Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TC-1794 Update to guac v0.7.2 #77

Merged
merged 4 commits into from
Sep 23, 2024
Merged

TC-1794 Update to guac v0.7.2 #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
587d706
TC-1794 Update to guac v0.7.2
mrizzi Sep 19, 2024
37a8d6c
TC-1794 Update gRPC collectsub.proto
mrizzi Sep 23, 2024
06ae83c
chore: removing an 'unwrap' usage
mrizzi Sep 23, 2024
2b6d1fa
TC-1794 Add guac-rs build number
mrizzi Sep 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cli/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "guac-cli"
version = "0.3.1"
version = "0.7.2-0"
edition = "2021"
license = "Apache-2.0"
description = "A command-line interface for working with [Guac](https://guac.sh)."
Expand Down
4 changes: 2 additions & 2 deletions example/compose/.env
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ TRUST_IMAGE=ghcr.io/trustification/trust:latest
VEXINATION_API_PORT=8081
BOMBASTIC_API_PORT=8082

GUAC_IMAGE=ghcr.io/trustification/guac:v0.3.0-s3fix
GUAC_IMAGE=ghcr.io/trustification/guac:v0.7.2-RC2
#GUAC_IMAGE=local-organic-guac
GUAC_API_PORT=8085
GUAC_CSUB_PORT=8086
GUAC_URL=http://localhost:8085/query
GUAC_URL=http://localhost:8085/query
2 changes: 1 addition & 1 deletion example/compose/container_files/guac/guac.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ csub-addr: guac-collectsub:2782
csub-listen-port: 2782

# graphql
gql-backend: inmem
gql-backend: keyvalue
gql-listen-port: 8080
gql-debug: true
gql-test-data: false
Expand Down
2 changes: 1 addition & 1 deletion lib/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "guac"
version = "0.3.1"
version = "0.7.2-0"
edition = "2021"
license = "Apache-2.0"
description = "A library that provides toolkit for working with [Guac](https://guac.sh) from Rust."
Expand Down
38 changes: 19 additions & 19 deletions lib/proto/collectsub.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,46 +19,46 @@ option go_package = "github.com/guacsec/guac/pkg/collectsub";
package guacsec.guac.collect_subscriber.schema;

enum CollectDataType {
DATATYPE_UNKNOWN = 0;
DATATYPE_GIT = 1;
DATATYPE_OCI = 2;
DATATYPE_PURL = 3;
DATATYPE_GITHUB_RELEASE = 4;
DATATYPE_UNKNOWN = 0;
DATATYPE_GIT = 1;
DATATYPE_OCI = 2;
DATATYPE_PURL = 3;
DATATYPE_GITHUB_RELEASE = 4;
}

// Generic types
message CollectEntry {
CollectDataType type = 1;
string value = 2;
CollectDataType type = 1;
string value = 2;
int64 since_time = 3;
}

// rpc AddCollectEntry
// rpc AddCollectEntries
message AddCollectEntriesRequest {
repeated CollectEntry entries = 1;
repeated CollectEntry entries = 1;
}

message AddCollectEntriesResponse {
bool success = 1;
bool success = 1;
}


// rpc GetCollectEntries
message CollectEntryFilter {
CollectDataType type = 1;
string glob = 2;
CollectDataType type = 1;
string glob = 2;
}

message GetCollectEntriesRequest {
repeated CollectEntryFilter filters = 1;
// since_time in unix epoch
int64 since_time = 2;
repeated CollectEntryFilter filters = 1;
// since_time in unix epoch
int64 since_time = 2;
}

message GetCollectEntriesResponse {
repeated CollectEntry entries = 1;
repeated CollectEntry entries = 1;
}

service ColectSubscriberService {
service CollectSubscriberService {
rpc AddCollectEntries(AddCollectEntriesRequest) returns (AddCollectEntriesResponse);
rpc GetCollectEntries (GetCollectEntriesRequest) returns (GetCollectEntriesResponse);
rpc GetCollectEntries (GetCollectEntriesRequest) returns (stream GetCollectEntriesResponse);
}
8 changes: 8 additions & 0 deletions lib/src/client/intrinsic/artifact/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
use crate::client::Id;

