Check Processing Status

When you upload an SBOM, the platform runs post-processing on it: automation rules, vulnerability scanning, and policy checks. A version is not fully ready to download until processing finishes.

This guide shows how to check where a version is in that pipeline.

Quick check: vulnRunStatus

The fastest signal is vulnRunStatus on a version. It is part of the product listing response, so you often have it already.

curl https://api.interlynk.io/lynkapi \
  -H "Authorization: Bearer $INTERLYNK_SECURITY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "query": "query Status($projectId: Uuid!, $sbomId: Uuid!) { sbom(projectId: $projectId, sbomId: $sbomId) { id projectVersion vulnRunStatus } }",
    "variables": {
      "projectId": "1fade833-0603-4139-8ca0-26592264a4c9",
      "sbomId": "4e423fe0-d089-4025-b1e4-8fe9608138d6"
    }
  }'

{
  "data": {
    "sbom": {
      "id": "4e423fe0-d089-4025-b1e4-8fe9608138d6",
      "projectVersion": "3.0.2",
      "vulnRunStatus": "FINISHED"
    }
  }
}

vulnRunStatus is FINISHED once scanning is done. Before that it reports an in-progress state.

Per-stage status

The download field reports each processing stage separately through processingStatus. Use this when you care about a specific stage.

curl https://api.interlynk.io/lynkapi \
  -H "Authorization: Bearer $INTERLYNK_SECURITY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "query": "query Ready($projectId: Uuid!, $sbomId: Uuid!) { sbom(projectId: $projectId, sbomId: $sbomId) { download(sbomId: $sbomId) { ready processingStatus { automation vulnScan policyScan } } } }",
    "variables": {
      "projectId": "1fade833-0603-4139-8ca0-26592264a4c9",
      "sbomId": "4e423fe0-d089-4025-b1e4-8fe9608138d6"
    }
  }'

{
  "data": {
    "sbom": {
      "download": {
        "ready": true,
        "processingStatus": {
          "automation": "COMPLETED",
          "vulnScan": "COMPLETED",
          "policyScan": "COMPLETED"
        }
      }
    }
  }
}

Wait for processing before downloading

If you want one call that blocks until processing finishes, pass requireCompleted to download with the stages you need. The stages are AUTOMATION, VULN_SCAN, and POLICY_SCAN.

query downloadSbom($projectId: Uuid!, $sbomId: Uuid!,
                   $requireCompleted: [SbomProcessingStageEnum!]) {
  sbom(projectId: $projectId, sbomId: $sbomId) {
    download(sbomId: $sbomId, requireCompleted: $requireCompleted) {
      ready
      content
      processingStatus { automation vulnScan policyScan }
    }
  }
}

If a required stage is not done, ready comes back false and content is empty. Poll on a short interval until ready is true:

#!/bin/bash
PROJECT_ID="1fade833-0603-4139-8ca0-26592264a4c9"
SBOM_ID="4e423fe0-d089-4025-b1e4-8fe9608138d6"

while true; do
  READY=$(curl -s https://api.interlynk.io/lynkapi \
    -H "Authorization: Bearer $INTERLYNK_SECURITY_TOKEN" \
    -H "Content-Type: application/json" \
    -d "{\"query\":\"query(\$p:Uuid!,\$s:Uuid!,\$rc:[SbomProcessingStageEnum!]){sbom(projectId:\$p,sbomId:\$s){download(sbomId:\$s,requireCompleted:\$rc){ready}}}\",\"variables\":{\"p\":\"$PROJECT_ID\",\"s\":\"$SBOM_ID\",\"rc\":[\"VULN_SCAN\"]}}" \
    | jq -r '.data.sbom.download.ready')

  if [ "$READY" = "true" ]; then
    echo "Processing finished."
    break
  fi
  echo "Still processing, waiting 10s..."
  sleep 10
done

Once ready is true, download the SBOM.

PreviousList Products and Versions NextEdit SBOM Metadata

Last updated 21 days ago