google-apis-containeranalysis_v1 0.1.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -0
- data/OVERVIEW.md +1 -1
- data/lib/google/apis/containeranalysis_v1/classes.rb +1723 -420
- data/lib/google/apis/containeranalysis_v1/gem_version.rb +3 -3
- data/lib/google/apis/containeranalysis_v1/representations.rb +582 -90
- data/lib/google/apis/containeranalysis_v1/service.rb +0 -150
- metadata +4 -4
@@ -333,11 +333,19 @@ module Google
|
|
333
333
|
class BuildOccurrence
|
334
334
|
include Google::Apis::Core::Hashable
|
335
335
|
|
336
|
-
#
|
336
|
+
# Deprecated. See InTotoStatement for the replacement. In-toto Provenance
|
337
|
+
# representation as defined in spec.
|
337
338
|
# Corresponds to the JSON property `intotoProvenance`
|
338
339
|
# @return [Google::Apis::ContaineranalysisV1::InTotoProvenance]
|
339
340
|
attr_accessor :intoto_provenance
|
340
341
|
|
342
|
+
# Spec defined at https://github.com/in-toto/attestation/tree/main/spec#
|
343
|
+
# statement The serialized InTotoStatement will be stored as Envelope.payload.
|
344
|
+
# Envelope.payloadType is always "application/vnd.in-toto+json".
|
345
|
+
# Corresponds to the JSON property `intotoStatement`
|
346
|
+
# @return [Google::Apis::ContaineranalysisV1::InTotoStatement]
|
347
|
+
attr_accessor :intoto_statement
|
348
|
+
|
341
349
|
# Provenance of a build. Contains all information needed to verify the full
|
342
350
|
# details about the build from source to completion.
|
343
351
|
# Corresponds to the JSON property `provenance`
|
@@ -363,6 +371,7 @@ module Google
|
|
363
371
|
# Update properties of this object
|
364
372
|
def update!(**args)
|
365
373
|
@intoto_provenance = args[:intoto_provenance] if args.key?(:intoto_provenance)
|
374
|
+
@intoto_statement = args[:intoto_statement] if args.key?(:intoto_statement)
|
366
375
|
@provenance = args[:provenance] if args.key?(:provenance)
|
367
376
|
@provenance_bytes = args[:provenance_bytes] if args.key?(:provenance_bytes)
