updated web schema layout & linking (#164)

Signed-off-by: Eddie Knight <knight@linux.com>

Author: eddie-knight

.gitignore

@@ -3,3 +3,4 @@ openapi.yaml
 cmd/*/cue2openapi
 cmd/*/openapi2md
 docs/_site/
+.DS_Store

Makefile

@@ -24,7 +24,7 @@ cuegen:
 
 genopenapi:
 	@echo "  >  Converting CUE schema to OpenAPI ..."
-	@cd cmd/cue2openapi && go run . -schema ../../spec/schema.cue -output ../../openapi.yaml
+	@cd cmd/cue2openapi && go run . -schema ../../spec -output ../../openapi.yaml -root SecurityInsights -version "$$(cat ../../VERSION)"
 	@echo "  >  OpenAPI schema generation complete!"
 
 genindex:
@@ -43,7 +43,7 @@ genindex:
 
 gendocs: genopenapi
 	@echo "  >  Generating markdown from OpenAPI ..."
-	@cd cmd/openapi2md && go run . -input ../../openapi.yaml -output ../../spec
+	@cd cmd/openapi2md && go run . -input ../../openapi.yaml -output ../../spec -roots SecurityInsights
 	@echo "  >  Copying schema.md to docs/ for website ..."
 	@{ \
 		echo "---"; \

cmd/cue2openapi/converter.go

@@ -1,15 +1,27 @@
 package main
 
 import (
+	"encoding/json"
 	"fmt"
 	"os"
+	"path/filepath"
+	"sort"
 	"strings"
 
 	"cuelang.org/go/cue/ast"
+	"cuelang.org/go/cue/load"
 	"cuelang.org/go/cue/token"
-	"gopkg.in/yaml.v3"
+	"github.com/goccy/go-yaml"
 )
 
+// ConvertOpts configures CUE-to-OpenAPI conversion.
+type ConvertOpts struct {
+	ManifestPath string // If set, write schema→file manifest JSON here
+	Root         string // Optional #Name whose comment sets Info.Description
+	Version      string // Override version (default: VERSION file or "unknown")
+	Title        string // OpenAPI info title (default: "Security Insights")
+}
+
 type OpenAPISpec struct {
 	OpenAPI    string            `yaml:"openapi" json:"openapi"`
 	Info       OpenAPIInfo       `yaml:"info" json:"info"`
@@ -37,64 +49,146 @@ type SchemaInfo struct {
 	Ref         string                 `yaml:"$ref,omitempty" json:"$ref,omitempty"`
 }
 
-func readVersion() string {
-	path := "../../VERSION"
-
+func readVersion(schemaDir string) string {
+	path := filepath.Join(schemaDir, "VERSION")
 	if data, err := os.ReadFile(path); err == nil {
 		version := strings.TrimSpace(string(data))
 		if version != "" {
 			return version
 		}
 	}
-
-	return "unknown version"
+	return "unknown"
 }
 
-func parseCUEToOpenAPI(file *ast.File) *OpenAPISpec {
-	version := readVersion()
+func convertCUEToOpenAPI(schemaDir, outputPath string, opts ConvertOpts) error {
+	if !filepath.IsAbs(schemaDir) {
+		wd, err := os.Getwd()
+		if err != nil {
+			return fmt.Errorf("failed to get working directory: %w", err)
+		}
+		schemaDir = filepath.Join(wd, schemaDir)
+	}
+
+	insts := load.Instances([]string{"."}, &load.Config{Dir: schemaDir})
+	if len(insts) == 0 || insts[0].Err != nil {
+		err := error(nil)
+		if len(insts) > 0 {
+			err = insts[0].Err
+		}
+		return fmt.Errorf("failed to load CUE package: %v", err)
+	}
+
+	version := opts.Version
+	if version == "" {
+		version = readVersion(schemaDir)
+	}
+	title := opts.Title
+	if title == "" {
+		title = "Security Insights"
+	}
+
 	spec := &OpenAPISpec{
 		OpenAPI: "3.0.3",
 		Info: OpenAPIInfo{
-			Title:   "Security Insights Specification",
-			Version: version,
+			Title:       title,
+			Version:     version,
+			Description: "Security Insights schema definitions",
 		},
 		Components: OpenAPIComponents{
 			Schemas: make(map[string]interface{}),
 		},
 	}
 
