Add maxItems:10 for SearchLogQuery

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>

openapi.yaml

@@ -519,21 +519,24 @@ definitions:
     properties:
       entryUUIDs:
         type: array
+        minItems: 1
+        maxItems: 10
         items:
           type: string
-          minItems: 1
           pattern: '^([0-9a-fA-F]{64}|[0-9a-fA-F]{80})$'
       logIndexes:
         type: array
         minItems: 1
+        maxItems: 10
         items:
           type: integer
           minimum: 0
       entries:
         type: array
+        minItems: 1
+        maxItems: 10
         items:
           $ref: '#/definitions/ProposedEntry'
-          minItems: 1
 
   LogInfo:
     type: object

pkg/api/entries.go

@@ -322,7 +322,7 @@ func SearchLogQueryHandler(params entries.SearchLogQueryParams) middleware.Respo
 
 	totalQueries := len(params.Entry.EntryUUIDs) + len(params.Entry.Entries()) + len(params.Entry.LogIndexes)
 	if totalQueries > maxSearchQueries {
-		return handleRekorAPIError(params, http.StatusBadRequest, fmt.Errorf(maxSearchQueryLimit, maxSearchQueries), maxSearchQueryLimit, maxSearchQueries)
+		return handleRekorAPIError(params, http.StatusUnprocessableEntity, fmt.Errorf(maxSearchQueryLimit, maxSearchQueries), fmt.Sprintf(maxSearchQueryLimit, maxSearchQueries))
 	}
 
 	if len(params.Entry.EntryUUIDs) > 0 || len(params.Entry.Entries()) > 0 {

tests/e2e_test.go

@@ -954,10 +954,10 @@ func TestSearchQueryLimit(t *testing.T) {
 			if resp.StatusCode != 200 && !test.shouldErr {
 				t.Fatalf("expected test to pass but it failed")
 			}
-			if resp.StatusCode != 400 && test.shouldErr {
+			if resp.StatusCode != 422 && test.shouldErr {
 				t.Fatal("expected test to fail but it passed")
 			}
-			if test.shouldErr && !strings.Contains(string(c), "more than max allowed") {
+			if test.shouldErr && !strings.Contains(string(c), "logIndexes in body should have at most 10 items") {
 				t.Fatal("expected max limit error but didn't get it")
 			}
 		})