Skip to content

Commit c23f59b

Browse files
stevespringettstevespringett
committed
Ported service model.
Signed-off-by: Steve Springett <[email protected]>
1 parent 66cd80e commit c23f59b

File tree

2 files changed

+198
-4
lines changed

2 files changed

+198
-4
lines changed

schema/2.0/model/cyclonedx-data-2.0.schema.json

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,23 @@
5959
"required": ["contact"]
6060
}
6161
]
62+
},
63+
"dataFlowDirection": {
64+
"type": "string",
65+
"enum": [
66+
"inbound",
67+
"outbound",
68+
"bi-directional",
69+
"unknown"
70+
],
71+
"meta:enum": {
72+
"inbound": "Data that enters a service.",
73+
"outbound": "Data that exits a service.",
74+
"bi-directional": "Data flows in and out of the service.",
75+
"unknown": "The directional flow of data is not known."
76+
},
77+
"title": "Data flow direction",
78+
"description": "Specifies the flow direction of the data. Direction is relative to the service."
6279
}
6380
}
6481
}

schema/2.0/model/cyclonedx-service-2.0.schema.json

Lines changed: 181 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,187 @@
1212
"title": "Services"
1313
},
1414
"service": {
15-
16-
"allOf": [
17-
{ "$ref": "cyclonedx-common-2.0.schema.json#/$defs/baseObject" }
18-
]
15+
"type": "object",
16+
"title": "Service",
17+
"required": [
18+
"name"
19+
],
20+
"additionalProperties": false,
21+
"properties": {
22+
"bom-ref": {
23+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/refType",
24+
"title": "BOM Reference",
25+
"description": "An identifier which can be used to reference the service elsewhere in the BOM. Every `bom-ref` must be unique within the BOM.\nValue SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links."
26+
},
27+
"provider": {
28+
"title": "Provider",
29+
"description": "The organization that provides the service.",
30+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/organizationalEntity"
31+
},
32+
"group": {
33+
"type": "string",
34+
"title": "Service Group",
35+
"description": "The grouping name, namespace, or identifier. This will often be a shortened, single name of the company or project that produced the service or domain name. Whitespace and special characters should be avoided.",
36+
"examples": ["com.acme"]
37+
},
38+
"name": {
39+
"type": "string",
40+
"title": "Service Name",
41+
"description": "The name of the service. This will often be a shortened, single name of the service.",
42+
"examples": ["ticker-service"]
43+
},
44+
"version": {
45+
"$ref": "cyclonedx-component-2.0.schema.json#/$defs/version",
46+
"title": "Service Version",
47+
"description": "The service version."
48+
},
49+
"description": {
50+
"type": "string",
51+
"title": "Service Description",
52+
"description": "Specifies a description for the service"
53+
},
54+
"endpoints": {
55+
"type": "array",
56+
"items": {
57+
"type": "string",
58+
"format": "iri-reference"
59+
},
60+
"title": "Endpoints",
61+
"description": "The endpoint URIs of the service. Multiple endpoints are allowed.",
62+
"examples": ["https://example.com/api/v1/ticker"]
63+
},
64+
"authenticated": {
65+
"type": "boolean",
66+
"title": "Authentication Required",
67+
"description": "A boolean value indicating if the service requires authentication. A value of true indicates the service requires authentication prior to use. A value of false indicates the service does not require authentication."
68+
},
69+
"x-trust-boundary": {
70+
"type": "boolean",
71+
"title": "Crosses Trust Boundary",
72+
"description": "A boolean value indicating if use of the service crosses a trust zone or boundary. A value of true indicates that by using the service, a trust boundary is crossed. A value of false indicates that by using the service, a trust boundary is not crossed."
73+
},
74+
"trustZone": {
75+
"type": "string",
76+
"title": "Trust Zone",
77+
"description": "The name of the trust zone the service resides in."
