113 lines
3.0 KiB
C#
113 lines
3.0 KiB
C#
using System.Collections.Immutable;
|
|
using System.Text.Json.Serialization;
|
|
|
|
namespace StellaOps.Scanner.Emit.Composition;
|
|
|
|
/// <summary>
|
|
/// Reference to a per-layer SBOM stored in CAS.
|
|
/// </summary>
|
|
public sealed record LayerSbomRef
|
|
{
|
|
/// <summary>
|
|
/// The digest of the layer (e.g., "sha256:abc123...").
|
|
/// </summary>
|
|
[JsonPropertyName("layerDigest")]
|
|
public required string LayerDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// The order of the layer in the image (0-indexed).
|
|
/// </summary>
|
|
[JsonPropertyName("order")]
|
|
public required int Order { get; init; }
|
|
|
|
/// <summary>
|
|
/// SHA256 digest of the layer fragment (component list).
|
|
/// </summary>
|
|
[JsonPropertyName("fragmentDigest")]
|
|
public required string FragmentDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// SHA256 digest of the CycloneDX SBOM for this layer.
|
|
/// </summary>
|
|
[JsonPropertyName("cycloneDxDigest")]
|
|
public required string CycloneDxDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// CAS URI of the CycloneDX SBOM.
|
|
/// </summary>
|
|
[JsonPropertyName("cycloneDxCasUri")]
|
|
public required string CycloneDxCasUri { get; init; }
|
|
|
|
/// <summary>
|
|
/// SHA256 digest of the SPDX SBOM for this layer.
|
|
/// </summary>
|
|
[JsonPropertyName("spdxDigest")]
|
|
public required string SpdxDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// CAS URI of the SPDX SBOM.
|
|
/// </summary>
|
|
[JsonPropertyName("spdxCasUri")]
|
|
public required string SpdxCasUri { get; init; }
|
|
|
|
/// <summary>
|
|
/// Number of components in this layer.
|
|
/// </summary>
|
|
[JsonPropertyName("componentCount")]
|
|
public required int ComponentCount { get; init; }
|
|
}
|
|
|
|
/// <summary>
|
|
/// Result of generating per-layer SBOMs.
|
|
/// </summary>
|
|
public sealed record LayerSbomResult
|
|
{
|
|
/// <summary>
|
|
/// References to all per-layer SBOMs, ordered by layer order.
|
|
/// </summary>
|
|
[JsonPropertyName("layerSboms")]
|
|
public required ImmutableArray<LayerSbomRef> LayerSboms { get; init; }
|
|
|
|
/// <summary>
|
|
/// Merkle root computed from all layer SBOM digests.
|
|
/// </summary>
|
|
[JsonPropertyName("merkleRoot")]
|
|
public required string MerkleRoot { get; init; }
|
|
}
|
|
|
|
/// <summary>
|
|
/// Artifact bytes for a single layer's SBOM.
|
|
/// </summary>
|
|
public sealed record LayerSbomArtifact
|
|
{
|
|
/// <summary>
|
|
/// The layer digest this SBOM represents.
|
|
/// </summary>
|
|
public required string LayerDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// CycloneDX JSON bytes.
|
|
/// </summary>
|
|
public required byte[] CycloneDxJsonBytes { get; init; }
|
|
|
|
/// <summary>
|
|
/// SHA256 of CycloneDX JSON.
|
|
/// </summary>
|
|
public required string CycloneDxDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// SPDX JSON bytes.
|
|
/// </summary>
|
|
public required byte[] SpdxJsonBytes { get; init; }
|
|
|
|
/// <summary>
|
|
/// SHA256 of SPDX JSON.
|
|
/// </summary>
|
|
public required string SpdxDigest { get; init; }
|
|
|
|
/// <summary>
|
|
/// Number of components in this layer.
|
|
/// </summary>
|
|
public required int ComponentCount { get; init; }
|
|
}
|