TC-1794 Update to guac v0.7.2

Signed-off-by: mrizzi <[email protected]>

cli/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "guac-cli"
-version = "0.3.1"
+version = "0.7.2"
 edition = "2021"
 license = "Apache-2.0"
 description = "A command-line interface for working with [Guac](https://guac.sh)."

example/compose/.env

@@ -2,8 +2,8 @@ TRUST_IMAGE=ghcr.io/trustification/trust:latest
 VEXINATION_API_PORT=8081
 BOMBASTIC_API_PORT=8082
 
-GUAC_IMAGE=ghcr.io/trustification/guac:v0.3.0-s3fix
+GUAC_IMAGE=ghcr.io/trustification/guac:v0.7.2-RC2
 #GUAC_IMAGE=local-organic-guac
 GUAC_API_PORT=8085
 GUAC_CSUB_PORT=8086
-GUAC_URL=http://localhost:8085/query
+GUAC_URL=http://localhost:8085/query

example/compose/container_files/guac/guac.yaml

@@ -12,7 +12,7 @@ csub-addr: guac-collectsub:2782
 csub-listen-port: 2782
 
 # graphql
-gql-backend: inmem
+gql-backend: keyvalue
 gql-listen-port: 8080
 gql-debug: true
 gql-test-data: false

lib/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "guac"
-version = "0.3.1"
+version = "0.7.2"
 edition = "2021"
 license = "Apache-2.0"
 description = "A library that provides toolkit for working with [Guac](https://guac.sh) from Rust."

lib/src/client/intrinsic/artifact/mod.rs

@@ -0,0 +1,8 @@
+use crate::client::Id;
+
+#[derive(Default, Debug, Clone)]
+pub struct ArtifactSpec {
+    pub id: Option<Id>,
+    pub algorithm: Option<String>,
+    pub digest: Option<String>,
+}

lib/src/client/intrinsic/certify_bad/ingest.rs

@@ -1,5 +1,5 @@
 use crate::client::intrinsic::certify_bad::CertifyBadInputSpec;
-use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
+use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
 use crate::client::intrinsic::{MatchFlags, PackageSourceOrArtifactInput, PkgMatchType};
 use chrono::Utc;
 use graphql_client::GraphQLQuery;
@@ -38,6 +38,7 @@ impl From<&CertifyBadInputSpec> for ingest_certify_bad::CertifyBadInputSpec {
             origin: value.origin.clone(),
             collector: value.collector.clone(),
             known_since: value.known_since,
+            document_ref: value.document_ref.clone(),
         }
     }
 }
@@ -55,6 +56,18 @@ impl From<&PkgInputSpec> for ingest_certify_bad::PkgInputSpec {
     }
 }
 
+impl From<&IDorPkgInput> for ingest_certify_bad::IDorPkgInput {
+    fn from(value: &IDorPkgInput) -> Self {
+        Self {
+            package_type_id: value.package_type_id.clone(),
+            package_namespace_id: value.package_namespace_id.clone(),
+            package_name_id: value.package_name_id.clone(),
+            package_version_id: value.package_version_id.clone(),
+            package_input: value.package_input.as_ref().map(|inner| inner.into()),
+        }
+    }
+}
+
 impl From<&PackageQualifierInputSpec> for ingest_certify_bad::PackageQualifierInputSpec {
     fn from(value: &PackageQualifierInputSpec) -> Self {
         Self {

lib/src/client/intrinsic/certify_bad/mod.rs

@@ -83,6 +83,7 @@ pub struct CertifyBadSpec {
     pub origin: Option<String>,
     pub collector: Option<String>,
     pub known_since: Option<Time>,
+    pub document_ref: Option<String>,
 }
 
 impl From<&PackageUrl<'_>> for CertifyBadSpec {
@@ -102,4 +103,5 @@ pub struct CertifyBadInputSpec {
     pub origin: String,
     pub collector: String,
     pub known_since: Time,
+    pub document_ref: String,
 }

lib/src/client/intrinsic/certify_bad/query.rs

@@ -24,6 +24,7 @@ impl From<&CertifyBadSpec> for query_certify_bad::CertifyBadSpec {
             origin: value.origin.clone(),
             collector: value.collector.clone(),
             known_since: value.known_since,
+            document_ref: value.document_ref.clone(),
         }
     }
 }

