Fix app properties service account reference

Use SA in general profile
Changing this to Blocking as the vertx thread is timing out
42 changed files with 1344 additions and 221 deletions
--- a/hack/pssaas-request-curl.sh
+++ b/hack/pssaas-request-curl.sh
@ -1,4 +1,4 @@
 #!/bin/bash

-curl -H 'Content-Type: application/json' -d '@sample-pssaas.json' localhost:8080/Scan/PSSaaS -vv
-curl -H 'Content-Type: application/json' -d '@sample-pssaas-bad.json' localhost:8080/Scan/PSSaaS -vv
+curl -H 'Content-Type: application/json' -d '@sample-pssaas.json' localhost:8080/api/v1a/Scan/PSSaaS/run -vv | jq 
+#curl -H 'Content-Type: application/json' -d '@sample-pssaas-bad.json' localhost:8080/api/v1a/Scan/PSSaaS -vv
--- a/hack/sample-pssaas.json
+++ b/hack/sample-pssaas.json
@ -6,6 +6,10 @@
        {"build-id":"ASLKGOMQVVAAA",
         "type":"pnc"},
         {"build-id":"ASLMBTBCNVAAA",
-         "type":"pnc"}]
+         "type":"pnc"},
+         {"type":"git",
+          "repo":"https://code.engineering.redhat.com/gerrit/quarkusio/quarkus.git",
+          "ref":"2.13.8.Final-redhat-00001"}
+    ]
 }

--- a/hack/single-brew-scan-stage.sh
+++ b/hack/single-brew-scan-stage.sh
@ -0,0 +1,9 @@
+#!/bin/bash
+
+curl --get \
+    --data-urlencode "brewId=xterm-366-8.el9" \
+    https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/single/brew  -vv
+
+curl --get https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/2  -vv
+curl --get https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/2/run -vv 
+
--- a/hack/single-git-scan-stage.sh
+++ b/hack/single-git-scan-stage.sh
@ -0,0 +1,10 @@
+#!/bin/bash
+
+curl --get \
+    --data-urlencode "repo=https://code.engineering.redhat.com/gerrit/quarkusio/quarkus.git" \
+    --data-urlencode "ref=2.13.8.Final-redhat-00001" \
+    https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/single/git  -vv
+
+curl --get https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/1  -vv
+curl --get https://osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com/api/v1a/Scan/1/run -vv
+
--- a/hack/single-git-scan.sh
+++ b/hack/single-git-scan.sh
@ -6,4 +6,5 @@ curl --get \
    localhost:8080/api/v1a/Scan/single/git  -vv

 curl --get localhost:8080/api/v1a/Scan/1  -vv
+curl --get localhost:8080/api/v1a/Scan/1/run -vv

--- a/pom.xml
+++ b/pom.xml
@ -70,6 +70,23 @@
      <groupId>io.quarkus</groupId>
      <artifactId>quarkus-hibernate-orm-panache</artifactId>
    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-smallrye-openapi</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>info.picocli</groupId>
+      <artifactId>picocli</artifactId>
+      <version>4.7.4</version>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-vertx</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.quarkus</groupId>
+      <artifactId>quarkus-kubernetes-config</artifactId>
+    </dependency>
    <dependency>
      <groupId>io.quarkus</groupId>
      <artifactId>quarkus-junit5</artifactId>
--- a/src/main/java/com/redhat/pctsec/GreetingResource.java
+++ b/src/main/java/com/redhat/pctsec/GreetingResource.java
@ -1,16 +0,0 @@
-package com.redhat.pctsec;
-
-import jakarta.ws.rs.GET;
-import jakarta.ws.rs.Path;
-import jakarta.ws.rs.Produces;
-import jakarta.ws.rs.core.MediaType;
-
-@Path("/hello")
-public class GreetingResource {
-
-    @GET
-    @Produces(MediaType.TEXT_PLAIN)
-    public String hello() {
-        return "Hello from RESTEasy Reactive";
-    }
-}
--- a/src/main/java/com/redhat/pctsec/model/BrewBuild.java
+++ b/src/main/java/com/redhat/pctsec/model/BrewBuild.java
@ -0,0 +1,37 @@
+package com.redhat.pctsec.model;
+
+import jakarta.persistence.Entity;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
+
+import java.net.URI;
+import java.net.URL;
+
+
+@Entity
+public class BrewBuild extends BuildType {
+
+    public BrewBuild(String buildRef) {
+        super(buildRef);
+    }
+
+    public BrewBuild() {
+        super();
+    }
+
+    @Override
+    public URI SCMURL() {
+        return null;
+    }
+
+    @Override
+    public URL URL() {
+        return null;
+    }
+
+    @Override
+    public String revision() {
+        return null;
+    }
+
+
+}
--- a/src/main/java/com/redhat/pctsec/model/BuildType.java
+++ b/src/main/java/com/redhat/pctsec/model/BuildType.java
@ -0,0 +1,35 @@
+package com.redhat.pctsec.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.persistence.*;
+
+import java.net.URI;
+import java.net.URL;
+import java.util.UUID;
+
+@Entity
+@DiscriminatorColumn(name="REF_TYPE")
+abstract public class BuildType {
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private UUID id;
+
+    @JsonProperty()
+    @Column(name="buildref")
+    public String buildRef;
+
+    public BuildType(String buildRef)
+    {
+        this.buildRef = buildRef;
+    }
+
+    public BuildType() {
+
+    }
+
+    //This is the git URL of the sources
+    abstract public URI SCMURL();
+    //This is the URL of the build
+    abstract public URL URL();
+    abstract public String revision();
+}
--- a/src/main/java/com/redhat/pctsec/model/Git.java
+++ b/src/main/java/com/redhat/pctsec/model/Git.java
@ -0,0 +1,29 @@
+package com.redhat.pctsec.model;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
+
+import java.net.URI;
+import java.util.UUID;
+
+@Entity
+public class Git {
+    public Git() {
+        super();
+    }
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private UUID id;
+
+    public URI repo;
+    public String ref;
+
+    public Git(String repo, String ref) {
+        this.repo = URI.create(repo);
+        this.ref = ref;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/PNCBuild.java
+++ b/src/main/java/com/redhat/pctsec/model/PNCBuild.java
@ -0,0 +1,39 @@
+package com.redhat.pctsec.model;
+
+import jakarta.persistence.Entity;
+
+import java.net.URI;
+import java.net.URL;
+
+@Entity
+public class PNCBuild extends BuildType{
+    public PNCBuild() {
+        super();
+    }
+
+    public PNCBuild(String buildRef) {
+        super(buildRef);
+    }
+
+    @Override
+    public URI SCMURL() {
+        return null;
+    }
+
+    @Override
+    public URL URL() {
+        return null;
+    }
+
+    @Override
+    public String revision() {
+        return null;
+    }
+
+    public static boolean isValidRef(String ref){
+        //New type PNC Ref
+        if(ref.length()!=14)
+            return false;
+        return true;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/RequestType.java
+++ b/src/main/java/com/redhat/pctsec/model/RequestType.java
@ -0,0 +1,3 @@
+package com.redhat.pctsec.model;
+
+public enum RequestType {BREW, PNC, GIT}
--- a/src/main/java/com/redhat/pctsec/model/Scan.java
+++ b/src/main/java/com/redhat/pctsec/model/Scan.java
@ -0,0 +1,116 @@
+package com.redhat.pctsec.model;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import jakarta.persistence.*;
+import jakarta.transaction.Transactional;
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotNull;
+import org.hibernate.annotations.CreationTimestamp;
+import org.hibernate.annotations.UpdateTimestamp;
+
+import java.time.Instant;
+import java.util.UUID;
+
+enum ScanState {
+    CREATED, TRIGGERED, RUNNING, SUCCESS, FAIL;
+}
+@Entity
+public class Scan {
+
+    public Scan() {
+        this.scanRequests = new ScanRequests();
+    }
+
+    public Instant getCreationTimestamp() {
+        return creationTimestamp;
+    }
+
+    public void setCreationTimestamp(Instant creationTimestamp) {
+        this.creationTimestamp = creationTimestamp;
+    }
+
+    public ScanState getState() {
+        return state;
+    }
+
+    public void setState(ScanState state) {
+        this.state = state;
+    }
+
+    public String getProductName() {
+        return productName;
+    }
+
+    public void setProductName(String productName) {
+        this.productName = productName;
+    }
+
+    public String getRequestor() {
+        return requestor;
+    }
+
+    public void setRequestor(String requestor) {
+        this.requestor = requestor;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+
+    public ScanRequests getScanRequests() {
+        return scanRequests;
+    }
+
+    public void setScanRequests(ScanRequests scanRequests) {
+        this.scanRequests = scanRequests;
+    }
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    public UUID id;
+
+
+    /*
+    @OneToOne
+    @NotNull
+    @JoinColumn(name = "product_id", referencedColumnName = "id")
+    private String productName;
+    */
+    @Column(name="proudct_name")
+    private String productName;
+
+    //@Temporal(TemporalType.TIMESTAMP)
+
+    @CreationTimestamp
+    @JsonIgnore
+    @Column(name="creation_timestamp")
+    //@NotNull
+    private Instant creationTimestamp;
+
+    @UpdateTimestamp
+    @JsonIgnore
+    @Column(name="update_timestamp")
+    //@NotNull
+    private Instant updateTimestamp;
+
+    @Column(name="state")
+    @Enumerated(EnumType.STRING)
+    private ScanState state;
+
+    @Column(name="requestor")
+    @NotNull
+    private String requestor;
+
+    @Column(name="report_email")
+    @Email
+    private String email;
+
+    @OneToOne(cascade = CascadeType.ALL, fetch=FetchType.LAZY)
+    @JoinColumn(name = "scan_requests_id", referencedColumnName = "id")
+    public ScanRequests scanRequests;
+}
--- a/src/main/java/com/redhat/pctsec/model/ScanRequest.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanRequest.java
@ -1,41 +1,110 @@
 package com.redhat.pctsec.model;