78+
},
79+
"data": {
80+
"type": "array",
81+
"items": {"$ref": "#/$defs/serviceData"},
82+
"title": "Data",
83+
"description": "Specifies information about the data including the directional flow of data and the data classification."
84+
},
85+
"licenses": {
86+
"$ref": "cyclonedx-license-2.0.schema.json#/$defs/licenseChoice",
87+
"title": "Service License(s)"
88+
},
89+
"patentAssertions": {
90+
"$ref": "cyclonedx-patent-2.0.schema.json#/$defs/patentAssertions",
91+
"title": "Service Patent(s)"
92+
},
93+
"externalReferences": {
94+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/externalReferences"
95+
},
96+
"services": {
97+
"type": "array",
98+
"items": {"$ref": "#/$defs/service"},
99+
"uniqueItems": true,
100+
"title": "Services",
101+
"description": "A list of services included or deployed behind the parent service. This is not a dependency tree. It provides a way to specify a hierarchical representation of service assemblies."
102+
},
103+
"releaseNotes": {
104+
"$ref": "cyclonedx-release-notes-2.0.schema.json#/$defs/releaseNotes",
105+
"title": "Release notes",
106+
"description": "Specifies release notes."
107+
},
108+
"properties": {
109+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/properties"
110+
},
111+
"tags": {
112+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/tags",
113+
"title": "Tags"
114+
},
115+
"signature": {
116+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/signature",
117+
"title": "Signature",
118+
"description": "Enveloped signature in [JSON Signature Format (JSF)](https://cyberphone.github.io/doc/security/jsf.html)."
119+
}
120+
}
121+
},
122+
"serviceData": {
123+
"type": "object",
124+
"title": "Hash Objects",
125+
"required": [
126+
"flow",
127+
"classification"
128+
],
129+
"additionalProperties": false,
130+
"properties": {
131+
"flow": {
132+
"$ref": "cyclonedx-data-2.0.schema.json#/$defs/dataFlowDirection",
133+
"title": "Directional Flow",
134+
"description": "Specifies the flow direction of the data. Direction is relative to the service. Inbound flow states that data enters the service. Outbound flow states that data leaves the service. Bi-directional states that data flows both ways and unknown states that the direction is not known."
135+
},
136+
"classification": {
137+
"$ref": "cyclonedx-data-2.0.schema.json#/$defs/dataClassification"
138+
},
139+
"name": {
140+
"type": "string",
141+
"title": "Name",
142+
"description": "Name for the defined data",
143+
"examples": [
144+
"Credit card reporting"
145+
]
146+
},
147+
"description": {
148+
"type": "string",
149+
"title": "Description",
150+
"description": "Short description of the data content and usage",
151+
"examples": [
152+
"Credit card information being exchanged in between the web app and the database"
153+
]
154+
},
155+
"governance": {
156+
"title": "Data Governance",
157+
"$ref": "cyclonedx-data-2.0.schema.json#/$defs/dataGovernance"
158+
},
159+
"source": {
160+
"type": "array",
161+
"items": {
162+
"anyOf": [
163+
{
164+
"title": "URL",
165+
"type": "string",
166+
"format": "iri-reference"
167+
},
168+
{
169+
"title": "BOM-Link Element",
170+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/bomLinkElementType"
171+
}
172+
]
173+
},
174+
"title": "Source",
175+
"description": "The URI, URL, or BOM-Link of the components or services the data came in from"
176+
},
177+
"destination": {
178+
"type": "array",
179+
"items": {
180+
"anyOf": [
181+
{
182+
"title": "URL",
183+
"type": "string",
184+
"format": "iri-reference"
185+
},
186+
{
187+
"title": "BOM-Link Element",
188+
"$ref": "cyclonedx-common-2.0.schema.json#/$defs/bomLinkElementType"
189+
}
190+
]
191+
},
192+
"title": "Destination",
193+
"description": "The URI, URL, or BOM-Link of the components or services the data is sent to"
194+
}
195+
}
19196
}
20197
}
21198
}

0 commit comments

Comments
 (0)