pinakes-server: add utoipa annotations to all routes; fix tests

Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: I28cf5b7b7cff8e90e123d624d97cf9656a6a6964

crates/pinakes-server/src/routes/scan.rs

@@ -7,6 +7,19 @@ use crate::{
 };
 
 /// Trigger a scan as a background job. Returns the job ID immediately.
+#[utoipa::path(
+    post,
+    path = "/api/v1/scan",
+    tag = "scan",
+    request_body = ScanRequest,
+    responses(
+        (status = 200, description = "Scan job submitted", body = ScanJobResponse),
+        (status = 401, description = "Unauthorized"),
+        (status = 403, description = "Forbidden"),
+        (status = 500, description = "Internal server error"),
+    ),
+    security(("bearer_auth" = []))
+)]
 pub async fn trigger_scan(
   State(state): State<AppState>,
   Json(req): Json<ScanRequest>,
@@ -18,6 +31,16 @@ pub async fn trigger_scan(
   }))
 }
 
+#[utoipa::path(
+    get,
+    path = "/api/v1/scan/status",
+    tag = "scan",
+    responses(
+        (status = 200, description = "Scan status", body = ScanStatusResponse),
+        (status = 401, description = "Unauthorized"),
+    ),
+    security(("bearer_auth" = []))
+)]
 pub async fn scan_status(
   State(state): State<AppState>,
 ) -> Json<ScanStatusResponse> {