From 0e9ccc955b9b0f7c7db62a50a79b633eb7c87982 Mon Sep 17 00:00:00 2001 From: Avinash Upadhyaya Date: Sun, 31 Jul 2022 21:45:45 +0530 Subject: [PATCH 01/14] docs: update link for playground --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 83e78e79..50ff8d3d 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ Want to contribute? Want to discuss something? Have an issue? [Kubescape docs](https://hub.armosec.io/docs) ## Playground -* [Kubescape playground](https://www.katacoda.com/pathaksaiyam/scenarios/kubescape) +* [Kubescape playground](https://killercoda.com/saiyampathak/scenario/kubescape) ## Tutorials From 96903ea77dfa868231cecd67d2d3dd9945d48276 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Wed, 20 Jul 2022 20:08:14 +0300 Subject: [PATCH 02/14] docs: swagger: add OpenAPI V2 schema --- httphandler/docs/docs.go | 24 +++ httphandler/docs/ksMicroservice_swagger.go | 148 ++++++++++++++ httphandler/main.go | 1 + swagger.yaml | 226 +++++++++++++++++++++ 4 files changed, 399 insertions(+) create mode 100644 httphandler/docs/docs.go create mode 100644 httphandler/docs/ksMicroservice_swagger.go create mode 100644 swagger.yaml diff --git a/httphandler/docs/docs.go b/httphandler/docs/docs.go new file mode 100644 index 00000000..b1d82a98 --- /dev/null +++ b/httphandler/docs/docs.go @@ -0,0 +1,24 @@ +// Package classification kubescape_microservice +// +// Documentation of our awesome API. +// +// Schemes: http +// BasePath: / +// Version: 1.0.0 +// Host: example.com +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Security: +// - basic +// +// SecurityDefinitions: +// basic: +// type: basic +// +// swagger:meta +package docs diff --git a/httphandler/docs/ksMicroservice_swagger.go b/httphandler/docs/ksMicroservice_swagger.go new file mode 100644 index 00000000..2af3a0a5 --- /dev/null +++ b/httphandler/docs/ksMicroservice_swagger.go @@ -0,0 +1,148 @@ +package docs + +// swagger:route POST /v1/metrics metrics enableMetrics +// Trigger Kubescape support for Prometheus +// +// Enables support for Prometheus metrics. +// +// Responses: +// 200: enableMetricsResponse + +type enableMetricsResponse struct{} + +// swagger:response enableMetricsResponse +type enableMetricsResponseWrapper struct { + // in:body + Body enableMetricsResponse +} + +// swagger:route POST /v1/scan scanning triggerScan +// Trigger a kubescape scan. +// +// The server will return an ID and will execute the scanning asynchronously. +// +// Responses: +// 200: triggerScanResponse + +// swagger:enum TriggerScanTargetType +type TriggerScanTargetType string + +const ( + Framework TriggerScanTargetType = "framework" + Control TriggerScanTargetType = "control" +) + +type triggerScanParams struct { + // Results format. Same as `kubescape scan --format` + // + // default: json + // example: json + Format string `json:"format"` + // List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` + // + // example: ["kube-system", "armo-system"] + ExcludedNamespaces []string `json:"excludedNamespaces"` + // List of namespaces to include. Same as `kubescape scan --include-namespaces` + // + // example: ["litmus-tests", "known-bad"] + IncludeNamespaces []string `json:"includeNamespaces"` + // Use the cached artifacts instead of downloading (offline support) + // + // example: false + UseCachedArtifacts bool `json:"useCachedArtifacts"` + // Submit results to Kubescape Cloud. Same as `kubescape scan --submit`. + // + // example: true + Submit bool `json:"submit"` + // Deploy Kubescape K8s host-scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`) + // + // example: true + HostScanner bool `json:"hostScanner"` + // Do not submit results to Kubescape Cloud. + // + // Same as `kubescape scan --keep-local` + KeepLocal bool `json:"keepLocal"` + // A Kubescape account ID to use for scanning. + // + // Same as `kubescape scan --account`. + // example: NewGuid() + Account string `json:"account"` + // Type of the scan target: either `framework` or `control`. + // + // example: framework + TargetType TriggerScanTargetType `json:"targetType"` + // Name of the scan targets. + // + // For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + // example: ["nsa", "mitre"] + TargetNames []string `json:"targetNames"` +} + +// swagger:parameters triggerScan +type triggerScanParamsWrapper struct { + // Trigger scan parameters + // in:body + Body triggerScanParams + // Whether to wait for the result to complete. + // + // Triggers a synchronous scan. A synchronous scan returns the Scan results, and not a scan ID. Use synchronous scanning only in small clusters or with an increased timeout + // + // default: false + Wait bool `json:"wait"` + // Keep the results in local storage after returning. + // + // default: false + Keep bool `json:"keep"` +} + +// swagger:enum ScanResponseType +type ScanResponseType string + +const ( + V1Results ScanResponseType = "v1results" + Busy ScanResponseType = "busy" + NotBusy ScanResponseType = "notBusy" + Ready ScanResponseType = "ready" + Error ScanResponseType = "error" +) + +type triggerScanResponse struct { + // ID of the performed scan + Id string `json:"id"` + // Type of the response object + Type ScanResponseType `json:"type"` + // Response payload as list of bytes + Response interface{} `json:"response"` +} + +// The triggerScan response object +// swagger:response triggerScanResponse +type triggerScanResponseWrapper struct { + // in:body + Body triggerScanResponse +} + +// swagger:route GET /v1/results/{scanID} scanning getScanResults +// Read results of a previously performed scan. +// +// Responses: +// 200: getScanResultsResponse + + +// swagger:parameters getScanResults +type getScanResultsRequestWrapper struct { + // in:path + ScanID string `json:"scanID"` +} + +type getScanResultsResponse struct { + ID string `json:"id"` + Type string `json:"type"` + Response interface{} `json:"response"` +} + +// swagger:response +type getScanResultsResponseWrapper struct { + // in:body + Body getScanResultsResponse +} diff --git a/httphandler/main.go b/httphandler/main.go index 08035f2a..6fa1d25d 100644 --- a/httphandler/main.go +++ b/httphandler/main.go @@ -1,6 +1,7 @@ package main import ( + _ "github.com/armosec/kubescape/v2/httphandler/docs" "github.com/armosec/kubescape/v2/httphandler/listener" logger "github.com/dwertent/go-logger" ) diff --git a/swagger.yaml b/swagger.yaml new file mode 100644 index 00000000..6bcd1956 --- /dev/null +++ b/swagger.yaml @@ -0,0 +1,226 @@ +basePath: / +consumes: +- application/json +definitions: + enableMetricsResponse: + type: object + x-go-package: github.com/armosec/kubescape/v2/httphandler/docs + getScanResultsResponse: + properties: + id: + type: string + x-go-name: ID + response: + type: object + x-go-name: Response + type: + type: string + x-go-name: Type + type: object + x-go-package: github.com/armosec/kubescape/v2/httphandler/docs + triggerScanParams: + properties: + account: + description: |- + A Kubescape account ID to use for scanning. + + Same as `kubescape scan --account`. + example: NewGuid() + type: string + x-go-name: Account + excludedNamespaces: + description: List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` + example: + - kube-system + - armo-system + items: + type: string + type: array + x-go-name: ExcludedNamespaces + format: + default: json + description: Results format. Same as `kubescape scan --format` + example: json + type: string + x-go-name: Format + hostScanner: + description: Deploy Kubescape K8s host-scanner DeamonSet in the scanned cluster + (same as `kubescape scan --enable-host-scan`) + example: true + type: boolean + x-go-name: HostScanner + includeNamespaces: + description: List of namespaces to include. Same as `kubescape scan --include-namespaces` + example: + - litmus-tests + - known-bad + items: + type: string + type: array + x-go-name: IncludeNamespaces + keepLocal: + description: |- + Do not submit results to Kubescape Cloud. + + Same as `kubescape scan --keep-local` + type: boolean + x-go-name: KeepLocal + submit: + description: Submit results to Kubescape Cloud. Same as `kubescape scan --submit`. + example: true + type: boolean + x-go-name: Submit + targetNames: + description: |- + Name of the scan targets. + + For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + example: + - nsa + - mitre + items: + type: string + type: array + x-go-name: TargetNames + targetType: + description: |- + Type of the scan target: either `framework` or `control`. + framework Framework + control Control + enum: + - framework + - control + example: framework + type: string + x-go-enum-desc: |- + framework Framework + control Control + x-go-name: TargetType + useCachedArtifacts: + description: Use the cached artifacts instead of downloading (offline support) + example: false + type: boolean + x-go-name: UseCachedArtifacts + type: object + x-go-package: github.com/armosec/kubescape/v2/httphandler/docs + triggerScanResponse: + properties: + id: + description: ID of the performed scan + type: string + x-go-name: Id + response: + description: Response payload as list of bytes + type: object + x-go-name: Response + type: + description: |- + Type of the response object + v1results V1Results + busy Busy + notBusy NotBusy + ready Ready + error Error + enum: + - v1results + - busy + - notBusy + - ready + - error + type: string + x-go-enum-desc: |- + v1results V1Results + busy Busy + notBusy NotBusy + ready Ready + error Error + x-go-name: Type + type: object + x-go-package: github.com/armosec/kubescape/v2/httphandler/docs +host: example.com +info: + description: Documentation of our awesome API. + title: kubescape_microservice + version: 1.0.0 +paths: + /v1/metrics: + post: + description: Enables support for Prometheus metrics + operationId: enableMetrics + responses: + "200": + $ref: '#/responses/enableMetricsResponse' + summary: Trigger Kubescape support for Prometheus + tags: + - metrics + /v1/results/{scanID}: + get: + operationId: getScanResults + parameters: + - in: path + name: scanID + required: true + type: string + x-go-name: ScanID + responses: + "200": + description: getScanResultsResponse + schema: + $ref: '#/definitions/getScanResultsResponse' + summary: Read results of a previously performed scan. + tags: + - scanning + /v1/scan: + post: + description: |- + The server will return an ID and will execute the + scanning asynchronously. + operationId: triggerScan + parameters: + - description: Trigger scan parameters + in: body + name: Body + schema: + $ref: '#/definitions/triggerScanParams' + - default: false + description: |- + Whether to wait for the result to complete. + + Triggers a synchronous scan. A synchronous scan returns the Scan results, and not a scan ID. Use synchronous scanning only in small clusters or with an increased timeout + in: query + name: wait + type: boolean + x-go-name: Wait + - default: false + description: Keep the results in local storage after returning. + in: query + name: keep + type: boolean + x-go-name: Keep + responses: + "200": + $ref: '#/responses/triggerScanResponse' + summary: Trigger a kubescape scan. + tags: + - scanning +produces: +- application/json +responses: + enableMetricsResponse: + description: "" + schema: + $ref: '#/definitions/enableMetricsResponse' + getScanResultsResponseWrapper: + description: "" + schema: + $ref: '#/definitions/getScanResultsResponse' + triggerScanResponse: + description: The triggerScan response object + schema: + $ref: '#/definitions/triggerScanResponse' +schemes: +- http +securityDefinitions: + basic: + type: basic +swagger: "2.0" From 30919d7e9ecc7e912658b4386a434bc30c0ac890 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Wed, 20 Jul 2022 20:19:50 +0300 Subject: [PATCH 03/14] docs: swagger: extend GET scan endpoint info --- httphandler/docs/ksMicroservice_swagger.go | 12 +++++++++++- swagger.yaml | 22 +++++++++++++--------- 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/httphandler/docs/ksMicroservice_swagger.go b/httphandler/docs/ksMicroservice_swagger.go index 2af3a0a5..db147e84 100644 --- a/httphandler/docs/ksMicroservice_swagger.go +++ b/httphandler/docs/ksMicroservice_swagger.go @@ -131,17 +131,27 @@ type triggerScanResponseWrapper struct { // swagger:parameters getScanResults type getScanResultsRequestWrapper struct { + // ID of the previously performed scan // in:path ScanID string `json:"scanID"` } type getScanResultsResponse struct { + // ID of the performed scan + // + // example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea ID string `json:"id"` + // Type of the response + // + // example: busy Type string `json:"type"` + // Response payload + // + // example: {"message": "Still busy."