google-apis-binaryauthorization_v1 0.33.0 → 0.35.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/OVERVIEW.md +2 -2
- data/lib/google/apis/binaryauthorization_v1/classes.rb +287 -0
- data/lib/google/apis/binaryauthorization_v1/gem_version.rb +3 -3
- data/lib/google/apis/binaryauthorization_v1/representations.rb +146 -0
- data/lib/google/apis/binaryauthorization_v1/service.rb +37 -0
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6afe7644853604dba7aa046934c1e4eb26412defae80fb6b9039ad4249737955
|
4
|
+
data.tar.gz: 65ad843bf5b05ff71294a291f693bb677417981e76416e2d3511bf2925ec356e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 860148e026c4d82bcf98ec0dd85057ab8630df8a383bd1e4f2e00b34ce91a5cb50a1b690019258e1d1e5da9098c62fb5e6cfa27a6b48c3c9862b66d6f4d92a17
|
7
|
+
data.tar.gz: 1f6e69a777ae87e196d651370239a1f08bcb988488b3ac577f0672dbda82b98c73040dd34ac389d549fd013f152cd5ef8c4129aeac9ebb27651d8cd6dadf5645
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,13 @@
|
|
1
1
|
# Release history for google-apis-binaryauthorization_v1
|
2
2
|
|
3
|
+
### v0.35.0 (2024-05-19)
|
4
|
+
|
5
|
+
* Regenerated using generator version 0.15.0
|
6
|
+
|
7
|
+
### v0.34.0 (2024-02-23)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20240220
|
10
|
+
|
3
11
|
### v0.33.0 (2024-02-18)
|
4
12
|
|
5
13
|
* Regenerated from discovery document revision 20240209
|
data/OVERVIEW.md
CHANGED
@@ -83,9 +83,9 @@ The [product documentation](https://cloud.google.com/binary-authorization/) may
|
|
83
83
|
|
84
84
|
## Supported Ruby versions
|
85
85
|
|
86
|
-
This library is supported on Ruby 2.
|
86
|
+
This library is supported on Ruby 2.7+.
|
87
87
|
|
88
|
-
Google provides official support for Ruby versions that are actively supported by Ruby Core -- that is, Ruby versions that are either in normal maintenance or in security maintenance, and not end of life.
|
88
|
+
Google provides official support for Ruby versions that are actively supported by Ruby Core -- that is, Ruby versions that are either in normal maintenance or in security maintenance, and not end of life. Older versions of Ruby _may_ still work, but are unsupported and not recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby support schedule.
|
89
89
|
|
90
90
|
## License
|
91
91
|
|
@@ -84,6 +84,25 @@ module Google
|
|
84
84
|
end
|
85
85
|
end
|
86
86
|
|
87
|
+
# Result of evaluating an image name allowlist.
|
88
|
+
class AllowlistResult
|
89
|
+
include Google::Apis::Core::Hashable
|
90
|
+
|
91
|
+
# The allowlist pattern that the image matched.
|
92
|
+
# Corresponds to the JSON property `matchedPattern`
|
93
|
+
# @return [String]
|
94
|
+
attr_accessor :matched_pattern
|
95
|
+
|
96
|
+
def initialize(**args)
|
97
|
+
update!(**args)
|
98
|
+
end
|
99
|
+
|
100
|
+
# Update properties of this object
|
101
|
+
def update!(**args)
|
102
|
+
@matched_pattern = args[:matched_pattern] if args.key?(:matched_pattern)