|
368
377
|
end
|
@@ -463,149 +472,93 @@ module Google
|
|
463
472
|
end
|
464
473
|
end
|
465
474
|
|
466
|
-
#
|
467
|
-
class
|
475
|
+
#
|
476
|
+
class BuilderConfig
|
468
477
|
include Google::Apis::Core::Hashable
|
469
478
|
|
470
|
-
#
|
471
|
-
# the image used to run the step's container has an entrypoint, the `args` are
|
472
|
-
# used as arguments to that entrypoint. If the image does not define an
|
473
|
-
# entrypoint, the first element in args is used as the entrypoint, and the
|
474
|
-
# remainder will be used as arguments.
|
475
|
-
# Corresponds to the JSON property `args`
|
476
|
-
# @return [Array<String>]
|
477
|
-
attr_accessor :args
|
478
|
-
|
479
|
-
# Working directory to use when running this step's container. If this value is
|
480
|
-
# a relative path, it is relative to the build's working directory. If this
|
481
|
-
# value is absolute, it may be outside the build's working directory, in which
|
482
|
-
# case the contents of the path may not be persisted across build step
|
483
|
-
# executions, unless a `volume` for that path is specified. If the build
|
484
|
-
# specifies a `RepoSource` with `dir` and a step with a `dir`, which specifies
|
485
|
-
# an absolute path, the `RepoSource` `dir` is ignored for the step's execution.
|
486
|
-
# Corresponds to the JSON property `dir`
|
487
|
-
# @return [String]
|
488
|
-
attr_accessor :dir
|
489
|
-
|
490
|
-
# Entrypoint to be used instead of the build step image's default entrypoint. If
|
491
|
-
# unset, the image's default entrypoint is used.
|
492
|
-
# Corresponds to the JSON property `entrypoint`
|
493
|
-
# @return [String]
|
494
|
-
attr_accessor :entrypoint
|
495
|
-
|
496
|
-
# A list of environment variable definitions to be used when running a step. The
|
497
|
-
# elements are of the form "KEY=VALUE" for the environment variable "KEY" being
|
498
|
-
# given the value "VALUE".
|
499
|
-
# Corresponds to the JSON property `env`
|
500
|
-
# @return [Array<String>]
|
501
|
-
attr_accessor :env
|
502
|
-
|
503
|
-
# Unique identifier for this build step, used in `wait_for` to reference this
|
504
|
-
# build step as a dependency.
|
479
|
+
#
|
505
480
|
# Corresponds to the JSON property `id`
|
506
481
|
# @return [String]
|
507
482
|
attr_accessor :id
|
508
483
|
|
509
|
-
|
510
|
-
|
511
|
-
|
512
|
-
# the builder service account's credentials if necessary. The Docker daemon's
|
513
|
-
# cache will already have the latest versions of all of the officially supported
|
514
|
-
# build steps ([https://github.com/GoogleCloudPlatform/cloud-builders](https://
|
515
|
-
# github.com/GoogleCloudPlatform/cloud-builders)). The Docker daemon will also
|
516
|
-
# have cached many of the layers for some popular images, like "ubuntu", "debian"
|
517
|
-
# , but they will be refreshed at the time you attempt to use them. If you built
|
518
|
-
# an image in a previous build step, it will be stored in the host's Docker
|
519
|
-
# daemon's cache and is available to use as the name for a later build step.
|
520
|
-
# Corresponds to the JSON property `name`
|
521
|
-
# @return [String]
|
522
|
-
attr_accessor :name
|
484
|
+
def initialize(**args)
|
485
|
+
update!(**args)
|
486
|
+
end
|
523
487
|
|
524
|
-
#
|
525
|
-
|
526
|
-
|
527
|
-
|
488
|
+
# Update properties of this object
|
489
|
+
def update!(**args)
|
490
|
+
@id = args[:id] if args.key?(:id)
|
491
|
+
end
|
492
|
+
end
|
528
493
|
|
529
|
-
|
530
|
-
|
531
|
-
|
494
|
+
# Common Vulnerability Scoring System. For details, see https://www.first.org/
|
495
|
+
# cvss/specification-document This is a message we will try to use for storing
|
496
|
+
# multiple versions of CVSS. The intention is that as new versions of CVSS
|
497
|
+
# scores get added, we will be able to modify this message rather than adding
|
498
|
+
# new protos for each new version of the score.
|
499
|
+
class Cvss
|
500
|
+
include Google::Apis::Core::Hashable
|
501
|
+
|
502
|
+
#
|
503
|
+
# Corresponds to the JSON property `attackComplexity`
|
532
504
|
# @return [String]
|
533
|
-
attr_accessor :
|
505
|
+
attr_accessor :attack_complexity
|
534
506
|
|
535
|
-
#
|
536
|
-
#
|
537
|
-
#
|
538
|
-
#
|
539
|
-
|
540
|
-
attr_accessor :secret_env
|
507
|
+
# Base Metrics Represents the intrinsic characteristics of a vulnerability that
|
508
|
+
# are constant over time and across user environments.
|
509
|
+
# Corresponds to the JSON property `attackVector`
|
510
|
+
# @return [String]
|
511
|
+
attr_accessor :attack_vector
|
541
512
|
|
542
|
-
#
|
543
|
-
#
|
544
|
-
# build progresses.
|
545
|
-
# Corresponds to the JSON property `status`
|
513
|
+
#
|
514
|
+
# Corresponds to the JSON property `authentication`
|
546
515
|
# @return [String]
|
547
|
-
attr_accessor :