} Response interface{} `json:"response"` } -// swagger:response +// swagger:response getScanResultsResponse type getScanResultsResponseWrapper struct { // in:body Body getScanResultsResponse diff --git a/swagger.yaml b/swagger.yaml index 6bcd1956..a2c55318 100644 --- a/swagger.yaml +++ b/swagger.yaml @@ -8,12 +8,19 @@ definitions: getScanResultsResponse: properties: id: + description: ID of the performed scan + example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea type: string x-go-name: ID response: + description: Response payload + example: + message: Still busy. type: object x-go-name: Response type: + description: Type of the response + example: busy type: string x-go-name: Type type: object @@ -145,7 +152,7 @@ info: paths: /v1/metrics: post: - description: Enables support for Prometheus metrics + description: Enables support for Prometheus metrics. operationId: enableMetrics responses: "200": @@ -157,24 +164,21 @@ paths: get: operationId: getScanResults parameters: - - in: path + - description: ID of the previously performed scan + in: path name: scanID required: true type: string x-go-name: ScanID responses: "200": - description: getScanResultsResponse - schema: - $ref: '#/definitions/getScanResultsResponse' + $ref: '#/responses/getScanResultsResponse' summary: Read results of a previously performed scan. tags: - scanning /v1/scan: post: - description: |- - The server will return an ID and will execute the - scanning asynchronously. + description: The server will return an ID and will execute the scanning asynchronously. operationId: triggerScan parameters: - description: Trigger scan parameters @@ -210,7 +214,7 @@ responses: description: "" schema: $ref: '#/definitions/enableMetricsResponse' - getScanResultsResponseWrapper: + getScanResultsResponse: description: "" schema: $ref: '#/definitions/getScanResultsResponse' From e5d02419f799729adafb363b43de4e45f076d76e Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Fri, 22 Jul 2022 18:21:50 +0300 Subject: [PATCH 04/14] docs: add OpenAPI v3 spec --- httphandler/swagger.yaml | 262 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 262 insertions(+) create mode 100644 httphandler/swagger.yaml diff --git a/httphandler/swagger.yaml b/httphandler/swagger.yaml new file mode 100644 index 00000000..679bc40c --- /dev/null +++ b/httphandler/swagger.yaml @@ -0,0 +1,262 @@ +openapi: 3.0.1 +info: + title: kubescape_microservice + description: An HTTP interface to in-cluster Kubescape components. + version: 1.0.0 +paths: + /v1/metrics: + post: + tags: + - metrics + summary: Trigger Kubescape support for Prometheus + description: Enables support for Prometheus metrics. + operationId: enableMetrics + responses: + 200: + description: "Support for metrics has been successfully enabled" + /livez: + get: + tags: + - metrics + summary: Liveness probe + description: Returns OK if the service is alive + responses: + 200: + description: The service is alive + /readyz: + get: + tags: + - metrics + summary: Readiness probe + description: Returns OK if the service is ready to accept requests + responses: + 200: + description: The service is ready to accept requests + /v1/scan: + post: + tags: + - scanning + summary: Trigger a Kubescape scan + description: Starts a scan of the cluster and returns the scan ID. + operationId: triggerScan + parameters: + - name: wait + in: query + description: |- + Whether to wait for the scanning to complete. + + By default, no waiting is done, and the cluster is scanned asynchronously. However, when `wait` is set to `true`, such a request triggers a synchronous scan. A synchronous scan waits for the scan to complete during the course of the HTTP request-response cycle and returns the result. Therefore, you should use synchronous scanning only in small clusters or with an increased timeout. + schema: + type: boolean + default: false + - name: keep + in: query + description: Whether to keep the results in Kubescape’s local storage after returning. + schema: + type: boolean + default: false + requestBody: + description: Trigger scan parameters + content: + application/json: + schema: + $ref: '#/components/schemas/TriggerScanParams' + required: false + responses: + 200: + description: The scan was triggered successfully + content: + application/json: + schema: + $ref: '#/components/schemas/ScanResponseOK' + 500: + description: There was an internal error processing the request + content: + application/json: + schema: + $ref: '#/components/schemas/ScanResponseInternalServerError' + /v1/results: + delete: + tags: + - scanning + summary: Delete cached results + description: Deletes cached results. + parameters: + - name: id + in: query + description: ID of result to delete + schema: + type: string + - name: all + in: query + description: Delete all results? + schema: + type: boolean + responses: + 200: + description: "Result successfully deleted" + 400: + $ref: '#/components/responses/BadRequest' + /v1/results/{scanID}: + get: + tags: + - scanning + summary: Read results of a previously performed scan. + operationId: getScanResults + parameters: + - name: scanID + in: path + description: ID of the previously performed scan + required: true + schema: + type: string + responses: + 200: + description: "" + content: + application/json: + schema: + $ref: '#/components/schemas/ScanResponseOK' + 400: + $ref: '#/components/responses/BadRequest' +components: + schemas: + ScanResponseType: + type: string + description: |- + Type of the scan response. + + * `error` - an Error object. + * `v1results` - v1 Results object. + * `busy` - a server is busy processing previous requests. + * `notBusy` - a server is not busy processing previous requests. + * `ready` - a server is done processing requests and the results are ready. + enum: + - error + - v1results + - busy + - notBusy + - ready + ScanResponseBase: + type: object + properties: + id: + type: string + description: ID of the scan + example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea + type: + $ref: '#/components/schemas/ScanResponseType' + response: + type: string + description: Response payload + example: Scanning 'b211da07-ce6c-4cdd-9e81-7e7f40f170ea' is in progress. + ScanResponseOK: + allOf: + - $ref: '#/components/schemas/ScanResponseBase' + - type: object + properties: + type: + example: "busy" + ScanResponseInternalServerError: + allOf: + - $ref: '#/components/schemas/ScanResponseBase' + - type: object + properties: + type: + example: "error" + response: + example: "There was an error" + ScanResponseNotFound: + allOf: + - $ref: '#/components/schemas/ScanResponseBase' + - type: object + properties: + type: + example: "error" + response: + example: "latest scan not found" + TriggerScanParams: + type: object + properties: + account: + type: string + description: |- + A Kubescape account ID to use for scanning. + + Same as `kubescape scan --account`. + example: fec9e951-e0c8-42e1-b72f-f62cc91ad4ad + excludedNamespaces: + type: array + description: List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` + example: + - kube-system + - armo-system + items: + type: string + format: + type: string + description: Results format. Same as `kubescape scan --format` + example: json + default: json + hostScanner: + type: boolean + description: Deploy Kubescape K8s host-scanner DeamonSet in the scanned + cluster (same as `kubescape scan --enable-host-scan`) + example: true + includeNamespaces: + type: array + description: List of namespaces to include. Same as `kubescape scan --include-namespaces` + example: + - litmus-tests + - known-bad + items: + type: string + keepLocal: + type: boolean + description: |- + Do not submit results to Kubescape Cloud. + + Same as `kubescape scan --keep-local` + submit: + type: boolean + description: Submit results to Kubescape Cloud. Same as `kubescape scan + --submit`. + example: true + targetNames: + type: array + description: |- + Name of the scan targets. + + For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + example: + - nsa + - mitre + items: + type: string + targetType: + type: string + description: |- + Type of the scan target: either `framework` or `control`. + framework Framework + control Control + example: framework + enum: + - framework + - control + useCachedArtifacts: + type: boolean + description: Use the cached artifacts instead of downloading (offline support) + example: false + responses: + BadRequest: + description: "Bad Request" + content: + application/json: + schema: + $ref: "#/components/schemas/ScanResponseNotFound" + ScanResponse: + description: "" + content: + application/json: + schema: + $ref: '#/components/schemas/ScanResponseOK' From 2fffd25e05b280b32f440335bd6fc5e766ed6469 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Wed, 27 Jul 2022 19:34:27 +0300 Subject: [PATCH 05/14] wip: docs: autogenerate Swagger specs --- httphandler/docs/docs.go | 9 +- httphandler/docs/ksMicroservice_swagger.go | 158 ------ .../handlerequests/v1/requestparser.go | 50 +- .../handlerequests/v1/requestshandler.go | 8 + httphandler/swagger.yaml | 496 +++++++++--------- 5 files changed, 314 insertions(+), 407 deletions(-) delete mode 100644 httphandler/docs/ksMicroservice_swagger.go diff --git a/httphandler/docs/docs.go b/httphandler/docs/docs.go index b1d82a98..c4049ec1 100644 --- a/httphandler/docs/docs.go +++ b/httphandler/docs/docs.go @@ -1,11 +1,10 @@ -// Package classification kubescape_microservice +// Package classification Kubescape Microservice // -// Documentation of our awesome API. +// The Kubescape Microservice API allows clients to interact with a Kubescape instance running in a Kubernetes cluster: trigger scans, retrieve and delete their results, enable exporting metrics to Prometheus etc. // // Schemes: http // BasePath: / // Version: 1.0.0 -// Host: example.com // // Consumes: // - application/json @@ -16,9 +15,5 @@ // Security: // - basic // -// SecurityDefinitions: -// basic: -// type: basic -// // swagger:meta package docs diff --git a/httphandler/docs/ksMicroservice_swagger.go b/httphandler/docs/ksMicroservice_swagger.go deleted file mode 100644 index db147e84..00000000 --- a/httphandler/docs/ksMicroservice_swagger.go +++ /dev/null @@ -1,158 +0,0 @@ -package docs - -// swagger:route POST /v1/metrics metrics enableMetrics -// Trigger Kubescape support for Prometheus -// -// Enables support for Prometheus metrics. -// -// Responses: -// 200: enableMetricsResponse - -type enableMetricsResponse struct{} - -// swagger:response enableMetricsResponse -type enableMetricsResponseWrapper struct { - // in:body - Body enableMetricsResponse -} - -// swagger:route POST /v1/scan scanning triggerScan -// Trigger a kubescape scan. -// -// The server will return an ID and will execute the scanning