added changes for repo

Author: subhashish-devtron

internal/sql/repository/ImageScanHistoryRepository.go

@@ -7,27 +7,40 @@ import (
 )
 
 type ImageScanExecutionHistory struct {
-	tableName                     struct{}    `sql:"image_scan_execution_history" pg:",discard_unknown_columns"`
-	Id                            int         `sql:"id,pk"`
-	Image                         string      `sql:"image,notnull"`      // Migrate to request Id in future
-	ImageHash                     string      `sql:"image_hash,notnull"` // Migrate to request metadata
-	ExecutionTime                 time.Time   `sql:"execution_time"`
-	ExecutedBy                    int         `sql:"executed_by,notnull"`
-	RequestMetadataJson           string      `sql:"request_metadata_json"`
-	ExecutionHistoryDirectoryPath string      `sql:"execution_history_directory_path"` // Deprecated
-	RequestId                     int         `sql:"request_id"`
-	RequestType                   RequestType `sql:"request_type"`
+	tableName                     struct{}      `sql:"image_scan_execution_history" pg:",discard_unknown_columns"`
+	Id                            int           `sql:"id,pk"`
+	Image                         string        `sql:"image,notnull"`
+	ImageHash                     string        `sql:"image_hash,notnull"` // TODO Migrate to request metadata
+	ExecutionTime                 time.Time     `sql:"execution_time"`
+	ExecutedBy                    int           `sql:"executed_by,notnull"`
+	SourceMetadataJson            string        `sql:"source_metadata_json"`             // to have relevant info to process a scan for a given source type and subtype
+	ExecutionHistoryDirectoryPath string        `sql:"execution_history_directory_path"` // Deprecated
+	SourceType                    SourceType    `sql:"source_type"`
+	SourceSubType                 SourceSubType `sql:"source_sub_type"`
 }
 
-type RequestType int
+// multiple history rows for one source event
+
+type SourceType int
+
+const (
+	Image SourceType = 1
+	Code  SourceType = 2
+	Sbom  SourceType = 3 // can be used in future for direct sbom scanning
+)
+
+type SourceSubType int
 
 const (
-	Image        = 1
-	CiWorkflow   = 2
-	CdWorkflow   = 3
-	ChartHistory = 4
+	Ci       SourceSubType = 1 // relevant for ci code(2,1) or ci built image(1,1)
+	Manifest SourceSubType = 2 // relevant for devtron app deployment manifest/helm app manifest(2,2) or images retrieved from manifest(1,2))
 )
 
+//Refer image_scan_deploy_info table for source_type relation
+// ci workflow will have  scans for ci-code and ci artifact
+// cd workflow will have scans for deployment manifest, manifest images
+// helm chart will have scans for manifest images and manifest
+
 type ImageScanHistoryRepository interface {
 	Save(model *ImageScanExecutionHistory) error
 	FindAll() ([]*ImageScanExecutionHistory, error)

internal/sql/repository/ResourceScanExecutionResultRepository.go

@@ -11,23 +11,25 @@ type ResourceScanResult struct {
 	ImageScanExecutionHistoryId int                `sql:"image_scan_execution_history_id"`
 	ScanDataJson                string             `sql:"scan_data_json"`
 	Format                      ResourceScanFormat `sql:"format"`
-	Type                        ResourceScanType   `sql:"type"`
+	Types                       []ResourceScanType `sql:"types"`
 	ScanToolId                  int                `sql:"scan_tool_id"`
 }
 
 type ResourceScanFormat int
 
 const (
-	CycloneDx ResourceScanFormat = 1 //SBOM
-	TrivyJson                    = 2
-	Json                         = 3
+	CycloneDxSbom ResourceScanFormat = 1 //SBOM
+	TrivyJson                        = 2
+	Json                             = 3
 )
 
 type ResourceScanType int
 
 const (
-	LicenseVulnerabilities   ResourceScanType = 1
-	SecretsMisconfigurations                  = 2
+	Vulnerabilities ResourceScanType = 1
+	License                          = 2
+	Config                           = 3
+	Secrets                          = 4
 )
 
 type ResourceScanResultRepository interface {