License Compliance view - backend
backend issue for https://gitlab.com/gitlab-org/gitlab-ee/issues/13582
- Permissions for the page !17481 (merged)
- Parse
License scanning
report and merge Dependency scanning info. !18281 (merged) - present information in the eligible format. !17851 (merged)
- Create endpoint that response with needed data. !17889 (merged) and !17755 (merged)
- Usage ping !17925 (merged)
Endpoint response
GET /projects/:id/security/licenses.json
{
"licenses": [
{
"name": "MIT",
"url": "https://mit.org/idontknowwhatido",
"components": [
{
"name": "acme-client",
"blob_path": "https://staging.gitlab.com/secure-team-test/dependency-list-test/blob/e9a4f09eb631acc39ff1122261e16b81b92bf33c/yarn.lock"
}
...
]
}
...
],
"report":
{
"status": "some_status",
"job_path": "some path to ci build",
"generated_at": "2019-08-16T16:16:52.273Z"
}
}
Notes
-
report.generated_at
- timestamp in UTC -
report.status
- status that we need in case if we want to display any error, like job is not set up. - Endpoint will support standart GitLab pagination
Possible statuses
I'm using same statuses as for dependency list We can elaborate them.
Status | Meaning |
---|---|
"ok" |
Everything is OK and we have a list of licenses |
"job_not_set_up" |
License scanning job hasn't ran in this project, |
"job_failed" |
License scanning failed, no licences to show |
Edited by Tetiana Chupryna