Open cheonsaxelle opened 6 days ago
Maybe the Swagger is not updated ? If it is updated is it an issue with the api or does the problem come from my data?
The Swagger doc is generated from code, and unfortunately the REST API re-uses the same model classes for multiple endpoints. That of course makes it hard to signal when properties should or should not be there.
Current Behavior
After calling /api/v1/metrics/project/xxxxx/current, the returned ProjectMetric doesn't contain a project field. Swagger says the project field is required in a ProjectMetric structure. With this request :
curl -H "X-Api-Key: xxxxx" -s http://xxxx/api/v1/metrics/project/079df992-19fd-46b1-9056-b79b46c7b10f/current | jq
I get the following answer :I did the same for my whole database and the project field is never there.
Maybe the Swagger is not updated ? If it is updated is it an issue with the api or does the problem come from my data?
Steps to Reproduce
For a unit test :
curl -H "X-Api-Key: xxxxx" -s http://xxxx/api/v1/metrics/project/079df992-19fd-46b1-9056-b79b46c7b10f/current | jq
For a database test :
Get all the projects from the database :
curl -H "X-Api-Key: l8QGZayV5XyvGq2iaOHzHglbXPyXAcm3" -k -v https://dependency-track-apiserver.apps.openshift-indus.france.dev.lyra.cloud/api/v1/project > out.json
Parse the result to extract the uuids :
jq '.' out.json | grep -v "directDependencies" | grep -v "parent" | grep -v "children" | grep "uuid" | cut -d '"' -f 4 > uuid.txt
For each uuid, call getProjectCurrentMetrics and extract the number of projects appearing in the result :
while read line; do curl -H "X-Api-Key: xxxxx" -s http://xxxxx/api/v1/metrics/project/$line/current; done < uuid.txt | grep -c "project"
Expected Behavior
According to the Swagger, project is a required field in a ProjectMetric structure :
So i should get at least :
Dependency-Track Version
4.11.3
Dependency-Track Distribution
Container Image
Database Server
PostgreSQL
Database Server Version
14
Browser
N/A
Checklist