> ## Documentation Index > Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt > Use this file to discover all available pages before exploring further. # UpdateScanWorkflowResult > Updates the specified scan workflow result with the information in the request body. ## OpenAPI ````yaml /api-reference/openapi.v3.json patch /v1/namespaces/{object.tenant_meta.namespace}/scan-workflow-results openapi: 3.0.3 info: description: Integrate your application with Endor Labs using the REST API. title: Endor Labs REST API Reference version: '1.0' servers: - url: https://api.endorlabs.com/ security: [] tags: - name: AISastCustomerContextService - name: APIKeyService - name: APIKeyValidatorService - name: ArtifactSignatureService - name: AuditLogService - name: AuthenticationLogService - name: AuthenticationService - name: AuthorizationPolicyService - name: BatchFileSegmentsService - name: BatchNotificationService - name: CallGraphDataService - name: CodeOwnersService - name: DependencyMetadataService - name: EndorIgnoreEntryService - name: ExporterService - name: FindingLogService - name: FindingService - name: HuggingFaceModelService - name: HuggingFaceOrganizationService - name: IPAddressPolicyService - name: IdentityProviderService - name: InstallationService - name: InvitationService - name: LicenseDependencyService - name: LicenseNoticesReportService - name: LicenseSummaryService - name: LinterResultService - name: MalwareService - name: MetricService - name: NamespaceService - name: NotificationService - name: NotificationTargetService - name: OnPremSchedulerService - name: PRCommentConfigService - name: PackageFirewallLogService - name: PackageLicenseOverrideService - name: PackageLicenseQueryService - name: PackageLicenseService - name: PackageManagerService - name: PackageVersionService - name: PluginBinaryService - name: PolicyService - name: PolicyTemplateService - name: ProjectService - name: ProvisioningResultService - name: QueryMalwareService - name: QueryService - name: QuerySimilarPackagesService - name: QueryVulnerabilityService - name: RegistryIngestionCheckpointService - name: RepositoryService - name: RepositoryVersionService - name: RuleSetImportService - name: SBOMExportService - name: SBOMImportService - name: SCMCredentialService - name: SavedQueryService - name: ScanLogRequestService - name: ScanProfileService - name: ScanResultService - name: ScanWorkflowResultService - name: ScanWorkflowService - name: SecretRuleService - name: SemgrepRuleService - name: SystemConfigService - name: TenantService - name: VEXExportService - name: VectorStoreService - name: VersionUpgradeService - name: VulnerabilityService paths: /v1/namespaces/{object.tenant_meta.namespace}/scan-workflow-results: patch: tags: - ScanWorkflowResultService summary: UpdateScanWorkflowResult description: >- Updates the specified scan workflow result with the information in the request body. operationId: ScanWorkflowResultService_UpdateScanWorkflowResult parameters: - description: >- Namespaces are a way to organize organizational units into virtual groupings of resources. Namespaces must be a fully qualified name, for example, the child namespace of namespace "endor.prod" called "app" is called "endor.prod.app". in: path name: object.tenant_meta.namespace required: true schema: type: string x-endor-name: Namespace requestBody: content: application/json: schema: $ref: >- #/components/schemas/ScanWorkflowResultServiceUpdateScanWorkflowResultBody required: true x-originalParamName: body responses: '200': content: application/json: schema: $ref: '#/components/schemas/v1ScanWorkflowResult' description: A successful response. default: content: application/json: schema: $ref: '#/components/schemas/googlerpcStatus' description: An unexpected error