google-apis-binaryauthorization_v1 0.28.0 → 0.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2d90c39f24d19819ebb370b9bde01f5622f2d10872b1fa77ea275f9ede3fb690
-  data.tar.gz: 5dba18ae6cce5c0d688b4f34b3e16d0fc9c5e6977934b1f2787054442e1d4220
+  metadata.gz: f77a5ff4dd29e3b631d44c48186f36f80c2fc77cabc9f09dc4c3ac540bc0fcc9
+  data.tar.gz: c713bc6dd4f36f4a67cdd291dbc8601bc47eb3571872b89e295fffe2bac19165
 SHA512:
-  metadata.gz: f0ec5fd8227c01799eec8991bcfe779fdcb2d85af800394d30b9640affd09508ecc7467f700ab0ac2872f3cfb3096666a1f0ffe82254967473faa1a91ac45348
-  data.tar.gz: ba17aae91cf84fa0c13f7213fdf9da756efae0d804e5420384e8b0d45b1185caf89289e37397583b351474e90bb1d8569f9d3680fa376c1ed74c8ef8afd27f90
+  metadata.gz: 9365f5953109f9fa967435f9a0bf020f616c54672a97ccaf4e5edcead6c32923a8c791f697668c3ad75e8123854670081e8fef34357f80bf4294d223aac60bb8
+  data.tar.gz: 423200e2d668f53d2d56107bb6367cc84e8884940cbd661833cfbc8fb55800a30e57e5decc2813410188565ed8fb7eb6aab6015f4ac038b50f8b2b6fef76240b

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-binaryauthorization_v1
 
+### v0.30.0 (2023-12-24)
+
+* Regenerated from discovery document revision 20231215
+
+### v0.29.0 (2023-10-08)
+
+* Regenerated from discovery document revision 20230929
+
 ### v0.28.0 (2023-09-10)
 
 * Regenerated from discovery document revision 20230901

data/lib/google/apis/binaryauthorization_v1/classes.rb

@@ -172,7 +172,9 @@ module Google
         include Google::Apis::Core::Hashable
       
         # The IDs of the GCP projects storing the SLSA attestations as Container
-        # Analysis Occurrences.
+        # Analysis Occurrences, in the format `projects/[PROJECT_ID]`. Maximum number of
+        # `container_analysis_attestation_projects` allowed in each `AttestationSource`
+        # is 10.
         # Corresponds to the JSON property `containerAnalysisAttestationProjects`
         # @return [Array<String>]
         attr_accessor :container_analysis_attestation_projects
@@ -325,21 +327,43 @@ module Google
         # project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:`emailid``: An
         # email address that represents a Google group. For example, `admins@example.com`
         # . * `domain:`domain``: The G Suite domain (primary) that represents all the
-        # users of that domain. For example, `google.com` or `example.com`. * `deleted:
-        # user:`emailid`?uid=`uniqueid``: An email address (plus unique identifier)
-        # representing a user that has been recently deleted. For example, `alice@
-        # example.com?uid=123456789012345678901`. If the user is recovered, this value
-        # reverts to `user:`emailid`` and the recovered user retains the role in the
-        # binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email address
-        # (plus unique identifier) representing a service account that has been recently
-        # deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
+        # users of that domain. For example, `google.com` or `example.com`. * `principal:
+        # //iam.googleapis.com/locations/global/workforcePools/`pool_id`/subject/`
+        # subject_attribute_value``: A single identity in a workforce identity pool. * `
+        # principalSet://iam.googleapis.com/locations/global/workforcePools/`pool_id`/
+        # group/`group_id``: All workforce identities in a group. * `principalSet://iam.
+        # googleapis.com/locations/global/workforcePools/`pool_id`/attribute.`
+        # attribute_name`/`attribute_value``: All workforce identities with a specific
+        # attribute value. * `principalSet://iam.googleapis.com/locations/global/
+        # workforcePools/`pool_id`/*`: All identities in a workforce identity pool. * `
+        # principal://iam.googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/subject/`subject_attribute_value``: A single
+        # identity in a workload identity pool. * `principalSet://iam.googleapis.com/
+        # projects/`project_number`/locations/global/workloadIdentityPools/`pool_id`/
+        # group/`group_id``: A workload identity pool group. * `principalSet://iam.
+        # googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/attribute.`attribute_name`/`attribute_value``:
+        # All identities in a workload identity pool with a certain attribute. * `
+        # principalSet://iam.googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/*`: All identities in a workload identity pool.
+        # * `deleted:user:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a user that has been recently deleted. For example, `
+        # alice@example.com?uid=123456789012345678901`. If the user is recovered, this
+        # value reverts to `user:`emailid`` and the recovered user retains the role in
+        # the binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email
+        # address (plus unique identifier) representing a service account that has been
+        # recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
         # 123456789012345678901`. If the service account is undeleted, this value
         # reverts to `serviceAccount:`emailid`` and the undeleted service account
         # retains the role in the binding. * `deleted:group:`emailid`?uid=`uniqueid``:
         # An email address (plus unique identifier) representing a Google group that has
         # been recently deleted. For example, `admins@example.com?uid=
         # 123456789012345678901`. If the group is recovered, this value reverts to `
-        # group:`emailid`` and the recovered group retains the role in the binding.
+        # group:`emailid`` and the recovered group retains the role in the binding. * `
+        # deleted:principal://iam.googleapis.com/locations/global/workforcePools/`
+        # pool_id`/subject/`subject_attribute_value``: Deleted single identity in a
+        # workforce identity pool. For example, `deleted:principal://iam.googleapis.com/
+        # locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.
         # Corresponds to the JSON property `members`
         # @return [Array<String>]
         attr_accessor :members
@@ -802,6 +826,21 @@ module Google
       class PkixPublicKey
         include Google::Apis::Core::Hashable
       