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
87
106
|
# An attestation authenticator that will be used to verify attestations.
|
88
107
|
# Typically this is just a set of public keys. Conceptually, an authenticator
|
89
108
|
# can be treated as always returning either "authenticated" or "not
|
@@ -469,6 +488,74 @@ module Google
|
|
469
488
|
end
|
470
489
|
end
|
471
490
|
|
491
|
+
# Result of evaluating one check.
|
492
|
+
class CheckResult
|
493
|
+
include Google::Apis::Core::Hashable
|
494
|
+
|
495
|
+
# Result of evaluating an image name allowlist.
|
496
|
+
# Corresponds to the JSON property `allowlistResult`
|
497
|
+
# @return [Google::Apis::BinaryauthorizationV1::AllowlistResult]
|
498
|
+
attr_accessor :allowlist_result
|
499
|
+
|
500
|
+
# The name of the check.
|
501
|
+
# Corresponds to the JSON property `displayName`
|
502
|
+
# @return [String]
|
503
|
+
attr_accessor :display_name
|
504
|
+
|
505
|
+
# Result of evaluating one check.
|
506
|
+
# Corresponds to the JSON property `evaluationResult`
|
507
|
+
# @return [Google::Apis::BinaryauthorizationV1::EvaluationResult]
|
508
|
+
attr_accessor :evaluation_result
|
509
|
+
|
510
|
+
# Explanation of this check result.
|
511
|
+
# Corresponds to the JSON property `explanation`
|
512
|
+
# @return [String]
|
513
|
+
attr_accessor :explanation
|
514
|
+
|
515
|
+
# The index of the check.
|
516
|
+
# Corresponds to the JSON property `index`
|
517
|
+
# @return [Fixnum]
|
518
|
+
attr_accessor :index
|
519
|
+
|
520
|
+
# The type of the check.
|
521
|
+
# Corresponds to the JSON property `type`
|
522
|
+
# @return [String]
|
523
|
+
attr_accessor :type
|
524
|
+
|
525
|
+
def initialize(**args)
|
526
|
+
update!(**args)
|
527
|
+
end
|
528
|
+
|
529
|
+
# Update properties of this object
|
530
|
+
def update!(**args)
|
531
|
+
@allowlist_result = args[:allowlist_result] if args.key?(:allowlist_result)
|
532
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
533
|
+
@evaluation_result = args[:evaluation_result] if args.key?(:evaluation_result)
|
534
|
+
@explanation = args[:explanation] if args.key?(:explanation)
|
535
|
+
@index = args[:index] if args.key?(:index)
|
536
|
+
@type = args[:type] if args.key?(:type)
|
537
|
+
end
|
538
|
+
end
|
539
|
+
|
540
|
+
# Result of evaluating one or more checks.
|
541
|
+
class CheckResults
|
542
|
+
include Google::Apis::Core::Hashable
|
543
|
+
|
544
|
+
# Per-check details.
|
545
|
+
# Corresponds to the JSON property `results`
|
546
|
+
# @return [Array<Google::Apis::BinaryauthorizationV1::CheckResult>]
|
547
|
+
attr_accessor :results
|
548
|
+
|
549
|
+
def initialize(**args)
|
550
|
+
update!(**args)
|
551
|
+
end
|
552
|
+
|
553
|
+
# Update properties of this object
|
554
|
+
def update!(**args)
|
555
|
+
@results = args[:results] if args.key?(:results)
