Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openapi.json is unsuitable for generating bindings #1074

Closed
1 task done
gwd opened this issue Jun 1, 2023 · 1 comment
Closed
1 task done

openapi.json is unsuitable for generating bindings #1074

gwd opened this issue Jun 1, 2023 · 1 comment
Assignees
@david-rocca

Comments

@gwd
Copy link

gwd commented Jun 1, 2023

Prerequisites

  • Put an X between the brackets on this line if you have done all of the following:
    • Checked the FAQs on the message board for common solutions: (TBD)
    • Checked that your issue isn't already filed.

Description

The openapi.json at https://cveawg.mitre.org/api-docs/openapi.json isn't suitable for use for generating bindings. Specifically, the CVE Record endpoints don't expose the full CVE JSON 5.0 fields that it accepts, but only a tiny subset; this ends up being mirrored in the bindings, making them nearly unusable for submitting CVEs.

Steps to Reproduce

  1. Install openapi-generate (e.g., brew install openapi-generator).
  2. Generate the bindings (e.g., openapi-generator generate -i https://cveawg.mitre.org/api-docs/openapi.json -g go -o go-cve-api --skip-validate-spec)

Expected behavior:

The bindings generated from openapi.json expose the full functionality of the interface; including the ability to fill out any of the fields defined in CVE JSON 5.0

Actual behavior:

The bindings generated from openapi.json only expose the fields from the "cve record minimum request"; namely, affected, descriptions, problemtypes, and references.

Here is the only struct available to pass into the code to submit updates to records:

type CveRecordMinimumRequestCnaContainer struct {
    Affected         []CreateFullCveRecordRequestContainersCnaAffectedInner `json:"affected"`
    Descriptions     []GetCveRecordResponseContainersCnaDescriptionsInner   `json:"descriptions"`
    ProblemTypes     []GetCveRecordResponseContainersCnaProblemTypesInner   `json:"problemTypes,omitempty"`
    ProviderMetadata *GetCveRecordResponseContainersCnaProviderMetadata     `json:"providerMetadata,omitempty"`
    References       []GetCveRecordResponseContainersCnaReferencesInner     `json:"references"`
}

Reproduces how often:

Always

Versions

2.1.4

Additional Information

The full set of generated code (along with a few example programs I wrote, partly just to test that it worked at a basic level) can be found here: https://gitlab.com/xen-project/misc/go-cveapi
@gwd gwd mentioned this issue Jun 1, 2023
Open
david-rocca added a commit that referenced this issue Jul 11, 2023
@david-rocca
#1074 updated the controllers to call the new schema items
7e0fe56
david-rocca added a commit that referenced this issue Jul 11, 2023
@david-rocca
#1074 updated openapi.json
9f6d3da
@david-rocca david-rocca mentioned this issue Jul 11, 2023
Merged
1 task
@david-rocca
Copy link
Collaborator

Hey @gwd , any chance you could take a look at the PR we made for this ticket here to see if the output works better for you?

We did a test with postman's binding generator and it seemed that things were much more complete.

Thanks!

david-rocca added a commit that referenced this issue Jul 14, 2023
@david-rocca
#1074 updated the controllers to call the new schema items
8ba6017
david-rocca added a commit that referenced this issue Jul 14, 2023
@david-rocca
#1074 updated openapi.json
8dc4381
david-rocca added a commit that referenced this issue Jul 17, 2023
@david-rocca
#1074 updated the controllers to call the new schema items
27e220d
david-rocca added a commit that referenced this issue Jul 17, 2023
@david-rocca
#1074 updated openapi.json
90528ce
david-rocca added a commit that referenced this issue Jul 21, 2023
@david-rocca
#1074 updated the controllers to call the new schema items
790123b
david-rocca added a commit that referenced this issue Jul 21, 2023
@david-rocca
#1074 updated openapi.json
ef9c8e3
david-rocca added a commit that referenced this issue Jul 21, 2023
@david-rocca
#1074 attempted a new import method to fix broken refs
09e6803
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@david-rocca david-rocca

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gwd @david-rocca