|
516
|
+
attr_accessor :authentication
|
548
517
|
|
549
|
-
#
|
550
|
-
#
|
551
|
-
# build itself times out.
|
552
|
-
# Corresponds to the JSON property `timeout`
|
518
|
+
#
|
519
|
+
# Corresponds to the JSON property `availabilityImpact`
|
553
520
|
# @return [String]
|
554
|
-
attr_accessor :
|
521
|
+
attr_accessor :availability_impact
|
555
522
|
|
556
|
-
#
|
557
|
-
# Corresponds to the JSON property `
|
558
|
-
# @return [
|
559
|
-
attr_accessor :
|
523
|
+
# The base score is a function of the base metric scores.
|
524
|
+
# Corresponds to the JSON property `baseScore`
|
525
|
+
# @return [Float]
|
526
|
+
attr_accessor :base_score
|
560
527
|
|
561
|
-
#
|
562
|
-
#
|
563
|
-
#
|
564
|
-
|
565
|
-
# configuration.
|
566
|
-
# Corresponds to the JSON property `volumes`
|
567
|
-
# @return [Array<Google::Apis::ContaineranalysisV1::Volume>]
|
568
|
-
attr_accessor :volumes
|
528
|
+
#
|
529
|
+
# Corresponds to the JSON property `confidentialityImpact`
|
530
|
+
# @return [String]
|
531
|
+
attr_accessor :confidentiality_impact
|
569
532
|
|
570
|
-
#
|
571
|
-
#
|
572
|
-
#
|
573
|
-
|
574
|
-
# Corresponds to the JSON property `waitFor`
|
575
|
-
# @return [Array<String>]
|
576
|
-
attr_accessor :wait_for
|
533
|
+
#
|
534
|
+
# Corresponds to the JSON property `exploitabilityScore`
|
535
|
+
# @return [Float]
|
536
|
+
attr_accessor :exploitability_score
|
577
537
|
|
578
|
-
|
579
|
-
|
580
|
-
|
538
|
+
#
|
539
|
+
# Corresponds to the JSON property `impactScore`
|
540
|
+
# @return [Float]
|
541
|
+
attr_accessor :impact_score
|
581
542
|
|
582
|
-
#
|
583
|
-
|
584
|
-
|
585
|
-
|
586
|
-
@entrypoint = args[:entrypoint] if args.key?(:entrypoint)
|
587
|
-
@env = args[:env] if args.key?(:env)
|
588
|
-
@id = args[:id] if args.key?(:id)
|
589
|
-
@name = args[:name] if args.key?(:name)
|
590
|
-
@pull_timing = args[:pull_timing] if args.key?(:pull_timing)
|
591
|
-
@script = args[:script] if args.key?(:script)
|
592
|
-
@secret_env = args[:secret_env] if args.key?(:secret_env)
|
593
|
-
@status = args[:status] if args.key?(:status)
|
594
|
-
@timeout = args[:timeout] if args.key?(:timeout)
|
595
|
-
@timing = args[:timing] if args.key?(:timing)
|
596
|
-
@volumes = args[:volumes] if args.key?(:volumes)
|
597
|
-
@wait_for = args[:wait_for] if args.key?(:wait_for)
|
598
|
-
end
|
599
|
-
end
|
543
|
+
#
|
