Vigiles API Manual

api package — linuxlink 2021 documentation

Cves module¶

Route:/v1/vigiles/cves/<cve_id> Methods: "GET"¶

Search CVE info by CVE id

Parameters:	cve_id (`str`) – ID of the cve to search for request_data (JSON object) – Data sent with request with keys: `"email"` Email of user sending the request `"fields"` Fields to return in search results. Valid fields: “affected_configurations”, “assigned_by”, “description”, “identifier”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:	search_results – Results of search with keys: “affected_configurations”, “assigned_by”, “description”, “identifier”, “impact”, “modified”, “problem_types”, “published”, “references”
Return type:	JSON object

Route:/v1/vigiles/cves Methods: "GET"¶

Search for CVEs with a product name and version

Parameters:

Parameters:	request_data (`JSON object ['str', 'str']`) – Data sent with request with keys: `"email"` Email of user sending the request `"product"` CPE Product (package name) to get CVEs for `"version"` Version of package to get CVEs for `"ids_only"` If True, an array of CVE ids will be returned
Returns:	cves – An array of CVE ids is returned if “ids_only” is true. Otherwise, a dictionary with CVE information will be returned
Return type:	`array(object)`

request_data (JSON object ['str', 'str']) –

Data sent with request with keys:

"email": Email of user sending the request
"product": CPE Product (package name) to get CVEs for
"version": Version of package to get CVEs for
"ids_only": If True, an array of CVE ids will be returned

Returns: cves – An array of CVE ids is returned if “ids_only” is true. Otherwise, a dictionary with CVE information will be returned

Return type: array(object)

Folders module¶

Route:/v1/vigiles/folders Methods: "GET"¶

Get an array of folder information that can be filtered by product token

If no product token is given, all folders that the user owns will be returned.

Parameters:

Parameters:	request_data (JSON object) – Data sent with request with keys: `"email"` Email of user sending the request `"product_token"`, optional Token of the product to get folders from
Returns:	folder_tokens – Array of folder information objects with keys: “folder_token”, “folder_name”, “folder_description”, “creation_date”, “product_token”
Return type:	`array(object)`

request_data (JSON object) –

Data sent with request with keys:

"email": Email of user sending the request
"product_token", optional: Token of the product to get folders from

Returns: folder_tokens – Array of folder information objects with keys: “folder_token”, “folder_name”, “folder_description”, “creation_date”, “product_token”

Return type: array(object)

Manifests module¶

Route:/v1/vigiles/manifests/<token> Methods: "DELETE"¶

Delete a manifest with a given token

Parameters:

Parameters:	token (`str`) – The token of the manifest to delete request_data (`"JSON object"`) – Data sent with request with keys: `"email"` Email of user sending the request
Returns:	response – Results with keys: `"success"` True if successful, False otherwise `"message"` Message describing response
Return type:	JSON object

token (str) – The token of the manifest to delete
request_data ("JSON object") –
Data sent with request with keys:

"email"

Email of user sending the request

Returns:

response – Results with keys:

"success": True if successful, False otherwise
"message": Message describing response

Return type:

JSON object

Route:/v1/vigiles/manifests/<token>/reports/latest Methods: "GET"¶

Get the latest CVE report results from a given manifest token

Parameters:

Parameters:	token (`str`) – The token of the manifest to get the latest scan results from request_data (`"JSON object"`) – Data sent with request with keys: `"email"` Email of user sending the request
Returns:	scan_results – Results of scan with keys: `"manifest_token"` Token of the manifest `"product_token"` Token of the product that the manifest belongs to `"folder_token"` Token of the folder that the manifest is in `"cves"` Array of objects containing information about CVEs found in the scan `"arch_cves"` Array of objects containing information about architecture CVEs found in the scan `"counts"` Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted `"date"` Date of the scan `"report_path"` URL where the report can be viewed
Return type:	JSON object

token (str) – The token of the manifest to get the latest scan results from
request_data ("JSON object") –
Data sent with request with keys:

"email"

Email of user sending the request

Returns:

scan_results – Results of scan with keys:

"manifest_token": Token of the manifest
"product_token": Token of the product that the manifest belongs to
"folder_token": Token of the folder that the manifest is in
"cves": Array of objects containing information about CVEs found in the scan
"arch_cves": Array of objects containing information about architecture CVEs found in the scan
"counts": Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted
"date": Date of the scan
"report_path": URL where the report can be viewed

Return type:

JSON object

Route:/v1/vigiles/manifests/<token> Methods: "GET"¶

Get information about a manifest with a given token

Parameters:

Parameters:	request_data (JSON object) – Data sent with request with keys: `"email"` Email of the user sending the request `"send_file"` If true, a manifest file will be sent
Returns:	manifest_info (`array(object)` or `file`) Array of manifest information objects with keys – “manifest_token”, “manifest_name”, “folder_token”, “product_token”, “upload_date”, “manifest_data”

request_data (JSON object) –

Data sent with request with keys:

"email": Email of the user sending the request
"send_file": If true, a manifest file will be sent

Returns:

manifest_info (array(object) or file)
Array of manifest information objects with keys – “manifest_token”, “manifest_name”, “folder_token”, “product_token”, “upload_date”, “manifest_data”

Route:/v1/vigiles/manifests Methods: "GET"¶

Get an array of manifests information from a product or folder.

Only either a product token or folder token should be given. If neither are given, all manifests that the user owns will be returned.

Parameters:

Parameters:	request_data (`JSON object ['str', 'str']`) – Data sent with request with keys: `"email"` Email of user sending the request `"product"`, optional Token of the product to get manifests from `"folder"`, optional Token of the folder to get manifests from
Returns:	manifests – Array of product information objects with keys: “manifest_name”, “manifest_token”, “product_token”, “folder_token”, “upload_date”
Return type:	`array(object)`

request_data (JSON object ['str', 'str']) –

Data sent with request with keys:

"email": Email of user sending the request
"product", optional: Token of the product to get manifests from
"folder", optional: Token of the folder to get manifests from

Returns: manifests – Array of product information objects with keys: “manifest_name”, “manifest_token”, “product_token”, “folder_token”, “upload_date”

Return type: array(object)

Route:/v1/vigiles/manifests/<token>/reports Methods: "POST"¶

Rescan a manifest with a given token

Parameters:

Parameters:	token (`str`) – The token of the manifest to get the latest scan results from request_data (`JSON object ['str', 'str']`) – Data sent with request with keys: `"email"` Email of user sending the request `"rescan_only"` Anything other than “false” or “f” to only rescan the manifest
Returns:	scan_results – Results of scan with keys: `"cves"` Array of objects containing information about CVEs found in the scan `"arch_cves"` Array of objects containing information about architecture CVEs found in the scan `"counts"` Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted `"date"` Date of the scan `"product_name"` Name of the product that the manifest belongs to `"product_path"` URL where the product can be viewed `"report_path"` URL where the report can be viewed
Return type:	JSON object

token (str) – The token of the manifest to get the latest scan results from
request_data (JSON object ['str', 'str']) –
Data sent with request with keys:

"email"

Email of user sending the request

"rescan_only"

Anything other than “false” or “f” to only rescan the manifest

Returns:

scan_results – Results of scan with keys:

"cves": Array of objects containing information about CVEs found in the scan
"arch_cves": Array of objects containing information about architecture CVEs found in the scan
"counts": Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted
"date": Date of the scan
"product_name": Name of the product that the manifest belongs to
"product_path": URL where the product can be viewed
"report_path": URL where the report can be viewed

Return type:

JSON object

Route:/v1/vigiles/manifests Methods: "POST"¶

Upload manifest and return scan results

Parameters:

Parameters:	request_data (JSON object) – post data with keys: `"manifest"` Manifest data to scan `"email"` Email of user sending the request `"kernel_config"` Kernel config data `"uboot_config"` Uboot config data `"manifest_name"` Name to give the new manifest `"product_token"` Token of the product the manifest should belong to `"folder_token"` Token of the folder where the manifest should be stored
Returns:	scan_results – Results of scan with keys: `"manifest_token"` Token of the manifest `"product_token"` Token of the product that the manifest belongs to `"folder_token"` Token of the folder that the manifest is in `"cves"` Array of dictionaries containing information about CVEs found in the scan `"arch_cves"` List of dictionaries containing information about architecture CVEs found in the scan `"counts"` Dictionary containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted `"date"` Date of the scan `"report_path"` URL where the report can be viewed
Return type:	JSON object

request_data (JSON object) –

post data with keys:

