harborapi icon indicating copy to clipboard operation
harborapi copied to clipboard
verified publisher icon unioslo

Bake `ext.api.get_artifact_vulnerabilities` into `ext.api.get_artifacts`

Open pederhan opened this issue 3 years ago • 0 comments

The two functions ext.api.get_artifacts and ext.api.get_artifact_vulnerabilities do more or less the same thing, except the latter also fetches the Harbor vulnerability report for the artifacts and populates the report field of the resulting ArtifactInfo objects.

They also operate on somewhat different resources; ext.api.get_artifacts can take a list of Projects or Repositories, while ext.api.get_artifact_vulnerabilities can only take a list of Projects.

Having two similar functions who have differing APIs (Project/Repos vs only Projects), where one directly calls the other is convoluted and inconsistent.

get_artifacts

https://github.com/pederhan/harborapi/blob/6b4e9f9c3fdf233819af0e33d862c63607f9f283/harborapi/ext/api.py#L245-L247

get_artifact_vulnerabilites

https://github.com/pederhan/harborapi/blob/6b4e9f9c3fdf233819af0e33d862c63607f9f283/harborapi/ext/api.py#L322-L329

Solution

We can add with_report as an optional parameter to ext.api.get_artifacts, where the reports are fetched if this parameter is True. By implementing the code found in ext.api.get_artifact_vulnerabilities, we can combine the functionality of both functions into a single function.

pederhan avatar Nov 30 '22 08:11 pederhan