Expand the REST API

[mssola]

• Documentation and implementation of a final v1 of the API.
• Should we have different scopes for the API ? (e.g. so not only admin users could access the API).

[mssola]

Related issues: #1112, #763. Related PRs: #1403.

[mogul]

I know Portus syncs with the registry, but is there any way to sync another with portus? Say we wanted to know when an image got scanned and if vulns were found, mail someone... How can we do that without polling the whole catalog?

[mssola]

I know Portus syncs with the registry, but is there any way to sync another with portus? Say we wanted to know when an image got scanned and if vulns were found, mail someone... How can we do that without polling the whole catalog?

I'm not sure I understood your question :sweat_smile: Please, correct me if I'm wrong.

Right now Portus supports only one registry (see #821). So, if you are asking whether portus supports some kind of coordination between registries, then I'd say that it's not supported. If you are asking for some sort of coordination between multiple Portus registries, then I'd say we don't support that either.

So I guess my question would be: what's your use case exactly ? What kind of workflow would work for you ? I'd say you can give these details into a new issue, because these questions are a bit out of the scope of this issue :wink:

[Vad1mo]

I know Portus syncs with the registry, but is there any way to sync another with portus? Say we wanted to know when an image got scanned and if vulns were found, mail someone... How can we do that without polling the whole catalog?

As understand it more correctly @mogul is referring to the webhooks functionality. Specifically triggering events on found vulns.

[mogul]

As understand it more correctly @mogul is referring to the webhooks functionality. Specifically triggering events on found vulns.

Yes, that's exactly what I'm thinking of. Still out of scope and needing another issue?

[mssola]

@mogul just opened #1726 for that. Thanks @Vad1mo for clarifying !

[adnoh]

Why not using the Webhooks from Clair? (if you are using it as a scanner). https://coreos.com/clair/docs/latest/notifications.html - with the clair api you could scan the image BEFORE pushing it to the registry which works quite well

[mssola]

@adnoh thanks for the heads up! I'll paste this comment into the other issue to keep everything on the same place.

[adnoh]

@mssola You're welcome. I've just went through the whole portus, postgres, clair, registry, kubernetes journey the last week - so I'm looking around if I can help anyone with current issues :) it was quite hard to get all the pieces working. Everything works fine now except of "Failed to create bus connection: No such file or directory" after every api/v1/health check call - I'll create an issue for that.

[mssola]

@adnoh what do you mean by hard? What was hard for you ? Just asking in case we can improve the documentation or our examples :+1:

[mssola]

This is an on-going effort. Scheduling for the 2.5 release...