Trigger Scan
const url = 'https://example.com/registry/v1/workspaces/example/engines/qibdo/namespaces/example/repositories/example/artifacts/example/scan';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"workspace":"example","namespace":"example","repository":"example","reference":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/registry/v1/workspaces/example/engines/qibdo/namespaces/example/repositories/example/artifacts/example/scan \ --header 'Content-Type: application/json' \ --data '{ "workspace": "example", "namespace": "example", "repository": "example", "reference": "example" }'Asks the configured scanner to begin a vulnerability scan against an artifact. The call returns immediately with a RegistryOperation; the report becomes available asynchronously and is fetched via GetScanReport once the scan completes.
Custom methods use body: "*" per AIP-136. Path parameters (workspace,
namespace, repository, reference) are extracted from the URL; any future
non-path fields are deserialized from the HTTP body.
Follows industry practice from GCP, AWS, and Azure.
Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ”The unique identifier of the workspace that the repository belongs to
The unique identifier of the namespace that the repository belongs to
The unique identifier of the parent repository
Digest or tag identifying the artifact to scan
Request Body required
Section titled “Request Body required ”TriggerScanRequest
Request message for TriggerScan. Identifies the artifact to scan;
reference is digest or tag.
object
The unique identifier of the workspace that the repository belongs to
The unique identifier of the namespace that the repository belongs to
The unique identifier of the parent repository
Digest or tag identifying the artifact to scan
Example generated
{ "workspace": "example", "namespace": "example", "repository": "example", "reference": "example"}Responses
Section titled “ Responses ”OK
object
object
object
Example
{ "operation_type": "REGISTRY_OPERATION_TYPE_UNSPECIFIED", "status": "REGISTRY_OPERATION_STATUS_UNSPECIFIED"}default
Section titled “default ”Default error response
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.
object
The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client.
A list of messages that carry the error details. There is a common set of message types for APIs to use.
Contains an arbitrary serialized message along with a @type that describes the type of the serialized message.
object
The type of the serialized message.
Example generated
{ "code": 1, "message": "example", "details": [ { "@type": "example" } ]}