121 lines
3.8 KiB
JSON
121 lines
3.8 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://stellaops.io/schemas/run-manifest/v1",
|
|
"title": "StellaOps Run Manifest",
|
|
"description": "Captures all inputs for deterministic scan replay",
|
|
"type": "object",
|
|
"required": [
|
|
"runId",
|
|
"schemaVersion",
|
|
"artifactDigests",
|
|
"feedSnapshot",
|
|
"policySnapshot",
|
|
"toolVersions",
|
|
"cryptoProfile",
|
|
"environmentProfile",
|
|
"canonicalizationVersion",
|
|
"initiatedAt"
|
|
],
|
|
"properties": {
|
|
"runId": { "type": "string" },
|
|
"schemaVersion": { "type": "string", "pattern": "^\\d+\\.\\d+\\.\\d+$" },
|
|
"artifactDigests": {
|
|
"type": "array",
|
|
"items": { "$ref": "#/$defs/artifactDigest" },
|
|
"minItems": 1
|
|
},
|
|
"sbomDigests": {
|
|
"type": "array",
|
|
"items": { "$ref": "#/$defs/sbomReference" }
|
|
},
|
|
"feedSnapshot": { "$ref": "#/$defs/feedSnapshot" },
|
|
"policySnapshot": { "$ref": "#/$defs/policySnapshot" },
|
|
"toolVersions": { "$ref": "#/$defs/toolVersions" },
|
|
"cryptoProfile": { "$ref": "#/$defs/cryptoProfile" },
|
|
"environmentProfile": { "$ref": "#/$defs/environmentProfile" },
|
|
"prngSeed": { "type": ["integer", "null"] },
|
|
"canonicalizationVersion": { "type": "string" },
|
|
"initiatedAt": { "type": "string", "format": "date-time" },
|
|
"manifestDigest": { "type": ["string", "null"] }
|
|
},
|
|
"$defs": {
|
|
"artifactDigest": {
|
|
"type": "object",
|
|
"required": ["algorithm", "digest"],
|
|
"properties": {
|
|
"algorithm": { "enum": ["sha256", "sha512"] },
|
|
"digest": { "type": "string", "pattern": "^[a-f0-9]{64,128}$" },
|
|
"mediaType": { "type": ["string", "null"] },
|
|
"reference": { "type": ["string", "null"] }
|
|
}
|
|
},
|
|
"sbomReference": {
|
|
"type": "object",
|
|
"required": ["format", "digest"],
|
|
"properties": {
|
|
"format": { "type": "string" },
|
|
"digest": { "type": "string" },
|
|
"uri": { "type": ["string", "null"] }
|
|
}
|
|
},
|
|
"feedSnapshot": {
|
|
"type": "object",
|
|
"required": ["feedId", "version", "digest", "snapshotAt"],
|
|
"properties": {
|
|
"feedId": { "type": "string" },
|
|
"version": { "type": "string" },
|
|
"digest": { "type": "string" },
|
|
"snapshotAt": { "type": "string", "format": "date-time" }
|
|
}
|
|
},
|
|
"policySnapshot": {
|
|
"type": "object",
|
|
"required": ["policyVersion", "latticeRulesDigest", "enabledRules"],
|
|
"properties": {
|
|
"policyVersion": { "type": "string" },
|
|
"latticeRulesDigest": { "type": "string" },
|
|
"enabledRules": {
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
}
|
|
}
|
|
},
|
|
"toolVersions": {
|
|
"type": "object",
|
|
"required": ["scannerVersion", "sbomGeneratorVersion", "reachabilityEngineVersion", "attestorVersion", "additionalTools"],
|
|
"properties": {
|
|
"scannerVersion": { "type": "string" },
|
|
"sbomGeneratorVersion": { "type": "string" },
|
|
"reachabilityEngineVersion": { "type": "string" },
|
|
"attestorVersion": { "type": "string" },
|
|
"additionalTools": { "type": "object" }
|
|
}
|
|
},
|
|
"cryptoProfile": {
|
|
"type": "object",
|
|
"required": ["profileName", "trustRootIds", "allowedAlgorithms"],
|
|
"properties": {
|
|
"profileName": { "type": "string" },
|
|
"trustRootIds": {
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
},
|
|
"allowedAlgorithms": {
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
}
|
|
}
|
|
},
|
|
"environmentProfile": {
|
|
"type": "object",
|
|
"required": ["name", "valkeyEnabled"],
|
|
"properties": {
|
|
"name": { "type": "string" },
|
|
"valkeyEnabled": { "type": "boolean" },
|
|
"postgresVersion": { "type": ["string", "null"] },
|
|
"valkeyVersion": { "type": ["string", "null"] }
|
|
}
|
|
}
|
|
}
|
|
}
|