+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.redhat.pctsec.model.api.request.git;
 import com.redhat.pctsec.tekton.brewTaskRun;
 import com.redhat.pctsec.tekton.scmUrlPipelineRun;
+import io.vertx.mutiny.core.eventbus.EventBus;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
 import jakarta.inject.Singleton;
+import jakarta.persistence.*;

 import java.util.HashMap;
+import java.util.UUID;
+
@ApplicationScoped
+@Entity
 public class ScanRequest {

-    private HashMap<String, String> metadata;
-    private HashMap<String, String> oshScanOptions;
-    private String brewBuild;
-    private HashMap<String, String> scmurl;
+    @Id
+    @GeneratedValue
+    protected UUID id;
+    private String metadata;
+    private String oshScanOptions;

-    @Inject
-    brewTaskRun btr;
+    public EventBus getBus() {
+        return bus;
+    }

+    public void setBus(EventBus bus) {
+        this.bus = bus;
+    }
+
+    @Transient
+    @JsonIgnore
    @Inject
-    scmUrlPipelineRun plr;
+    EventBus bus;
+
+    public RequestType getType() {
+        return type;
+    }
+
+    private RequestType type;
+
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
+    @JoinColumn(name = "brew_build_id", referencedColumnName = "id")
+    @JsonInclude(JsonInclude.Include.NON_NULL)
+    public BrewBuild brewBuild;
+
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
+    @JoinColumn(name = "pnc_build_id", referencedColumnName = "id")
+    @JsonInclude(JsonInclude.Include.NON_NULL)
+    public PNCBuild pncBuild;
+
+    @OneToOne(fetch=FetchType.LAZY, cascade = CascadeType.ALL)
+    @JoinColumn(name = "git_id", referencedColumnName = "id")
+    @JsonInclude(JsonInclude.Include.NON_NULL)
+    public Git git;
+
+    public String getOshScanOptions() {
+        return oshScanOptions;
+    }
+
+    public void setOshScanOptions(String oshScanOptions) {
+        this.oshScanOptions = oshScanOptions;
+    }
+
+    public String getScanProperties() {
+        return scanProperties;
+    }
+
+    public void setScanProperties(String scanProperties) {
+        this.scanProperties = scanProperties;
+    }
+
+    @Column(name="scan_properties")
+    public String scanProperties;
+    public ScanRequest() {
+    }

-    public ScanRequest(String brewBuildId)
+    public ScanRequest(BrewBuild brewBuild)
    {
-        this.brewBuild = brewBuildId;
+        this.type = RequestType.BREW;
+        this.brewBuild = brewBuild;
+    }
+
+    public ScanRequest(PNCBuild pncBuild)
+    {
+        this.type = RequestType.PNC;
+        this.pncBuild = pncBuild;
+    }
+
+    public ScanRequest(Git git)
+    {
+        this.type = RequestType.GIT;
+        this.git = git;
    }

    public ScanRequest(String repo, String ref)
    {
-        this.scmurl = new HashMap<>();
-        this.scmurl.put("repo", repo);
-        this.scmurl.put("ref", repo);
+        this.git = new Git(repo, ref);
    }
-    public void executeScan(){
-        if(this.brewBuild != null && !this.brewBuild.trim().isEmpty()){
-            //btr = new brewTaskRun();
-            btr.invokeScanTask(this.brewBuild);
-        }
+    public ScanTask executeScan(){
+        ScanTask st =  new ScanTask(this);
+        st.execute();
+        return st;
    }
+
 }
--- a/src/main/java/com/redhat/pctsec/model/ScanRequests.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanRequests.java
@ -1,50 +1,111 @@
 package com.redhat.pctsec.model;

-import com.redhat.pctsec.rest.v1alpha1.Scan;
+import com.redhat.pctsec.model.api.request.pssaas;
+import com.redhat.pctsec.model.api.request.scanChain;
+import io.vertx.mutiny.core.eventbus.EventBus;
 import jakarta.enterprise.context.ApplicationScoped;

-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Set;
-import jakarta.persistence.GeneratedValue;
-import jakarta.persistence.Id;
+import java.util.*;
+import java.util.stream.Collectors;
+
+import jakarta.persistence.*;
+
@ApplicationScoped
+@Entity
+@Table(name="ScanRequests")
 public class ScanRequests {