lib/src/client/intrinsic/certify_good/ingest.rs

@@ -2,7 +2,7 @@ use chrono::Utc;
 use graphql_client::GraphQLQuery;
 
 use crate::client::intrinsic::certify_good::CertifyGoodInputSpec;
-use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
+use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
 use crate::client::intrinsic::{MatchFlags, PackageSourceOrArtifactInput, PkgMatchType};
 
 type Time = chrono::DateTime<Utc>;
@@ -39,6 +39,7 @@ impl From<&CertifyGoodInputSpec> for ingest_certify_good::CertifyGoodInputSpec {
             origin: value.origin.clone(),
             collector: value.collector.clone(),
             known_since: value.known_since,
+            document_ref: value.document_ref.clone(),
         }
     }
 }
@@ -56,6 +57,18 @@ impl From<&PkgInputSpec> for ingest_certify_good::PkgInputSpec {
     }
 }
 
+impl From<&IDorPkgInput> for ingest_certify_good::IDorPkgInput {
+    fn from(value: &IDorPkgInput) -> Self {
+        Self {
+            package_type_id: value.package_type_id.clone(),
+            package_namespace_id: value.package_namespace_id.clone(),
+            package_name_id: value.package_name_id.clone(),
+            package_version_id: value.package_version_id.clone(),
+            package_input: value.package_input.as_ref().map(|inner| inner.into()),
+        }
+    }
+}
+
 impl From<&PackageQualifierInputSpec> for ingest_certify_good::PackageQualifierInputSpec {
     fn from(value: &PackageQualifierInputSpec) -> Self {
         Self {

lib/src/client/intrinsic/certify_good/mod.rs

@@ -83,6 +83,7 @@ pub struct CertifyGoodSpec {
     pub origin: Option<String>,
     pub collector: Option<String>,
     pub known_since: Option<Time>,
+    pub document_ref: Option<String>,
 }
 
 impl From<&PackageUrl<'_>> for CertifyGoodSpec {
@@ -101,4 +102,5 @@ pub struct CertifyGoodInputSpec {
     pub origin: String,
     pub collector: String,
     pub known_since: Time,
+    pub document_ref: String,
 }

lib/src/client/intrinsic/certify_good/query.rs

@@ -25,6 +25,7 @@ impl From<&CertifyGoodSpec> for query_certify_good::CertifyGoodSpec {
             origin: value.origin.clone(),
             collector: value.collector.clone(),
             known_since: value.known_since,
+            document_ref: value.document_ref.clone(),
         }
     }
 }

lib/src/client/intrinsic/certify_vex_statement/certify_vex_statement.gql

@@ -46,7 +46,7 @@ fragment allCertifyVEXStatementTree on CertifyVEXStatement {
     collector
 }
 
-mutation IngestCertifyVexStatement($subject: PackageOrArtifactInput!, $vulnerability: VulnerabilityInputSpec!, $vex_statement: VexStatementInputSpec!) {
+mutation IngestCertifyVexStatement($subject: PackageOrArtifactInput!, $vulnerability: IDorVulnerabilityInput!, $vex_statement: VexStatementInputSpec!) {
     ingestVEXStatement(
         subject: $subject
         vulnerability: $vulnerability
@@ -58,7 +58,7 @@ query QueryCertifyVexStatement($certify_vex_statement_spec: CertifyVEXStatementS
     CertifyVEXStatement(
         certifyVEXStatementSpec: $certify_vex_statement_spec
     ) {
-      ...allCertifyVEXStatementTree
+        ...allCertifyVEXStatementTree
     }
 
 }

lib/src/client/intrinsic/certify_vex_statement/ingest.rs

@@ -1,6 +1,6 @@
 use crate::client::intrinsic::certify_vex_statement::{VexJustification, VexStatementInputSpec, VexStatus};
-use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
-use crate::client::intrinsic::vulnerability::{Vulnerability, VulnerabilityInputSpec};
+use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
+use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, Vulnerability, VulnerabilityInputSpec};
 use crate::client::intrinsic::PackageOrArtifactInput;
 use chrono::Utc;
 use graphql_client::GraphQLQuery;
@@ -40,6 +40,28 @@ impl From<&PkgInputSpec> for ingest_certify_vex_statement::PkgInputSpec {
     }
 }
 