|
556
|
+
end
|
557
|
+
end
|
558
|
+
|
472
559
|
# A conjunction of policy checks, scoped to a particular namespace or Kubernetes
|
473
560
|
# service account. In order for evaluation of a `CheckSet` to return "allowed"
|
474
561
|
# for a given image in a given Pod, one of the following conditions must be
|
@@ -514,6 +601,56 @@ module Google
|
|
514
601
|
end
|
515
602
|
end
|
516
603
|
|
604
|
+
# Result of evaluating one check set.
|
605
|
+
class CheckSetResult
|
606
|
+
include Google::Apis::Core::Hashable
|
607
|
+
|
608
|
+
# Result of evaluating an image name allowlist.
|
609
|
+
# Corresponds to the JSON property `allowlistResult`
|
610
|
+
# @return [Google::Apis::BinaryauthorizationV1::AllowlistResult]
|
611
|
+
attr_accessor :allowlist_result
|
612
|
+
|
613
|
+
# Result of evaluating one or more checks.
|
614
|
+
# Corresponds to the JSON property `checkResults`
|
615
|
+
# @return [Google::Apis::BinaryauthorizationV1::CheckResults]
|
616
|
+
attr_accessor :check_results
|
617
|
+
|
618
|
+
# The name of the check set.
|
619
|
+
# Corresponds to the JSON property `displayName`
|
620
|
+
# @return [String]
|
621
|
+
attr_accessor :display_name
|
622
|
+
|
623
|
+
# Explanation of this check set result. Only populated if no checks were
|
624
|
+
# evaluated.
|
625
|
+
# Corresponds to the JSON property `explanation`
|
626
|
+
# @return [String]
|
627
|
+
attr_accessor :explanation
|
628
|
+
|
629
|
+
# The index of the check set.
|
630
|
+
# Corresponds to the JSON property `index`
|
631
|
+
# @return [Fixnum]
|
632
|
+
attr_accessor :index
|
633
|
+
|
634
|
+
# A scope specifier for `CheckSet` objects.
|
635
|
+
# Corresponds to the JSON property `scope`
|
636
|
+
# @return [Google::Apis::BinaryauthorizationV1::Scope]
|
637
|
+
attr_accessor :scope
|
638
|
+
|
639
|
+
def initialize(**args)
|
640
|
+
update!(**args)
|
641
|
+
end
|
642
|
+
|
643
|
+
# Update properties of this object
|
644
|
+
def update!(**args)
|
645
|
+
@allowlist_result = args[:allowlist_result] if args.key?(:allowlist_result)
|
646
|
+
@check_results = args[:check_results] if args.key?(:check_results)
|
647
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
648
|
+
@explanation = args[:explanation] if args.key?(:explanation)
|
649
|
+
@index = args[:index] if args.key?(:index)
|
650
|
+
@scope = args[:scope] if args.key?(:scope)
|
651
|
+
end
|
652
|
+
end
|
653
|
+
|
517
654
|
# A generic empty message that you can re-use to avoid defining duplicated empty
|
518
655
|
# messages in your APIs. A typical example is to use it as the request or the
|
519
656
|
# response type of an API method. For instance: service Foo ` rpc Bar(google.
|
@@ -530,6 +667,69 @@ module Google
|
|
530
667
|
end
|
531
668
|
end
|
532
669
|
|
670
|
+
# Request message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
|
671
|
+
class EvaluateGkePolicyRequest
|
672
|
+
include Google::Apis::Core::Hashable
|
673
|
+
|
674
|
+
# Required. JSON or YAML blob representing a Kubernetes resource.
|
675
|
+
# Corresponds to the JSON property `resource`
|
676
|
+
# @return [Hash<String,Object>]
|
677
|
+
attr_accessor :resource
|
678
|
+
|
679
|
+
def initialize(**args)
|
680
|
+
update!(**args)
|
681
|
+
end
|
682
|
+
|
683
|
+
# Update properties of this object
|
684
|
+
def update!(**args)
|
685
|
+
@resource = args[:resource] if args.key?(:resource)