-    @Id @GeneratedValue private Long id;
-    private Set<ScanRequest> scanRequests = new HashSet<>();
-    private HashMap<String, String> globalScanProperties;
+    @Id
+    @GeneratedValue
+    protected UUID id;
+
+    @OneToMany(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @JoinColumn(name = "scan_request_id", referencedColumnName = "id")
+    private Set<ScanRequest> scanRequests;// = new HashSet<>();
+
+
+    @Column(name="scan_properties")
+    private String globalScanProperties;
+
+    @Column(name="scan_metadata")
+    private String scanMetadata;
+

    public ScanRequests(){
-        this.id =
+        //Default to the Snyk scan
+        this.globalScanProperties = "-p snyk-only-unstable --tarball-build-script=\":\"";
+        this.scanRequests = new HashSet<>();
    }
+
    public ScanRequests(pssaas pssaas){
-        //Iterate scan payload and create scans
+        this();
+        pssaas.componentList.stream().filter(c -> c.getType().equals("git")).forEach(g -> this.addGit(g.getRepo().toString(), g.getRef()));
+        pssaas.componentList.stream().filter(c -> c.getType().equals("brew")).forEach(g -> this.addBrewBuild(g.getBuildId()));
+        pssaas.componentList.stream().filter(c -> c.getType().equals("pnc")).forEach(g -> this.addPNCBuild(g.getBuildId()));
    }

-    public ScanRequests(String repo, String rev){
-        //shortcut for single scans
-        scanRequests.add(new ScanRequest(repo, rev));
+    public ScanRequests(scanChain scanchain){
+        this();
    }

+    //public ScanRequests(String repo, String rev){
+    //    //shortcut for single scans
+    //    scanRequests.add(new ScanRequest(repo, rev));
+    //}
+
+    /*
    public ScanRequests(String brewBuildId){
-        scanRequests.add(new ScanRequest(brewBuildId));
+        scanRequests.add(new ScanRequest(new B));
    }
+     */

    public void addBrewBuild(String brewBuildId)
    {
-        scanRequests.add(new ScanRequest(brewBuildId));
+        scanRequests.add(new ScanRequest(new BrewBuild(brewBuildId)));
    }

    public void addGit(String repo, String rev)
    {
-        scanRequests.add(new ScanRequest(repo, rev));
+        scanRequests.add(new ScanRequest(new Git(repo, rev)));
+    }
+
+    public void addPNCBuild(String pncBuildId)
+    {
+        scanRequests.add(new ScanRequest(new PNCBuild(pncBuildId)));
    }

    //Create tekton pipeline/taskrun
-    public void execute(){
+    public List<ScanTask> execute(EventBus eventBus){
+        scanRequests.stream().forEach(s -> s.setBus(eventBus));
+        return scanRequests.stream().map(s -> s.executeScan()).collect(Collectors.toList());
+        /*
        for(ScanRequest s : scanRequests){
            s.executeScan();
        }
+         */
+    }
+
+    public Set<ScanRequest> getScanRequests() {
+        return scanRequests;
+    }
+
+    public void setScanRequests(Set<ScanRequest> scanRequests) {
+        this.scanRequests = scanRequests;
+    }
+
+    public String getGlobalScanProperties() {
+        return globalScanProperties;
+    }
+
+    public void setGlobalScanProperties(String globalScanProperties) {
+        this.globalScanProperties = globalScanProperties;
+    }
+
+    public String getScanMetadata() {
+        return scanMetadata;
+    }
+
+    public void setScanMetadata(String scanMetadata) {
+        this.scanMetadata = scanMetadata;
    }
 }
--- a/src/main/java/com/redhat/pctsec/model/ScanResult.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanResult.java
@ -0,0 +1,19 @@
+package com.redhat.pctsec.model;
+
+import java.net.URI;
+import java.net.URL;
+
+public class ScanResult {
+
+    public URL covScanTask;
+
+
+    //Store files in document store
+    private void storeResults(){
+
+    }
+
+    private void fetchResults(){
+
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/ScanTask.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanTask.java
@ -0,0 +1,78 @@
+package com.redhat.pctsec.model;
+
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import io.vertx.core.eventbus.impl.EventBusImpl;
+import io.vertx.mutiny.core.eventbus.EventBus;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.enterprise.context.Dependent;
+import jakarta.inject.Inject;
+import jakarta.persistence.*;
+
+import java.util.UUID;
+
+
+@Entity
+@ApplicationScoped
+public class ScanTask {
+
+    @Id
+    @GeneratedValue
+    protected UUID id;
+    @JsonIgnore
+    @Transient
+    @Inject
+    EventBus bus;
+    public ScanTaskState state;
+
+    public void setTektonRunId(String tektonRunId) {
+        this.tektonRunId = tektonRunId;
+    }
+
+    public String tektonRunId;
+
+    @OneToOne(fetch=FetchType.EAGER, cascade = CascadeType.ALL)
+    @JoinColumn(name = "scan_result_id", referencedColumnName = "id")
+    public ScanRequest scanRequest;
+
+
+    public ScanTask(ScanRequest scanRequest) {
+        this();
+        this.scanRequest = scanRequest;
+        this.bus = scanRequest.getBus();
+        //this.bus = new EventBus(new EventBusImpl());
+    }
+
+
+    public  ScanTask(){
+    }
+
+
+    /*
+    public ScanTask(ScanRequest scanRequest)
+    {
+        this(
+        this.scanRequest = scanRequest;
+    }
+
+     */
+    public void execute(){
+            bus.publish("tekton", this);
+    }
+
+    public ScanTaskState getState() {
+        return state;
+    }
+
+    public void setState(ScanTaskState state) {
+        this.state = state;
+    }
+
+    public ScanRequest getScanRequest() {
+        return scanRequest;
+    }
+
+    public void setScanRequest(ScanRequest scanRequest) {
+        this.scanRequest = scanRequest;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/ScanTaskState.java
+++ b/src/main/java/com/redhat/pctsec/model/ScanTaskState.java
@ -0,0 +1,3 @@
+package com.redhat.pctsec.model;
+
+public enum ScanTaskState {AWAIT, TRIGGERED, RUNNING, SUCCESS, FAULURE}
--- a/src/main/java/com/redhat/pctsec/model/api/request/Component.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/Component.java
@ -0,0 +1,17 @@
+package com.redhat.pctsec.model.api.request;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+
+import java.net.URI;
+
+@JsonDeserialize(using = ComponentJsonDeserializer.class)
+public interface Component {
+
+    public String getType();
+
+    public String getBuildId();
+
+    public URI getRepo();
+
+    public String getRef();
+}
--- a/src/main/java/com/redhat/pctsec/model/api/request/ComponentJsonDeserializer.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/ComponentJsonDeserializer.java
@ -0,0 +1,31 @@
+package com.redhat.pctsec.model.api.request;
+
+import com.fasterxml.jackson.core.JacksonException;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonNode;
+
+import java.io.IOException;
+import java.net.URI;
+
+public class ComponentJsonDeserializer extends JsonDeserializer<Component> {
+
+    @Override
+    public Component deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException, JacksonException {
+
+        JsonNode node = jsonParser.readValueAsTree();
+        JsonNode componentT = node.get("type");
+        if(componentT.asText().equals("git"))
+        {
+            URI repo = URI.create(node.get("repo").asText());
+            String ref = node.get("ref").asText();
+            return new git(repo, ref);
+        }
+        else
+        {
+            return new build(componentT.asText(), node.get("build-id").asText());
+        }
+
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/api/request/build.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/build.java
@ -0,0 +1,49 @@
+package com.redhat.pctsec.model.api.request;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import jakarta.validation.constraints.NotNull;
+
+import java.net.URI;
+
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({
+        "type",
+        "build-id"
+})
+public class build implements Component {
+
+    public final String type;
+
+
+    public final String buildId;
+
+    public build(@NotNull String type, @NotNull String buildId) {
+        this.type = type;
+        this.buildId = buildId;
+    }
+
+    @Override
+    @NotNull
+    @JsonProperty("type")
+    public String getType() {
+        return this.type;
+    }
+
+    @NotNull
+    @JsonProperty("build-id")
+    @Override
+    public String getBuildId() {
+        return this.buildId;
+    }
+
+    @Override
+    public URI getRepo() {
+        return URI.create("");
+    }
+
+    @Override
+    public String getRef() {
+        return "";
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/api/request/git.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/git.java
@ -0,0 +1,53 @@
+package com.redhat.pctsec.model.api.request;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import jakarta.validation.constraints.NotNull;
+
+import java.net.URI;
+
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({
+        "type",
+        "repo",
+        "ref"
+})
+public class git implements Component{
+    @NotNull
+    @JsonProperty("type")
+    public final static String type = "git";
+
+    @NotNull
+    @JsonProperty("repo")
+    public URI repo;
+
+    @NotNull
+    @JsonProperty("ref")
+    public String ref;
+
+    public git(@NotNull URI repo, @NotNull String ref) {
+        this.repo = repo;
+        this.ref = ref;
+    }
+
+    @Override
+    public String getType() {
+        return this.type;
+    }
+
+    @Override
+    public String getBuildId() {
+        return "";
+    }
+
+    @Override
+    public URI getRepo() {
+        return this.repo;
+    }
+
+    @Override
+    public String getRef() {
+        return this.ref;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/api/request/pssaas.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/pssaas.java
@ -1,4 +1,4 @@
-package com.redhat.pctsec.model;
+package com.redhat.pctsec.model.api.request;
 import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Set;
@ -65,21 +65,6 @@ public class pssaas {
    @Size(min = 1)
    @Valid
    @NotNull
-    public Set<Object> componentList;
-    @JsonIgnore
-    @Valid
-    private Map<String, Object> additionalProperties = new LinkedHashMap<String, Object>();
-
-    /*
-    @JsonAnyGetter
-    public Map<String, Object> getAdditionalProperties() {
-        return this.additionalProperties;
-    }
-
-    @JsonAnySetter
-    public void setAdditionalProperty(String name, Object value) {
-        this.additionalProperties.put(name, value);
-    }
-    */
+    public Set<Component> componentList;