544
|
+
# Corresponds to the JSON property `integrityImpact`
|
545
|
+
# @return [String]
|
546
|
+
attr_accessor :integrity_impact
|
600
547
|
|
601
|
-
|
602
|
-
|
603
|
-
|
548
|
+
#
|
549
|
+
# Corresponds to the JSON property `privilegesRequired`
|
550
|
+
# @return [String]
|
551
|
+
attr_accessor :privileges_required
|
604
552
|
|
605
553
|
#
|
606
|
-
# Corresponds to the JSON property `
|
554
|
+
# Corresponds to the JSON property `scope`
|
607
555
|
# @return [String]
|
608
|
-
attr_accessor :
|
556
|
+
attr_accessor :scope
|
557
|
+
|
558
|
+
#
|
559
|
+
# Corresponds to the JSON property `userInteraction`
|
560
|
+
# @return [String]
|
561
|
+
attr_accessor :user_interaction
|
609
562
|
|
610
563
|
def initialize(**args)
|
611
564
|
update!(**args)
|
@@ -613,7 +566,18 @@ module Google
|
|
613
566
|
|
614
567
|
# Update properties of this object
|
615
568
|
def update!(**args)
|
616
|
-
@
|
569
|
+
@attack_complexity = args[:attack_complexity] if args.key?(:attack_complexity)
|
570
|
+
@attack_vector = args[:attack_vector] if args.key?(:attack_vector)
|
571
|
+
@authentication = args[:authentication] if args.key?(:authentication)
|
572
|
+
@availability_impact = args[:availability_impact] if args.key?(:availability_impact)
|
573
|
+
@base_score = args[:base_score] if args.key?(:base_score)
|
574
|
+
@confidentiality_impact = args[:confidentiality_impact] if args.key?(:confidentiality_impact)
|
575
|
+
@exploitability_score = args[:exploitability_score] if args.key?(:exploitability_score)
|
576
|
+
@impact_score = args[:impact_score] if args.key?(:impact_score)
|
577
|
+
@integrity_impact = args[:integrity_impact] if args.key?(:integrity_impact)
|
578
|
+
@privileges_required = args[:privileges_required] if args.key?(:privileges_required)
|
579
|
+
@scope = args[:scope] if args.key?(:scope)
|
580
|
+
@user_interaction = args[:user_interaction] if args.key?(:user_interaction)
|
617
581
|
end
|
618
582
|
end
|
619
583
|
|
@@ -698,19 +662,6 @@ module Google
|
|
698
662
|
end
|
699
663
|
end
|
700
664
|
|
701
|
-
# The request message for Operations.CancelOperation.
|
702
|
-
class CancelOperationRequest
|
703
|
-
include Google::Apis::Core::Hashable
|
704
|
-
|
705
|
-
def initialize(**args)
|
706
|
-
update!(**args)
|
707
|
-
end
|
708
|
-
|
709
|
-
# Update properties of this object
|
710
|
-
def update!(**args)
