HomeLab/ForgeBucket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

added artifacts

Browse Source
This commit is contained in:
erangel1
2026-05-12 22:34:26 +02:00
parent 822f723ff1
commit 91462500f0
30 changed files with 2769 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/models/migrations/001_init.go
+13 -1
View File
@@ -58,5 +58,17 @@ func Run(engine *xorm.Engine) error {
if err := Run015(engine); err != nil {
return err
}
return Run016(engine)
if err := Run016(engine); err != nil {
return err
}
if err := Run017(engine); err != nil {
return err
}
if err := Run018(engine); err != nil {
return err
}
if err := Run019(engine); err != nil {
return err
}
return Run020(engine)
}
internal/models/migrations/017_oci.go
+16
View File
@@ -0,0 +1,16 @@
package migrations
import (
"github.com/forgeo/forgebucket/internal/models"
"xorm.io/xorm"
)
func Run017(engine *xorm.Engine) error {
return engine.Sync2(
&models.OCIRepository{},
&models.OCIManifest{},
&models.OCITag{},
&models.OCIBlob{},
&models.OCIUpload{},
)
}
internal/models/migrations/018_scanning.go
+10
View File
@@ -0,0 +1,10 @@
package migrations
import (
"github.com/forgeo/forgebucket/internal/models"
"xorm.io/xorm"
)
func Run018(engine *xorm.Engine) error {
return engine.Sync2(&models.SecretLeak{})
}
internal/models/migrations/019_vulnscan.go
+10
View File
@@ -0,0 +1,10 @@
package migrations
import (
"github.com/forgeo/forgebucket/internal/models"
"xorm.io/xorm"
)
func Run019(engine *xorm.Engine) error {
return engine.Sync2(&models.VulnerabilityFinding{})
}
internal/models/migrations/020_forgefed.go
+13
View File
@@ -0,0 +1,13 @@
package migrations
import (
"github.com/forgeo/forgebucket/internal/models"
"xorm.io/xorm"
)
func Run020(engine *xorm.Engine) error {
if err := engine.Sync2(&models.Repository{}); err != nil {
return err
}
return engine.Sync2(&models.PullRequest{})
}
internal/models/oci.go
+53
View File
@@ -0,0 +1,53 @@
package models
import "time"
// OCIRepository represents a named image repository within the registry.
// Name mirrors the OCI distribution spec "name" component, e.g. "alice/myapp".
type OCIRepository struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
RepoID int64 `xorm:"'repo_id' notnull index" json:"repoId"` // FK to Repository (git repo that owns this image)
Name string `xorm:"'name' varchar(255) unique" json:"name"` // e.g. "alice/myapp"
CreatedAt time.Time `xorm:"'created_at' created" json:"createdAt"`
}
// OCIManifest stores a pushed image manifest (OCI or Docker schema2).
// The full manifest JSON is stored in Content so it can be streamed without
// going to disk. Manifests are small (typically <4 KB).
type OCIManifest struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
OCIRepoID int64 `xorm:"'oci_repo_id' notnull index" json:"ociRepoId"`
Digest string `xorm:"'digest' varchar(80) notnull" json:"digest"` // "sha256:<hex>"
MediaType string `xorm:"'media_type' varchar(150)" json:"mediaType"`
Size int64 `xorm:"'size'" json:"size"`
Content string `xorm:"'content' text" json:"-"` // raw JSON
PushedAt time.Time `xorm:"'pushed_at' created" json:"pushedAt"`
}
// OCITag maps a mutable tag (e.g. "latest", "v1.2.3") to a manifest digest.
type OCITag struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
OCIRepoID int64 `xorm:"'oci_repo_id' notnull index" json:"ociRepoId"`
Name string `xorm:"'name' varchar(128)" json:"name"`
Digest string `xorm:"'digest' varchar(80)" json:"digest"`
UpdatedAt time.Time `xorm:"'updated_at' updated" json:"updatedAt"`
}
// OCIBlob tracks a content-addressable blob. The actual content lives at
// {oci_root}/blobs/sha256/<hex> on the filesystem.
type OCIBlob struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
Digest string `xorm:"'digest' varchar(80) unique" json:"digest"`
Size int64 `xorm:"'size'" json:"size"`
CreatedAt time.Time `xorm:"'created_at' created" json:"createdAt"`
}
// OCIUpload tracks an in-progress blob upload session.