 }
--- a/src/main/java/com/redhat/pctsec/model/api/request/scanChain.java
+++ b/src/main/java/com/redhat/pctsec/model/api/request/scanChain.java
@ -0,0 +1,4 @@
+package com.redhat.pctsec.model.api.request;
+
+public class scanChain {
+}
--- a/src/main/java/com/redhat/pctsec/model/build.java
+++ b/src/main/java/com/redhat/pctsec/model/build.java
@ -1,30 +0,0 @@
-package com.redhat.pctsec.model;
-import java.util.LinkedHashMap;
-import java.util.Map;
-import java.util.Set;
-import com.fasterxml.jackson.annotation.JsonAnyGetter;
-import com.fasterxml.jackson.annotation.JsonAnySetter;
-import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.annotation.JsonPropertyDescription;
-import com.fasterxml.jackson.annotation.JsonPropertyOrder;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-import jakarta.validation.Valid;
-import jakarta.validation.constraints.NotNull;
-import jakarta.validation.constraints.Size;
-
-@JsonInclude(JsonInclude.Include.NON_NULL)
-@JsonPropertyOrder({
-        "type",
-        "build-id"
-})
-public class build {
-    @NotNull
-    @JsonProperty("type")
-    public String type;
-
-    @NotNull
-    @JsonProperty("build-id")
-    public String buildId;
-}
--- a/src/main/java/com/redhat/pctsec/model/git.java
+++ b/src/main/java/com/redhat/pctsec/model/git.java
@ -1,26 +0,0 @@
-package com.redhat.pctsec.model;
-
-import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.annotation.JsonPropertyOrder;
-import jakarta.validation.constraints.NotNull;
-
-@JsonInclude(JsonInclude.Include.NON_NULL)
-@JsonPropertyOrder({
-        "type",
-        "repo",
-        "ref"
-})
-public class git {
-    @NotNull
-    @JsonProperty("type")
-    public String type;
-
-    @NotNull
-    @JsonProperty("repo")
-    public String repo;
-
-    @NotNull
-    @JsonProperty("ref")
-    public String ref;
-}
--- a/src/main/java/com/redhat/pctsec/model/jpa/ScanRepository.java
+++ b/src/main/java/com/redhat/pctsec/model/jpa/ScanRepository.java
@ -0,0 +1,16 @@
+package com.redhat.pctsec.model.jpa;
+
+import com.redhat.pctsec.model.Scan;
+import io.quarkus.hibernate.orm.panache.PanacheRepositoryBase;
+import io.smallrye.mutiny.Uni;
+import jakarta.enterprise.context.ApplicationScoped;
+
+import java.util.UUID;
+
+@ApplicationScoped
+public class ScanRepository implements PanacheRepositoryBase<Scan, UUID> {
+    public Uni<Scan> findByProduct(String product)
+    {
+        return find("product", product).firstResult();
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/jpa/ScanRequestRepository.java
+++ b/src/main/java/com/redhat/pctsec/model/jpa/ScanRequestRepository.java
@ -0,0 +1,18 @@
+package com.redhat.pctsec.model.jpa;
+
+
+import com.redhat.pctsec.model.ScanRequest;
+import io.quarkus.hibernate.orm.panache.PanacheRepositoryBase;
+import io.smallrye.mutiny.Uni;
+import jakarta.enterprise.context.ApplicationScoped;
+
+import java.util.UUID;
+
+@ApplicationScoped
+public class ScanRequestRepository implements PanacheRepositoryBase<ScanRequest, UUID> {
+    public Uni<ScanRequest> findByProduct(String product)
+    {
+        return find("product", product).firstResult();
+    }
+}
+
--- a/src/main/java/com/redhat/pctsec/model/jpa/ScanRequestsRepository.java
+++ b/src/main/java/com/redhat/pctsec/model/jpa/ScanRequestsRepository.java
@ -0,0 +1,18 @@
+package com.redhat.pctsec.model.jpa;
+
+import com.redhat.pctsec.model.Scan;
+import com.redhat.pctsec.model.ScanRequests;
+import io.quarkus.hibernate.orm.panache.PanacheRepositoryBase;
+import io.smallrye.mutiny.Uni;
+import jakarta.enterprise.context.ApplicationScoped;
+
+import java.util.UUID;
+
+@ApplicationScoped
+public class ScanRequestsRepository implements PanacheRepositoryBase<ScanRequests, UUID> {
+    public Uni<Scan> findByProduct(String product)
+    {
+        return find("product", product).firstResult();
+    }
+}
+
--- a/src/main/java/com/redhat/pctsec/model/jpa/UriConverter.java
+++ b/src/main/java/com/redhat/pctsec/model/jpa/UriConverter.java
@ -0,0 +1,22 @@
+package com.redhat.pctsec.model.jpa;
+
+import jakarta.persistence.AttributeConverter;
+import jakarta.persistence.Converter;
+
+
+import java.net.URI;
+
+@Converter(autoApply = true)
+public class UriConverter implements AttributeConverter<URI, String>
+{
+
+    @Override
+    public String convertToDatabaseColumn(URI uri) {
+        return (uri == null) ? null : uri.toString();
+    }
+
+    @Override
+    public URI convertToEntityAttribute(String s) {
+        return ((s.length() > 0) ? URI.create(s.trim()) : null);
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/osh/paramMapper.java
+++ b/src/main/java/com/redhat/pctsec/model/osh/paramMapper.java
@ -0,0 +1,72 @@
+package com.redhat.pctsec.model.osh;
+
+import jakarta.inject.Singleton;
+import picocli.CommandLine;
+import picocli.CommandLine.Option;
+import picocli.CommandLine.Parameters;
+
+
+
+public class paramMapper {
+
+    @Option(names = {"-p", "--profile"}, description = "list of analyzers to use (see command 'list-\n" +
+            "                                 analyzers'); use comma as a separator: e.g. \"\n" +
+            "                                 --analyzer=gcc,clang,cppcheck\"")
+    private String profile;
+
+    @Option(names = {"-a", "--analyzer"}, description = "list of analyzers to use (see command 'list-\n" +
+            "                                 analyzers'); use comma as a separator: e.g. \"\n" +
+            "                                 --analyzer=gcc,clang,cppcheck\"")
+    private String analyzers;
+
+    @Option(names = {"--tarball-build-script"}, description = "With this option osh-cli accepts path to\n" +
+            "                                 tarball specified via first argument and then\n" +
+            "                                 the tarball will be scanned. This option sets\n" +
+            "                                 command which should build the package,\n" +
+            "                                 usually this should be just \"make\", in case\n" +
+            "                                 of packages which doesn't need to be built,\n" +
+            "                                 just pass \"true\".\n")
+    private String tarballBuildScript;
+
+    @Option(names = {"--brew-build"}, description = "use a brew build (specified by NVR) instead\n" +
+            "                                 of a local file")
+    private String brewBuild;
+
+    public paramMapper(){}
+
+    public paramMapper(String params){
+        new CommandLine(this).parseArgs(params.split(("\\s+")));
+    }
+
+    public String getProfile() {
+        return profile;
+    }
+
+    public void setProfile(String profile) {
+        this.profile = profile;
+    }
+
+    public String getAnalyzers() {
+        return analyzers;
+    }
+
+    public void setAnalyzers(String analyzers) {
+        this.analyzers = analyzers;
+    }
+
+    public String getTarballBuildScript() {
