From 2eb5464603a9e1745696eb607b74727e9d3d148d Mon Sep 17 00:00:00 2001
From: Wang Yan <wangyan@vmware.com>
Date: Mon, 25 Mar 2024 15:02:39 +0800
Subject: [PATCH] add type for scanner metadata (#20108)

Signed-off-by: wang yan <wangyan@vmware.com>
---
 api/v2.0/swagger.yaml                    | 6 ++++++
 src/pkg/scan/rest/v1/client_test.go      | 2 ++
 src/pkg/scan/rest/v1/models.go           | 3 +++
 src/server/v2.0/handler/model/scanner.go | 1 +
 4 files changed, 12 insertions(+)

diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml
index c0f3bf596..8f4ffcdaf 100644
--- a/api/v2.0/swagger.yaml
+++ b/api/v2.0/swagger.yaml
@@ -8450,6 +8450,12 @@ definitions:
   ScannerCapability:
     type: object
     properties:
+      type:
+        type: string
+        description: |
+          Specify the type of scanner capability, like vulnerability or sbom
+        x-omitempty: false
+        example: "sbom"
       consumes_mime_types:
         type: array
         items:
diff --git a/src/pkg/scan/rest/v1/client_test.go b/src/pkg/scan/rest/v1/client_test.go
index e3ee8ae49..ee3435066 100644
--- a/src/pkg/scan/rest/v1/client_test.go
+++ b/src/pkg/scan/rest/v1/client_test.go
@@ -58,6 +58,7 @@ func (suite *ClientTestSuite) TestClientMetadata() {
 	require.NotNil(suite.T(), m)
 
 	assert.Equal(suite.T(), m.Scanner.Name, "Trivy")
+	assert.Equal(suite.T(), m.Capabilities[0].Type, "sbom")
 }
 
 // TestClientSubmitScan tests the scan submission of client
@@ -119,6 +120,7 @@ func (mh *mockHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				Version: "0.1.0",
 			},
 			Capabilities: []*ScannerCapability{{
+				Type: "sbom",
 				ConsumesMimeTypes: []string{
 					MimeTypeOCIArtifact,
 					MimeTypeDockerArtifact,
diff --git a/src/pkg/scan/rest/v1/models.go b/src/pkg/scan/rest/v1/models.go
index 50de0cbf5..d7dce069e 100644
--- a/src/pkg/scan/rest/v1/models.go
+++ b/src/pkg/scan/rest/v1/models.go
@@ -37,6 +37,7 @@ type Scanner struct {
 // report MIME types. For example, a scanner capable of analyzing Docker images and producing
 // a vulnerabilities report recognizable by Harbor web console might be represented with the
 // following capability:
+//   - type: vulnerability
 //   - consumes MIME types:
 //     -- application/vnd.oci.image.manifest.v1+json
 //     -- application/vnd.docker.distribution.manifest.v2+json
@@ -44,6 +45,8 @@ type Scanner struct {
 //     -- application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0
 //     -- application/vnd.scanner.adapter.vuln.report.raw
 type ScannerCapability struct {
+	// The type of the scanner capability, vulnerability or sbom
+	Type string `json:"type"`
 	// The set of MIME types of the artifacts supported by the scanner to produce the reports
 	// specified in the "produces_mime_types". A given mime type should only be present in one
 	// capability item.
diff --git a/src/server/v2.0/handler/model/scanner.go b/src/server/v2.0/handler/model/scanner.go
index 34d7e6b92..bb140937f 100644
--- a/src/server/v2.0/handler/model/scanner.go
+++ b/src/server/v2.0/handler/model/scanner.go
@@ -74,6 +74,7 @@ func (s *ScannerMetadata) ToSwagger(_ context.Context) *models.ScannerAdapterMet
 	var capabilities []*models.ScannerCapability
 	for _, c := range s.Capabilities {
 		capabilities = append(capabilities, &models.ScannerCapability{
+			Type:              c.Type,
 			ConsumesMimeTypes: c.ConsumesMimeTypes,
 			ProducesMimeTypes: c.ProducesMimeTypes,
 		})