Uses GraphQL API of zot to fetch CVE info
- Get all images affected by a CVE (input: CVEID)
- Get all CVEs of a layer (input: image:tag)
- Get all layers of an image which have resolved a CVE (input: image,
CVEID)
- Get all layers of an image affected by a CVE (input: image, CVEID)
Go version changed to 1.14.4
Golangci-lint changed to 1.26.0
Bazel version changed to 3.0.0
Bazel rules_go version changed to 0.23.3
Bazel gazelle version changed to v0.21.0
Bazel build tools version changed to 0.25.1
Bazel skylib version changed to 1.0.2
New options added to configuration file to reference a public key used
to validate authorization tokens signed by an auth server with
corresponding private key.
Resolves#24
Signed-off-by: Peter Engelbert <pmengelbert@gmail.com>
swagger-based docs have been autogenerated from annotations and required
a separate step and then the binary could be built along with these doc
artifacts. Since we don't expect docs to change only when the dist-spec
gets updated, we are committing them.
go get -u <package> does an update of the go.mod and go.sum files; go
install <package> installs the binary at that location.
It seems the intent of this line in the makefile is to install swag if it
doesn't exist based on the ||, so let's actually install it, instead of
just updating the local deps.
This also has the advantage of not immediately generating a diff when
someone doesn't have swag installed.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