response. components: schemas: ScanWorkflowResultServiceUpdateScanWorkflowResultBody: description: Request used to update a scan workflow result. properties: object: description: ScanWorkflowResult corresponds to a workflow scan result. properties: context: $ref: '#/components/schemas/v1Context' meta: $ref: '#/components/schemas/v1Meta' spec: $ref: '#/components/schemas/v1ScanWorkflowResultSpec' tenant_meta: description: The tenant to which the scan workflow result belongs. title: The tenant to which the scan workflow result belongs. type: object uuid: description: The unique identifier of the scan workflow result. readOnly: true type: string type: object request: $ref: '#/components/schemas/v1UpdateRequest' required: - meta - spec - context type: object v1ScanWorkflowResult: description: ScanWorkflowResult corresponds to a workflow scan result. properties: context: $ref: '#/components/schemas/v1Context' meta: $ref: '#/components/schemas/v1Meta' spec: $ref: '#/components/schemas/v1ScanWorkflowResultSpec' tenant_meta: $ref: '#/components/schemas/v1TenantMeta' uuid: description: The unique identifier of the scan workflow result. readOnly: true type: string required: - meta - spec - context type: object googlerpcStatus: description: >- The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). properties: code: description: |- The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. format: int32 type: integer details: description: >- A list of messages that carry the error details. There is a common set of message types for APIs to use. items: $ref: '#/components/schemas/googleprotobufAny' type: array message: description: >- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client. type: string type: object v1Context: description: Contexts keep objects from different scans separated. properties: id: description: The context ID, such as a pull request ID or branch reference. type: string tags: description: |- A list of tags applied to a context. Used primarily for CI and SBOM contexts. items: type: string type: array type: $ref: '#/components/schemas/ContextContextType' will_be_deleted_at: description: |- Time that all objects in this context will be deleted. This field is deprecated and will be removed in the future. Please use the meta.will_be_deleted_at field instead. format: date-time readOnly: true type: string required: - type - id type: object v1Meta: description: Common fields for all Endor Labs resources. properties: annotations: additionalProperties: type: string description: >- Annotations can be used to attach metadata to a resource message. Annotation values can be small or large, structured or unstructured, and may include characters not permitted by labels. The keys may contain alphanumerics, underscores (_), dots (.) and dashes (-). The values of an annotation must be 16384 bytes or smaller. type: object create_time: description: |- Time the resource was created. Format: 2017-01-15T01:30:15.01Z RFC 3339: https://www.ietf.org/rfc/rfc3339.txt. format: date-time readOnly: true type: string created_by: description: |- Name and authentication source of the user who created the object, for example, ewok@endor.ai@google@api-key. readOnly: true type: string description: description: Resource description. Must be less than 1024 bytes. type: string index_data: $ref: '#/components/schemas/v1IndexData' kind: description: >- Resource kind, for example, HelloResponse. Auto-generated using the protobuf message proto.MessageName().Name(). readOnly: true type: string name: description: Resource name. Must be 63 characters or less. type: string parent_kind: description: Parent object resource kind, for example, Project. type: string parent_uuid: description: Parent object UUID. type: string references: additionalProperties: $ref: '#/components/schemas/googleprotobufAny' description: Map of objects referenced in a query API. readOnly: true type: object tags: description: >- List of tags attached to the resource. Tags can be used to select objects and to find collections of objects that satisfy certain conditions. A tag must be 255 characters or less. items: type: string type: array update_time: description: |- Time the resource was last updated. Note: Updated on all create/patch/delete operations. Format: 2017-01-15T01:30:15.01Z RFC 3339: https://www.ietf.org/rfc/rfc3339.txt. format: date-time readOnly: true type: string updated_by: description: >- Name and authentication source of the last user who updated the object, for example, vulnerabilityingestor@endor.ai@x509. readOnly: true type: string upsert_time: description: |- Time the resource was last upserted. Note: create_time is only set the first time the resource is created. upsert_time is set every time the resource is upseted. Format: 2017-01-15T01:30:15.01Z RFC 3339: https://www.ietf.org/rfc/rfc3339.txt. format: date-time readOnly: true type: string version: description: Message version. readOnly: true type: string required: - name type: object v1ScanWorkflowResultSpec: properties: end_time: description: Time the scan ended. format: date-time type: string execution_id: description: The execution ID for all scans. type: string start_time: description: Time the scan started. format: date-time type: string stats: additionalProperties: format: int32 type: integer description: Map of stats such as how many issues were ingested during the scan. type: object status: $ref: '#/components/schemas/ScanResultSpecStatus' versions: description: Version information for each ref. items: $ref: '#/components/schemas/v1Version' type: array workflow_results: description: The workflow step results. items: $ref: '#/components/schemas/SpecWorkflowResult' type: array required: - status type: object v1UpdateRequest: description: Message used for all update requests. properties: force: description: |- Force will force the update of the resource if any checks fail. type: boolean update_mask: description: Fields to update. Defaults to all fields. type: string type: object v1TenantMeta: description: Tenant related data for the tenant containing the resource. properties: namespace: description: >- Namespaces are a way to organize organizational units into virtual groupings of resources. Namespaces must be a fully qualified name, for example, the child namespace of namespace "endor.prod" called "app" is called "endor.prod.app". type: string required: - namespace type: object googleprotobufAny: additionalProperties: {} description: >- `Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z". JSON ==== The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { "@type": "type.googleapis.com/google.profile.Person", "firstName": , "lastName": } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" } properties: '@type': description: >- A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one "/" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading "." is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics. type: string type: object ContextContextType: default: CONTEXT_TYPE_UNSPECIFIED description: |2- - CONTEXT_TYPE_MAIN: Objects from a scan of the default branch. All objects in the oss namespace are in the main context. The context id is always "default". - CONTEXT_TYPE_EXTERNAL: Indicates that this object is a copy/temporary value of an object in another project. Used for same-tenant dependencies. In source code reference this is equivalent to "vendor" folders. Package versions in the external context are only scanned for call graphs. No other operations are performed on them. - CONTEXT_TYPE_CI_RUN: Objects from a