+impl From<&IDorPkgInput> for ingest_certify_vex_statement::IDorPkgInput {
+    fn from(value: &IDorPkgInput) -> Self {
+        Self {
+            package_type_id: value.package_type_id.clone(),
+            package_namespace_id: value.package_namespace_id.clone(),
+            package_name_id: value.package_name_id.clone(),
+            package_version_id: value.package_version_id.clone(),
+            package_input: value.package_input.as_ref().map(|inner| inner.into()),
+        }
+    }
+}
+
+impl From<&IDorVulnerabilityInput> for ingest_certify_vex_statement::IDorVulnerabilityInput {
+    fn from(value: &IDorVulnerabilityInput) -> Self {
+        Self {
+            vulnerability_type_id: value.vulnerability_type_id.clone(),
+            vulnerability_node_id: value.vulnerability_node_id.clone(),
+            vulnerability_input: value.vulnerability_input.as_ref().map(|inner| inner.into()),
+        }
+    }
+}
+
 impl From<&VulnerabilityInputSpec> for ingest_certify_vex_statement::VulnerabilityInputSpec {
     fn from(value: &VulnerabilityInputSpec) -> Self {
         Self {
@@ -68,6 +90,7 @@ impl From<&VexStatementInputSpec> for ingest_certify_vex_statement::VexStatement
             known_since: value.known_since,
             origin: value.origin.clone(),
             collector: value.collector.clone(),
+            document_ref: value.document_ref.clone(),
         }
     }
 }

lib/src/client/intrinsic/certify_vex_statement/mod.rs

@@ -4,7 +4,7 @@ mod query;
 use super::vulnerability::Vulnerability;
 use crate::client::intrinsic::certify_vex_statement::ingest::IngestCertifyVexStatement;
 use crate::client::intrinsic::certify_vex_statement::query::{query_certify_vex_statement, QueryCertifyVexStatement};
-use crate::client::intrinsic::vulnerability::{VulnerabilityInputSpec, VulnerabilitySpec};
+use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, VulnerabilitySpec};
 use crate::client::intrinsic::{IntrinsicGuacClient, PackageOrArtifact, PackageOrArtifactInput, PackageOrArtifactSpec};
 use crate::client::{Error, Id};
 use chrono::Utc;
@@ -17,7 +17,7 @@ impl IntrinsicGuacClient {
     pub async fn ingest_certify_vex_statement(
         &self,
         subject: &PackageOrArtifactInput,
-        vulnerability: &VulnerabilityInputSpec,
+        vulnerability: &IDorVulnerabilityInput,
         vex_statement: &VexStatementInputSpec,
     ) -> Result<Id, Error> {
         use self::ingest::ingest_certify_vex_statement;
@@ -110,6 +110,7 @@ pub struct VexStatementInputSpec {
     pub known_since: Time,
     pub origin: String,
     pub collector: String,
+    pub document_ref: String,
 }
 
 #[derive(Debug, Default)]
@@ -124,4 +125,5 @@ pub struct CertifyVexStatementSpec {
     pub known_since: Option<Time>,
     pub origin: Option<String>,
     pub collector: Option<String>,
+    pub document_ref: Option<String>,
 }

lib/src/client/intrinsic/certify_vex_statement/query.rs

@@ -40,6 +40,7 @@ impl From<&CertifyVexStatementSpec> for query_certify_vex_statement::CertifyVEXS
             known_since: value.known_since,
             origin: value.origin.clone(),
             collector: value.collector.clone(),
+            document_ref: value.document_ref.clone(),
         }
     }
 }

lib/src/client/intrinsic/certify_vuln/certify_vuln.gql

@@ -37,10 +37,11 @@ fragment allCertifyVulnTree on CertifyVuln {
         timeScanned
         origin
         collector
+        documentRef
     }
 }
 
-mutation IngestCertifyVuln($package: PkgInputSpec!, $vulnerability: VulnerabilityInputSpec!, $meta: ScanMetadataInput!) {
+mutation IngestCertifyVuln($package: IDorPkgInput!, $vulnerability: IDorVulnerabilityInput!, $meta: ScanMetadataInput!) {
     ingestCertifyVuln(
         pkg: $package
         vulnerability: $vulnerability

lib/src/client/intrinsic/certify_vuln/ingest.rs

@@ -3,8 +3,8 @@ use chrono::Utc;
 use graphql_client::GraphQLQuery;
 
 use crate::client::intrinsic::certify_vuln::ScanMetadataInput;
-use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
-use crate::client::intrinsic::vulnerability::VulnerabilityInputSpec;
+use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
+use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, VulnerabilityInputSpec};
 
 type Time = chrono::DateTime<Utc>;
 