#[derive(Default, Debug, Clone)]
pub struct ArtifactSpec {
pub id: Option<Id>,
pub algorithm: Option<String>,
pub digest: Option<String>,
}
15 changes: 14 additions & 1 deletion lib/src/client/intrinsic/certify_bad/ingest.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use crate::client::intrinsic::certify_bad::CertifyBadInputSpec;
use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::{MatchFlags, PackageSourceOrArtifactInput, PkgMatchType};
use chrono::Utc;
use graphql_client::GraphQLQuery;
Expand Down Expand Up @@ -38,6 +38,7 @@ impl From<&CertifyBadInputSpec> for ingest_certify_bad::CertifyBadInputSpec {
origin: value.origin.clone(),
collector: value.collector.clone(),
known_since: value.known_since,
document_ref: value.document_ref.clone(),
}
}
}
Expand All @@ -55,6 +56,18 @@ impl From<&PkgInputSpec> for ingest_certify_bad::PkgInputSpec {
}
}

impl From<&IDorPkgInput> for ingest_certify_bad::IDorPkgInput {
fn from(value: &IDorPkgInput) -> Self {
Self {
package_type_id: value.package_type_id.clone(),
package_namespace_id: value.package_namespace_id.clone(),
package_name_id: value.package_name_id.clone(),
package_version_id: value.package_version_id.clone(),
package_input: value.package_input.as_ref().map(|inner| inner.into()),
}
}
}

impl From<&PackageQualifierInputSpec> for ingest_certify_bad::PackageQualifierInputSpec {
fn from(value: &PackageQualifierInputSpec) -> Self {
Self {
Expand Down
2 changes: 2 additions & 0 deletions lib/src/client/intrinsic/certify_bad/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ pub struct CertifyBadSpec {
pub origin: Option<String>,
pub collector: Option<String>,
pub known_since: Option<Time>,
pub document_ref: Option<String>,
}

impl From<&PackageUrl<'_>> for CertifyBadSpec {
Expand All @@ -102,4 +103,5 @@ pub struct CertifyBadInputSpec {
pub origin: String,
pub collector: String,
pub known_since: Time,
pub document_ref: String,
}
1 change: 1 addition & 0 deletions lib/src/client/intrinsic/certify_bad/query.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ impl From<&CertifyBadSpec> for query_certify_bad::CertifyBadSpec {
origin: value.origin.clone(),
collector: value.collector.clone(),
known_since: value.known_since,
document_ref: value.document_ref.clone(),
}
}
}
Expand Down
15 changes: 14 additions & 1 deletion lib/src/client/intrinsic/certify_good/ingest.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ use chrono::Utc;
use graphql_client::GraphQLQuery;

use crate::client::intrinsic::certify_good::CertifyGoodInputSpec;
use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::{MatchFlags, PackageSourceOrArtifactInput, PkgMatchType};

type Time = chrono::DateTime<Utc>;
Expand Down Expand Up @@ -39,6 +39,7 @@ impl From<&CertifyGoodInputSpec> for ingest_certify_good::CertifyGoodInputSpec {
origin: value.origin.clone(),
collector: value.collector.clone(),
known_since: value.known_since,
document_ref: value.document_ref.clone(),
}
}
}
Expand All @@ -56,6 +57,18 @@ impl From<&PkgInputSpec> for ingest_certify_good::PkgInputSpec {
}
}

impl From<&IDorPkgInput> for ingest_certify_good::IDorPkgInput {
fn from(value: &IDorPkgInput) -> Self {
Self {
package_type_id: value.package_type_id.clone(),
package_namespace_id: value.package_namespace_id.clone(),
package_name_id: value.package_name_id.clone(),
package_version_id: value.package_version_id.clone(),
package_input: value.package_input.as_ref().map(|inner| inner.into()),
}
}
}

impl From<&PackageQualifierInputSpec> for ingest_certify_good::PackageQualifierInputSpec {
fn from(value: &PackageQualifierInputSpec) -> Self {
Self {
Expand Down
2 changes: 2 additions & 0 deletions lib/src/client/intrinsic/certify_good/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ pub struct CertifyGoodSpec {
pub origin: Option<String>,
pub collector: Option<String>,
pub known_since: Option<Time>,
pub document_ref: Option<String>,
}