|
686
|
+
end
|
687
|
+
end
|
688
|
+
|
689
|
+
# Response message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
|
690
|
+
class EvaluateGkePolicyResponse
|
691
|
+
include Google::Apis::Core::Hashable
|
692
|
+
|
693
|
+
# Evaluation result for each Pod contained in the request.
|
694
|
+
# Corresponds to the JSON property `results`
|
695
|
+
# @return [Array<Google::Apis::BinaryauthorizationV1::PodResult>]
|
696
|
+
attr_accessor :results
|
697
|
+
|
698
|
+
# The result of evaluating all Pods in the request.
|
699
|
+
# Corresponds to the JSON property `verdict`
|
700
|
+
# @return [String]
|
701
|
+
attr_accessor :verdict
|
702
|
+
|
703
|
+
def initialize(**args)
|
704
|
+
update!(**args)
|
705
|
+
end
|
706
|
+
|
707
|
+
# Update properties of this object
|
708
|
+
def update!(**args)
|
709
|
+
@results = args[:results] if args.key?(:results)
|
710
|
+
@verdict = args[:verdict] if args.key?(:verdict)
|
711
|
+
end
|
712
|
+
end
|
713
|
+
|
714
|
+
# Result of evaluating one check.
|
715
|
+
class EvaluationResult
|
716
|
+
include Google::Apis::Core::Hashable
|
717
|
+
|
718
|
+
# The result of evaluating this check.
|
719
|
+
# Corresponds to the JSON property `verdict`
|
720
|
+
# @return [String]
|
721
|
+
attr_accessor :verdict
|
722
|
+
|
723
|
+
def initialize(**args)
|
724
|
+
update!(**args)
|
725
|
+
end
|
726
|
+
|
727
|
+
# Update properties of this object
|
728
|
+
def update!(**args)
|
729
|
+
@verdict = args[:verdict] if args.key?(:verdict)
|
730
|
+
end
|
731
|
+
end
|
732
|
+
|
533
733
|
# Represents a textual expression in the Common Expression Language (CEL) syntax.
|
534
734
|
# CEL is a C-like expression language. The syntax and semantics of CEL are
|
535
735
|
# documented at https://github.com/google/cel-spec. Example (Comparison): title:
|
@@ -755,6 +955,50 @@ module Google
|
|
755
955
|
end
|
756
956
|
end
|
757
957
|
|
958
|
+
# Result of evaluating one image.
|
959
|
+
class ImageResult
|
960
|
+
include Google::Apis::Core::Hashable
|
961
|
+
|
962
|
+
# Result of evaluating an image name allowlist.
|
963
|
+
# Corresponds to the JSON property `allowlistResult`
|
964
|
+
# @return [Google::Apis::BinaryauthorizationV1::AllowlistResult]
|
965
|
+
attr_accessor :allowlist_result
|
966
|
+
|
967
|
+
# Result of evaluating one check set.
|
968
|
+
# Corresponds to the JSON property `checkSetResult`
|
969
|
+
# @return [Google::Apis::BinaryauthorizationV1::CheckSetResult]
|
970
|
+
attr_accessor :check_set_result
|
971
|
+
|
972
|
+
# Explanation of this image result. Only populated if no check sets were
|
973
|
+
# evaluated.
|
974
|
+
# Corresponds to the JSON property `explanation`
|
975
|
+
# @return [String]
|
976
|
+
attr_accessor :explanation
|
977
|
+
|
978
|
+
# Image URI from the request.
|
979
|
+
# Corresponds to the JSON property `imageUri`
|
980
|
+
# @return [String]
|
981
|
+
attr_accessor :image_uri
|
982
|
+
|
983
|
+
# The result of evaluating this image.
|
984
|
+
# Corresponds to the JSON property `verdict`
|
985
|
+
# @return [String]
|
986
|
+
attr_accessor :verdict
|
987
|
+
|
988
|
+
def initialize(**args)
|
989
|
+
update!(**args)
|
990
|
+
end
|
991
|
+
|
992
|
+
# Update properties of this object
|
993
|
+
def update!(**args)
|
994
|
+
@allowlist_result = args[:allowlist_result] if args.key?(:allowlist_result)
|
995
|
+
@check_set_result = args[:check_set_result] if args.key?(:check_set_result)
|
996
|
+
@explanation = args[:explanation] if args.key?(:explanation)
|
997
|
+
@image_uri = args[:image_uri] if args.key?(:image_uri)
|
998
|
+
@verdict = args[:verdict] if args.key?(:verdict)