asynchronously. -// -// Responses: -// 200: triggerScanResponse - -// swagger:enum TriggerScanTargetType -type TriggerScanTargetType string - -const ( - Framework TriggerScanTargetType = "framework" - Control TriggerScanTargetType = "control" -) - -type triggerScanParams struct { - // Results format. Same as `kubescape scan --format` - // - // default: json - // example: json - Format string `json:"format"` - // List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` - // - // example: ["kube-system", "armo-system"] - ExcludedNamespaces []string `json:"excludedNamespaces"` - // List of namespaces to include. Same as `kubescape scan --include-namespaces` - // - // example: ["litmus-tests", "known-bad"] - IncludeNamespaces []string `json:"includeNamespaces"` - // Use the cached artifacts instead of downloading (offline support) - // - // example: false - UseCachedArtifacts bool `json:"useCachedArtifacts"` - // Submit results to Kubescape Cloud. Same as `kubescape scan --submit`. - // - // example: true - Submit bool `json:"submit"` - // Deploy Kubescape K8s host-scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`) - // - // example: true - HostScanner bool `json:"hostScanner"` - // Do not submit results to Kubescape Cloud. - // - // Same as `kubescape scan --keep-local` - KeepLocal bool `json:"keepLocal"` - // A Kubescape account ID to use for scanning. - // - // Same as `kubescape scan --account`. - // example: NewGuid() - Account string `json:"account"` - // Type of the scan target: either `framework` or `control`. - // - // example: framework - TargetType TriggerScanTargetType `json:"targetType"` - // Name of the scan targets. - // - // For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. - // example: ["nsa", "mitre"] - TargetNames []string `json:"targetNames"` -} - -// swagger:parameters triggerScan -type triggerScanParamsWrapper struct { - // Trigger scan parameters - // in:body - Body triggerScanParams - // Whether to wait for the result to complete. - // - // Triggers a synchronous scan. A synchronous scan returns the Scan results, and not a scan ID. Use synchronous scanning only in small clusters or with an increased timeout - // - // default: false - Wait bool `json:"wait"` - // Keep the results in local storage after returning. - // - // default: false - Keep bool `json:"keep"` -} - -// swagger:enum ScanResponseType -type ScanResponseType string - -const ( - V1Results ScanResponseType = "v1results" - Busy ScanResponseType = "busy" - NotBusy ScanResponseType = "notBusy" - Ready ScanResponseType = "ready" - Error ScanResponseType = "error" -) - -type triggerScanResponse struct { - // ID of the performed scan - Id string `json:"id"` - // Type of the response object - Type ScanResponseType `json:"type"` - // Response payload as list of bytes - Response interface{} `json:"response"` -} - -// The triggerScan response object -// swagger:response triggerScanResponse -type triggerScanResponseWrapper struct { - // in:body - Body triggerScanResponse -} - -// swagger:route GET /v1/results/{scanID} scanning getScanResults -// Read results of a previously performed scan. -// -// Responses: -// 200: getScanResultsResponse - - -// swagger:parameters getScanResults -type getScanResultsRequestWrapper struct { - // ID of the previously performed scan - // in:path - ScanID string `json:"scanID"` -} - -type getScanResultsResponse struct { - // ID of the performed scan - // - // example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea - ID string `json:"id"` - // Type of the response - // - // example: busy - Type string `json:"type"` - // Response payload - // - // example: {"message": "Still busy."} - Response interface{} `json:"response"` -} - -// swagger:response getScanResultsResponse -type getScanResultsResponseWrapper struct { - // in:body - Body getScanResultsResponse -} diff --git a/httphandler/handlerequests/v1/requestparser.go b/httphandler/handlerequests/v1/requestparser.go index 6f46a137..5415e69f 100644 --- a/httphandler/handlerequests/v1/requestparser.go +++ b/httphandler/handlerequests/v1/requestparser.go @@ -57,18 +57,48 @@ func newScanResponseChan() *scanResponseChan { } type ScanQueryParams struct { - ReturnResults bool `schema:"wait"` // wait for scanning to complete (synchronized request) - KeepResults bool `schema:"keep"` // do not delete results after returning (relevant only for synchronized requests) + // Wait for scanning to complete (synchronous request) + // default: false + ReturnResults bool `schema:"wait" json:"wait"` + // Do not delete results after returning (relevant only for synchronous requests) + // default: false + KeepResults bool `schema:"keep" json:"keep"` } + +// swagger:parameters getScanResults +type GetResultsQueryParams struct { + // ID of the requested scan. If empty or not provided, defaults to the latest scan. + // + // in: query + ScanID string `schema:"id" json:"id"` + // Keep the results in local storage after returning them. + // + // By default, the Kubescape Microservice will delete scan results. + // + // in: query + // default: false + KeepResults bool `schema:"keep" json:"keep"` + +} + +// swagger:parameters deleteScanResults type ResultsQueryParams struct { - ScanID string `schema:"id"` - KeepResults bool `schema:"keep"` // do not delete results after returning (default will delete results) - AllResults bool `schema:"all"` // delete all results + GetResultsQueryParams + // Whether to delete all results + // + // in: query + // default: false + AllResults bool `schema:"all" json:"all"` } +// swagger:parameters getStatus type StatusQueryParams struct { - ScanID string `schema:"id"` + // ID of the scan to check + // + // in:query + // swagger:strfmt uuid4 + ScanID string `schema:"id" json:"scanID"` } // scanRequestParams params passed to channel @@ -78,6 +108,14 @@ type scanRequestParams struct { scanID string // generated scan ID } +// swagger:parameters triggerScan +type ScanRequest struct { + ScanQueryParams + // Scan parameters + // in:body + Body utilsmetav1.PostScanRequest +} + func getScanParamsFromRequest(r *http.Request, scanID string) (*scanRequestParams, error) { defer r.Body.Close() diff --git a/httphandler/handlerequests/v1/requestshandler.go b/httphandler/handlerequests/v1/requestshandler.go index 469932cc..f4689306 100644 --- a/httphandler/handlerequests/v1/requestshandler.go +++ b/httphandler/handlerequests/v1/requestshandler.go @@ -18,6 +18,14 @@ import ( var OutputDir = "./results" var FailedOutputDir = "./failed" +// A Scan Response object +// +// swagger:response scanResponse +type ScanResponse struct { + // in:body + Body utilsmetav1.Response +} + type HTTPHandler struct { state *serverState scanResponseChan *scanResponseChan diff --git a/httphandler/swagger.yaml b/httphandler/swagger.yaml index 679bc40c..00ca942b 100644 --- a/httphandler/swagger.yaml +++ b/httphandler/swagger.yaml @@ -1,262 +1,286 @@ -openapi: 3.0.1 +basePath: / +consumes: +- application/json +definitions: + NotificationPolicyKind: + type: string + x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 + PostScanRequest: + description: A request to trigger a Kubescape scan + properties: + account: + description: |- + A Kubescape account ID to use for scanning. + + Same as `kubescape scan --account`. + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: Account + failThreshold: + description: |- + Threshold for a failing score. + + Scores higher that the provided value will be considered failing. + example: 42 + format: float + type: number + x-go-name: FailThreshold + format: + default: json + description: Format of the results. Same as `kubescape scan --format` + example: json + type: string + x-go-name: Format + hostScanner: + description: |- + Deploy the Kubescape K8s host-scanner + + Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`). Collects data from certain controls. + example: true + type: boolean + x-go-name: HostScanner + keepLocal: + description: |- + Do not submit results to Kubescape Cloud. + + Same as `kubescape scan --keep-local` + type: boolean + x-go-name: KeepLocal + targetNames: + default: all + description: |- + Name of the scan targets. + + For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + example: + - nsa + - mitre + items: + type: string + type: array + x-go-name: TargetNames + targetType: + $ref: '#/definitions/NotificationPolicyKind' + useCachedArtifacts: + description: Use the cached artifacts instead of downloading (offline support) + example: false + type: boolean + x-go-name: UseCachedArtifacts + type: object + x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 + Response: + properties: + id: + description: ID of the scan + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: ID + response: + description: The actual Response object + example: + some: other + type: object + x-go-name: Response + type: + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + x-go-name: Type + type: object + x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 +host: 192.168.49.2:31379 info: - title: kubescape_microservice - description: An HTTP interface to in-cluster Kubescape components. + description: 'The Kubescape Microservice API allows clients to interact with a Kubescape + instance running in a Kubernetes cluster: trigger scans, retrieve and delete their + results, enable exporting metrics to Prometheus etc.' + title: Kubescape Microservice version: 1.0.0 paths: - /v1/metrics: - post: - tags: - - metrics - summary: Trigger Kubescape support for Prometheus - description: Enables support for Prometheus metrics. - operationId: enableMetrics - responses: - 200: - description: "Support for metrics has been successfully enabled" /livez: get: + description: Returns the liveness status of the Kubescape microservice. + operationId: getLiveness + responses: + "200": + $ref: '#/responses/livenessProbeOK' + summary: Returns Kubescape’s liveness status tags: - metrics - summary: Liveness probe - description: Returns OK if the service is alive - responses: - 200: - description: The service is alive /readyz: get: + description: Returns the readiness status of the Kubescape microservice. + operationId: getReadiness + responses: + "200": + $ref: '#/responses/readinessProbeOK' + summary: Returns Kubescape’s readiness status tags: - metrics - summary: Readiness probe - description: Returns OK if the service is ready to accept requests + /v1/metrics: + get: + description: Enables support for Prometheus metrics, runs a scan and returns + its result in Prometheus metrics format. + operationId: getMetrics responses: - 200: - description: The service is ready to accept requests - /v1/scan: - post: + "200": + $ref: '#/responses/enableMetricsResponse' + summary: Returns current scan metrics in Prometheus format tags: - - scanning - summary: Trigger a Kubescape scan - description: Starts a scan of the cluster and returns the scan ID. - operationId: triggerScan - parameters: - - name: wait - in: query - description: |- - Whether to wait for the scanning to complete. - - By default, no waiting is done, and the cluster is scanned asynchronously. However, when `wait` is set to `true`, such a request triggers a synchronous scan. A synchronous scan waits for the scan to complete during the course of the HTTP request-response cycle and returns the result. Therefore, you should use synchronous scanning only in small clusters or with an increased timeout. - schema: - type: boolean - default: false - - name: keep - in: query - description: Whether to keep the results in Kubescape’s local storage after returning. - schema: - type: boolean - default: false - requestBody: - description: Trigger scan parameters - content: - application/json: - schema: - $ref: '#/components/schemas/TriggerScanParams' - required: false - responses: - 200: - description: The scan was triggered successfully - content: - application/json: - schema: - $ref: '#/components/schemas/ScanResponseOK' - 500: - description: There was an internal error processing the request - content: - application/json: - schema: - $ref: '#/components/schemas/ScanResponseInternalServerError' + - metrics /v1/results: delete: - tags: - - scanning - summary: Delete cached results - description: Deletes cached results. + description: Deletes Kubescape scan results from storage. + operationId: deleteScanResults parameters: - - name: id + - description: ID of the requested scan. If empty or not provided, defaults + to the latest scan. in: query - description: ID of result to delete - schema: - type: string - - name: all + name: id + type: string + x-go-name: ScanID + - default: false + description: |- + Keep the results in local storage after returning them. + + By default, the Kubescape Microservice will delete scan results. in: query - description: Delete all results? - schema: - type: boolean + name: keep + type: boolean + x-go-name: KeepResults + - default: false + description: Whether to delete all results + in: query + name: all + type: boolean + x-go-name: AllResults responses: - 200: - description: "Result successfully deleted" - 400: - $ref: '#/components/responses/BadRequest' - /v1/results/{scanID}: - get: + "200": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponse' + summary: Deletes results of a scan tags: - scanning - summary: Read results of a previously performed scan. + get: + description: Returns the results of Kubescape scans operationId: getScanResults parameters: - - name: scanID - in: path - description: ID of the previously performed scan - required: true - schema: - type: string + - description: ID of the requested scan. If empty or not provided, defaults + to the latest scan. + in: query + name: id + type: string + x-go-name: ScanID + - default: false + description: |- + Keep the results in local storage after returning them. + + By default, the Kubescape Microservice will delete scan results. + in: query + name: keep + type: boolean + x-go-name: KeepResults responses: - 200: - description: "" - content: - application/json: - schema: - $ref: '#/components/schemas/ScanResponseOK' - 400: - $ref: '#/components/responses/BadRequest' -components: - schemas: - ScanResponseType: - type: string + "200": + $ref: '#/responses/scanResponse' + "204": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponse' + summary: Returns results of a scan + tags: + - scanning + /v1/scan: + post: + description: The server will return a scan ID and execute the scan. + operationId: triggerScan + parameters: + - default: false + description: Wait for scanning to complete (synchronous request) + in: query + name: wait + type: boolean + x-go-name: ReturnResults + - default: false + description: Do not delete results after returning (relevant only for synchronous + requests) + in: query + name: keep + type: boolean + x-go-name: KeepResults + - description: Scan parameters + in: body + name: Body + schema: + $ref: '#/definitions/PostScanRequest' + responses: + "200": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponse' + "500": + $ref: '#/responses/scanResponse' + summary: Triggers a Kubescape scan + tags: + - scanning + /v1/status: + get: description: |- - Type of the scan response. - - * `error` - an Error object. - * `v1results` - v1 Results object. - * `busy` - a server is busy processing previous requests. - * `notBusy` - a server is not busy processing previous requests. - * `ready` - a server is done processing requests and the results are ready. - enum: - - error - - v1results - - busy - - notBusy - - ready - ScanResponseBase: - type: object - properties: - id: - type: string - description: ID of the scan - example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea - type: - $ref: '#/components/schemas/ScanResponseType' - response: - type: string - description: Response payload - example: Scanning 'b211da07-ce6c-4cdd-9e81-7e7f40f170ea' is in progress. - ScanResponseOK: - allOf: - - $ref: '#/components/schemas/ScanResponseBase' - - type: object - properties: - type: - example: "busy" - ScanResponseInternalServerError: - allOf: - - $ref: '#/components/schemas/ScanResponseBase' - - type: object - properties: - type: - example: "error" - response: - example: "There was an error" - ScanResponseNotFound: - allOf: - - $ref: '#/components/schemas/ScanResponseBase' - - type: object - properties: - type: - example: "error" - response: - example: "latest scan not found" - TriggerScanParams: - type: object - properties: - account: - type: string - description: |- - A Kubescape account ID to use for scanning. + Returns the current status of a scan with a given ID: whether it completed or not. Intended for asynchronous scanning, so you can check when a result is ready and fetch the results. - Same as `kubescape scan --account`. - example: fec9e951-e0c8-42e1-b72f-f62cc91ad4ad - excludedNamespaces: - type: array - description: List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` - example: - - kube-system - - armo-system - items: - type: string - format: - type: string - description: Results format. Same as `kubescape scan --format` - example: json - default: json - hostScanner: - type: boolean - description: Deploy Kubescape K8s host-scanner DeamonSet in the scanned - cluster (same as `kubescape scan --enable-host-scan`) - example: true - includeNamespaces: - type: array - description: List of namespaces to include. Same as `kubescape scan --include-namespaces` - example: - - litmus-tests - - known-bad - items: - type: string - keepLocal: - type: boolean - description: |- - Do not submit results to Kubescape Cloud. - - Same as `kubescape scan --keep-local` - submit: - type: boolean - description: Submit results to Kubescape Cloud. Same as `kubescape scan - --submit`. - example: true - targetNames: - type: array - description: |- - Name of the scan targets. - - For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. - example: - - nsa - - mitre - items: - type: string - targetType: - type: string - description: |- - Type of the scan target: either `framework` or `control`. - framework Framework - control Control - example: framework - enum: - - framework - - control - useCachedArtifacts: - type: boolean - description: Use the cached artifacts instead of downloading (offline support) - example: false - responses: - BadRequest: - description: "Bad Request" - content: - application/json: - schema: - $ref: "#/components/schemas/ScanResponseNotFound" - ScanResponse: - description: "" - content: - application/json: - schema: - $ref: '#/components/schemas/ScanResponseOK' + When a scan is in progress, the response's `type` will be `busy`. When a scan is complete, `type` is `notBusy`. + operationId: getStatus + parameters: + - description: ID of the scan to check + format: uuid4 + in: query + name: scanID + type: string + x-go-name: ScanID + responses: + "200": + $ref: '#/responses/scanResponse' + summary: Returns a scan’s status + tags: + - scanning +produces: +- application/json +responses: + enableMetricsResponse: + description: Provided Prometheus metrics + schema: + type: string + livenessProbeOK: + description: Kubescape Microservice API is alive + readinessProbeOK: + description: Kubescape Microservice API is ready to serve requests + scanResponse: + description: A Scan Response object + schema: + $ref: '#/definitions/Response' +schemes: +- http +swagger: "2.0" From 3f7a55c48ebfbf5179677dd55e9a9f45a9cd83b7 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Sat, 30 Jul 2022 22:29:44 +0300 Subject: [PATCH 06/14] wip: feat: serve swagger doc --- httphandler/docs/server.go | 67 +++++++ httphandler/docs/swagger.yaml | 339 ++++++++++++++++++++++++++++++++++ httphandler/listener/setup.go | 4 + 3 files changed, 410 insertions(+) create mode 100644 httphandler/docs/server.go create mode 100644 httphandler/docs/swagger.yaml diff --git a/httphandler/docs/server.go b/httphandler/docs/server.go new file mode 100644 index 00000000..7f34ab1a --- /dev/null +++ b/httphandler/docs/server.go @@ -0,0 +1,67 @@ +package docs + +import ( + "bytes" + "fmt" + "net/http" + + _ "embed" + + logger "github.com/dwertent/go-logger" + "github.com/go-openapi/runtime/middleware" +) + +const ( + OpenAPIDocsEndpoint = "docs" + OpenAPIRapiEndpoint = "rapi" + OpenAPISwaggerUIEndpoint = "swaggerui" + OpenAPIswaggerJSONEndpoint = "swagger.yaml" + OpenAPIV2Prefix = "/openapi/v2/" +) + +//go:embed swagger.yaml +var specJSONBytes []byte + +var lastKnownBaseHost string +var lastKnownScheme string + +type fileHandler struct{} + +func ServeSpecs() http.Handler { + logstr := fmt.Sprintf("Starting swagger UI. baseURI: %v, docsEP: %v, rapidocEP: %v, swaggerui: %s", OpenAPIV2Prefix, OpenAPIDocsEndpoint, OpenAPIRapiEndpoint, OpenAPISwaggerUIEndpoint) + logger.L().Info(logstr) + + redocOpts := middleware.RedocOpts{ + BasePath: OpenAPIV2Prefix, + SpecURL: OpenAPIswaggerJSONEndpoint, + } + RapiDocOpts := middleware.RapiDocOpts{ + BasePath: OpenAPIV2Prefix, + SpecURL: OpenAPIswaggerJSONEndpoint, + Path: OpenAPIRapiEndpoint, + } + opts := middleware.SwaggerUIOpts{ + BasePath: OpenAPIV2Prefix, + SpecURL: OpenAPIswaggerJSONEndpoint, + Path: OpenAPISwaggerUIEndpoint, + } + + fs := &fileHandler{} + redoc := middleware.Redoc(redocOpts, fs) + rapi := middleware.RapiDoc(RapiDocOpts, redoc) + swaggerui := middleware.SwaggerUI(opts, rapi) + return swaggerui +} + +func (f *fileHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + if r.Host != "" && r.Host != lastKnownBaseHost { + lastKnownBaseHost = r.Host + specJSONBytes = bytes.ReplaceAll(specJSONBytes, []byte("api-dev.armo.cloud"), []byte(lastKnownBaseHost)) + } + if fHost := r.Header.Get("X-Forwarded-Host"); fHost != "" && fHost != lastKnownBaseHost { + lastKnownBaseHost = fHost + specJSONBytes = bytes.ReplaceAll(specJSONBytes, []byte("api-dev.armo.cloud"), []byte(lastKnownBaseHost)) + } + w.WriteHeader(http.StatusOK) + w.Write(specJSONBytes) +} diff --git a/httphandler/docs/swagger.yaml b/httphandler/docs/swagger.yaml new file mode 100644 index 00000000..94b0767e --- /dev/null +++ b/httphandler/docs/swagger.yaml @@ -0,0 +1,339 @@ +basePath: / +consumes: +- application/json +definitions: + NotificationPolicyKind: + type: string + x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 + PostScanRequest: + description: A request to trigger a Kubescape scan + properties: + account: + description: |- + A Kubescape account ID to use for scanning. + + Same as `kubescape scan --account`. + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: Account + failThreshold: + description: |- + Threshold for a failing score. + + Scores higher that the provided value will be considered failing. + example: 42 + format: float + type: number + x-go-name: FailThreshold + format: + default: json + description: Format of the results. Same as `kubescape scan --format` + example: json + type: string + x-go-name: Format + hostScanner: + description: |- + Deploy the Kubescape K8s host-scanner + + Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`). Collects data from certain controls. + example: true + type: boolean + x-go-name: HostScanner + keepLocal: + description: |- + Do not submit results to Kubescape Cloud. + + Same as `kubescape scan --keep-local` + type: boolean + x-go-name: KeepLocal + targetNames: + default: all + description: |- + Name of the scan targets. + + For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + example: + - nsa + - mitre + items: + type: string + type: array + x-go-name: TargetNames + targetType: + $ref: '#/definitions/NotificationPolicyKind' + useCachedArtifacts: + description: Use the cached artifacts instead of downloading (offline support) + example: false + type: boolean + x-go-name: UseCachedArtifacts + type: object + x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 + Response: + properties: + id: + description: ID of the scan + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: ID + response: + description: The actual Response object + example: + some: other + type: object + x-go-name: Response + type: + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + x-go-name: Type + type: object + x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 +info: + description: 'The Kubescape Microservice API allows clients to interact with a Kubescape + instance running in a Kubernetes cluster: trigger scans, retrieve and delete their + results, enable exporting metrics to Prometheus etc.' + title: Kubescape Microservice + version: 1.0.0 +paths: + /livez: + get: + description: Returns the liveness status of the Kubescape microservice. + operationId: getLiveness + responses: + "200": + $ref: '#/responses/livenessProbeOK' + summary: Returns Kubescape’s liveness status + tags: + - metrics + /readyz: + get: + description: Returns the readiness status of the Kubescape microservice. + operationId: getReadiness + responses: + "200": + $ref: '#/responses/readinessProbeOK' + summary: Returns Kubescape’s readiness status + tags: + - metrics + /v1/metrics: + get: + description: Enables support for Prometheus metrics, runs a scan and returns + its result in Prometheus metrics format. + operationId: getMetrics + responses: + "200": + $ref: '#/responses/enableMetricsResponse' + summary: Returns current scan metrics in Prometheus format + tags: + - metrics + /v1/results: + delete: + description: Deletes Kubescape scan results from storage. + operationId: deleteScanResults + parameters: + - description: ID of the requested scan. If empty or not provided, defaults + to the latest scan. + in: query + name: id + type: string + x-go-name: ScanID + - default: false + description: |- + Keep the results in local storage after returning them. + + By default, the Kubescape Microservice will delete scan results. + in: query + name: keep + type: boolean + x-go-name: KeepResults + - default: false + description: Whether to delete all results + in: query + name: all + type: boolean + x-go-name: AllResults + responses: + "200": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponse' + summary: Deletes results of a scan + tags: + - scanning + get: + description: Returns the results of Kubescape scans + operationId: getScanResults + parameters: + - description: ID of the requested scan. If empty or not provided, defaults + to the latest scan. + in: query + name: id + type: string + x-go-name: ScanID + - default: false + description: |- + Keep the results in local storage after returning them. + + By default, the Kubescape Microservice will delete scan results. + in: query + name: keep + type: boolean + x-go-name: KeepResults + responses: + "200": + $ref: '#/responses/scanResponse' + "204": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponseError' + summary: Returns results of a scan + tags: + - scanning + /v1/scan: + post: + description: The server will return a scan ID and execute the scan. + operationId: triggerScan + parameters: + - default: false + description: Wait for scanning to complete (synchronous request) + in: query + name: wait + type: boolean + x-go-name: ReturnResults + - default: false + description: Do not delete results after returning (relevant only for synchronous + requests) + in: query + name: keep + type: boolean + x-go-name: KeepResults + - description: Scan parameters + in: body + name: Body + schema: + $ref: '#/definitions/PostScanRequest' + responses: + "200": + $ref: '#/responses/scanResponse' + "400": + $ref: '#/responses/scanResponse' + "500": + $ref: '#/responses/scanResponse' + summary: Triggers a Kubescape scan + tags: + - scanning + /v1/status: + get: + description: |- + Returns the current status of a scan with a given ID: whether it completed or not. Intended for asynchronous scanning, so you can check when a result is ready and fetch the results. + + When a scan is in progress, the response's `type` will be `busy`. When a scan is complete, `type` is `notBusy`. + operationId: getStatus + parameters: + - description: ID of the scan to check + format: uuid4 + in: query + name: scanID + type: string + x-go-name: ScanID + responses: + "200": + $ref: '#/responses/scanResponse' + summary: Returns a scan’s status + tags: + - scanning +produces: +- application/json +responses: + enableMetricsResponse: + description: Provided Prometheus metrics + schema: + type: string + livenessProbeOK: + description: Kubescape Microservice API is alive + readinessProbeOK: + description: Kubescape Microservice API is ready to serve requests + scanResponse: + description: A Scan Response object + schema: + $ref: '#/definitions/Response' + scanResponseError: + description: "" + schema: + allOf: + - properties: + id: + description: ID of the scan + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: ID + response: + description: The actual Response object + example: + some: other + type: object + x-go-name: Response + type: + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + x-go-name: Type + type: object + - properties: + response: + example: '"an error occurred"' + type: object + x-go-name: Resp + type: + example: error + type: string + x-go-name: Type + type: object +schemes: +- http +swagger: "2.0" diff --git a/httphandler/listener/setup.go b/httphandler/listener/setup.go index cad7f689..d4f48743 100644 --- a/httphandler/listener/setup.go +++ b/httphandler/listener/setup.go @@ -7,6 +7,7 @@ import ( "os" "github.com/armosec/kubescape/v2/core/cautils" + "github.com/armosec/kubescape/v2/httphandler/docs" handlerequestsv1 "github.com/armosec/kubescape/v2/httphandler/handlerequests/v1" logger "github.com/dwertent/go-logger" "github.com/dwertent/go-logger/helpers" @@ -50,6 +51,9 @@ func SetupHTTPListener() error { rtr.HandleFunc(resultsPath, httpHandler.Results) rtr.HandleFunc(livePath, httpHandler.Live) rtr.HandleFunc(readyPath, httpHandler.Ready) + handler := docs.ServeSpecs() + // rtr.Handle(docs.OpenAPIV2Prefix, handler) + rtr.PathPrefix(docs.OpenAPIV2Prefix).Handler(handler) server.Handler = rtr From 99436f1b4d4998afc7b9bfe5618a5df6459c2d2a Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 18:35:03 +0300 Subject: [PATCH 07/14] refactor: clean up OpenAPI UI serving func --- httphandler/docs/server.go | 38 +++++++++++++---------------------- httphandler/listener/setup.go | 7 ++++--- 2 files changed, 18 insertions(+), 27 deletions(-) diff --git a/httphandler/docs/server.go b/httphandler/docs/server.go index 7f34ab1a..76882f8f 100644 --- a/httphandler/docs/server.go +++ b/httphandler/docs/server.go @@ -1,7 +1,6 @@ package docs import ( - "bytes" "fmt" "net/http" @@ -22,13 +21,15 @@ const ( //go:embed swagger.yaml var specJSONBytes []byte -var lastKnownBaseHost string -var lastKnownScheme string +// ServeOpenAPISpec returns the OpenAPI specification file +func ServeOpenAPISpec(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + w.Write(specJSONBytes) +} -type fileHandler struct{} - -func ServeSpecs() http.Handler { - logstr := fmt.Sprintf("Starting swagger UI. baseURI: %v, docsEP: %v, rapidocEP: %v, swaggerui: %s", OpenAPIV2Prefix, OpenAPIDocsEndpoint, OpenAPIRapiEndpoint, OpenAPISwaggerUIEndpoint) +// NewOpenAPIUIHandler returns a handler that serves OpenAPI specs via UI +func NewOpenAPIUIHandler() http.Handler { + logstr := fmt.Sprintf("Starting swagger UI. baseURI: %v, docsEP: %v, rapidocEP: %v, swaggerui: %v", OpenAPIV2Prefix, OpenAPIDocsEndpoint, OpenAPIRapiEndpoint, OpenAPISwaggerUIEndpoint) logger.L().Info(logstr) redocOpts := middleware.RedocOpts{ @@ -46,22 +47,11 @@ func ServeSpecs() http.Handler { Path: OpenAPISwaggerUIEndpoint, } - fs := &fileHandler{} - redoc := middleware.Redoc(redocOpts, fs) - rapi := middleware.RapiDoc(RapiDocOpts, redoc) - swaggerui := middleware.SwaggerUI(opts, rapi) - return swaggerui -} + var openAPISpecHandler http.Handler = http.HandlerFunc(ServeOpenAPISpec) -func (f *fileHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { - if r.Host != "" && r.Host != lastKnownBaseHost { - lastKnownBaseHost = r.Host - specJSONBytes = bytes.ReplaceAll(specJSONBytes, []byte("api-dev.armo.cloud"), []byte(lastKnownBaseHost)) - } - if fHost := r.Header.Get("X-Forwarded-Host"); fHost != "" && fHost != lastKnownBaseHost { - lastKnownBaseHost = fHost - specJSONBytes = bytes.ReplaceAll(specJSONBytes, []byte("api-dev.armo.cloud"), []byte(lastKnownBaseHost)) - } - w.WriteHeader(http.StatusOK) - w.Write(specJSONBytes) + openAPIUIHandler := middleware.Redoc(redocOpts, openAPISpecHandler) + openAPIUIHandler = middleware.RapiDoc(RapiDocOpts, openAPIUIHandler) + openAPIUIHandler = middleware.SwaggerUI(opts, openAPIUIHandler) + + return openAPIUIHandler } diff --git a/httphandler/listener/setup.go b/httphandler/listener/setup.go index d4f48743..06002108 100644 --- a/httphandler/listener/setup.go +++ b/httphandler/listener/setup.go @@ -51,9 +51,10 @@ func SetupHTTPListener() error { rtr.HandleFunc(resultsPath, httpHandler.Results) rtr.HandleFunc(livePath, httpHandler.Live) rtr.HandleFunc(readyPath, httpHandler.Ready) - handler := docs.ServeSpecs() - // rtr.Handle(docs.OpenAPIV2Prefix, handler) - rtr.PathPrefix(docs.OpenAPIV2Prefix).Handler(handler) + + // Setup the OpenAPI UI handler + handler := docs.NewOpenAPIUIHandler() + rtr.PathPrefix(docs.OpenAPIV2Prefix).Methods("GET").Handler(handler) server.Handler = rtr From 4fadb413c3d69b4f4d7932cc2d7de87023101f3a Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 18:36:24 +0300 Subject: [PATCH 08/14] fix: tag proper JSON field in StatusQueryParams --- httphandler/handlerequests/v1/requestparser.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/httphandler/handlerequests/v1/requestparser.go b/httphandler/handlerequests/v1/requestparser.go index 5415e69f..c896af09 100644 --- a/httphandler/handlerequests/v1/requestparser.go +++ b/httphandler/handlerequests/v1/requestparser.go @@ -98,7 +98,7 @@ type StatusQueryParams struct { // // in:query // swagger:strfmt uuid4 - ScanID string `schema:"id" json:"scanID"` + ScanID string `schema:"id" json:"id"` } // scanRequestParams params passed to channel From 46a1a4ce04cc78413dca3b4d5c8bd6e55c6bdc48 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 18:37:04 +0300 Subject: [PATCH 09/14] docs: add embedded Swagger spec --- httphandler/docs/swagger.yaml | 117 +++++++++++++++------------------- 1 file changed, 53 insertions(+), 64 deletions(-) diff --git a/httphandler/docs/swagger.yaml b/httphandler/docs/swagger.yaml index 94b0767e..b2ece125 100644 --- a/httphandler/docs/swagger.yaml +++ b/httphandler/docs/swagger.yaml @@ -17,42 +17,77 @@ definitions: format: uuid4 type: string x-go-name: Account + excludedNamespaces: + description: |- + Namespaces to exclude. + + Same as `kubescape scan --excluded-namespaces`. + example: + - armo-system + - kube-system + items: + type: string + type: array + x-go-name: ExcludedNamespaces failThreshold: description: |- Threshold for a failing score. - Scores higher that the provided value will be considered failing. + Scores higher than the provided value will be considered failing. example: 42 format: float type: number x-go-name: FailThreshold format: - default: json - description: Format of the results. Same as `kubescape scan --format` + description: |- + Format of the results. + + Same as `kubescape scan --format`. example: json type: string x-go-name: Format