|
711
|
-
end
|
712
|
-
end
|
713
|
-
|
714
665
|
# The category to which the update belongs.
|
715
666
|
class Category
|
716
667
|
include Google::Apis::Core::Hashable
|
@@ -808,27 +759,1239 @@ module Google
|
|
808
759
|
# @return [String]
|
809
760
|
attr_accessor :dir
|
810
761
|
|
811
|
-
# Environment variables set before running this command.
|
812
|
-
# Corresponds to the JSON property `env`
|
813
|
-
# @return [Array<String>]
|
814
|
-
attr_accessor :env
|
762
|
+
# Environment variables set before running this command.
|
763
|
+
# Corresponds to the JSON property `env`
|
764
|
+
# @return [Array<String>]
|
765
|
+
attr_accessor :env
|
766
|
+
|
767
|
+
# Optional unique identifier for this command, used in wait_for to reference
|
768
|
+
# this command as a dependency.
|
769
|
+
# Corresponds to the JSON property `id`
|
770
|
+
# @return [String]
|
771
|
+
attr_accessor :id
|
772
|
+
|
773
|
+
# Required. Name of the command, as presented on the command line, or if the
|
774
|
+
# command is packaged as a Docker container, as presented to `docker pull`.
|
775
|
+
# Corresponds to the JSON property `name`
|
776
|
+
# @return [String]
|
777
|
+
attr_accessor :name
|
778
|
+
|
779
|
+
# The ID(s) of the command(s) that this command depends on.
|
780
|
+
# Corresponds to the JSON property `waitFor`
|
781
|
+
# @return [Array<String>]
|
782
|
+
attr_accessor :wait_for
|
783
|
+
|
784
|
+
def initialize(**args)
|
785
|
+
update!(**args)
|
786
|
+
end
|
787
|
+
|
788
|
+
# Update properties of this object
|
789
|
+
def update!(**args)
|
790
|
+
@args = args[:args] if args.key?(:args)
|
791
|
+
@dir = args[:dir] if args.key?(:dir)
|
792
|
+
@env = args[:env] if args.key?(:env)
|
793
|
+
@id = args[:id] if args.key?(:id)
|
794
|
+
@name = args[:name] if args.key?(:name)
|
795
|
+
@wait_for = args[:wait_for] if args.key?(:wait_for)
|
796
|
+
end
|
797
|
+
end
|
798
|
+
|
799
|
+
# Indicates that the builder claims certain fields in this message to be
|
800
|
+
# complete.
|
801
|
+
class Completeness
|
802
|
+
include Google::Apis::Core::Hashable
|
803
|
+
|
804
|
+
# If true, the builder claims that recipe.arguments is complete, meaning that
|
805
|
+
# all external inputs are properly captured in the recipe.
|
806
|
+
# Corresponds to the JSON property `arguments`
|
807
|
+
# @return [Boolean]
|
808
|
+
attr_accessor :arguments
|
809
|
+
alias_method :arguments?, :arguments
|
810
|
+
|
811
|
+
# If true, the builder claims that recipe.environment is claimed to be complete.
|
812
|
+
# Corresponds to the JSON property `environment`
|
813
|
+
# @return [Boolean]
|
814
|
+
attr_accessor :environment
|
815
|
+
alias_method :environment?, :environment
|
816
|
+
|
817
|
+
# If true, the builder claims that materials are complete, usually through some
|
818
|
+
# controls to prevent network access. Sometimes called "hermetic".
|
819
|
+
# Corresponds to the JSON property `materials`
|
820
|
+
# @return [Boolean]
|
821
|
+
attr_accessor :materials
|
822
|
+
alias_method :materials?, :materials
|
823
|
+
|
824
|
+
def initialize(**args)
|
825
|
+
update!(**args)
|
826
|
+
end
|
827
|
+
|
828
|
+
# Update properties of this object
|
829
|
+
def update!(**args)
|
830
|
+
@arguments = args[:arguments] if args.key?(:arguments)
|
831
|
+
@environment = args[:environment] if args.key?(:environment)
|
832
|
+
@materials = args[:materials] if args.key?(:materials)
