{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://schemas.stella-ops.org/policy/policy-report-sample@1.json", "title": "Policy Report Sample", "type": "object", "additionalProperties": false, "required": [ "reportRequest", "reportResponse" ], "properties": { "reportRequest": { "type": "object", "additionalProperties": false, "required": [ "imageDigest", "findings" ], "properties": { "imageDigest": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" }, "findings": { "type": "array", "minItems": 1, "items": { "$ref": "#/$defs/finding" } }, "baseline": { "type": "array", "items": { "$ref": "#/$defs/baselineVerdict" } } } }, "reportResponse": { "type": "object", "additionalProperties": false, "required": [ "report", "dsse" ], "properties": { "report": { "type": "object", "additionalProperties": false, "required": [ "reportId", "imageDigest", "generatedAt", "verdict", "policy", "summary", "verdicts", "issues" ], "properties": { "reportId": { "type": "string" }, "imageDigest": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" }, "generatedAt": { "type": "string", "format": "date-time" }, "verdict": { "type": "string" }, "policy": { "type": "object", "additionalProperties": false, "required": [ "revisionId", "digest" ], "properties": { "revisionId": { "type": "string" }, "digest": { "type": "string", "pattern": "^[0-9a-f]{64}$" } } }, "summary": { "type": "object", "additionalProperties": false, "required": [ "total", "blocked", "warned", "ignored", "quieted" ], "properties": { "total": { "type": "integer", "minimum": 0 }, "blocked": { "type": "integer", "minimum": 0 }, "warned": { "type": "integer", "minimum": 0 }, "ignored": { "type": "integer", "minimum": 0 }, "quieted": { "type": "integer", "minimum": 0 } } }, "verdicts": { "type": "array", "minItems": 1, "items": { "$ref": "#/$defs/projectedVerdict" } }, "issues": { "type": "array", "items": { "type": "object", "additionalProperties": false, "required": [ "code", "message", "severity", "path" ], "properties": { "code": { "type": "string" }, "message": { "type": "string" }, "severity": { "type": "string" }, "path": { "type": "string" } } } } } }, "dsse": { "type": "object", "additionalProperties": false, "required": [ "payloadType", "payload", "signatures" ], "properties": { "payloadType": { "type": "string" }, "payload": { "type": "string" }, "signatures": { "type": "array", "minItems": 1, "items": { "type": "object", "additionalProperties": false, "required": [ "keyId", "algorithm", "signature" ], "properties": { "keyId": { "type": "string" }, "algorithm": { "type": "string" }, "signature": { "type": "string" } } } } } } } } }, "$defs": { "finding": { "type": "object", "required": [ "id", "severity", "source" ], "properties": { "id": { "type": "string" }, "severity": { "type": "string" }, "source": { "type": "string" }, "tags": { "type": "array", "items": { "type": "string" } } }, "additionalProperties": true }, "inputs": { "type": "object", "minProperties": 1, "propertyNames": { "type": "string", "maxLength": 64 }, "additionalProperties": { "type": "number" } }, "baselineVerdict": { "type": "object", "additionalProperties": false, "required": [ "findingId", "status", "configVersion", "score" ], "properties": { "findingId": { "type": "string" }, "status": { "type": "string", "enum": [ "Pass", "Blocked", "Warned", "Ignored", "Deferred", "Escalated", "RequiresVex" ] }, "ruleName": { "type": [ "string", "null" ] }, "ruleAction": { "type": [ "string", "null" ] }, "notes": { "type": [ "string", "null" ] }, "score": { "type": "number" }, "configVersion": { "type": "string" }, "inputs": { "$ref": "#/$defs/inputs" }, "quietedBy": { "type": [ "string", "null" ] }, "quiet": { "type": "boolean" }, "unknownConfidence": { "type": "number", "minimum": 0 }, "confidenceBand": { "type": "string", "enum": [ "low", "medium", "high", "unspecified" ] }, "unknownAgeDays": { "type": "number", "minimum": 0 }, "sourceTrust": { "type": "string" }, "reachability": { "type": "string", "enum": [ "unknown", "runtime", "entrypoint", "direct", "indirect", "unreachable" ] } } }, "projectedVerdict": { "allOf": [ { "$ref": "#/$defs/baselineVerdict" }, { "type": "object", "required": [ "ruleName", "ruleAction", "unknownConfidence", "confidenceBand", "unknownAgeDays", "sourceTrust", "reachability" ], "properties": { "ruleName": { "type": "string" }, "ruleAction": { "type": "string" }, "unknownConfidence": { "type": "number", "minimum": 0 }, "confidenceBand": { "type": "string", "enum": [ "low", "medium", "high", "unspecified" ] }, "unknownAgeDays": { "type": "number", "minimum": 0 }, "sourceTrust": { "type": "string" }, "reachability": { "type": "string", "enum": [ "unknown", "runtime", "entrypoint", "direct", "indirect", "unreachable" ] } } } ] } } }