impl From<&PackageUrl<'_>> for CertifyGoodSpec {
Expand All @@ -101,4 +102,5 @@ pub struct CertifyGoodInputSpec {
pub origin: String,
pub collector: String,
pub known_since: Time,
pub document_ref: String,
}
1 change: 1 addition & 0 deletions lib/src/client/intrinsic/certify_good/query.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ impl From<&CertifyGoodSpec> for query_certify_good::CertifyGoodSpec {
origin: value.origin.clone(),
collector: value.collector.clone(),
known_since: value.known_since,
document_ref: value.document_ref.clone(),
}
}
}
Expand Down
4 changes: 2 additions & 2 deletions lib/src/client/intrinsic/certify_vex_statement/certify_vex_statement.gql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ fragment allCertifyVEXStatementTree on CertifyVEXStatement {
collector
}

mutation IngestCertifyVexStatement($subject: PackageOrArtifactInput!, $vulnerability: VulnerabilityInputSpec!, $vex_statement: VexStatementInputSpec!) {
mutation IngestCertifyVexStatement($subject: PackageOrArtifactInput!, $vulnerability: IDorVulnerabilityInput!, $vex_statement: VexStatementInputSpec!) {
ingestVEXStatement(
subject: $subject
vulnerability: $vulnerability
Expand All @@ -58,7 +58,7 @@ query QueryCertifyVexStatement($certify_vex_statement_spec: CertifyVEXStatementS
CertifyVEXStatement(
certifyVEXStatementSpec: $certify_vex_statement_spec
) {
...allCertifyVEXStatementTree
...allCertifyVEXStatementTree
}

}
27 changes: 25 additions & 2 deletions lib/src/client/intrinsic/certify_vex_statement/ingest.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use crate::client::intrinsic::certify_vex_statement::{VexJustification, VexStatementInputSpec, VexStatus};
use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::vulnerability::{Vulnerability, VulnerabilityInputSpec};
use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, Vulnerability, VulnerabilityInputSpec};
use crate::client::intrinsic::PackageOrArtifactInput;
use chrono::Utc;
use graphql_client::GraphQLQuery;
Expand Down Expand Up @@ -40,6 +40,28 @@ impl From<&PkgInputSpec> for ingest_certify_vex_statement::PkgInputSpec {
}
}

impl From<&IDorPkgInput> for ingest_certify_vex_statement::IDorPkgInput {
fn from(value: &IDorPkgInput) -> Self {
Self {
package_type_id: value.package_type_id.clone(),
package_namespace_id: value.package_namespace_id.clone(),
package_name_id: value.package_name_id.clone(),
package_version_id: value.package_version_id.clone(),
package_input: value.package_input.as_ref().map(|inner| inner.into()),
}
}
}

impl From<&IDorVulnerabilityInput> for ingest_certify_vex_statement::IDorVulnerabilityInput {
fn from(value: &IDorVulnerabilityInput) -> Self {
Self {
vulnerability_type_id: value.vulnerability_type_id.clone(),
vulnerability_node_id: value.vulnerability_node_id.clone(),
vulnerability_input: value.vulnerability_input.as_ref().map(|inner| inner.into()),
}
}
}

impl From<&VulnerabilityInputSpec> for ingest_certify_vex_statement::VulnerabilityInputSpec {
fn from(value: &VulnerabilityInputSpec) -> Self {
Self {
Expand Down Expand Up @@ -68,6 +90,7 @@ impl From<&VexStatementInputSpec> for ingest_certify_vex_statement::VexStatement
known_since: value.known_since,
origin: value.origin.clone(),
collector: value.collector.clone(),
document_ref: value.document_ref.clone(),
}
}
}
Expand Down
6 changes: 4 additions & 2 deletions lib/src/client/intrinsic/certify_vex_statement/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ mod query;
use super::vulnerability::Vulnerability;
use crate::client::intrinsic::certify_vex_statement::ingest::IngestCertifyVexStatement;
use crate::client::intrinsic::certify_vex_statement::query::{query_certify_vex_statement, QueryCertifyVexStatement};
use crate::client::intrinsic::vulnerability::{VulnerabilityInputSpec, VulnerabilitySpec};
use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, VulnerabilitySpec};
use crate::client::intrinsic::{IntrinsicGuacClient, PackageOrArtifact, PackageOrArtifactInput, PackageOrArtifactSpec};
use crate::client::{Error, Id};
use chrono::Utc;
Expand All @@ -17,7 +17,7 @@ impl IntrinsicGuacClient {
pub async fn ingest_certify_vex_statement(
&self,
subject: &PackageOrArtifactInput,
vulnerability: &VulnerabilityInputSpec,
vulnerability: &IDorVulnerabilityInput,
vex_statement: &VexStatementInputSpec,
) -> Result<Id, Error> {
use self::ingest::ingest_certify_vex_statement;
Expand Down Expand Up @@ -110,6 +110,7 @@ pub struct VexStatementInputSpec {
pub known_since: Time,
pub origin: String,
pub collector: String,
pub document_ref: String,
}

