109 lines
2.6 KiB
C#
109 lines
2.6 KiB
C#
namespace StellaOps.VulnExplorer.Api.Models;
|
|
|
|
/// <summary>
|
|
/// In-toto style attestation for vulnerability scan results.
|
|
/// Based on docs/schemas/attestation-vuln-scan.schema.json
|
|
/// </summary>
|
|
public sealed record VulnScanAttestationDto(
|
|
string Type,
|
|
string PredicateType,
|
|
IReadOnlyList<AttestationSubjectDto> Subject,
|
|
VulnScanPredicateDto Predicate,
|
|
AttestationMetaDto AttestationMeta);
|
|
|
|
/// <summary>
|
|
/// Subject of an attestation (artifact that was scanned).
|
|
/// </summary>
|
|
public sealed record AttestationSubjectDto(
|
|
string Name,
|
|
IReadOnlyDictionary<string, string> Digest);
|
|
|
|
/// <summary>
|
|
/// Vulnerability scan result predicate.
|
|
/// </summary>
|
|
public sealed record VulnScanPredicateDto(
|
|
ScannerInfoDto Scanner,
|
|
ScannerDbInfoDto? ScannerDb,
|
|
DateTimeOffset ScanStartedAt,
|
|
DateTimeOffset ScanCompletedAt,
|
|
SeverityCountsDto SeverityCounts,
|
|
FindingReportDto FindingReport);
|
|
|
|
/// <summary>
|
|
/// Scanner information.
|
|
/// </summary>
|
|
public sealed record ScannerInfoDto(
|
|
string Name,
|
|
string Version);
|
|
|
|
/// <summary>
|
|
/// Vulnerability database information.
|
|
/// </summary>
|
|
public sealed record ScannerDbInfoDto(
|
|
DateTimeOffset? LastUpdatedAt);
|
|
|
|
/// <summary>
|
|
/// Count of findings by severity.
|
|
/// </summary>
|
|
public sealed record SeverityCountsDto(
|
|
int Critical,
|
|
int High,
|
|
int Medium,
|
|
int Low);
|
|
|
|
/// <summary>
|
|
/// Reference to the full findings report.
|
|
/// </summary>
|
|
public sealed record FindingReportDto(
|
|
string MediaType,
|
|
string Location,
|
|
IReadOnlyDictionary<string, string> Digest);
|
|
|
|
/// <summary>
|
|
/// Attestation metadata including signer info.
|
|
/// </summary>
|
|
public sealed record AttestationMetaDto(
|
|
string StatementId,
|
|
DateTimeOffset CreatedAt,
|
|
AttestationSignerDto Signer);
|
|
|
|
/// <summary>
|
|
/// Entity that signed an attestation.
|
|
/// </summary>
|
|
public sealed record AttestationSignerDto(
|
|
string Name,
|
|
string KeyId);
|
|
|
|
/// <summary>
|
|
/// Response for listing attestations.
|
|
/// </summary>
|
|
public sealed record AttestationListResponse(
|
|
IReadOnlyList<AttestationSummaryDto> Items,
|
|
string? NextPageToken);
|
|
|
|
/// <summary>
|
|
/// Summary view of an attestation for listing.
|
|
/// </summary>
|
|
public sealed record AttestationSummaryDto(
|
|
string Id,
|
|
AttestationType Type,
|
|
string SubjectName,
|
|
IReadOnlyDictionary<string, string> SubjectDigest,
|
|
string PredicateType,
|
|
DateTimeOffset CreatedAt,
|
|
string? SignerName,
|
|
string? SignerKeyId,
|
|
bool Verified);
|
|
|
|
/// <summary>
|
|
/// Attestation type enumeration.
|
|
/// </summary>
|
|
public enum AttestationType
|
|
{
|
|
VulnScan,
|
|
Sbom,
|
|
Vex,
|
|
PolicyEval,
|
|
Other
|
|
}
|