|
833
|
+
end
|
834
|
+
end
|
835
|
+
|
836
|
+
#
|
837
|
+
class ComplianceNote
|
838
|
+
include Google::Apis::Core::Hashable
|
839
|
+
|
840
|
+
# A compliance check that is a CIS benchmark.
|
841
|
+
# Corresponds to the JSON property `cisBenchmark`
|
842
|
+
# @return [Google::Apis::ContaineranalysisV1::CisBenchmark]
|
843
|
+
attr_accessor :cis_benchmark
|
844
|
+
|
845
|
+
# A description about this compliance check.
|
846
|
+
# Corresponds to the JSON property `description`
|
847
|
+
# @return [String]
|
848
|
+
attr_accessor :description
|
849
|
+
|
850
|
+
# A rationale for the existence of this compliance check.
|
851
|
+
# Corresponds to the JSON property `rationale`
|
852
|
+
# @return [String]
|
853
|
+
attr_accessor :rationale
|
854
|
+
|
855
|
+
# A description of remediation steps if the compliance check fails.
|
856
|
+
# Corresponds to the JSON property `remediation`
|
857
|
+
# @return [String]
|
858
|
+
attr_accessor :remediation
|
859
|
+
|
860
|
+
# Serialized scan instructions with a predefined format.
|
861
|
+
# Corresponds to the JSON property `scanInstructions`
|
862
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
863
|
+
# @return [String]
|
864
|
+
attr_accessor :scan_instructions
|
865
|
+
|
866
|
+
# The title that identifies this compliance check.
|
867
|
+
# Corresponds to the JSON property `title`
|
868
|
+
# @return [String]
|
869
|
+
attr_accessor :title
|
870
|
+
|
871
|
+
# The OS and config versions the benchmark applies to.
|
872
|
+
# Corresponds to the JSON property `version`
|
873
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ComplianceVersion>]
|
874
|
+
attr_accessor :version
|
875
|
+
|
876
|
+
def initialize(**args)
|
877
|
+
update!(**args)
|
878
|
+
end
|
879
|
+
|
880
|
+
# Update properties of this object
|
881
|
+
def update!(**args)
|
882
|
+
@cis_benchmark = args[:cis_benchmark] if args.key?(:cis_benchmark)
|
883
|
+
@description = args[:description] if args.key?(:description)
|
884
|
+
@rationale = args[:rationale] if args.key?(:rationale)
|
885
|
+
@remediation = args[:remediation] if args.key?(:remediation)
|
886
|
+
@scan_instructions = args[:scan_instructions] if args.key?(:scan_instructions)
|
887
|
+
@title = args[:title] if args.key?(:title)
|
888
|
+
@version = args[:version] if args.key?(:version)
|
889
|
+
end
|
890
|
+
end
|
891
|
+
|
892
|
+
# An indication that the compliance checks in the associated ComplianceNote were
|
893
|
+
# not satisfied for particular resources or a specified reason.
|
894
|
+
class ComplianceOccurrence
|
895
|
+
include Google::Apis::Core::Hashable
|
896
|
+
|
897
|
+
#
|
898
|
+
# Corresponds to the JSON property `nonComplianceReason`
|
899
|
+
# @return [String]
|
900
|
+
attr_accessor :non_compliance_reason
|
901
|
+
|
902
|
+
#
|
903
|
+
# Corresponds to the JSON property `nonCompliantFiles`
|
904
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::NonCompliantFile>]
|
905
|
+
attr_accessor :non_compliant_files
|
906
|
+
|
907
|
+
def initialize(**args)
|
908
|
+
update!(**args)
|
909
|
+
end
|
910
|
+
|
911
|
+
# Update properties of this object
|
912
|
+
def update!(**args)
|
913
|
+
@non_compliance_reason = args[:non_compliance_reason] if args.key?(:non_compliance_reason)
|
914
|
+
@non_compliant_files = args[:non_compliant_files] if args.key?(:non_compliant_files)
|
915
|
+
end
|
916
|
+
end
|
917
|
+
|
918
|
+
# Describes the CIS benchmark version that is applicable to a given OS and os
|
919
|
+
# version.
|
920
|
+
class ComplianceVersion
|
921
|
+
include Google::Apis::Core::Hashable
|
922
|
+
|
923
|
+
# The CPE URI (https://cpe.mitre.org/specification/) this benchmark is
|
924
|
+
# applicable to.
|
925
|
+
# Corresponds to the JSON property `cpeUri`
|
926
|
+
# @return [String]
|
927
|
+
attr_accessor :cpe_uri
|
928
|
+
|
929
|
+
# The version of the benchmark. This is set to the version of the OS-specific
|
930
|
+
# CIS document the benchmark is defined in.
|
931
|
+
# Corresponds to the JSON property `version`
|
932
|
+
# @return [String]
|
933
|
+
attr_accessor :version
|
934
|
+
|
935
|
+
def initialize(**args)
|
936
|
+
update!(**args)
|
937
|
+
end
|
938
|
+
|
939
|
+
# Update properties of this object
|
940
|
+
def update!(**args)
|
941
|
+
@cpe_uri = args[:cpe_uri] if args.key?(:cpe_uri)
|
942
|
+
@version = args[:version] if args.key?(:version)