-	// Extract root type description
-	var rootDescription string
+	seen := make(map[string]bool)
+	manifest := make(map[string][]string) // filename → schema names
+	files := insts[0].Files
+	names := make([]string, 0, len(files))
+	byName := make(map[string]*ast.File)
+	for _, f := range files {
+		name := "<no filename>"
+		if f.Filename != "" {
+			name = filepath.Base(f.Filename)
+		}
+		names = append(names, name)
+		byName[name] = f
+	}
+	sort.Strings(names)
+
+	for _, name := range names {
+		if name == "<no filename>" {
+			continue
+		}
+		f := byName[name]
+		rootDesc, typeNames := parseFile(f, spec, seen, opts.Root)
+		if rootDesc != "" && opts.Root != "" {
+			spec.Info.Description = rootDesc
+		}
+		if len(typeNames) > 0 {
+			manifest[name] = typeNames
+		}
+	}
+
+	if err := writeOpenAPISpec(spec, outputPath); err != nil {
+		return err
+	}
+	if opts.ManifestPath != "" {
+		if err := writeManifest(manifest, opts.ManifestPath); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func writeManifest(manifest map[string][]string, path string) error {
+	keys := make([]string, 0, len(manifest))
+	for k := range manifest {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+	ordered := make(map[string][]string, len(manifest))
+	for _, k := range keys {
+		ordered[k] = manifest[k]
+	}
+	data, err := json.MarshalIndent(ordered, "", "  ")
+	if err != nil {
+		return fmt.Errorf("marshal manifest: %w", err)
+	}
+	return os.WriteFile(path, data, 0644)
+}
+
+// parseFile processes a single CUE file and merges definitions into spec.
+// It returns the root type description (if opts.Root matches) and the list of type names added.
+func parseFile(file *ast.File, spec *OpenAPISpec, seen map[string]bool, rootName string) (rootDescription string, typeNames []string) {
 	for _, decl := range file.Decls {
-		if field, ok := decl.(*ast.Field); ok {
-			if ident, ok := field.Label.(*ast.Ident); ok && ident.Name == "#SecurityInsights" {
-				if field.Comments() != nil {
-					for _, cg := range field.Comments() {
-						for _, c := range cg.List {
-							if c.Text != "" {
-								rootDescription = extractComment(c.Text)
-								break
-							}
+		field, ok := decl.(*ast.Field)
+		if !ok {
+			continue
+		}
+		ident, ok := field.Label.(*ast.Ident)
+		if !ok || !strings.HasPrefix(ident.Name, "#") {
+			continue
+		}
+		typeName := strings.TrimPrefix(ident.Name, "#")
+		if rootName != "" && ident.Name == "#"+rootName {
+			if field.Comments() != nil {
+				for _, cg := range field.Comments() {
+					for _, c := range cg.List {
+						if c.Text != "" {
+							rootDescription = extractComment(c.Text)
+							break
 						}
 					}
 				}
-				if rootDescription != "" {
-					spec.Info.Description = rootDescription
-				}
-				break
 			}
 		}
-	}
-
-	// Walk through all declarations to find type definitions
-	for _, decl := range file.Decls {
-		switch x := decl.(type) {
-		case *ast.Field:
-			parseDefinitionField(x, spec)
+		if seen[typeName] {
+			continue
 		}
+		seen[typeName] = true
+		parseDefinitionField(field, spec)
+		typeNames = append(typeNames, typeName)
 	}
-
-	return spec
+	return rootDescription, typeNames
 }
 