|
999
|
+
end
|
1000
|
+
end
|
1001
|
+
|
758
1002
|
#
|
759
1003
|
class Jwt
|
760
1004
|
include Google::Apis::Core::Hashable
|
@@ -938,6 +1182,49 @@ module Google
|
|
938
1182
|
end
|
939
1183
|
end
|
940
1184
|
|
1185
|
+
# Result of evaluating the whole GKE policy for one Pod.
|
1186
|
+
class PodResult
|
1187
|
+
include Google::Apis::Core::Hashable
|
1188
|
+
|
1189
|
+
# Per-image details.
|
1190
|
+
# Corresponds to the JSON property `imageResults`
|
1191
|
+
# @return [Array<Google::Apis::BinaryauthorizationV1::ImageResult>]
|
1192
|
+
attr_accessor :image_results
|
1193
|
+
|
1194
|
+
# The Kubernetes namespace of the Pod.
|
1195
|
+
# Corresponds to the JSON property `kubernetesNamespace`
|
1196
|
+
# @return [String]
|
1197
|
+
attr_accessor :kubernetes_namespace
|
1198
|
+
|
1199
|
+
# The Kubernetes service account of the Pod.
|
1200
|
+
# Corresponds to the JSON property `kubernetesServiceAccount`
|
1201
|
+
# @return [String]
|
1202
|
+
attr_accessor :kubernetes_service_account
|
1203
|
+
|
1204
|
+
# The name of the Pod.
|
1205
|
+
# Corresponds to the JSON property `podName`
|
1206
|
+
# @return [String]
|
1207
|
+
attr_accessor :pod_name
|
1208
|
+
|
1209
|
+
# The result of evaluating this Pod.
|
1210
|
+
# Corresponds to the JSON property `verdict`
|
1211
|
+
# @return [String]
|
1212
|
+
attr_accessor :verdict
|
1213
|
+
|
1214
|
+
def initialize(**args)
|
1215
|
+
update!(**args)
|
1216
|
+
end
|
1217
|
+
|
1218
|
+
# Update properties of this object
|
1219
|
+
def update!(**args)
|
1220
|
+
@image_results = args[:image_results] if args.key?(:image_results)
|
1221
|
+
@kubernetes_namespace = args[:kubernetes_namespace] if args.key?(:kubernetes_namespace)
|
1222
|
+
@kubernetes_service_account = args[:kubernetes_service_account] if args.key?(:kubernetes_service_account)
|
1223
|
+
@pod_name = args[:pod_name] if args.key?(:pod_name)
|
1224
|
+
@verdict = args[:verdict] if args.key?(:verdict)
|
1225
|
+
end
|
1226
|
+
end
|
1227
|
+
|
941
1228
|
# A policy for container image binary authorization.
|
942
1229
|
class Policy
|
943
1230
|
include Google::Apis::Core::Hashable
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module BinaryauthorizationV1
|
18
18
|
# Version of the google-apis-binaryauthorization_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.35.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
|
-
GENERATOR_VERSION = "0.