"manifest": Manifest data to scan
"email": Email of user sending the request
"kernel_config": Kernel config data
"uboot_config": Uboot config data
"manifest_name": Name to give the new manifest
"product_token": Token of the product the manifest should belong to
"folder_token": Token of the folder where the manifest should be stored

Returns:

scan_results – Results of scan with keys:

"manifest_token": Token of the manifest
"product_token": Token of the product that the manifest belongs to
"folder_token": Token of the folder that the manifest is in
"cves": Array of dictionaries containing information about CVEs found in the scan
"arch_cves": List of dictionaries containing information about architecture CVEs found in the scan
"counts": Dictionary containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted
"date": Date of the scan
"report_path": URL where the report can be viewed

Return type: JSON object

Products module¶

Route:/v1/vigiles/products Methods: "POST"¶

Create a new product for a user

Parameters:

Parameters:	product_token (`str`) – the token of a product request_data (JSON object) – Data sent with request with keys: `"email"` Email of the user sending the request `"name"` Name for the new product `"desc"`, optional Description for the new product
Returns:	product_info – Results of comparison with keys: `"name"` Name of product `"description"` Description of product `"token"` Token for the product
Return type:	JSON object

product_token (str) – the token of a product
request_data (JSON object) –
Data sent with request with keys:

"email"

Email of the user sending the request

"name"

Name for the new product

"desc", optional

Description for the new product

Returns:

product_info – Results of comparison with keys:

"name": Name of product
"description": Description of product
"token": Token for the product

Return type:

JSON object

Route:/v1/vigiles/products/<product_token> Methods: "GET"¶

Get information about a product from a given token

Parameters:

Parameters:	product_token (`str`) – Token of the product request_data (JSON object) – Data sent with request with keys: `"email"` Email of user sending the request
Returns:	product_info – Results of comparison with keys: `"name"` Name of product `"description"` Description of product `"token"` Token for the product `"is_default"` True if product is default product for user, otherwise False `"created"` Date that the product was created
Return type:	JSON object

product_token (str) – Token of the product
request_data (JSON object) –
Data sent with request with keys:

"email"

Email of user sending the request

Returns:

product_info – Results of comparison with keys:

"name": Name of product
"description": Description of product
"token": Token for the product
"is_default": True if product is default product for user, otherwise False
"created": Date that the product was created

Return type:

JSON object

Route:/v1/vigiles/products Methods: "GET"¶

Get information about all products for a user

Parameters:

Parameters:	request_data (JSON object) – Data sent with request with keys: `"email"` Email of the user sending the request
Returns:	product_info – Array of product information objects with keys: “name”, “description”, “token”
Return type:	`list(object)`

request_data (JSON object) –

Data sent with request with keys:

"email": Email of the user sending the request

Returns: product_info – Array of product information objects with keys: “name”, “description”, “token”

Return type: list(object)

Reports module¶

Route:/v1/vigiles/reports/compare Methods: "GET"¶

Compare two CVE reports with given tokens

Parameters:

Parameters:	request_data (JSON object) – Data sent with request with keys: `"token_one"` Token for the first CVE report to compare `"token_two"` Token for the second CVE report to compare
Returns:	compare_results – Results of comparison with keys: `"resolved"` List of CVEs resolved between the reports `"new"` List new CVEs between the reports
Return type:	JSON object

request_data (JSON object) –

Data sent with request with keys:

"token_one": Token for the first CVE report to compare
"token_two": Token for the second CVE report to compare

Returns:

compare_results – Results of comparison with keys:

"resolved": List of CVEs resolved between the reports
"new": List new CVEs between the reports

Return type: JSON object

Stats module¶

Route:/v1/heartbeat Methods: "GET", "POST"¶

This function makes a simple GET request to the LinuxLink server to ensure that the server is available, and that HMAC authentication is working properly.

Returns:	`"ok"` True if successful, False otherwise.
Return type:	`JSON object ['str', 'bool']`