Schema

Introduction#

The schema is an core part of bubbly - it is needed to store all the relevant Release Readiness data over which policies are run.

The library used to define the schema is entgo which is an amazing framework, and this documentation was generated using it :)

Overview#

The following diagram shows the bubbly schema

erDiagram Adapter { int id string name string tag string module } Artifact { int id string name string sha256 artifactDOTType type timeDOTTime time schemaDOTMetadata metadata } CodeIssue { int id string rule_id string message codeissueDOTSeverity severity codeissueDOTType type schemaDOTMetadata metadata } CodeScan { int id string tool timeDOTTime time schemaDOTMetadata metadata } Component { int id string name string vendor string version string description string url schemaDOTMetadata metadata } GitCommit { int id string hash string branch string tag timeDOTTime time } License { int id string spdx_id string name string reference string details_url bool is_osi_approved } LicenseUse { int id } Organization { int id string name } Project { int id string name } Release { int id string name string version releaseDOTStatus status } ReleaseComponent { int id releasecomponentDOTType type } ReleaseEntry { int id releaseentryDOTType type timeDOTTime time } ReleaseLicense { int id } ReleasePolicy { int id string name string module } ReleasePolicyViolation { int id string message releasepolicyviolationDOTType type releasepolicyviolationDOTSeverity severity } ReleaseVulnerability { int id } Repo { int id string name string default_branch } TestCase { int id string name bool result string message float64 elapsed schemaDOTMetadata metadata } TestRun { int id string tool timeDOTTime time schemaDOTMetadata metadata } Vulnerability { int id string vid string summary string description float64 severity_score vulnerabilityDOTSeverity severity timeDOTTime published timeDOTTime modified schemaDOTMetadata metadata } VulnerabilityReview { int id string name vulnerabilityreviewDOTDecision decision } Adapter }o--o| Organization : "owner" Artifact }o--o| Release : "release/artifacts" CodeIssue }o--o| CodeScan : "scan/issues" CodeScan }o--o| Release : "release/code_scans" Component }o--o| Organization : "owner" Component }o--o{ Vulnerability : "vulnerabilities/components" Component }o--o{ License : "licenses/components" GitCommit }o--o| Repo : "repo/commits" GitCommit |o--o| Release : "release/commit" LicenseUse }o--o| License : "license/uses" Project }o--o| Organization : "owner/projects" Release }o--o{ Release : "dependencies/subreleases" ReleaseComponent }o--o| Release : "release/components" ReleaseComponent }o--o{ CodeScan : "scans/components" ReleaseComponent }o--o| Component : "component/uses" ReleaseEntry |o--o| Artifact : "artifact/entry" ReleaseEntry |o--o| CodeScan : "code_scan/entry" ReleaseEntry |o--o| TestRun : "test_run/entry" ReleaseEntry }o--o| Release : "release/log" ReleaseLicense }o--o| License : "license" ReleaseLicense }o--o| ReleaseComponent : "component" ReleaseLicense }o--o| Release : "release" ReleaseLicense |o--o{ CodeScan : "scans" ReleasePolicy }o--o| Organization : "owner" ReleasePolicy }o--o{ Project : "projects/policies" ReleasePolicy }o--o{ Repo : "repos/policies" ReleasePolicyViolation }o--o| ReleasePolicy : "policy/violations" ReleasePolicyViolation }o--o| Release : "release/violations" ReleaseVulnerability }o--o| Vulnerability : "vulnerability/instances" ReleaseVulnerability }o--o| ReleaseComponent : "component/vulnerabilities" ReleaseVulnerability }o--o| Release : "release/vulnerabilities" ReleaseVulnerability }o--o{ VulnerabilityReview : "reviews/instances" ReleaseVulnerability }o--o| CodeScan : "scan/vulnerabilities" Repo }o--o| Organization : "owner/repos" Repo }o--o| Project : "project/repos" Repo |o--o| Release : "head/head_of" TestCase }o--o| TestRun : "run/tests" TestRun }o--o| Release : "release/test_runs" Vulnerability }o--o| Organization : "owner" VulnerabilityReview }o--o| Vulnerability : "vulnerability/reviews" VulnerabilityReview }o--o{ Project : "projects/vulnerability_reviews" VulnerabilityReview }o--o{ Repo : "repos/vulnerability_reviews" VulnerabilityReview }o--o{ Release : "releases/vulnerability_reviews"

Types#

The types in the schema (AKA tables in the SQL schema) are listed below. This list is auto-generated from the ent schema.

Adapter#

Fields#

  • name (string)
  • tag (string)
  • module (string)

Edges#

Artifact#

Fields#

  • name (string)
  • sha256 (string)
  • type (artifact.Type)
  • time (time.Time)
  • metadata (schema.Metadata)

Edges#

CodeIssue#

Fields#

  • rule_id (string)
  • message (string)
  • severity (codeissue.Severity)
  • type (codeissue.Type)
  • metadata (schema.Metadata)

Edges#

CodeScan#

Fields#

  • tool (string)
  • time (time.Time)
  • metadata (schema.Metadata)

Edges#

Component#

Fields#

  • name (string)
  • vendor (string)
  • version (string)
  • description (string)
  • url (string)
  • metadata (schema.Metadata)

Edges#

GitCommit#

Fields#

  • hash (string)
  • branch (string)
  • tag (string)
  • time (time.Time)

Edges#

License#

Fields#

  • spdx_id (string)
  • name (string)
  • reference (string)
  • details_url (string)
  • is_osi_approved (bool)

Edges#

LicenseUse#

Fields#

Edges#

Organization#

Fields#

  • name (string)

Edges#

Project#

Fields#

  • name (string)

Edges#

Release#

Fields#

  • name (string)
  • version (string)
  • status (release.Status)

Edges#

ReleaseComponent#

Fields#

  • type (releasecomponent.Type)

Edges#

ReleaseEntry#

Fields#

  • type (releaseentry.Type)
  • time (time.Time)

Edges#

ReleaseLicense#

Fields#

Edges#

ReleasePolicy#

Fields#

  • name (string)
  • module (string)

Edges#

ReleasePolicyViolation#

Fields#

  • message (string)
  • type (releasepolicyviolation.Type)
  • severity (releasepolicyviolation.Severity)

Edges#

ReleaseVulnerability#

Fields#

Edges#

Repo#

Fields#

  • name (string)
  • default_branch (string)

Edges#

TestCase#

Fields#

  • name (string)
  • result (bool)
  • message (string)
  • elapsed (float64)
  • metadata (schema.Metadata)

Edges#

TestRun#

Fields#

  • tool (string)
  • time (time.Time)
  • metadata (schema.Metadata)

Edges#

Vulnerability#

Fields#

  • vid (string)
  • summary (string)
  • description (string)
  • severity_score (float64)
  • severity (vulnerability.Severity)
  • published (time.Time)
  • modified (time.Time)
  • metadata (schema.Metadata)

Edges#

VulnerabilityReview#

Fields#

  • name (string)
  • decision (vulnerabilityreview.Decision)

Edges#