|
22
|
+
GENERATOR_VERSION = "0.15.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20240220"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -34,6 +34,12 @@ module Google
|
|
34
34
|
include Google::Apis::Core::JsonObjectSupport
|
35
35
|
end
|
36
36
|
|
37
|
+
class AllowlistResult
|
38
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
|
+
|
40
|
+
include Google::Apis::Core::JsonObjectSupport
|
41
|
+
end
|
42
|
+
|
37
43
|
class AttestationAuthenticator
|
38
44
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
45
|
|
@@ -76,18 +82,54 @@ module Google
|
|
76
82
|
include Google::Apis::Core::JsonObjectSupport
|
77
83
|
end
|
78
84
|
|
85
|
+
class CheckResult
|
86
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
87
|
+
|
88
|
+
include Google::Apis::Core::JsonObjectSupport
|
89
|
+
end
|
90
|
+
|
91
|
+
class CheckResults
|
92
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
93
|
+
|
94
|
+
include Google::Apis::Core::JsonObjectSupport
|
95
|
+
end
|
96
|
+
|
79
97
|
class CheckSet
|
80
98
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
81
99
|
|
82
100
|
include Google::Apis::Core::JsonObjectSupport
|
83
101
|
end
|
84
102
|
|
103
|
+
class CheckSetResult
|
104
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
105
|
+
|
106
|
+
include Google::Apis::Core::JsonObjectSupport
|
107
|
+
end
|
108
|
+
|
85
109
|
class Empty
|
86
110
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
87
111
|
|
88
112
|
include Google::Apis::Core::JsonObjectSupport
|
89
113
|
end
|
90
114
|
|
115
|
+
class EvaluateGkePolicyRequest
|
116
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
117
|
+
|
118
|
+
include Google::Apis::Core::JsonObjectSupport
|
119
|
+
end
|
120
|
+
|
121
|
+
class EvaluateGkePolicyResponse
|
122
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
123
|
+
|
124
|
+
include Google::Apis::Core::JsonObjectSupport
|
125
|
+
end
|
126
|
+
|
127
|
+
class EvaluationResult
|
128
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
129
|
+
|
130
|
+
include Google::Apis::Core::JsonObjectSupport
|
131
|
+
end
|
132
|
+
|
91
133
|
class Expr
|
92
134
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
93
135
|
|
@@ -118,6 +160,12 @@ module Google
|
|
118
160
|
include Google::Apis::Core::JsonObjectSupport
|
119
161
|
end
|
120
162
|
|
163
|
+
class ImageResult
|
164
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
165
|
+
|
166
|
+
include Google::Apis::Core::JsonObjectSupport
|
167
|
+
end
|
168
|
+
|
121
169
|
class Jwt
|
122
170
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
123
171
|
|
@@ -154,6 +202,12 @@ module Google
|
|
154
202
|
include Google::Apis::Core::JsonObjectSupport
|
155
203
|
end
|
156
204
|
|
205
|
+
class PodResult
|
206
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
207
|
+
|
208
|
+
include Google::Apis::Core::JsonObjectSupport
|
209
|
+
end
|
210
|
+
|
157
211
|
class Policy
|
158
212
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
159
213
|
|
@@ -278,6 +332,13 @@ module Google
|
|
278
332
|
end
|
279
333
|
end
|
280
334
|
|
335
|
+
class AllowlistResult
|
336
|
+
# @private
|
337
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
338
|
+
property :matched_pattern, as: 'matchedPattern'
|
339
|
+
end
|
340
|
+
end
|
341
|
+
|
281
342
|
class AttestationAuthenticator
|
282
343
|
# @private
|
283
344
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -360,6 +421,28 @@ module Google
|
|
360
421
|
end
|
361
422
|
end
|
362
423
|
|
424
|
+
class CheckResult
|
425
|
+
# @private
|
426
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
427
|
+
property :allowlist_result, as: 'allowlistResult', class: Google::Apis::BinaryauthorizationV1::AllowlistResult, decorator: Google::Apis::BinaryauthorizationV1::AllowlistResult::Representation
|
428
|
+
|
429
|
+
property :display_name, as: 'displayName'
|
430
|
+
property :evaluation_result, as: 'evaluationResult', class: Google::Apis::BinaryauthorizationV1::EvaluationResult, decorator: Google::Apis::BinaryauthorizationV1::EvaluationResult::Representation
|
431
|
+
|
432
|
+
property :explanation, as: 'explanation'
|
433
|
+
property :index, :numeric_string => true, as: 'index'
|
434
|
+
property :type, as: 'type'
|
435
|
+
end
|
436