@@ -51,6 +51,7 @@ impl From<&ScanMetadataInput> for ingest_certify_vuln::ScanMetadataInput {
             scanner_version: value.scanner_version.clone(),
             origin: value.origin.clone(),
             collector: value.collector.clone(),
+            document_ref: value.document_ref.clone(),
         }
     }
 }
@@ -63,3 +64,25 @@ impl From<&PackageQualifierInputSpec> for ingest_certify_vuln::PackageQualifierI
         }
     }
 }
+
+impl From<&IDorPkgInput> for ingest_certify_vuln::IDorPkgInput {
+    fn from(value: &IDorPkgInput) -> Self {
+        Self {
+            package_type_id: value.package_type_id.clone(),
+            package_namespace_id: value.package_namespace_id.clone(),
+            package_name_id: value.package_name_id.clone(),
+            package_version_id: value.package_version_id.clone(),
+            package_input: value.package_input.as_ref().map(|pkg| pkg.into()),
+        }
+    }
+}
+
+impl From<&IDorVulnerabilityInput> for ingest_certify_vuln::IDorVulnerabilityInput {
+    fn from(vuln: &IDorVulnerabilityInput) -> Self {
+        Self {
+            vulnerability_input: vuln.vulnerability_input.as_ref().map(|vuln| vuln.into()),
+            vulnerability_node_id: vuln.vulnerability_node_id.clone(),
+            vulnerability_type_id: vuln.vulnerability_type_id.clone(),
+        }
+    }
+}

lib/src/client/intrinsic/certify_vuln/mod.rs

@@ -4,8 +4,10 @@ use graphql_client::reqwest::post_graphql;
 
 use self::ingest::IngestCertifyVuln;
 use crate::client::intrinsic::certify_vuln::query::{query_certify_vuln, QueryCertifyVuln};
-use crate::client::intrinsic::package::{Package, PkgInputSpec, PkgSpec};
-use crate::client::intrinsic::vulnerability::{Vulnerability, VulnerabilityInputSpec, VulnerabilitySpec};
+use crate::client::intrinsic::package::{IDorPkgInput, Package, PkgInputSpec, PkgSpec};
+use crate::client::intrinsic::vulnerability::{
+    IDorVulnerabilityInput, Vulnerability, VulnerabilityInputSpec, VulnerabilitySpec,
+};
 use crate::client::intrinsic::IntrinsicGuacClient;
 use crate::client::{Error, Id};
 use serde::{Deserialize, Serialize};
@@ -19,8 +21,8 @@ type Time = chrono::DateTime<Utc>;
 impl IntrinsicGuacClient {
     pub async fn ingest_certify_vuln(
         &self,
-        package: &PkgInputSpec,
-        vulnerability: &VulnerabilityInputSpec,
+        package: &IDorPkgInput,
+        vulnerability: &IDorVulnerabilityInput,
         meta: &ScanMetadataInput,
     ) -> Result<Id, Error> {
         use self::ingest::ingest_certify_vuln;
@@ -84,6 +86,7 @@ pub struct ScanMetadata {
     pub time_scanned: Time,
     pub origin: String,
     pub collector: String,
+    pub document_ref: String,
 }
 
 pub type ScanMetadataInput = ScanMetadata;
@@ -100,4 +103,5 @@ pub struct CertifyVulnSpec {
     pub scanner_version: Option<String>,
     pub origin: Option<String>,
     pub collector: Option<String>,
+    pub document_ref: Option<String>,
 }

lib/src/client/intrinsic/certify_vuln/query.rs

@@ -38,6 +38,7 @@ impl From<&CertifyVulnSpec> for query_certify_vuln::CertifyVulnSpec {
             scanner_version: value.scanner_version.clone(),
             origin: value.origin.clone(),
             collector: value.collector.clone(),
+            document_ref: value.document_ref.clone(),
         }
     }
 }
@@ -121,6 +122,7 @@ impl From<&query_certify_vuln::AllCertifyVulnTreeMetadata> for ScanMetadata {
             time_scanned: value.time_scanned,
             origin: value.origin.clone(),
             collector: value.collector.clone(),
+            document_ref: value.document_ref.clone(),
         }
     }
 }