+        # Optional. The ID of this public key. Signatures verified by Binary
+        # Authorization must include the ID of the public key that can be used to verify
+        # them, and that ID must match the contents of this field exactly. This may be
+        # explicitly provided by the caller, but it MUST be a valid RFC3986 URI. If `
+        # key_id` is left blank and this `PkixPublicKey` is not used in the context of a
+        # wrapper (see next paragraph), a default key ID will be computed based on the
+        # digest of the DER encoding of the public key. If this `PkixPublicKey` is used
+        # in the context of a wrapper that has its own notion of key ID (e.g. `
+        # AttestorPublicKey`), then this field can either: * Match that value exactly. *
+        # Or be left blank, in which case it behaves exactly as though it is equal to
+        # that wrapper value.
+        # Corresponds to the JSON property `keyId`
+        # @return [String]
+        attr_accessor :key_id
+      
         # A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#
         # section-13
         # Corresponds to the JSON property `publicKeyPem`
@@ -822,6 +861,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @key_id = args[:key_id] if args.key?(:key_id)
           @public_key_pem = args[:public_key_pem] if args.key?(:public_key_pem)
           @signature_algorithm = args[:signature_algorithm] if args.key?(:signature_algorithm)
         end
@@ -1131,12 +1171,14 @@ module Google
         attr_accessor :attestation_authenticators
       
         # Optional. The projects where attestations are stored as Container Analysis
-        # Occurrences. Only one attestation needs to successfully verify an image for
-        # this check to pass, so a single verified attestation found in any of `
-        # container_analysis_attestation_projects` is sufficient for the check to pass.
-        # When fetching Occurrences from Container Analysis, only 'AttestationOccurrence'
-        # kinds are considered. In the future, additional Occurrence kinds may be added
-        # to the query.
+        # Occurrences, in the format `projects/[PROJECT_ID]`. Only one attestation needs
+        # to successfully verify an image for this check to pass, so a single verified
+        # attestation found in any of `container_analysis_attestation_projects` is
+        # sufficient for the check to pass. When fetching Occurrences from Container
+        # Analysis, only `AttestationOccurrence` kinds are considered. In the future,
+        # additional Occurrence kinds may be added to the query. Maximum number of `
+        # container_analysis_attestation_projects` allowed in each `
+        # SimpleSigningAttestationCheck` is 10.
         # Corresponds to the JSON property `containerAnalysisAttestationProjects`
         # @return [Array<String>]
         attr_accessor :container_analysis_attestation_projects
@@ -1452,7 +1494,9 @@ module Google
         # PROJECT_ID]`, e.g., `projects/my-gcp-project`. An attempt will be made for
         # each project to fetch vulnerabilities, and all valid vulnerabilities will be
         # used to check against the vulnerability policy. If no valid scan is found in
-        # all projects configured here, an error will be returned for the check.
+        # all projects configured here, an error will be returned for the check. Maximum
+        # number of `container_analysis_vulnerability_projects` allowed in each `
+        # VulnerabilityCheck` is 10.
         # Corresponds to the JSON property `containerAnalysisVulnerabilityProjects`
         # @return [Array<String>]
         attr_accessor :container_analysis_vulnerability_projects

data/lib/google/apis/binaryauthorization_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module BinaryauthorizationV1
       # Version of the google-apis-binaryauthorization_v1 gem
-      GEM_VERSION = "0.28.0"
+      GEM_VERSION = "0.30.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230901"
+      REVISION = "20231215"
     end
   end
 end

data/lib/google/apis/binaryauthorization_v1/representations.rb

@@ -425,6 +425,7 @@ module Google
       class PkixPublicKey
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :key_id, as: 'keyId'
           property :public_key_pem, as: 'publicKeyPem'
           property :signature_algorithm, as: 'signatureAlgorithm'
         end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-binaryauthorization_v1
 version: !ruby/object:Gem::Version
-  version: 0.28.0
+  version: 0.30.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-17 00:00:00.000000000 Z
+date: 2023-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-binaryauthorization_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-binaryauthorization_v1/v0.28.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-binaryauthorization_v1/v0.30.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-binaryauthorization_v1
 post_install_message: 
 rdoc_options: []