|
+
end
|
437
|
+
|
438
|
+
class CheckResults
|
439
|
+
# @private
|
440
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
441
|
+
collection :results, as: 'results', class: Google::Apis::BinaryauthorizationV1::CheckResult, decorator: Google::Apis::BinaryauthorizationV1::CheckResult::Representation
|
442
|
+
|
443
|
+
end
|
444
|
+
end
|
445
|
+
|
363
446
|
class CheckSet
|
364
447
|
# @private
|
365
448
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -373,12 +456,50 @@ module Google
|
|
373
456
|
end
|
374
457
|
end
|
375
458
|
|
459
|
+
class CheckSetResult
|
460
|
+
# @private
|
461
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
462
|
+
property :allowlist_result, as: 'allowlistResult', class: Google::Apis::BinaryauthorizationV1::AllowlistResult, decorator: Google::Apis::BinaryauthorizationV1::AllowlistResult::Representation
|
463
|
+
|
464
|
+
property :check_results, as: 'checkResults', class: Google::Apis::BinaryauthorizationV1::CheckResults, decorator: Google::Apis::BinaryauthorizationV1::CheckResults::Representation
|
465
|
+
|
466
|
+
property :display_name, as: 'displayName'
|
467
|
+
property :explanation, as: 'explanation'
|
468
|
+
property :index, :numeric_string => true, as: 'index'
|
469
|
+
property :scope, as: 'scope', class: Google::Apis::BinaryauthorizationV1::Scope, decorator: Google::Apis::BinaryauthorizationV1::Scope::Representation
|
470
|
+
|
471
|
+
end
|
472
|
+
end
|
473
|
+
|
376
474
|
class Empty
|
377
475
|
# @private
|
378
476
|
class Representation < Google::Apis::Core::JsonRepresentation
|
379
477
|
end
|
380
478
|
end
|
381
479
|
|
480
|
+
class EvaluateGkePolicyRequest
|
481
|
+
# @private
|
482
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
483
|
+
hash :resource, as: 'resource'
|
484
|
+
end
|
485
|
+
end
|
486
|
+
|
487
|
+
class EvaluateGkePolicyResponse
|
488
|
+
# @private
|
489
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
490
|
+
collection :results, as: 'results', class: Google::Apis::BinaryauthorizationV1::PodResult, decorator: Google::Apis::BinaryauthorizationV1::PodResult::Representation
|
491
|
+
|
492
|
+
property :verdict, as: 'verdict'
|
493
|
+
end
|
494
|
+
end
|
495
|
+
|
496
|
+
class EvaluationResult
|
497
|
+
# @private
|
498
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
499
|
+
property :verdict, as: 'verdict'
|
500
|
+
end
|
501
|
+
end
|
502
|
+
|
382
503
|
class Expr
|
383
504
|
# @private
|
384
505
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -423,6 +544,19 @@ module Google
|
|
423
544
|
end
|
424
545
|
end
|
425
546
|
|
547
|
+
class ImageResult
|
548
|
+
# @private
|
549
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
550
|
+
property :allowlist_result, as: 'allowlistResult', class: Google::Apis::BinaryauthorizationV1::AllowlistResult, decorator: Google::Apis::BinaryauthorizationV1::AllowlistResult::Representation
|
551
|
+
|
552
|
+
property :check_set_result, as: 'checkSetResult', class: Google::Apis::BinaryauthorizationV1::CheckSetResult, decorator: Google::Apis::BinaryauthorizationV1::CheckSetResult::Representation
|
553
|
+
|
554
|
+
property :explanation, as: 'explanation'
|
555
|
+
property :image_uri, as: 'imageUri'
|
556
|
+
property :verdict, as: 'verdict'
|
557
|
+
end
|
558
|
+
end
|
559
|
+
|
426
560
|
class Jwt
|
427
561
|
# @private
|
428
562
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -476,6 +610,18 @@ module Google
|
|
476
610
|
end
|
477
611
|
end
|
478
612
|
|
613
|
+
class PodResult
|
614
|
+
# @private
|
615
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
616
|
+
collection :image_results, as: 'imageResults', class: Google::Apis::BinaryauthorizationV1::ImageResult, decorator: Google::Apis::BinaryauthorizationV1::ImageResult::Representation
|
617
|
+
|
618
|
+
property :kubernetes_namespace, as: 'kubernetesNamespace'
|
619
|
+
property :kubernetes_service_account, as: 'kubernetesServiceAccount'
|
620
|
+
property :pod_name, as: 'podName'
|
621
|
+
property :verdict, as: 'verdict'
|
622
|
+
end
|
623
|
+
end
|
624
|
+
|
479
625
|
class Policy
|
480
626
|
# @private
|
481
627
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -455,6 +455,43 @@ module Google
|
|
455
455
|
execute_or_queue_command(command, &block)
|
456
456
|
end
|
457
457
|
|
458
|
+
# Evaluates a Kubernetes object versus a GKE platform policy. Returns `NOT_FOUND`
|
459
|
+
# if the policy doesn't exist, `INVALID_ARGUMENT` if the policy or request is
|
460
|
+
# malformed and `PERMISSION_DENIED` if the client does not have sufficient
|
461
|
+
# permissions.
|
462
|
+
# @param [String] name
|
463
|
+
# Required. The name of the platform policy to evaluate in the format `projects/*
|
464
|
+
# /platforms/*/policies/*`.
|
465
|
+
# @param [Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyRequest] evaluate_gke_policy_request_object
|
466
|
+
# @param [String] fields
|
467
|
+
# Selector specifying which fields to include in a partial response.
|
468
|
+
# @param [String] quota_user
|
469
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
470
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
471
|
+
# @param [Google::Apis::RequestOptions] options
|
472
|
+
# Request-specific options
|
473
|
+
#
|
474
|
+
# @yield [result, err] Result & error if block supplied
|
475
|
+
# @yieldparam result [Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyResponse] parsed result object
|
476
|
+
# @yieldparam err [StandardError] error object if request failed
|
477
|
+
#
|
478
|
+
# @return [Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyResponse]
|
479
|
+
#
|
480
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
481
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
482
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
483
|
+
def evaluate_gke_policy(name, evaluate_gke_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
484
|
+
command = make_simple_command(:post, 'v1/{+name}:evaluate', options)
|
485
|
+
command.request_representation = Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyRequest::Representation
|
486
|
+
command.request_object = evaluate_gke_policy_request_object
|
487
|
+
command.response_representation = Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyResponse::Representation
|
488
|
+
command.response_class = Google::Apis::BinaryauthorizationV1::EvaluateGkePolicyResponse
|
489
|
+
command.params['name'] = name unless name.nil?
|
490
|
+
command.query['fields'] = fields unless fields.nil?
|
491
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
492
|
+
execute_or_queue_command(command, &block)
|
493
|
+
end
|
494
|
+
|
458
495
|
# Creates a platform policy, and returns a copy of it. Returns `NOT_FOUND` if
|
459
496
|
# the project or platform doesn't exist, `INVALID_ARGUMENT` if the request is
|
460
497
|
# malformed, `ALREADY_EXISTS` if the policy already exists, and `
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-binaryauthorization_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.35.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-05-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.15.0
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: 0.
|
29
|
+
version: 0.15.0
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -58,7 +58,7 @@ licenses:
|
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
60
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-binaryauthorization_v1/CHANGELOG.md
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-binaryauthorization_v1/v0.
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-binaryauthorization_v1/v0.35.0
|
62
62
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-binaryauthorization_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|
@@ -68,14 +68,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
68
68
|
requirements:
|
69
69
|
- - ">="
|
70
70
|
- !ruby/object:Gem::Version
|
71
|
-
version: '2.
|
71
|
+
version: '2.7'
|
72
72
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
73
73
|
requirements:
|
74
74
|
- - ">="
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '0'
|
77
77
|
requirements: []
|
78
|
-
rubygems_version: 3.5.
|
78
|
+
rubygems_version: 3.5.6
|
79
79
|
signing_key:
|
80
80
|
specification_version: 4
|
81
81
|
summary: Simple REST client for Binary Authorization API V1
|