 func parseDefinitionField(field *ast.Field, spec *OpenAPISpec) {

cmd/cue2openapi/go.mod

@@ -4,7 +4,7 @@ go 1.23.0
 
 require (
 	cuelang.org/go v0.7.0
-	gopkg.in/yaml.v3 v3.0.1
+	github.com/goccy/go-yaml v1.19.2
 )
 
 require (
@@ -19,4 +19,5 @@ require (
 	github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 // indirect
 	golang.org/x/net v0.38.0 // indirect
 	golang.org/x/text v0.23.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

cmd/cue2openapi/go.sum

@@ -8,6 +8,8 @@ github.com/emicklei/proto v1.10.0 h1:pDGyFRVV5RvV+nkBK9iy3q67FBy9Xa7vwrOTE+g5aGw
 github.com/emicklei/proto v1.10.0/go.mod h1:rn1FgRS/FANiZdD2djyH7TMA9jdRDcYQ9IEN9yvjX0A=
 github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI=
 github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow=
+github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
+github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=

cmd/cue2openapi/main.go

@@ -4,49 +4,26 @@ import (
 	"flag"
 	"fmt"
 	"os"
-	"path/filepath"
-
-	"cuelang.org/go/cue/load"
 )
 
 func main() {
-	schemaPath := flag.String("schema", "spec/schema.cue", "Path to the CUE schema file")
+	schemaDir := flag.String("schema", "../..", "Path to the CUE package directory")
 	outputPath := flag.String("output", "openapi.yaml", "Output path for OpenAPI schema")
+	manifestPath := flag.String("manifest", "", "Optional path to write schema→file manifest JSON")
+	root := flag.String("root", "", "Optional root definition (#Name) whose comment sets spec description")
+	version := flag.String("version", "", "Optional version string (default: VERSION file in schema dir or \"unknown\")")
+	title := flag.String("title", "Security Insights", "OpenAPI info title")
 	flag.Parse()
 
-	if err := convertCUEToOpenAPI(*schemaPath, *outputPath); err != nil {
+	if err := convertCUEToOpenAPI(*schemaDir, *outputPath, ConvertOpts{
+		ManifestPath: *manifestPath,
+		Root:         *root,
+		Version:      *version,
+		Title:        *title,
+	}); err != nil {
 		fmt.Fprintf(os.Stderr, "Error converting CUE to OpenAPI: %v\n", err)
 		os.Exit(1)
 	}
 
 	fmt.Printf("OpenAPI schema generated successfully at %s\n", *outputPath)
 }
-
-func convertCUEToOpenAPI(schemaPath, outputPath string) error {
-	// Resolve to absolute path if relative
-	if !filepath.IsAbs(schemaPath) {
-		wd, err := os.Getwd()
-		if err != nil {
-			return fmt.Errorf("failed to get working directory: %v", err)
-		}
-		schemaPath = filepath.Join(wd, schemaPath)
-	}
-
-	// Load and parse the CUE schema
-	dir := filepath.Dir(schemaPath)
-	insts := load.Instances([]string{filepath.Base(schemaPath)}, &load.Config{
-		Dir: dir,
-	})
-
-	if len(insts) == 0 || insts[0].Err != nil {
-		return fmt.Errorf("failed to load CUE schema: %v", insts[0].Err)
-	}
-
-	// Use runtime-based conversion
-	file := insts[0].Files[0]
-	openapiSpec := parseCUEToOpenAPI(file)
-
-	// Write OpenAPI spec as YAML
-	return writeOpenAPISpec(openapiSpec, outputPath)
-}
-

cmd/openapi2md/go.mod

@@ -1,5 +1,5 @@
 module github.com/ossf/security-insights/cmd/openapi2md
 
-go 1.21
+go 1.21.0
 
-require gopkg.in/yaml.v3 v3.0.1
+require github.com/goccy/go-yaml v1.19.2

cmd/openapi2md/go.sum

@@ -1,4 +1,2 @@
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
+github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=