type OCIUpload struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
UploadID string `xorm:"'upload_id' varchar(64) unique" json:"uploadId"` // UUID used in URL
Name string `xorm:"'name' varchar(255)" json:"name"` // image name
Offset int64 `xorm:"'offset'" json:"offset"`
ExpiresAt time.Time `xorm:"'expires_at'" json:"expiresAt"`
CreatedAt time.Time `xorm:"'created_at' created" json:"createdAt"`
}
internal/models/pr.go
+1
View File
@@ -19,6 +19,7 @@ type PullRequest struct {
SourceBranch string `xorm:"'source_branch' notnull varchar(255)" json:"sourceBranch"`
TargetBranch string `xorm:"'target_branch' default 'main' varchar(255)" json:"targetBranch"`
Status PRStatus `xorm:"'status' default 'open' varchar(16)" json:"status"`
RemoteSource string `xorm:"'remote_source' varchar(500)" json:"remoteSource,omitempty"` // APID of remote fork repo (cross-instance)
CreatedAt time.Time `xorm:"'created_at' created" json:"createdAt"`
UpdatedAt time.Time `xorm:"'updated_at' updated" json:"updatedAt"`
}
internal/models/repo.go
+1
View File
@@ -11,6 +11,7 @@ type Repository struct {
IsPrivate bool `xorm:"'is_private' default false" json:"isPrivate"`
DefaultBranch string `xorm:"'default_branch' default 'main' varchar(255)" json:"defaultBranch"`
DiskPath string `xorm:"'disk_path' notnull" json:"-"`
ForkedFrom string `xorm:"'forked_from' varchar(500)" json:"forkedFrom,omitempty"` // APID of the upstream repo
CreatedAt time.Time `xorm:"'created_at' created" json:"createdAt"`
UpdatedAt time.Time `xorm:"'updated_at' updated" json:"updatedAt"`
}
internal/models/scanning.go
+20
View File
@@ -0,0 +1,20 @@
package models
import "time"
// SecretLeak records a detected secret pattern in a pushed commit.
// When a match is confirmed not to be a real secret, set Dismissed=true.
type SecretLeak struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
RepoID int64 `xorm:"'repo_id' notnull index" json:"repoId"`
CommitSHA string `xorm:"'commit_sha' varchar(12)" json:"commitSha"`
Ref string `xorm:"'ref' varchar(255)" json:"ref"`
PatternName string `xorm:"'pattern_name' varchar(50)" json:"patternName"`
Description string `xorm:"'description' varchar(200)" json:"description"`
Severity string `xorm:"'severity' varchar(10)" json:"severity"`
MatchSample string `xorm:"'match_sample' varchar(60)" json:"matchSample"`
Dismissed bool `xorm:"'dismissed'" json:"dismissed"`
DismissedBy string `xorm:"'dismissed_by' varchar(100)" json:"dismissedBy,omitempty"`
DismissedAt *time.Time `xorm:"'dismissed_at'" json:"dismissedAt,omitempty"`
DetectedAt time.Time `xorm:"'detected_at'" json:"detectedAt"`
}
internal/models/vulnscan.go
+20
View File
@@ -0,0 +1,20 @@
package models
import "time"
// VulnerabilityFinding records a known vulnerability found in a dependency.
type VulnerabilityFinding struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
RepoID int64 `xorm:"'repo_id' notnull index" json:"repoId"`
VulnID string `xorm:"'vuln_id' varchar(50)" json:"vulnId"` // e.g. "GHSA-xxxx" or "CVE-2024-..."
PURL string `xorm:"'purl' varchar(255)" json:"purl"` // package URL
Version string `xorm:"'version' varchar(100)" json:"version"` // affected version
Summary string `xorm:"'summary' varchar(500)" json:"summary"`
Details string `xorm:"'details' text" json:"details,omitempty"`
CVSSScore float64 `xorm:"'cvss_score'" json:"cvssScore"`
FixedVersion string `xorm:"'fixed_version' varchar(100)" json:"fixedVersion"`
Dismissed bool `xorm:"'dismissed'" json:"dismissed"`
DismissedBy string `xorm:"'dismissed_by' varchar(100)" json:"dismissedBy,omitempty"`
DismissedAt *time.Time `xorm:"'dismissed_at'" json:"dismissedAt,omitempty"`
DetectedAt time.Time `xorm:"'detected_at'" json:"detectedAt"`
}