add sbom settings for project (#20069)

Add a new switcher for sbom generation, by default is false.

Signed-off-by: wang yan <wangyan@vmware.com>

src/pkg/project/models/pro_meta.go

@@ -23,4 +23,5 @@ const (
 	ProMetaSeverity                 = "severity"
 	ProMetaAutoScan                 = "auto_scan"
 	ProMetaReuseSysCVEAllowlist     = "reuse_sys_cve_allowlist"
+	ProMetaAutoSBOMGen              = "auto_sbom_generation"
 )

src/pkg/project/models/project.go

@@ -147,6 +147,15 @@ func (p *Project) AutoScan() bool {
 	return isTrue(auto)
 }
 
+// AutoSBOMGen ...
+func (p *Project) AutoSBOMGen() bool {
+	auto, exist := p.GetMetadata(ProMetaAutoSBOMGen)
+	if !exist {
+		return false
+	}
+	return isTrue(auto)
+}
+
 // FilterByPublic returns orm.QuerySeter with public filter
 func (p *Project) FilterByPublic(_ context.Context, qs orm.QuerySeter, _ string, value interface{}) orm.QuerySeter {
 	subQuery := `SELECT project_id FROM project_metadata WHERE name = 'public' AND value = '%s'`

src/server/v2.0/handler/project_metadata.go

@@ -143,7 +143,7 @@ func (p *projectMetadataAPI) validate(metas map[string]string) (map[string]strin
 
 	switch key {
 	case proModels.ProMetaPublic, proModels.ProMetaEnableContentTrust, proModels.ProMetaEnableContentTrustCosign,
-		proModels.ProMetaPreventVul, proModels.ProMetaAutoScan, proModels.ProMetaReuseSysCVEAllowlist:
+		proModels.ProMetaAutoSBOMGen, proModels.ProMetaPreventVul, proModels.ProMetaAutoScan, proModels.ProMetaReuseSysCVEAllowlist:
 		v, err := strconv.ParseBool(value)
 		if err != nil {
 			return nil, errors.New(nil).WithCode(errors.BadRequestCode).WithMessage("invalid value: %s", value)