Expose API Endpoint for License Compliance Reports

Release notes

Problem to solve

We do not currently allow users to query their License Compliance Reports via the API to display a list of licenses detected in their projects. Instead, customers only have the ability to list Managed Licenses via API which only includes License Policies.

We have similar API offerings for Security Reports via the Vulnerability Findings API. It would be useful to have a similar API for License Compliance.

Due to a known bug, pipeline artifacts, such as License Scanning Reports, are not available via the pipeline job details page. This also prevents users from downloading their reports via the Job Artifacts API. However, the following issue is open to allow report type artifacts to be downloaded via the job details page:

Make report type artifacts downloadable from the job details page

Until the above issue is resolved, users have no workarounds to list detected licenses generated from their License Compliance reports other than the UI.

Proposal

We should expose an endpoint for License Compliance that allows users to list detected licenses. This can possibly be consolidated with the Managed Licenses API so that users can list both detected licenses as well as policies (Managed Licenses) via a single API endpoint.