hostScanner: description: |- - Deploy the Kubescape K8s host-scanner + Deploy the Kubescape Kubernetes Host Scanner - Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`). Collects data from certain controls. + Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster to collect data from certain controls. example: true type: boolean x-go-name: HostScanner + includeNamespaces: + description: |- + Namespaces to include. + + Same as `kubescape scan --include-namespaces`. + example: + - litmus-tests + - known-bad + items: + type: string + type: array + x-go-name: IncludeNamespaces keepLocal: description: |- Do not submit results to Kubescape Cloud. Same as `kubescape scan --keep-local` + example: true type: boolean x-go-name: KeepLocal + submit: + description: |- + Submit results to Kubescape Cloud. + + Same as `kubescape scan --submit`. + type: boolean + x-go-name: Submit targetNames: - default: all + default: + - all description: |- Name of the scan targets. - For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. + For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa", "mitre"]. example: - nsa - mitre @@ -70,6 +105,7 @@ definitions: type: object x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 Response: + description: A Scan Response object properties: id: description: ID of the scan @@ -78,39 +114,17 @@ definitions: type: string x-go-name: ID response: - description: The actual Response object - example: - some: other + description: The actual Response payload + example: d1eb7006-1029-48d2-9c02-f5b757807977 type: object x-go-name: Response type: - description: |- - Type of this response - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - enum: - - id - - error - - v1results - - busy - - notBusy - - ready - example: busy - type: string - x-go-enum-desc: |- - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - x-go-name: Type + $ref: '#/definitions/ScanResponseType' type: object x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 + ScanResponseType: + type: string + x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 info: description: 'The Kubescape Microservice API allows clients to interact with a Kubescape instance running in a Kubernetes cluster: trigger scans, retrieve and delete their @@ -256,7 +270,7 @@ paths: - description: ID of the scan to check format: uuid4 in: query - name: scanID + name: id type: string x-go-name: ScanID responses: @@ -292,37 +306,12 @@ responses: type: string x-go-name: ID response: - description: The actual Response object - example: - some: other + description: The actual Response payload + example: d1eb7006-1029-48d2-9c02-f5b757807977 type: object x-go-name: Response type: - description: |- - Type of this response - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - enum: - - id - - error - - v1results - - busy - - notBusy - - ready - example: busy - type: string - x-go-enum-desc: |- - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - x-go-name: Type + $ref: '#/definitions/ScanResponseType' type: object - properties: response: From be92c0a3e15c4326a5974da1198315c4c9fbb5d0 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 18:41:54 +0300 Subject: [PATCH 10/14] fix: update go module files --- httphandler/go.mod | 16 +++++++- httphandler/go.sum | 94 +++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 106 insertions(+), 4 deletions(-) diff --git a/httphandler/go.mod b/httphandler/go.mod index 7b7fb84d..f9fe267e 100644 --- a/httphandler/go.mod +++ b/httphandler/go.mod @@ -9,6 +9,7 @@ require ( github.com/armosec/opa-utils v0.0.161 github.com/armosec/utils-go v0.0.7 github.com/dwertent/go-logger v0.0.2 + github.com/go-openapi/runtime v0.24.1 github.com/google/uuid v1.3.0 github.com/gorilla/mux v1.8.0 github.com/gorilla/schema v1.2.0 @@ -46,6 +47,7 @@ require ( github.com/armosec/k8s-interface v0.0.79 // indirect github.com/armosec/rbac-utils v0.0.14 // indirect github.com/armosec/utils-k8s-go v0.0.7 // indirect + github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/aws/aws-sdk-go v1.44.51 // indirect github.com/aws/aws-sdk-go-v2 v1.16.7 // indirect github.com/aws/aws-sdk-go-v2/config v1.15.13 // indirect @@ -79,9 +81,16 @@ require ( github.com/go-git/go-git/v5 v5.4.2 // indirect github.com/go-gota/gota v0.12.0 // indirect github.com/go-logr/logr v1.2.3 // indirect + github.com/go-openapi/analysis v0.21.2 // indirect + github.com/go-openapi/errors v0.20.2 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.19.5 // indirect - github.com/go-openapi/swag v0.19.14 // indirect + github.com/go-openapi/jsonreference v0.19.6 // indirect + github.com/go-openapi/loads v0.21.1 // indirect + github.com/go-openapi/spec v0.20.4 // indirect + github.com/go-openapi/strfmt v0.21.2 // indirect + github.com/go-openapi/swag v0.21.1 // indirect + github.com/go-openapi/validate v0.21.0 // indirect + github.com/go-stack/stack v1.8.1 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.2.0 // indirect @@ -109,10 +118,12 @@ require ( github.com/mattn/go-runewidth v0.0.9 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/mapstructure v1.4.3 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/oklog/ulid v1.3.1 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect github.com/open-policy-agent/opa v0.42.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect @@ -133,6 +144,7 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/yashtewari/glob-intersection v0.1.0 // indirect + go.mongodb.org/mongo-driver v1.8.3 // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect diff --git a/httphandler/go.sum b/httphandler/go.sum index 9a3bd5ee..8852879e 100644 --- a/httphandler/go.sum +++ b/httphandler/go.sum @@ -194,6 +194,9 @@ github.com/armosec/utils-go v0.0.7/go.mod h1:F/K1mI/qcj7fNuJl7xktoCeHM83azOF0Zq6 github.com/armosec/utils-k8s-go v0.0.7 h1:g68GQ9Vm5LgVp/czcu2ZV1igm2azYLf9vNapyoXBfYI= github.com/armosec/utils-k8s-go v0.0.7/go.mod h1:YFdWi3rEQQLbN6mZO21TSdoda8kGQYRV4rs5CRp8Kjs= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.43.16/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go v1.44.51 h1:jO9hoLynZOrMM4dj0KjeKIK+c6PA+HQbKoHOkAEye2Y= @@ -566,6 +569,12 @@ github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jT github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk= github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= +github.com/go-openapi/analysis v0.21.2 h1:hXFrOYFHUAMQdu6zwAiKKJHJQ8kqZs1ux/ru1P1wLJU= +github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= +github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02EmK8= +github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= @@ -574,17 +583,58 @@ github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34 github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5 h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM= github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= +github.com/go-openapi/jsonreference v0.19.6 h1:UBIxjkht+AWIgYzCDSv2GN+E/togfwXUJFRTWhl2Jjs= +github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= +github.com/go-openapi/loads v0.21.1 h1:Wb3nVZpdEzDTcly8S4HMkey6fjARRzb7iEaySimlDW0= +github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= +github.com/go-openapi/runtime v0.24.1 h1:Sml5cgQKGYQHF+M7yYSHaH1eOjvTykrddTE/KtQVjqo= +github.com/go-openapi/runtime v0.24.1/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/spec v0.20.4 h1:O8hJrt0UMnhHcluhIdUgCLRWyM2x7QkBXRvOs7m+O1M= +github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= +github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= +github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/strfmt v0.21.2 h1:5NDNgadiX1Vhemth/TH4gCGopWSTdDjxl60H3B7f+os= +github.com/go-openapi/strfmt v0.21.2/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= +github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= +github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-stack/stack v1.8.1 h1:ntEHSVwIt7PNXNpgPmVfMrNhLtgjlmnZha2kOpuRiDw= +github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= +github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= +github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= +github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= +github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= +github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= +github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= +github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= +github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= +github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= +github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= +github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= +github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk= +github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw= +github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360= +github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg= +github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE= +github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= +github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= +github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= +github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= +github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= +github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= +github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= +github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= @@ -645,6 +695,7 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= @@ -799,6 +850,7 @@ github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfC github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/johnfercher/maroto v0.37.0 h1:W5xA6dixF7PwxT0N6mfbRg0zjQSMXeSIzplUucAuZTE= github.com/johnfercher/maroto v0.37.0/go.mod h1:f9vLjznW+aVsf5R0F90P+PYi2maaYOHq8l07mvOP+ew= +github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -819,6 +871,8 @@ github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+ github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.16.2 h1:jgbatWHfRlPYiK85qgevsZTHviWXKwB1TTiKdz5PtRc= github.com/jung-kurt/gofpdf v1.16.2/go.mod h1:1hl7y57EsiPAkLbOwzpzqgx1A30nQCk/YmFV8S2vmK0= +github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= +github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= @@ -858,6 +912,8 @@ github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= +github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= @@ -902,7 +958,10 @@ github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS4 github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= +github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= @@ -925,6 +984,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= @@ -941,6 +1001,7 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLA github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= +github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= @@ -1005,9 +1066,11 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -1077,6 +1140,8 @@ github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 h1:MkV+77GLUNo github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -1123,6 +1188,7 @@ github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5k github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= @@ -1187,6 +1253,8 @@ github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= +github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= +github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -1215,6 +1283,9 @@ github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= +github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= +github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= +github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -1227,6 +1298,7 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yashtewari/glob-intersection v0.1.0 h1:6gJvMYQlTDOL3dMsPF6J0+26vwX9MB8/1q3uAdhmTrg= github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= +github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1251,6 +1323,10 @@ go.etcd.io/etcd/client/v3 v3.5.1/go.mod h1:OnjH4M8OnAotwaB2l9bVgZzRFKru7/ZMoS46O go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE= go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= +go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= +go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= +go.mongodb.org/mongo-driver v1.8.3 h1:TDKlTkGDKm9kkJVUOAXDK5/fkqKHJVwYQSpoRfB43R4= +go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -1319,6 +1395,7 @@ golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -1326,11 +1403,13 @@ golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= @@ -1446,6 +1525,7 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210423184538-5f58ad60dda6/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -1493,6 +1573,7 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1514,12 +1595,15 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1593,6 +1677,7 @@ golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1669,9 +1754,13 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= @@ -1986,6 +2075,7 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= From 40e8dd357521ff110cb50407006eb1895b9121ca Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 18:43:37 +0300 Subject: [PATCH 11/14] fix: add Swagger file to httphandler package --- httphandler/swagger.yaml | 57 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 55 insertions(+), 2 deletions(-) diff --git a/httphandler/swagger.yaml b/httphandler/swagger.yaml index 00ca942b..94b0767e 100644 --- a/httphandler/swagger.yaml +++ b/httphandler/swagger.yaml @@ -111,7 +111,6 @@ definitions: x-go-name: Type type: object x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 -host: 192.168.49.2:31379 info: description: 'The Kubescape Microservice API allows clients to interact with a Kubescape instance running in a Kubernetes cluster: trigger scans, retrieve and delete their @@ -209,7 +208,7 @@ paths: "204": $ref: '#/responses/scanResponse' "400": - $ref: '#/responses/scanResponse' + $ref: '#/responses/scanResponseError' summary: Returns results of a scan tags: - scanning @@ -281,6 +280,60 @@ responses: description: A Scan Response object schema: $ref: '#/definitions/Response' + scanResponseError: + description: "" + schema: + allOf: + - properties: + id: + description: ID of the scan + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: ID + response: + description: The actual Response object + example: + some: other + type: object + x-go-name: Response + type: + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy/notBusy instead + error ErrorScanResponseType A response contains an error message + v1results ResultsV1ScanResponseType A response contains a v1 Results object + busy BusyScanResponseType A response indicates that a server is busy with another request + notBusy NotBusyScanResponseType A response indicates server is not busy with another request + ready ReadyScanResponseType A response indicates that a server has successfully completed the request + x-go-name: Type + type: object + - properties: + response: + example: '"an error occurred"' + type: object + x-go-name: Resp + type: + example: error + type: string + x-go-name: Type + type: object schemes: - http swagger: "2.0" From 45007a6aa4204658ff05c06d3d08765bcbad6320 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 19:56:05 +0300 Subject: [PATCH 12/14] chore: clean up unused files --- httphandler/swagger.yaml | 339 --------------------------------------- 1 file changed, 339 deletions(-) delete mode 100644 httphandler/swagger.yaml diff --git a/httphandler/swagger.yaml b/httphandler/swagger.yaml deleted file mode 100644 index 94b0767e..00000000 --- a/httphandler/swagger.yaml +++ /dev/null @@ -1,339 +0,0 @@ -basePath: / -consumes: -- application/json -definitions: - NotificationPolicyKind: - type: string - x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 - PostScanRequest: - description: A request to trigger a Kubescape scan - properties: - account: - description: |- - A Kubescape account ID to use for scanning. - - Same as `kubescape scan --account`. - example: d13791eb-19b1-4222-867b-9a7c1799cfac - format: uuid4 - type: string - x-go-name: Account - failThreshold: - description: |- - Threshold for a failing score. - - Scores higher that the provided value will be considered failing. - example: 42 - format: float - type: number - x-go-name: FailThreshold - format: - default: json - description: Format of the results. Same as `kubescape scan --format` - example: json - type: string - x-go-name: Format - hostScanner: - description: |- - Deploy the Kubescape K8s host-scanner - - Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster (same as `kubescape scan --enable-host-scan`). Collects data from certain controls. - example: true - type: boolean - x-go-name: HostScanner - keepLocal: - description: |- - Do not submit results to Kubescape Cloud. - - Same as `kubescape scan --keep-local` - type: boolean - x-go-name: KeepLocal - targetNames: - default: all - description: |- - Name of the scan targets. - - For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. - example: - - nsa - - mitre - items: - type: string - type: array - x-go-name: TargetNames - targetType: - $ref: '#/definitions/NotificationPolicyKind' - useCachedArtifacts: - description: Use the cached artifacts instead of downloading (offline support) - example: false - type: boolean - x-go-name: UseCachedArtifacts - type: object - x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 - Response: - properties: - id: - description: ID of the scan - example: d13791eb-19b1-4222-867b-9a7c1799cfac - format: uuid4 - type: string - x-go-name: ID - response: - description: The actual Response object - example: - some: other - type: object - x-go-name: Response - type: - description: |- - Type of this response - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - enum: - - id - - error - - v1results - - busy - - notBusy - - ready - example: busy - type: string - x-go-enum-desc: |- - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - x-go-name: Type - type: object - x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 -info: - description: 'The Kubescape Microservice API allows clients to interact with a Kubescape - instance running in a Kubernetes cluster: trigger scans, retrieve and delete their - results, enable exporting metrics to Prometheus etc.' - title: Kubescape Microservice - version: 1.0.0 -paths: - /livez: - get: - description: Returns the liveness status of the Kubescape microservice. - operationId: getLiveness - responses: - "200": - $ref: '#/responses/livenessProbeOK' - summary: Returns Kubescape’s liveness status - tags: - - metrics - /readyz: - get: - description: Returns the readiness status of the Kubescape microservice. - operationId: getReadiness - responses: - "200": - $ref: '#/responses/readinessProbeOK' - summary: Returns Kubescape’s readiness status - tags: - - metrics - /v1/metrics: - get: - description: Enables support for Prometheus metrics, runs a scan and returns - its result in Prometheus metrics format. - operationId: getMetrics - responses: - "200": - $ref: '#/responses/enableMetricsResponse' - summary: Returns current scan metrics in Prometheus format - tags: - - metrics - /v1/results: - delete: - description: Deletes Kubescape scan results from storage. - operationId: deleteScanResults - parameters: - - description: ID of the requested scan. If empty or not provided, defaults - to the latest scan. - in: query - name: id - type: string - x-go-name: ScanID - - default: false - description: |- - Keep the results in local storage after returning them. - - By default, the Kubescape Microservice will delete scan results. - in: query - name: keep - type: boolean - x-go-name: KeepResults - - default: false - description: Whether to delete all results - in: query - name: all - type: boolean - x-go-name: AllResults - responses: - "200": - $ref: '#/responses/scanResponse' - "400": - $ref: '#/responses/scanResponse' - summary: Deletes results of a scan - tags: - - scanning - get: - description: Returns the results of Kubescape scans - operationId: getScanResults - parameters: - - description: ID of the requested scan. If empty or not provided, defaults - to the latest scan. - in: query - name: id - type: string - x-go-name: ScanID - - default: false - description: |- - Keep the results in local storage after returning them. - - By default, the Kubescape Microservice will delete scan results. - in: query - name: keep - type: boolean - x-go-name: KeepResults - responses: - "200": - $ref: '#/responses/scanResponse' - "204": - $ref: '#/responses/scanResponse' - "400": - $ref: '#/responses/scanResponseError' - summary: Returns results of a scan - tags: - - scanning - /v1/scan: - post: - description: The server will return a scan ID and execute the scan. - operationId: triggerScan - parameters: - - default: false - description: Wait for scanning to complete (synchronous request) - in: query - name: wait - type: boolean - x-go-name: ReturnResults - - default: false - description: Do not delete results after returning (relevant only for synchronous - requests) - in: query - name: keep - type: boolean - x-go-name: KeepResults - - description: Scan parameters - in: body - name: Body - schema: - $ref: '#/definitions/PostScanRequest' - responses: - "200": - $ref: '#/responses/scanResponse' - "400": - $ref: '#/responses/scanResponse' - "500": - $ref: '#/responses/scanResponse' - summary: Triggers a Kubescape scan - tags: - - scanning - /v1/status: - get: - description: |- - Returns the current status of a scan with a given ID: whether it completed or not. Intended for asynchronous scanning, so you can check when a result is ready and fetch the results. - - When a scan is in progress, the response's `type` will be `busy`. When a scan is complete, `type` is `notBusy`. - operationId: getStatus - parameters: - - description: ID of the scan to check - format: uuid4 - in: query - name: scanID - type: string - x-go-name: ScanID - responses: - "200": - $ref: '#/responses/scanResponse' - summary: Returns a scan’s status - tags: - - scanning -produces: -- application/json -responses: - enableMetricsResponse: - description: Provided Prometheus metrics - schema: - type: string - livenessProbeOK: - description: Kubescape Microservice API is alive - readinessProbeOK: - description: Kubescape Microservice API is ready to serve requests - scanResponse: - description: A Scan Response object - schema: - $ref: '#/definitions/Response' - scanResponseError: - description: "" - schema: - allOf: - - properties: - id: - description: ID of the scan - example: d13791eb-19b1-4222-867b-9a7c1799cfac - format: uuid4 - type: string - x-go-name: ID - response: - description: The actual Response object - example: - some: other - type: object - x-go-name: Response - type: - description: |- - Type of this response - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - enum: - - id - - error - - v1results - - busy - - notBusy - - ready - example: busy - type: string - x-go-enum-desc: |- - id IDScanResponseType Deprecated: will return busy/notBusy instead - error ErrorScanResponseType A response contains an error message - v1results ResultsV1ScanResponseType A response contains a v1 Results object - busy BusyScanResponseType A response indicates that