Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feature] Experimental Advanced Query REST API #1326

Closed
jeffmendoza opened this issue Sep 26, 2023 · 3 comments · Fixed by #1452
Closed

[feature] Experimental Advanced Query REST API #1326

jeffmendoza opened this issue Sep 26, 2023 · 3 comments · Fixed by #1452
Assignees
Labels
enhancement New feature or request

Comments

@jeffmendoza
Copy link
Collaborator

Is your feature request related to a problem? Please describe.

GUAC users and community members continue to identify novel questions or solutions that GUAC will enable answering. Not all of these translate into a single GraphQL query. Also, not all users are interested in learning GraphQL and crafting complex queries.

Example of these are in the guacone query cli command, however users want to be able to call this from other programs or scripts. GUAC should provide a "callabe" interface to the advanced queries that require filtering and/or graph traversal.

Describe the solution you'd like
A new guac binary that will serve an http REST API. Endpoints will be advanced queries that query GUAC GraphQL and return answers. Starting queries will be the same as in the guacone cli:

  bad         Query to find more information on certifyBad.
  known       Query for all the available information on a package, source, or artifact.
  vuln        query if a package is affected by the specified vulnerability

More advanced filters and conditions can be added to these. Also more queries can be added as well.

Describe alternatives you've considered

More advanced queries can be added as new queries directly to GUAC's GraphQL API.

Additional context

Initial discussion is to move forward with a new binary under cmd/. Update the Makefile to build it, but don't add it to release. Also, require an experimental env var to be set to run. The API should support both OpenAPI and be compatible/translatable to protobuf. Moving forward does not preclude the alternative above and will be treated as an experiment.

@jeffmendoza jeffmendoza added the enhancement New feature or request label Sep 26, 2023
@nathannaveen
Copy link
Contributor

I would like to work on this.

@lumjjb
Copy link
Contributor

lumjjb commented Oct 9, 2023

+1 on the proposal. I think this is quite a sizable feature and it'd be nice to have a design doc explaining a bit more about the mechanics of how this would work (both from an infrastructure level, as well as the dependencies of the other GUAC components and libraries).

@nathannaveen
Copy link
Contributor

I am working on the REST APIs design and code (it experimental). Here is the design doc, https://github.com/nathannaveen/guac/blob/nathan/implementREST/cmd/rest/design.md.

nathannaveen added a commit to nathannaveen/guac that referenced this issue Oct 31, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*
nathannaveen added a commit to nathannaveen/guac that referenced this issue Oct 31, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>
nathannaveen added a commit to nathannaveen/guac that referenced this issue Nov 6, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>
nathannaveen added a commit to nathannaveen/guac that referenced this issue Nov 6, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>
nathannaveen added a commit to nathannaveen/guac that referenced this issue Nov 8, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>
nathannaveen added a commit to nathannaveen/guac that referenced this issue Nov 15, 2023
* Fixes guacsec#1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>
@kodiakhq kodiakhq bot closed this as completed in #1452 Nov 15, 2023
kodiakhq bot pushed a commit that referenced this issue Nov 15, 2023
* Implemented the REST API

* Fixes #1326
* Implemented the REST API for Known
*

Fixed docker-compose down

When running `make stop-service` I was getting:

```
make stop-service
docker compose down
service "oci-collector" depends on undefined service guac-graphql: invalid compose project
make: *** [stop-service] Error 15
```

This is because the guac-graphql was removed from, 8336525.

Signed-off-by: nathannaveen <[email protected]>

* Added comments to vuln to improve readability

Signed-off-by: nathannaveen <[email protected]>

* Basic REST API for Bad

Signed-off-by: nathannaveen <[email protected]>

* Updated to include visualizer url

Signed-off-by: nathannaveen <[email protected]>

* Updated docs

Signed-off-by: nathannaveen <[email protected]>

* Included Tests for Bad

Signed-off-by: nathannaveen <[email protected]>

* Updated based on comment

Signed-off-by: nathannaveen <[email protected]>

* Updated Makefile

Signed-off-by: nathannaveen <[email protected]>

* Ignored other operating systems for goreleaser

Signed-off-by: nathannaveen <[email protected]>

* Included Swagger docs

Signed-off-by: nathannaveen <[email protected]>

* Fixed fmt

Signed-off-by: nathannaveen <[email protected]>

---------

Signed-off-by: nathannaveen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants