search

target / portauthority

API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities
Other
151 stars 21 forks source link

Error upserting policy with AllowedRiskSeverity as list #10

Closed caipre closed 2 months ago

caipre commented 6 years ago

A policy with AllowedRiskSeverity as a list fails to create:

$ curl -XPOST -H'content-type: application/json' -d '{"Policy":{"Name":"High","AllowedRiskSeverity":"[\"Negligible\",\"Low\",\"Medium\"]"}}' localhost:31700/v1/policies
{"Error":{"Message":"error upserting policy: pq: malformed array literal: \"{[\"Negligible\",\"Low\",\"Medium\"]}\""}}

The value is treated as a list when listing an image's vulnerabilities: https://github.com/target/portauthority/blob/f2513f0b45301c054188f90d45de229efd96aaa4/api/v1/routes.go#L962

Maybe there's some marshaling required here: https://github.com/target/portauthority/blob/master/pkg/datastore/pgsql/policy.go#L60 ? My golang isn't too strong. Will try to look more into this tomorrow.

ErikThoreson commented 6 years ago

@caipre try it like this. AllowedRiskSeverity is a string on the input currently.

curl -XPOST -H'content-type: application/json' -d '{"Policy":{"Name":"High","AllowedRiskSeverity":"Negligible,Low,Medium"}}' http://localhost:31700/v1/policies