diff --git a/README.md b/README.md index 3c3440e24..15654843b 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Current Release](https://img.shields.io/github/release/IBM/cbomkit.svg?logo=IBM)](https://github.com/IBM/cbomkit/releases) CBOMkit is a toolset for dealing with Cryptography Bill of Materials (CBOM). CBOMkit includes a -- **CBOM Generation** ([CBOMkit-hyperion](https://github.com/IBM/sonar-cryptography), [CBOMkit-theia](https://github.com/IBM/cbomkit-theia)): Generate CBOMs from source code by scanning git repositories to find the used cryptography. +- **CBOM Generation** ([CBOMkit-hyperion](https://github.com/IBM/sonar-cryptography), [CBOMkit-theia](https://github.com/IBM/cbomkit-theia)): Generate CBOMs from source code by scanning private and public git repositories to find the used cryptography. - **CBOM Viewer ([CBOMkit-coeus](https://github.com/IBM/cbomkit?tab=readme-ov-file#cbomkit-coeus))**: Visualize a generated or uploaded CBOM and access comprehensive statistics. - **CBOM Compliance Check**: Evaluate CBOMs created or uploaded against specified compliance policies and receive detailed compliance status reports. - **CBOM Database**: Collect and store CBOMs into the database and expose this data through a RESTful API. @@ -80,15 +80,14 @@ The API server functions as the central component of the CBOMkit, offering a com #### Features - Retrieve the most recent generated CBOMs -- Access stored CBOMs from the database using Package URLs (PURL) -- Execute targeted searches for scanned Git repositories utilizing specific algorithms (by name and Oid) +- Access stored CBOMs from the database - Perform compliance checks for user-provided CBOMs against specified policies - Conduct compliance assessments for stored or generated CBOMs against defined policies -*Sample Query to Retrieve CBOM by Package URL* +*Sample Query to Retrieve CBOM project identifier* ```shell curl --request GET \ - --url 'http://localhost:8081/api/v1/cbom?purls=pkg:github/OddSource/java-license-manager' + --url 'http://localhost:8081/api/v1/cbom/github.com%2Fkeycloak%2Fkeycloak' ``` In addition to the RESTful API, the server incorporates WebSocket integration, enabling: diff --git a/openapi.yaml b/openapi.yaml new file mode 100644 index 000000000..06e798c64 --- /dev/null +++ b/openapi.yaml @@ -0,0 +1,95 @@ +--- +openapi: 3.0.3 +info: + title: CBOMkit API + description: Service for generating and retrieving CBOMs + version: 1.2.0 +paths: + /api: + get: + tags: + - Status + summary: Health test + description: Health test endpoint + responses: + "200": + description: OK + content: + application/json: + schema: + example: + status: ok + /api/v1/cbom/last/{limit}: + get: + tags: + - CBOM Resource + summary: Return recently generated CBOMs from the repository + description: Returns a list of the most recently generated CBOMs. The length + of the list can by specified via the optional 'limit' parameter. + parameters: + - name: limit + in: path + required: true + schema: + format: int32 + type: integer + responses: + "200": + description: OK + /api/v1/cbom/{projectIdentifier}: + get: + tags: + - CBOM Resource + description: Get CBOM + parameters: + - name: projectIdentifier + in: path + required: true + schema: + type: string + responses: + "200": + description: OK + /api/v1/compliance/check: + get: + tags: + - Compliance Resource + summary: Verify the compliance of a stored CBOM identified by it's PURL against + a policy + description: "Returns the JSON sent by the Regulator API, containing various\ + \ information about the compliance of the CBOM for a set policy." + parameters: + - name: commit + in: query + schema: + type: string + - name: gitUrl + in: query + schema: + type: string + - name: policyIdentifier + in: query + schema: + type: string + responses: + "200": + description: OK + post: + tags: + - Compliance Resource + summary: Verify the compliance of a provided CBOM against a policy + description: "Returns the JSON sent by the Regulator API, containing various\ + \ information about the compliance of the CBOM for a set policy." + parameters: + - name: policyIdentifier + in: query + schema: + type: string + requestBody: + content: + application/json: + schema: + type: string + responses: + "200": + description: OK