import org.jboss.resteasy.reactive.RestQuery;
 
+
 import java.util.HashMap;
 import java.util.List;
 import java.util.Set;
@@ -37,6 +39,7 @@ public class ScanResource {
         ScanRequests scanRequests = new ScanRequests(scanRequest);
         Scan s = new Scan();
         s.setRequestor("cpaas");
+        s.setProductName(scanRequest.productId);
         s.setScanRequests(scanRequests);
         sr.persist(s);
         return s;
@@ -52,6 +55,31 @@ public class ScanResource {
         return s.scanRequests.execute(bus);
     }
 
+    @POST
+    @Path("ScanChain")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public Scan createScanChain(@Valid scanChain scanRequest)
+    {
+        ScanRequests scanRequests = new ScanRequests(scanRequest);
+        Scan s = new Scan();
+        s.setRequestor(scanRequest.requestor);
+        s.setProductName(scanRequest.productName);
+        s.setScanRequests(scanRequests);
+        sr.persist(s);
+        return s;
+    }
+    @POST
+    @Path("ScanChain/run")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public List<ScanTask> createRunScanChain(@Valid scanChain scanRequest)
+    {
+        Scan s = this.createScanChain(scanRequest);
+        return s.scanRequests.execute(bus);
+    }
     @GET
     @Path("All")
     @Produces({"application/json"})

src/main/resources/application.properties

@@ -57,6 +57,7 @@ quarkus.arc.remove-unused-beans=false
 %stage.quarkus.openshift.route.target-port=https
 %stage.quarkus.openshift.route.tls.insecure-edge-termination-policy=redirect
 %stage.quarkus.openshift.namespace=pct-security-tooling
+quarkus.openshift.namespace=pct-security-tooling
 
 ##########################################
 #   Kerberos Specifics                   #
@@ -80,5 +81,10 @@ tekton.pipeline.ref=osh-client-from-source
 tekton.task.ref=osh-scan-task
 tekton.service-account=${quarkus.openshift.service-account}
 
+##########################################
+#   PNC Settings                         #
+##########################################
+pnc.api-url=http://orch.psi.redhat.com
+
 
 

src/test/java/com/redhat/pctsec/model/test/PNCBuildTest.java

@@ -0,0 +1,19 @@
+package com.redhat.pctsec.model.test;
+
+import com.redhat.pctsec.model.PNCBuild;
+import io.quarkus.test.junit.QuarkusTest;
+import jakarta.inject.Inject;
+import org.junit.jupiter.api.Test;
+
+@QuarkusTest
+public class PNCBuildTest {
+
+
+
+    @Test
+    public void testBuildFetch(){
+        PNCBuild pb = new PNCBuild("AZAQZSPFDRQAA");
+        System.out.println(pb.SCMURL());
+        System.out.println(pb.revision());
+    }
+}

src/test/java/com/redhat/pctsec/model/test/paramMapperTest.java

@@ -1,5 +1,6 @@
-package com.redhat.pctsec.model.osh;
+package com.redhat.pctsec.model.test;
 
+import com.redhat.pctsec.model.osh.paramMapper;
 import io.quarkus.test.junit.QuarkusTest;
 import jakarta.inject.Inject;
 import org.junit.jupiter.api.Test;