+        return tarballBuildScript;
+    }
+
+    public void setTarballBuildScript(String tarballBuildScript) {
+        this.tarballBuildScript = tarballBuildScript;
+    }
+
+    public String getBrewBuild() {
+        return brewBuild;
+    }
+
+    public void setBrewBuild(String brewBuild) {
+        this.brewBuild = brewBuild;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/model/scanChain.java
+++ b/src/main/java/com/redhat/pctsec/model/scanChain.java
@ -1,4 +0,0 @@
-package com.redhat.pctsec.model;
-
-public class scanChain {
-}
--- a/src/main/java/com/redhat/pctsec/rest/v1alpha1/Scan.java
+++ b/src/main/java/com/redhat/pctsec/rest/v1alpha1/Scan.java
@ -1,60 +0,0 @@
-package com.redhat.pctsec.rest.v1alpha1;
-
-import com.redhat.pctsec.model.ScanRequests;
-import com.redhat.pctsec.model.pssaas;
-import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.validation.Valid;
-import jakarta.ws.rs.*;
-import org.jboss.resteasy.reactive.RestQuery;
-
-import java.util.HashMap;
-
-@ApplicationScoped
-@Path("/api/v1a/Scan")
-public class Scan {
-
-    HashMap<String, ScanRequests> scanCollection = new HashMap<>();
-    @POST
-    @Path("PSSaaS")
-    @Consumes({ "application/json" })
-    public Integer createScans(@Valid pssaas scanRequest)
-    {
-        //Validate JSON
-
-        //CreateScanCollection
-
-        //Return ScanCollectionID
-        return 1;
-    }
-
-    @GET
-    @Path("{id}")
-    public ScanRequests scanRequest(String id){
-        return scanCollection.get(id.toString());
-    }
-
-    @GET
-    @Path("{id}/run")
-    public String scanRequestExe(String id){
-        scanCollection.get(id.toString()).execute();
-        return "We'd normally have a json payload here, with pipeline UID";
-    }
-
-    @GET
-    @Path("single/git")
-    public String singleGit(@RestQuery String repo, @RestQuery String ref)
-    {
-        ScanRequests sc = new ScanRequests(repo, ref);
-        scanCollection.put("1",sc);
-        return "restult";
-    }
-
-    @GET
-    @Path("single/brew")
-    public String singleGit(@RestQuery String brewId)
-    {
-        ScanRequests sc = new ScanRequests(brewId);
-        scanCollection.put("2",sc);
-        return "result";
-    }
-}
--- a/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestResource.java
+++ b/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestResource.java
@ -0,0 +1,50 @@
+package com.redhat.pctsec.rest.v1alpha1;
+
+import com.redhat.pctsec.model.ScanRequest;
+import com.redhat.pctsec.model.jpa.ScanRequestRepository;
+import com.redhat.pctsec.model.osh.paramMapper;
+import io.quarkus.security.Authenticated;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
+import jakarta.ws.rs.*;
+import picocli.CommandLine;
+
+import java.util.UUID;
+@ApplicationScoped
+@Path("/api/v1a/ScanRequest/{id}")
+public class ScanRequestResource {
+    @Inject
+    ScanRequestRepository scanRequestRepository;
+
+
+    @GET
+    @Produces({"application/json"})
+    public ScanRequest getScanRequest(String id)
+    {
+        ScanRequest scanRequest = scanRequestRepository.findById(UUID.fromString(id));
+        return scanRequest;
+    }
+
+    @PATCH
+    @Path("ScanProperties/{scanProperties}")
+    @Consumes({"application/octet-stream"})
+    @Produces({"application/json"})
+    @Authenticated
+    @Transactional
+    public ScanRequest patchScanRequest(String id, String scanProperties)
+    {
+        ScanRequest scanRequest = scanRequestRepository.findById(UUID.fromString(id));
+
+        try {
+            paramMapper pm = new paramMapper(scanProperties);
+            }catch(CommandLine.UnmatchedArgumentException e)
+            {
+                throw new BadRequestException("Invalid OSH Parameter");
+            }
+        scanRequest.setScanProperties(scanProperties);
+        scanRequestRepository.persist(scanRequest);
+        return scanRequest;
+    }
+
+}
--- a/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestsResource.java
+++ b/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanRequestsResource.java
@ -0,0 +1,41 @@
+package com.redhat.pctsec.rest.v1alpha1;
+
+import com.redhat.pctsec.model.Scan;
+import com.redhat.pctsec.model.ScanRequest;
+import com.redhat.pctsec.model.ScanRequests;
+import com.redhat.pctsec.model.jpa.ScanRepository;
+import com.redhat.pctsec.model.jpa.ScanRequestsRepository;
+import io.quarkus.security.Authenticated;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.ws.rs.*;
+import org.jboss.resteasy.reactive.common.NotImplementedYet;
+
+import java.util.UUID;
+
+@ApplicationScoped
+@Path("/api/v1a/ScanRequests/{id}")
+public class ScanRequestsResource {
+
+    @Inject
+    ScanRequestsRepository  sr;
+
+
+    @GET
+    @Produces({"application/json"})
+    public ScanRequests getScanRequests(String id)
+    {
+        ScanRequests scanRequests = sr.findById(UUID.fromString(id));
+        return scanRequests;
+    }
+
+    @POST
+    @Produces({"application/json"})
+    @Consumes({"application/json"})
+    @Authenticated
+    public ScanRequests addScanRequest(String id, ScanRequest scanRequest)
+    {
+        throw new NotImplementedYet();
+    }
+
+}
--- a/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java
+++ b/src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java
@ -0,0 +1,122 @@
+package com.redhat.pctsec.rest.v1alpha1;
+
+import com.redhat.pctsec.model.*;
+import com.redhat.pctsec.model.api.request.pssaas;
+import com.redhat.pctsec.model.jpa.ScanRepository;
+import io.quarkus.security.Authenticated;
+import io.vertx.mutiny.core.eventbus.EventBus;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
+import jakarta.validation.Valid;
+import jakarta.ws.rs.*;
+import org.jboss.resteasy.reactive.RestQuery;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+
+@ApplicationScoped
+@Path("/api/v1a/Scan")
+public class ScanResource {
+
+    @Inject
+    ScanRepository sr;
+
+    @Inject
+    EventBus bus;
+
+    @POST
+    @Path("PSSaaS")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public Scan createPSSAAS(@Valid pssaas scanRequest)
+    {
+        ScanRequests scanRequests = new ScanRequests(scanRequest);
+        Scan s = new Scan();
+        s.setRequestor("cpaas");
+        s.setScanRequests(scanRequests);
+        sr.persist(s);
+        return s;
+    }
+    @POST
+    @Path("PSSaaS/run")
+    @Consumes({ "application/json" })
+    @Transactional
+    @Authenticated
+    public List<ScanTask> createRunPSSAAS(@Valid pssaas scanRequest)
+    {
+        Scan s = this.createPSSAAS(scanRequest);
+        return s.scanRequests.execute(bus);
+    }
+
+    @GET
+    @Path("All")
+    @Produces({"application/json"})
+    public List<Scan> list()
+    {
+        return sr.listAll();
+    }
+
+    @GET
+    @Path("{id}")
+    @Produces({"application/json"})
+    public Scan scanRequest(String id)
+    {
+        Scan s = sr.findById(UUID.fromString(id));
+        return s;
+    }
+
+    @GET
+    @Path("{id}/run")
