Documentation
¶
Overview ¶
Package fossa provides a high-level interface to the FOSSA API (by default, located at https://app.fossa.io).
Index ¶
- Constants
- Variables
- func CreateTarball(dir string) (*os.File, []byte, error)
- func Get(endpoint string) (res string, statusCode int, err error)
- func GetJSON(endpoint string, v interface{}) (statusCode int, err error)
- func GetOrganizationID() (string, error)
- func NormalizeGitURL(project string) string
- func Post(endpoint string, body []byte) (res string, statusCode int, err error)
- func SetAPIKey(key string)
- func SetEndpoint(endpoint string) error
- func SourceUnitType(t pkg.Type) (string, error)
- type Build
- type Component
- type ComponentSpec
- type Issue
- type License
- type Locator
- type Project
- type Revision
- type RevisionMeta
- type SignedURL
- type SourceUnit
- type SourceUnitBuild
- type SourceUnitDependency
- type UploadOptions
- type User
Constants ¶
const BuildsAPI = "/api/builds/%s"
const IssuesAPI = "/api/issues/%s"
const RevisionsAPI = "/api/revisions/%s"
RevisionsAPI is the API endpoint for revisions.
Variables ¶
var ( SignedURLAPI = "/api/components/signed_url" ComponentsBuildAPI = "/api/components/build" )
var ( ErrNoProject = errors.New("no project provided for upload") ErrNoRevision = errors.New("no revision provided for upload") ErrNoBuildData = errors.New("no build data to upload") )
Errors related to preconditions.
var ( ErrForbidden = errors.New("authentication failed (is the API key correct?)") ErrRevisionDoesNotExist = errors.New("revision does not exist (are the project and revision correct and published in FOSSA?)") )
Errors resulting from a bad API response.
var CachedOrganizationID = -1
var UsersAPI = "/api/users/%s"
Functions ¶
func CreateTarball ¶ added in v0.7.4
CreateTarball archives and compresses a directory's contents to a temporary file while simultaneously computing its MD5 hash. The caller is responsible for closing the file handle.
func GetJSON ¶ added in v0.7.0
GetJSON makes an authenticated JSON GET request to a FOSSA API endpoint.
func GetOrganizationID ¶ added in v0.7.0
func NormalizeGitURL ¶
NormalizeGitURL normalizes all forms of git remote URLs to a single standard form.
func Post ¶
Post makes an authenticated POST request to a FOSSA API endpoint. TODO: maybe `body` should be an `io.Reader` instead.
func SetEndpoint ¶ added in v0.7.6
Types ¶
type Build ¶
A Build holds the FOSSA API response for the builds API.
func QueueBuild ¶ added in v0.7.0
type ComponentSpec ¶ added in v0.7.5
type ComponentSpec struct {
Archives []Component `json:"archives"`
}
type License ¶ added in v0.7.0
type License struct {
ID int64
LicenseID string
RevisionID string
LicenseGroupID int64
Ignored bool
Title string
URL string
FullText string
Copyright string
}
A License holds the FOSSA API response for the license API.
type Locator ¶
type Locator struct {
Fetcher string `json:"fetcher"`
Project string `json:"package"`
Revision string `json:"revision"`
}
Locator serializes FOSSA API locators.
func ReadLocator ¶
ReadLocator parses a string locator into a Locator.
func Upload ¶
func Upload(title string, locator Locator, options UploadOptions, data []SourceUnit) (Locator, error)
Upload uploads a project's analysis.
func UploadTarball ¶ added in v0.7.4
UploadTarball archives, compresses, and uploads a specified directory. It uses the directory name as the project name and the MD5 of the uploaded tarball as the revision name. It returns the locator of the uploaded tarball.
In order to upload the tarball, we need the revision name. In order to get the revision name, we need to compute the tarball's MD5 hash. In order to compute the MD5 hash, we need to see every byte of the final tarball.
To do this, we actually stream through the tarball _twice_: once to create the compressed tarball (and writing it to disk) while simultaneously calculating its hash, and again to perform the upload.
The alternative is to hold the entire tarball in memory while we upload. Since this will be running within CI machines, this is probably not a good idea. (See https://circleci.com/docs/2.0/configuration-reference/#resource_class for an example of our memory constraints.)
func (Locator) IsResolved ¶
IsResolved returns true only if a locator is resolved.
type Revision ¶ added in v0.7.0
type Revision struct {
Locator *Locator `json:"loc"`
Licenses []License
Project *Project
Meta []RevisionMeta
Issues []Issue
}
A Revision holds the FOSSA API response for the revision API.
func GetRevision ¶ added in v0.7.0
GetRevision loads a single revision.
func GetRevisions ¶ added in v0.7.0
GetRevisions loads many revisions in batched requests.
type RevisionMeta ¶ added in v0.7.0
type RevisionMeta struct {
LastScan string `json:"last_scan"`
}
A RevisionMeta holds metadata about a FOSSA API revision.
type SourceUnit ¶
type SourceUnit struct {
Name string
Type string
Manifest string
Build SourceUnitBuild
}
SourceUnit is the basic module unit of the FOSSA API.
type SourceUnitBuild ¶ added in v0.7.0
type SourceUnitBuild struct {
Artifact string
Context interface{}
Succeeded bool
Error error `json:",omitempty"`
Imports []string
Dependencies []SourceUnitDependency
}
A SourceUnitBuild contains the build information of a SourceUnit.
type SourceUnitDependency ¶ added in v0.7.0
type SourceUnitDependency struct {
// Location
Locator string `json:"locator"`
Imports []string `json:"imports,omitempty"`
// Metadata
Data *json.RawMessage `json:"data,omitempty"`
// Context
Depth int `json:"depth,omitempty"`
Parent string `json:"parent,omitempty"`
UnresolvedLocators []string `json:"unresolved_locators,omitempty"`
}
A SourceUnitDependency contains the dependency information of a SourceUnit.
type UploadOptions ¶ added in v0.7.6
UploadOptions are optional keys that provide extra metadata for an upload.
Source Files