a server is busy with another request - notBusy NotBusyScanResponseType A response indicates server is not busy with another request - ready ReadyScanResponseType A response indicates that a server has successfully completed the request - x-go-name: Type - type: object - - properties: - response: - example: '"an error occurred"' - type: object - x-go-name: Resp - type: - example: error - type: string - x-go-name: Type - type: object -schemes: -- http -swagger: "2.0" From e69cf89fec598f2f00e65cab144d70ab012856f8 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 21:28:11 +0300 Subject: [PATCH 13/14] chore: regenerate swagger.yaml on latest --- httphandler/docs/swagger.yaml | 158 ++++++++++++++++++++++++++++++---- 1 file changed, 139 insertions(+), 19 deletions(-) diff --git a/httphandler/docs/swagger.yaml b/httphandler/docs/swagger.yaml index b2ece125..08200f30 100644 --- a/httphandler/docs/swagger.yaml +++ b/httphandler/docs/swagger.yaml @@ -2,9 +2,6 @@ basePath: / consumes: - application/json definitions: - NotificationPolicyKind: - type: string - x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 PostScanRequest: description: A request to trigger a Kubescape scan properties: @@ -96,7 +93,23 @@ definitions: type: array x-go-name: TargetNames targetType: - $ref: '#/definitions/NotificationPolicyKind' + default: framework + description: |- + Type of the target. "framework" or "control". + Framework KindFramework + Control KindControl + Rule KindRule + enum: + - Framework + - Control + - Rule + example: control + type: string + x-go-enum-desc: |- + Framework KindFramework + Control KindControl + Rule KindRule + x-go-name: TargetType useCachedArtifacts: description: Use the cached artifacts instead of downloading (offline support) example: false @@ -115,16 +128,37 @@ definitions: x-go-name: ID response: description: The actual Response payload - example: d1eb7006-1029-48d2-9c02-f5b757807977 + example: d13791eb-19b1-4222-867b-9a7c1799cfac type: object x-go-name: Response type: - $ref: '#/definitions/ScanResponseType' + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + x-go-name: Type type: object x-go-package: github.com/armosec/opa-utils/httpserver/meta/v1 - ScanResponseType: - type: string - x-go-package: github.com/armosec/opa-utils/httpserver/apis/v1 info: description: 'The Kubescape Microservice API allows clients to interact with a Kubescape instance running in a Kubernetes cluster: trigger scans, retrieve and delete their @@ -193,7 +227,7 @@ paths: "200": $ref: '#/responses/scanResponse' "400": - $ref: '#/responses/scanResponse' + $ref: '#/responses/scanResponseBadRequest' summary: Deletes results of a scan tags: - scanning @@ -220,9 +254,9 @@ paths: "200": $ref: '#/responses/scanResponse' "204": - $ref: '#/responses/scanResponse' + $ref: '#/responses/scanResponseNoContent' "400": - $ref: '#/responses/scanResponseError' + $ref: '#/responses/scanResponseBadRequest' summary: Returns results of a scan tags: - scanning @@ -253,9 +287,9 @@ paths: "200": $ref: '#/responses/scanResponse' "400": - $ref: '#/responses/scanResponse' + $ref: '#/responses/scanResponseBadRequest' "500": - $ref: '#/responses/scanResponse' + $ref: '#/responses/scanResponseInternalServerError' summary: Triggers a Kubescape scan tags: - scanning @@ -294,8 +328,8 @@ responses: description: A Scan Response object schema: $ref: '#/definitions/Response' - scanResponseError: - description: "" + scanResponseBadRequest: + description: A Scan Response that occures after malformed requests schema: allOf: - properties: @@ -307,15 +341,39 @@ responses: x-go-name: ID response: description: The actual Response payload - example: d1eb7006-1029-48d2-9c02-f5b757807977 + example: d13791eb-19b1-4222-867b-9a7c1799cfac type: object x-go-name: Response type: - $ref: '#/definitions/ScanResponseType' + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + x-go-name: Type type: object - properties: response: - example: '"an error occurred"' + example: 'failed to parse query params, reason: schema: invalid path "waitr"' type: object x-go-name: Resp type: @@ -323,6 +381,68 @@ responses: type: string x-go-name: Type type: object + scanResponseInternalServerError: + description: A Scan Response that occures after malformed requests + schema: + allOf: + - properties: + id: + description: ID of the scan + example: d13791eb-19b1-4222-867b-9a7c1799cfac + format: uuid4 + type: string + x-go-name: ID + response: + description: The actual Response payload + example: d13791eb-19b1-4222-867b-9a7c1799cfac + type: object + x-go-name: Response + type: + description: |- + Type of this response + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + enum: + - id + - error + - v1results + - busy + - notBusy + - ready + example: busy + type: string + x-go-enum-desc: |- + id IDScanResponseType Deprecated: will return busy / notBusy instead + error ErrorScanResponseType ErrorScanResponseType indicates a response that reports an error + v1results ResultsV1ScanResponseType ResultsV1ScanResponseType indicates a response that carries a v1 Results object as payload + busy BusyScanResponseType BusyScanResponseType indicates that a server is busy with a previous request + notBusy NotBusyScanResponseType NotBusyScanResponseType indicates that a server is not busy with a previous request + ready ReadyScanResponseType ReadyScanResponseType indicates that a server has successfully completed a request + x-go-name: Type + type: object + - properties: + id: + example: '""' + type: string + x-go-name: ID + response: + example: 'failed to scan. reason: ''empty list of resources''' + type: object + x-go-name: Resp + type: + example: error + type: string + x-go-name: Type + type: object + scanResponseNoContent: + description: |- + A Scan Response that indicates no response body. + + Kubescape generates this response, for example, when results with given ID do not exist. schemes: - http swagger: "2.0" From b0bdab3ef2e9411a0d1011ae1e6624e439ee2645 Mon Sep 17 00:00:00 2001 From: Vlad Klokun Date: Mon, 1 Aug 2022 21:31:44 +0300 Subject: [PATCH 14/14] chore: remove swagger.yaml at root --- swagger.yaml | 230 --------------------------------------------------- 1 file changed, 230 deletions(-) delete mode 100644 swagger.yaml diff --git a/swagger.yaml b/swagger.yaml deleted file mode 100644 index a2c55318..00000000 --- a/swagger.yaml +++ /dev/null @@ -1,230 +0,0 @@ -basePath: / -consumes: -- application/json -definitions: - enableMetricsResponse: - type: object - x-go-package: github.com/armosec/kubescape/v2/httphandler/docs - getScanResultsResponse: - properties: - id: - description: ID of the performed scan - example: b211da07-ce6c-4cdd-9e81-7e7f40f170ea - type: string - x-go-name: ID - response: - description: Response payload - example: - message: Still busy. - type: object - x-go-name: Response - type: - description: Type of the response - example: busy - type: string - x-go-name: Type - type: object - x-go-package: github.com/armosec/kubescape/v2/httphandler/docs - triggerScanParams: - properties: - account: - description: |- - A Kubescape account ID to use for scanning. - - Same as `kubescape scan --account`. - example: NewGuid() - type: string - x-go-name: Account - excludedNamespaces: - description: List of namespaces to exclude. Same as `kubescape scan --excluded-namespaces` - example: - - kube-system - - armo-system - items: - type: string - type: array - x-go-name: ExcludedNamespaces - format: - default: json - description: Results format. Same as `kubescape scan --format` - example: json - type: string - x-go-name: Format - hostScanner: - description: Deploy Kubescape K8s host-scanner DeamonSet in the scanned cluster - (same as `kubescape scan --enable-host-scan`) - example: true - type: boolean - x-go-name: HostScanner - includeNamespaces: - description: List of namespaces to include. Same as `kubescape scan --include-namespaces` - example: - - litmus-tests - - known-bad - items: - type: string - type: array - x-go-name: IncludeNamespaces - keepLocal: - description: |- - Do not submit results to Kubescape Cloud. - - Same as `kubescape scan --keep-local` - type: boolean - x-go-name: KeepLocal - submit: - description: Submit results to Kubescape Cloud. Same as `kubescape scan --submit`. - example: true - type: boolean - x-go-name: Submit - targetNames: - description: |- - Name of the scan targets. - - For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa, "mitre"]`. - example: - - nsa - - mitre - items: - type: string - type: array - x-go-name: TargetNames - targetType: - description: |- - Type of the scan target: either `framework` or `control`. - framework Framework - control Control - enum: - - framework - - control - example: framework - type: string - x-go-enum-desc: |- - framework Framework - control Control - x-go-name: TargetType - useCachedArtifacts: - description: Use the cached artifacts instead of downloading (offline support) - example: false - type: boolean - x-go-name: UseCachedArtifacts - type: object - x-go-package: github.com/armosec/kubescape/v2/httphandler/docs - triggerScanResponse: - properties: - id: - description: ID of the performed scan - type: string - x-go-name: Id - response: - description: Response payload as list of bytes - type: object - x-go-name: Response - type: - description: |- - Type of the response object - v1results V1Results - busy Busy - notBusy NotBusy - ready Ready - error Error - enum: - - v1results - - busy - - notBusy - - ready - - error - type: string - x-go-enum-desc: |- - v1results V1Results - busy Busy - notBusy NotBusy - ready Ready - error Error - x-go-name: Type - type: object - x-go-package: github.com/armosec/kubescape/v2/httphandler/docs -host: example.com -info: - description: Documentation of our awesome API. - title: kubescape_microservice - version: 1.0.0 -paths: - /v1/metrics: - post: - description: Enables support for Prometheus metrics. - operationId: enableMetrics - responses: - "200": - $ref: '#/responses/enableMetricsResponse' - summary: Trigger Kubescape support for Prometheus - tags: - - metrics - /v1/results/{scanID}: - get: - operationId: getScanResults - parameters: - - description: ID of the previously performed scan - in: path - name: scanID - required: true - type: string - x-go-name: ScanID - responses: - "200": - $ref: '#/responses/getScanResultsResponse' - summary: Read results of a previously performed scan. - tags: - - scanning - /v1/scan: - post: - description: The server will return an ID and will execute the scanning asynchronously. - operationId: triggerScan - parameters: - - description: Trigger scan parameters - in: body - name: Body - schema: - $ref: '#/definitions/triggerScanParams' - - default: false - description: |- - Whether to wait for the result to complete. - - Triggers a synchronous scan. A synchronous scan returns the Scan results, and not a scan ID. Use synchronous scanning only in small clusters or with an increased timeout - in: query - name: wait - type: boolean - x-go-name: Wait - - default: false - description: Keep the results in local storage after returning. - in: query - name: keep - type: boolean - x-go-name: Keep - responses: - "200": - $ref: '#/responses/triggerScanResponse' - summary: Trigger a kubescape scan. - tags: - - scanning -produces: -- application/json -responses: - enableMetricsResponse: - description: "" - schema: - $ref: '#/definitions/enableMetricsResponse' - getScanResultsResponse: - description: "" - schema: - $ref: '#/definitions/getScanResultsResponse' - triggerScanResponse: - description: The triggerScan response object - schema: - $ref: '#/definitions/triggerScanResponse' -schemes: -- http -securityDefinitions: - basic: - type: basic -swagger: "2.0"