+    @Authenticated
+    public List<ScanTask> scanRequestExe(String id)
+    {
+        Scan s = sr.findById(UUID.fromString(id));
+        return s.scanRequests.execute(bus);
+    }
+
+
+    @GET
+    @Path("single/git")
+    @Produces({"application/json"})
+    @Transactional
+    @Authenticated
+    public Scan singleGit(@RestQuery String repo, @RestQuery String ref)
+    {
+        Scan s = new Scan();
+        s.setRequestor("jochrist");
+        s.getScanRequests().addGit(repo,ref);
+        sr.persist(s);
+        return s;
+    }
+
+    @GET
+    @Path("single/brew")
+    @Produces({"application/json"})
+    @Transactional
+    @Authenticated
+    public Scan singleGit(@RestQuery String brewId)
+    {
+        Scan s = new Scan();
+        s.setRequestor("jochrist");
+        s.getScanRequests().addBrewBuild(brewId);
+        sr.persist(s);
+        return s;
+    }
+    @GET
+    @Path("single/pnc")
+    @Produces({"application/json"})
+    @Transactional
+    @Authenticated
+    public Scan singlePNC(@RestQuery String pncId)
+    {
+        Scan s = new Scan();
+        s.setRequestor("jochrist");
+        s.getScanRequests().addPNCBuild(pncId);
+        sr.persist(s);
+        return s;
+    }
+}
--- a/src/main/java/com/redhat/pctsec/tekton/TaskHandler.java
+++ b/src/main/java/com/redhat/pctsec/tekton/TaskHandler.java
@ -0,0 +1,139 @@
+package com.redhat.pctsec.tekton;
+import com.redhat.pctsec.model.RequestType;
+import com.redhat.pctsec.model.ScanTask;
+import com.redhat.pctsec.model.ScanTaskState;
+import io.fabric8.kubernetes.api.model.ConfigMapVolumeSource;
+import io.fabric8.kubernetes.api.model.PersistentVolumeClaimVolumeSource;
+import io.fabric8.kubernetes.api.model.PodSecurityContext;
+import io.fabric8.kubernetes.api.model.PodSecurityContextBuilder;
+import io.fabric8.tekton.client.DefaultTektonClient;
+import io.fabric8.tekton.client.TektonClient;
+import io.fabric8.tekton.client.DefaultTektonClient;
+import io.fabric8.tekton.client.TektonClient;
+import io.fabric8.tekton.pipeline.v1beta1.*;
+
+import io.quarkus.vertx.ConsumeEvent;
+
+import io.smallrye.common.annotation.Blocking;
+import jakarta.inject.Inject;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class TaskHandler {
+
+    @ConfigProperty(name = "quarkus.openshift.namespace")
+    String NAMESPACE;
+    @ConfigProperty(name = "tekton.pipeline.ref")
+    String PIPELINE_REFERENCE;
+    @ConfigProperty(name = "tekton.service-account")
+    String SERVICE_ACCOUNT;
+
+    @ConfigProperty(name = "tekton.task.ref")
+    String TASK_REFERENCE;
+
+    @Inject
+    TektonClient tektonClient;
+
+    @ConsumeEvent("tekton")
+    @Blocking
+    public ScanTask consume(ScanTask scanTask)
+    {
+
+        switch(scanTask.getScanRequest().getType())
+        {
+        case BREW:
+            scanTask.setTektonRunId(invokeScanTask(scanTask.getScanRequest().brewBuild.buildRef));
+            scanTask.setState(ScanTaskState.RUNNING);
+            break;
+
+        case PNC:
+            String repo = scanTask.getScanRequest().pncBuild.SCMURL().toString();
+            String ref = scanTask.getScanRequest().pncBuild.revision();
+            scanTask.setTektonRunId(invokeOshScmScanPipeline(repo, ref));
+            scanTask.setState(ScanTaskState.RUNNING);
+            break;
+
+        case GIT:
+            scanTask.setTektonRunId(invokeOshScmScanPipeline(scanTask.getScanRequest().git.repo.toString(), scanTask.getScanRequest().git.ref));
+            scanTask.setState(ScanTaskState.RUNNING);
+            break;
+        }
+
+        return scanTask;
+    }
+
+    public String invokeScanTask(String buildId) {
+        // String buildId = "xterm-366-8.el9";
+        String scanProfile = "snyk-only-unstable";
+
+        // random taskrun name generating for now
+        TaskRun taskRun = new TaskRunBuilder().withNewMetadata().withName("osh-scan-taskrun-" + RandomStringUtils.randomAlphanumeric(8).toLowerCase())
+                .endMetadata()
+                .withNewSpec()
+                .withServiceAccountName(SERVICE_ACCOUNT)
+                .withNewTaskRef()
+                .withName(TASK_REFERENCE)
+                .endTaskRef()
+                .withParams(
+                        new Param("buildId", new ArrayOrString(buildId)),
+                        new Param("scanProfile", new ArrayOrString(scanProfile)))
+                .endSpec()
+                .build();
+
+        tektonClient.v1beta1().taskRuns().inNamespace(NAMESPACE).resource(taskRun).create();
+
+        return taskRun.getMetadata().getName();
+    }
+
+    public String invokeOshScmScanPipeline(String repo, String ref) {
+
+        PodSecurityContext securityContext = new PodSecurityContextBuilder()
+                .withRunAsNonRoot(true)
+                .withRunAsUser(65532L)
+                .build();
+
+        WorkspaceBinding sourcesWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("sources")
+                .withPersistentVolumeClaim(new PersistentVolumeClaimVolumeSource("osh-client-sources", null))
+                .build();
+
+        WorkspaceBinding sourceTarsWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("source-tars")
+                .withPersistentVolumeClaim(new PersistentVolumeClaimVolumeSource("osh-client-source-tars", null))
+                .build();
+
+        WorkspaceBinding sslCaDirectoryWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("ssl-ca-directory")
+                .withConfigMap(new ConfigMapVolumeSource(null, null, "config-trusted-cabundle", null))
+                .build();
+
+        List<WorkspaceBinding> workspaceBindings = new ArrayList<>();
+        workspaceBindings.add(sourcesWorkspaceBinding);
+        workspaceBindings.add(sourceTarsWorkspaceBinding);
+        workspaceBindings.add(sslCaDirectoryWorkspaceBinding);
+
+        PipelineRun pipelineRun = new PipelineRunBuilder()
+                .withNewMetadata().withName("osh-scm-scan-" + RandomStringUtils.randomAlphanumeric(8).toLowerCase()).endMetadata()
+                .withNewSpec()
+                .withNewPodTemplate()
+                .withSecurityContext(securityContext)
+                .endPodTemplate()
+                .withServiceAccountName(SERVICE_ACCOUNT)
+                .withNewPipelineRef().withName(PIPELINE_REFERENCE).endPipelineRef()
+                .addNewParam().withName("repo-url").withNewValue(repo).endParam()
+                .addNewParam().withName("revision").withNewValue(ref).endParam()
+                .withWorkspaces(workspaceBindings)
+                .endSpec()
+                .build();
+
+        tektonClient.v1beta1().pipelineRuns().inNamespace(NAMESPACE).resource(pipelineRun).create();
+
+        return pipelineRun.getMetadata().getName();
+    }
+
+
+}
--- a/src/main/java/com/redhat/pctsec/tekton/scmUrlPipelineRun.java
+++ b/src/main/java/com/redhat/pctsec/tekton/scmUrlPipelineRun.java
@ -1,6 +1,74 @@
 package com.redhat.pctsec.tekton;

