Description: List of Workloads
Security: Requires a valid user with a "Read" permission
Usage: POST /runtime/api/v1/workloads
Consumes: application/json
Produces: application/json
Query Parameters:
projectKey | string | Optional | When included the REST API response as if executed from the scope of a project |
Request Body:
| Name | Type | Required/Optional | Description |
|---|---|---|---|
limit | int | optional | Key-based pagination - number of rows per request. Default: 10 |
next_key | string | optional | Id from the previous request, empty on the first request |
order_by | string | optional | Available options: name, cluster,runtime_status ,vulnerabilties_count, registry, risks |
filters | filterObj | optional | Filter the results by the available filters listed in filter_object |
filterObj:
| Name | Type | Required/Optional | Description |
|---|---|---|---|
time_period | optional | Default - now | |
cve_id | array[string] | optional | CVE identifier |
risk | array | optional | malicious, untrusted_registry, integrity_violation, critical_applicable |
component | Array[filterComponentObj] | - all components | |
applicability | Array of app_enum | optional | Contextual Analysis result. Possible values: not_scanned, applicable, not_applicable, undetermined, rescan_required, upgrade_required, not_covered |
severity | array[string] | optional | Contextual Analysis result. Possible values: not_scanned, applicable, not_applicable, undetermined, rescan_required, upgrade_required, not_covered |
workloads | Array[filterWorkloadObj] | optional | If added return data only on workloads that are in the list |
filterComponentObj:
| Name | Type | Required/Optional | Description |
|---|---|---|---|
name | string | required | Component name |
version | string | optional | Component version; if not provided, all versions are returned |
filterWorkloadObj:
| Name | Tyoe | Required/Optional | Description |
|---|---|---|---|
name | string | required | |
namespace | string | optional | Name of name space; if not provided all matches the other params (name & cluster) |
cluster | string | optional | Name of cluster; if not provided all matches the other params (name & namespace) |
Response body
| Name | Type | Description |
|---|---|---|
total_count | int | The total number of images tags that match the filter quarry |
pagination | paginationObj | Pagination info for the request |
workloads | Array [workloadObj] |
paginationObj:
| Name | Type | Description |
|---|---|---|
limit | int | Key-based pagination - number of rows per request |
next_key | string | Id from the previous request, empty on the first request |
workloadObj:
| Name | Type | Description |
|---|---|---|
name | string | Workload name |
namespace | string | |
cluster | string | |
runtime_status | string | Possible values: running, stopped, unknown |
nodes | Array of string | |
architectures | Array of string | Array of arch_names |
risks | Array[ risk_enum] | Possible values: malicious, untrusted_registry, integrity_violation, critical_applicable_cves untrusted_registry, integrity_violation inherent from images and rest aggregation from process |
vulnerabilities_count | int | The sum of all vulnerabilities of the process |
Processes | Array[processesObj] |
processesObj:
| Name | Type | Description |
|---|---|---|
name | string | |
runtime_status | enum | running / stopped / unknown |
risks | Array of risk_enum | Malicious/ untrusted_registry/ integrity_violation/ critical_applicable |
vulnerabilities | Array[vulnObj] | An array of the vulnerabilities detected on the process |
malicious_packages | Array[maliciousObj] | An array of malicious packages detected on the image tag |
arguments | string | |
path | string | File system path |
vulnObj:
| Name | Type | Description |
|---|---|---|
cve_id | string | CVE identifier |
xray_id | string | Xray identifier |
severity | string | Severity level of the issue (e.g., "High") |
cvss_v2 | string | CVSS version 2 score |
cvss_v3 | string | CVSS version 3 score |
applicability | string | Contextual Analysis result. Possible values: not_scanned, applicable, not_applicable, undetermined, rescan_required, upgrade_required, not_covered |
components | array[componentObj] | The components information |
maliciousObj:
| Name | Type | Description |
|---|---|---|
xray_id | string | Xray identifier |
components | array[componentObj] | The component information |
componentObj:
| Name | Type | Description |
|---|---|---|
component_id | string | The component identifier in the Xray format (e.g., "gav://com.thoughtworks.xstream:xstream:1.4.5") |
name | string | Component name |
version | string | Component version |
Response Codes:
| Status code | Description |
|---|---|
| 200 | OK |
| 400 | Bad request - Required fields are missing |
| 403 | Permission denied |
| 404 | Not found |
| 500 | Internal server error |
Examples
Example request
{
"limit": 50,
"last_key": "id123",
"filters": {
"severities": [
"Critical",
"High"
],
"workloads": [
{
"name": "corends",
"namespace": "jfs-production",
"cluster": "jfs-production"
}
]
}
}
Example successful response
{
"pagination": {
"total_count": 105
"next_key": "87319827319827",
"limit": 10
},
"workloads": [
{
"image_name": string,
"tag": string, // e.g. "1.2.3"
"architecture": "arch_name",
"registry": string,
"repository_path": string,
"runtime_status": enum (`running` / `stopped` / `unknown`),
"risks": [
"<risk-name>"
],
"vulnerabilities": [
{
"cve_id": string,
"applicability": "enum"
}
],
"workloads" : [
{
"name": string,
"namespace": string,
"cluster":string
}
]
}]}
Example error response:
404 Not Found
{
"error": "error message"
}