#[derive(Debug, Default)]
Expand All @@ -124,4 +125,5 @@ pub struct CertifyVexStatementSpec {
pub known_since: Option<Time>,
pub origin: Option<String>,
pub collector: Option<String>,
pub document_ref: Option<String>,
}
1 change: 1 addition & 0 deletions lib/src/client/intrinsic/certify_vex_statement/query.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ impl From<&CertifyVexStatementSpec> for query_certify_vex_statement::CertifyVEXS
known_since: value.known_since,
origin: value.origin.clone(),
collector: value.collector.clone(),
document_ref: value.document_ref.clone(),
}
}
}
Expand Down
3 changes: 2 additions & 1 deletion lib/src/client/intrinsic/certify_vuln/certify_vuln.gql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,11 @@ fragment allCertifyVulnTree on CertifyVuln {
timeScanned
origin
collector
documentRef
}
}

mutation IngestCertifyVuln($package: PkgInputSpec!, $vulnerability: VulnerabilityInputSpec!, $meta: ScanMetadataInput!) {
mutation IngestCertifyVuln($package: IDorPkgInput!, $vulnerability: IDorVulnerabilityInput!, $meta: ScanMetadataInput!) {
ingestCertifyVuln(
pkg: $package
vulnerability: $vulnerability
Expand Down
27 changes: 25 additions & 2 deletions lib/src/client/intrinsic/certify_vuln/ingest.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ use chrono::Utc;
use graphql_client::GraphQLQuery;

use crate::client::intrinsic::certify_vuln::ScanMetadataInput;
use crate::client::intrinsic::package::{PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::vulnerability::VulnerabilityInputSpec;
use crate::client::intrinsic::package::{IDorPkgInput, PackageQualifierInputSpec, PkgInputSpec};
use crate::client::intrinsic::vulnerability::{IDorVulnerabilityInput, VulnerabilityInputSpec};

type Time = chrono::DateTime<Utc>;

Expand Down Expand Up @@ -51,6 +51,7 @@ impl From<&ScanMetadataInput> for ingest_certify_vuln::ScanMetadataInput {
scanner_version: value.scanner_version.clone(),
origin: value.origin.clone(),
collector: value.collector.clone(),
document_ref: value.document_ref.clone(),
}
}
}
Expand All @@ -63,3 +64,25 @@ impl From<&PackageQualifierInputSpec> for ingest_certify_vuln::PackageQualifierI
}
}
}

impl From<&IDorPkgInput> for ingest_certify_vuln::IDorPkgInput {
fn from(value: &IDorPkgInput) -> Self {
Self {
package_type_id: value.package_type_id.clone(),
package_namespace_id: value.package_namespace_id.clone(),
package_name_id: value.package_name_id.clone(),
package_version_id: value.package_version_id.clone(),
package_input: value.package_input.as_ref().map(|pkg| pkg.into()),
}
}
}

impl From<&IDorVulnerabilityInput> for ingest_certify_vuln::IDorVulnerabilityInput {
fn from(vuln: &IDorVulnerabilityInput) -> Self {
Self {
vulnerability_input: vuln.vulnerability_input.as_ref().map(|vuln| vuln.into()),
vulnerability_node_id: vuln.vulnerability_node_id.clone(),
vulnerability_type_id: vuln.vulnerability_type_id.clone(),
}
}
}
Loading