+import io.fabric8.kubernetes.api.model.ConfigMapVolumeSource;
+import io.fabric8.kubernetes.api.model.PersistentVolumeClaimVolumeSource;
+import io.fabric8.kubernetes.api.model.PodSecurityContext;
+import io.fabric8.kubernetes.api.model.PodSecurityContextBuilder;
+import io.fabric8.tekton.client.DefaultTektonClient;
+import io.fabric8.tekton.client.TektonClient;
+import io.fabric8.tekton.client.DefaultTektonClient;
+import io.fabric8.tekton.client.TektonClient;
+import io.fabric8.tekton.pipeline.v1beta1.*;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Singleton;
+import org.apache.commons.lang3.RandomStringUtils;
+
+import java.util.ArrayList;
+import java.util.List;
+
 public class scmUrlPipelineRun {
+    public static final String NAMESPACE = "pct-security-tooling";
+    public static final String REPO_URL = "repo-url";
+    public static final String REVISION = "revision";
+    public static final String PIPELINE_REFERENCE = "osh-client-from-source";
+    public static final String SERVICE_ACCOUNT = "osh-wrapper-client-sa";
+
+    TektonClient tektonClient = new DefaultTektonClient();
+
+    public String invokeOshScmScanPipeline(String repo, String ref) {
+
+        PodSecurityContext securityContext = new PodSecurityContextBuilder()
+                .withRunAsNonRoot(true)
+                .withRunAsUser(65532L)
+                .build();
+
+        WorkspaceBinding sourcesWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("sources")
+                .withPersistentVolumeClaim(new PersistentVolumeClaimVolumeSource("osh-client-sources", null))
+                .build();
+
+        WorkspaceBinding sourceTarsWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("source-tars")
+                .withPersistentVolumeClaim(new PersistentVolumeClaimVolumeSource("osh-client-source-tars", null))
+                .build();
+
+        WorkspaceBinding sslCaDirectoryWorkspaceBinding = new WorkspaceBindingBuilder()
+                .withName("ssl-ca-directory")
+                .withConfigMap(new ConfigMapVolumeSource(null, null, "config-trusted-cabundle", null))
+                .build();
+
+        List<WorkspaceBinding> workspaceBindings = new ArrayList<>();
+        workspaceBindings.add(sourcesWorkspaceBinding);
+        workspaceBindings.add(sourceTarsWorkspaceBinding);
+        workspaceBindings.add(sslCaDirectoryWorkspaceBinding);
+
+        PipelineRun pipelineRun = new PipelineRunBuilder()
+                .withNewMetadata().withName("osh-scm-scan-" + RandomStringUtils.randomAlphanumeric(8).toLowerCase()).endMetadata()
+                .withNewSpec()
+                .withNewPodTemplate()
+                .withSecurityContext(securityContext)
+                .endPodTemplate()
+                .withServiceAccountName(SERVICE_ACCOUNT)
+                .withNewPipelineRef().withName(PIPELINE_REFERENCE).endPipelineRef()
+                .addNewParam().withName(REPO_URL).withNewValue(repo).endParam()
+                .addNewParam().withName(REVISION).withNewValue(ref).endParam()
+                .withWorkspaces(workspaceBindings)
+                .endSpec()
+                .build();
+
+        tektonClient.v1beta1().pipelineRuns().inNamespace(NAMESPACE).resource(pipelineRun).create();