PR scan. The context id is the PR UUID. Objects in this context are deleted after 30 days. - CONTEXT_TYPE_SBOM: Objects from an SBOM scan. The context id is the SBOM serial number or some other unique identifier. - CONTEXT_TYPE_REF: Objects from a scan of a specific branch. The context id is the branch reference name. enum: - CONTEXT_TYPE_UNSPECIFIED - CONTEXT_TYPE_MAIN - CONTEXT_TYPE_EXTERNAL - CONTEXT_TYPE_CI_RUN - CONTEXT_TYPE_SBOM - CONTEXT_TYPE_REF type: string v1IndexData: description: |- IndexData is used to index the resource for search. It's an internal object. properties: data: items: type: string readOnly: true type: array search_score: description: >- search_score is the score of the resource for search. Internal use only. format: float readOnly: true type: number tenant: readOnly: true type: string will_be_deleted_at: description: Time that the resource will be deleted. format: date-time readOnly: true type: string type: object ScanResultSpecStatus: default: STATUS_UNSPECIFIED description: Success state. enum: - STATUS_UNSPECIFIED - STATUS_SUCCESS - STATUS_PARTIAL_SUCCESS - STATUS_FAILURE - STATUS_RUNNING type: string v1Version: properties: metadata: additionalProperties: type: string description: Version metadata. type: object ref: description: |- Resolved ref of the source control version. Can be a tag, a branch or a SHA. type: string sha: description: >- SHA of the source control version. Because the SHA might not be possible to resolved this field is optional. type: string required: - ref type: object SpecWorkflowResult: properties: error: $ref: '#/components/schemas/WorkflowResultWorkflowResultError' provisioning_result_uuid: description: >- provisioning_result_uuid is the UUID of the ProvisioningResult of the workflow step. type: string scan_duration: description: scan_duration is how log the scan ran. type: string scan_profile_uuid: description: >- scan_profile_uuid is the UUID of the ScanProfile of the workflow step. type: string scan_result_uuid: description: scan_result_uuid is the UUID of the ScanResult of the workflow step. type: string status: $ref: '#/components/schemas/ScanResultSpecStatus' title: description: title is descriptive text of the workflow step. type: string type: object WorkflowResultWorkflowResultError: properties: code: $ref: '#/components/schemas/v1EndorctlRC' error: description: error is the message of the workflow step failure. type: string type: object v1EndorctlRC: default: ENDORCTL_RC_UNSPECIFIED description: >- Endorctl return codes. - ENDORCTL_RC_SUCCESS: Success (translates to exit code 0). - ENDORCTL_RC_ERROR: Unspecified error. - ENDORCTL_RC_INVALID_ARGS: Invalid input. - ENDORCTL_RC_ENDOR_AUTH_FAILURE: Endor API authentication failure. - ENDORCTL_RC_DOCTOR_FAILURE: Endor host-check failure. - ENDORCTL_RC_GITHUB_AUTH_FAILURE: GitHub authentication failure. - ENDORCTL_RC_ANALYTICS_ERROR: Error running analytics. - ENDORCTL_RC_FINDINGS_ERROR: Error generating findings. - ENDORCTL_RC_NOTIFICATIONS_ERROR: Error generating notifications. - ENDORCTL_RC_GITHUB_API_ERROR: Error calling GitHub API. - ENDORCTL_RC_GITHUB_PERMISSIONS_ERROR: Insufficient GitHub token permissions. - ENDORCTL_RC_GIT_ERROR: Error while performing a Git operation. - ENDORCTL_RC_DEPENDENCY_RESOLUTION_ERROR: Error during dependency resolution. - ENDORCTL_RC_DEPENDENCY_SCANNING_ERROR: Error during dependency scanning. - ENDORCTL_RC_CALL_GRAPH_ERROR: Error while generating call graphs. - ENDORCTL_RC_LINTER_ERROR: Error while running the linter scanner. - ENDORCTL_RC_BAD_POLICY_TYPE: A user defined policy has a policy type reserved for system policies. - ENDORCTL_RC_POLICY_ERROR: Error evaluating one or more policies. - ENDORCTL_RC_INTERNAL_ERROR: Internal error while running endorctl. - ENDORCTL_RC_DEADLINE_EXCEEDED: Deadline exceeded while running endorctl. - ENDORCTL_RC_NOT_FOUND: Requested entity was not found. - ENDORCTL_RC_ALREADY_EXISTS: Attempt to create an entity failed because it already exists. - ENDORCTL_RC_UNAUTHENTICATED: Unable to authenticate request. - ENDORCTL_RC_VULN_ERROR: Error related to vulnerability ingestion and processing. - ENDORCTL_RC_INITIALIZATION_ERROR: Error related to initializing the repository. - ENDORCTL_RC_HOST_CHECK_FAILURE: Endor host-check failure. - ENDORCTL_RC_SBOM_IMPORT_ERROR: Error importing an sbom. - ENDORCTL_RC_PRE_COMMIT_CHECK_FAILURE: A pre-commit check failed. - ENDORCTL_RC_GH_ACTION_WORKFLOW_SCAN_FAILURE: GitHub action workflow scan failed. - ENDORCTL_RC_FILE_ANALYTICS_ERROR: Error while reading files for analytics processing. - ENDORCTL_RC_SIGNATURE_VERIFICATION_FAILURE: Signature verification failure. - ENDORCTL_RC_LICENSE_ERROR: The requested operation requires additional licensing. - ENDORCTL_RC_HUGGING_FACE_ERROR: Error while running the huggingface scanner. - ENDORCTL_RC_SAST_ERROR: Error while running the SAST scanner. - ENDORCTL_RC_ARTIFACT_OPERATION_FAILURE: Artifact operation failure. - ENDORCTL_RC_SEGMENTATION_ERROR: Error during file segmentation. - ENDORCTL_RC_TOOLCHAIN_ERROR: Error generating toolchains. - ENDORCTL_RC_SANDBOX_ERROR: Error running endorctl sandbox. - ENDORCTL_RC_RULE_SET_ERROR: Error performing rule set operations. - ENDORCTL_RC_SECURITY_REVIEW_ERROR: Error while running the PR security review. - ENDORCTL_RC_CODE_API_ERROR: Error while running codeAPI. - ENDORCTL_RC_POLICY_VIOLATION: One or more, enforced, admission policy violations detected. - ENDORCTL_RC_POLICY_WARNING: One ore more, unenforced, admission policy violations detected. - ENDORCTL_RC_PR_SECURITY_REVIEW_ERROR: Deprecated: Use ENDORCTL_RC_SECURITY_REVIEW_ERROR instead. - ENDORCTL_RC_EXPORTER_WARNING: Warning while running the exporter. This does not prevent the main scan from completing. - ENDORCTL_RC_CONTAINER_PROFILING_WARNING: Warning while profiling a container image. - ENDORCTL_RC_DEPENDENCY_SETUP_WARNING: Warning during dependency environment setup (e.g. truststore creation). The scan continues with a fallback configuration but may encounter issues. enum: - ENDORCTL_RC_UNSPECIFIED - ENDORCTL_RC_SUCCESS - ENDORCTL_RC_ERROR - ENDORCTL_RC_INVALID_ARGS - ENDORCTL_RC_ENDOR_AUTH_FAILURE - ENDORCTL_RC_DOCTOR_FAILURE - ENDORCTL_RC_GITHUB_AUTH_FAILURE - ENDORCTL_RC_ANALYTICS_ERROR - ENDORCTL_RC_FINDINGS_ERROR - ENDORCTL_RC_NOTIFICATIONS_ERROR - ENDORCTL_RC_GITHUB_API_ERROR - ENDORCTL_RC_GITHUB_PERMISSIONS_ERROR - ENDORCTL_RC_GIT_ERROR - ENDORCTL_RC_DEPENDENCY_RESOLUTION_ERROR - ENDORCTL_RC_DEPENDENCY_SCANNING_ERROR - ENDORCTL_RC_CALL_GRAPH_ERROR - ENDORCTL_RC_LINTER_ERROR - ENDORCTL_RC_BAD_POLICY_TYPE - ENDORCTL_RC_POLICY_ERROR - ENDORCTL_RC_INTERNAL_ERROR - ENDORCTL_RC_DEADLINE_EXCEEDED - ENDORCTL_RC_NOT_FOUND - ENDORCTL_RC_ALREADY_EXISTS - ENDORCTL_RC_UNAUTHENTICATED - ENDORCTL_RC_VULN_ERROR - ENDORCTL_RC_INITIALIZATION_ERROR - ENDORCTL_RC_HOST_CHECK_FAILURE - ENDORCTL_RC_SBOM_IMPORT_ERROR - ENDORCTL_RC_PRE_COMMIT_CHECK_FAILURE - ENDORCTL_RC_GH_ACTION_WORKFLOW_SCAN_FAILURE - ENDORCTL_RC_FILE_ANALYTICS_ERROR - ENDORCTL_RC_SIGNATURE_VERIFICATION_FAILURE - ENDORCTL_RC_LICENSE_ERROR - ENDORCTL_RC_HUGGING_FACE_ERROR - ENDORCTL_RC_SAST_ERROR - ENDORCTL_RC_ARTIFACT_OPERATION_FAILURE - ENDORCTL_RC_SEGMENTATION_ERROR - ENDORCTL_RC_TOOLCHAIN_ERROR - ENDORCTL_RC_SANDBOX_ERROR - ENDORCTL_RC_RULE_SET_ERROR - ENDORCTL_RC_SECURITY_REVIEW_ERROR - ENDORCTL_RC_CODE_API_ERROR - ENDORCTL_RC_POLICY_VIOLATION - ENDORCTL_RC_POLICY_WARNING - ENDORCTL_RC_PR_SECURITY_REVIEW_ERROR - ENDORCTL_RC_EXPORTER_WARNING - ENDORCTL_RC_CONTAINER_PROFILING_WARNING - ENDORCTL_RC_DEPENDENCY_SETUP_WARNING type: string ````