+        return "Scan invoked. PipelineRun name: " + pipelineRun.getMetadata().getName();
+    }

 }
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -21,8 +21,31 @@
 #%dev.quarkus.kerberos.keytab-path= HTTP_osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM.keytab
 #%dev.quarkus.kerberos.service-principal-name= HTTP/osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM

+##########################################
+#   Data Source                          #
+##########################################
+%dev.quarkus.datasource.devservices.enabled=true
+%dev.quarkus.datasource.db-kind = postgresql
+%dev.quarkus.datasource.username = quarkus
+%dev.quarkus.datasource.password = quarkus
+#%dev.quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/hibernate_db
+%dev.quarkus.hibernate-orm.database.generation=drop-and-create
+
+%stage.quarkus.kubernetes-config.secrets.enabled=true
+quarkus.kubernetes-config.secrets=postgresql
+%stage.quarkus.datasource.jdbc.url=jdbc:postgresql://postgresql:5432/${database-name}
+%stage.quarkus.datasource.username=${database-user}
+%stage.quarkus.datasource.password=${database-password}
+%stage.quarkus.hibernate-orm.database.generation=drop-and-create
+
+
+#Always provide swagger ui
+quarkus.swagger-ui.always-include=true
+%dev.quarkus.openshift.service-account=osh-wrapper-client-sa
+%dev.quarkus.openshift.namespace=pct-security-tooling
+
 %stage.quarkus.openshift.name=osh
-%stage.quarkus.openshift.service-account=osh-wrapper-client-sa
+quarkus.openshift.service-account=osh-wrapper-client-sa
 %stage.quarkus.openshift.labels.env=stage
 %stage.quarkus.log.level=DEBUG
 quarkus.arc.remove-unused-beans=false
@ -33,6 +56,7 @@ quarkus.arc.remove-unused-beans=false
 %stage.quarkus.openshift.route.expose=false
 %stage.quarkus.openshift.route.target-port=https
 %stage.quarkus.openshift.route.tls.insecure-edge-termination-policy=redirect
+%stage.quarkus.openshift.namespace=pct-security-tooling

 ##########################################
 #   Kerberos Specifics                   #
@ -49,5 +73,12 @@ quarkus.arc.remove-unused-beans=false
 %stage.quarkus.openshift.config-map-volumes.osh-wrapper-config-vol.items."linux-krb5.conf".path=linux-krb5.conf
 %stage.quarkus.openshift.mounts.osh-wrapper-config-vol.read-only=true

+##########################################
+#   Tekton Specifics (Used in app)       #
+##########################################
+tekton.pipeline.ref=osh-client-from-source
+tekton.task.ref=osh-scan-task
+tekton.service-account=${quarkus.openshift.service-account}
+


--- a/src/test/java/com/redhat/pctsec/GreetingResourceIT.java
+++ b/src/test/java/com/redhat/pctsec/GreetingResourceIT.java
@ -1,8 +0,0 @@
-package com.redhat.pctsec;
-
-import io.quarkus.test.junit.QuarkusIntegrationTest;
-
-@QuarkusIntegrationTest
-public class GreetingResourceIT extends GreetingResourceTest {
-    // Execute the same tests but in packaged mode.
-}
--- a/src/test/java/com/redhat/pctsec/GreetingResourceTest.java
+++ b/src/test/java/com/redhat/pctsec/GreetingResourceTest.java
@ -1,21 +0,0 @@
-package com.redhat.pctsec;
-
-import io.quarkus.test.junit.QuarkusTest;
-import org.junit.jupiter.api.Test;
-
-import static io.restassured.RestAssured.given;
-import static org.hamcrest.CoreMatchers.is;
-
-@QuarkusTest
-public class GreetingResourceTest {
-
-    @Test
-    public void testHelloEndpoint() {
-        given()
-          .when().get("/hello")
-          .then()
-             .statusCode(200)
-             .body(is("Hello from RESTEasy Reactive"));
-    }
-
-}
--- a/src/test/java/com/redhat/pctsec/model/osh/paramMapperTest.java
+++ b/src/test/java/com/redhat/pctsec/model/osh/paramMapperTest.java
@ -0,0 +1,22 @@
+package com.redhat.pctsec.model.osh;
+
+import io.quarkus.test.junit.QuarkusTest;
+import jakarta.inject.Inject;
+import org.junit.jupiter.api.Test;
+import java.lang.String;
+
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.CoreMatchers.is;
+
+@QuarkusTest
+public class paramMapperTest {
+
+
+
+    @Test
+    public void testSnykScan() {
+        paramMapper pm = new paramMapper("-p snyk-only-unstable --tarball-build-script=\":\"");
+        System.out.println(pm);
+    }
+
+}
Author	SHA1	Message	Date
Jonathan Christison	5ca4917bf4	Fix app properties service account reference	3 years ago
Jonathan Christison	f66b910de7	Use SA in general profile	3 years ago
Jonathan Christison	7d61509b12	Changing this to Blocking as the vertx thread is timing out Its possible tekton is responding for some reason	3 years ago
Jonathan Christison	69445ad0d4	Use stage env DB setup	3 years ago
Jonathan Christison	bfd887c40e	Add hack/examples of calling single endpoints	3 years ago
Jonathan Christison	43d06684fb	Make task handler public so vertx can trigger it Also changed pssaas to autofire endpoint for easier hacking	3 years ago
Jonathan Christison	bae9ca9be8	Add quarkus-kubernetes-config for DB setup on stage Also set swagger-ui to always be enabled	3 years ago
Jonathan Christison	3f1e048fe6	Use postgres deployment in pct-sec namepsace	3 years ago
Jonathan Christison	c0e9019fd6	Add missing class	3 years ago
Jonathan Christison	5c96690241	Add authenticated annotation to endpoints that have actions	3 years ago
Jonathan Christison	24059710cb	Remove JSON elements when NULL Added new Resource endpoints for ScanRequests and ScanRequest Start fleshing out invoke parameters to pass to scan	3 years ago
Jonathan Christison	c724442abb	We dont need to return every field, especially private ones	3 years ago
Jonathan Christison	707e9d4fbb	Fix cascade for brew and pnc types Change endpoint in hack test script, these should be moved to unit tests	3 years ago
Jonathan Christison	603dc500de	Hacking around eventBus injection by passing it to be set It will be better to instantiate EventBus directly but not sure on the constructor for this	3 years ago
Jonathan Christison	be2f54c9c0	Set some fields to be public for json return	3 years ago
Jonathan Christison	2fd582e2ca	ORM kinda working	3 years ago
Jonathan Christison	354745f7a0	Still adding ORM	3 years ago
Jonathan Christison	72e3b0f0b3	Start adding picocli as way of verifying CLI args	3 years ago
Jonathan Christison	7fffbe22ba	Decouple ScanRequest from tekton runs We will use an eventbus to listen for "executed"/triggered ScanRequests and respond with tekton runID to check up on later	3 years ago
Jonathan Christison	5149a807f3	Fix typo add swagger-ui	3 years ago
Jonathan Christison	64c84c8764	Call run on the single-git-scan.sh Also call run on the Scan Fix typos	3 years ago
Jonathan Christison	85c798b0a7	Add pipeline run code for demo	3 years ago