|
943
|
+
end
|
944
|
+
end
|
945
|
+
|
946
|
+
# ApprovalConfig describes configuration for manual approval of a build.
|
947
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig
|
948
|
+
include Google::Apis::Core::Hashable
|
949
|
+
|
950
|
+
# Whether or not approval is needed. If this is set on a build, it will become
|
951
|
+
# pending when created, and will need to be explicitly approved to start.
|
952
|
+
# Corresponds to the JSON property `approvalRequired`
|
953
|
+
# @return [Boolean]
|
954
|
+
attr_accessor :approval_required
|
955
|
+
alias_method :approval_required?, :approval_required
|
956
|
+
|
957
|
+
def initialize(**args)
|
958
|
+
update!(**args)
|
959
|
+
end
|
960
|
+
|
961
|
+
# Update properties of this object
|
962
|
+
def update!(**args)
|
963
|
+
@approval_required = args[:approval_required] if args.key?(:approval_required)
|
964
|
+
end
|
965
|
+
end
|
966
|
+
|
967
|
+
# ApprovalResult describes the decision and associated metadata of a manual
|
968
|
+
# approval of a build.
|
969
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult
|
970
|
+
include Google::Apis::Core::Hashable
|
971
|
+
|
972
|
+
# Output only. The time when the approval decision was made.
|
973
|
+
# Corresponds to the JSON property `approvalTime`
|
974
|
+
# @return [String]
|
975
|
+
attr_accessor :approval_time
|
976
|
+
|
977
|
+
# Output only. Email of the user that called the ApproveBuild API to approve or
|
978
|
+
# reject a build at the time that the API was called.
|
979
|
+
# Corresponds to the JSON property `approverAccount`
|
980
|
+
# @return [String]
|
981
|
+
attr_accessor :approver_account
|
982
|
+
|
983
|
+
# Optional. An optional comment for this manual approval result.
|
984
|
+
# Corresponds to the JSON property `comment`
|
985
|
+
# @return [String]
|
986
|
+
attr_accessor :comment
|
987
|
+
|
988
|
+
# Required. The decision of this manual approval.
|
989
|
+
# Corresponds to the JSON property `decision`
|
990
|
+
# @return [String]
|
991
|
+
attr_accessor :decision
|
992
|
+
|
993
|
+
# Optional. An optional URL tied to this manual approval result. This field is
|
994
|
+
# essentially the same as comment, except that it will be rendered by the UI
|
995
|
+
# differently. An example use case is a link to an external job that approved
|
996
|
+
# this Build.
|
997
|
+
# Corresponds to the JSON property `url`
|
998
|
+
# @return [String]
|
999
|
+
attr_accessor :url
|
1000
|
+
|
1001
|
+
def initialize(**args)
|
1002
|
+
update!(**args)
|
1003
|
+
end
|
1004
|
+
|
1005
|
+
# Update properties of this object
|
1006
|
+
def update!(**args)
|
1007
|
+
@approval_time = args[:approval_time] if args.key?(:approval_time)
|
1008
|
+
@approver_account = args[:approver_account] if args.key?(:approver_account)
|
1009
|
+
@comment = args[:comment] if args.key?(:comment)
|
1010
|
+
@decision = args[:decision] if args.key?(:decision)
|
1011
|
+
@url = args[:url] if args.key?(:url)
|
1012
|
+
end
|
1013
|
+
end
|
1014
|
+
|
1015
|
+
# Artifacts produced by a build that should be uploaded upon successful
|
1016
|
+
# completion of all build steps.
|
1017
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts
|
1018
|
+
include Google::Apis::Core::Hashable
|
1019
|
+
|
1020
|
+
# A list of images to be pushed upon the successful completion of all build
|
1021
|
+
# steps. The images will be pushed using the builder service account's
|
1022
|
+
# credentials. The digests of the pushed images will be stored in the Build
|
1023
|
+
# resource's results field. If any of the images fail to be pushed, the build is
|
1024
|
+
# marked FAILURE.
|
1025
|
+
# Corresponds to the JSON property `images`
|
1026
|
+
# @return [Array<String>]
|
1027
|
+
attr_accessor :images
|
1028
|
+
|
1029
|
+
# Files in the workspace to upload to Cloud Storage upon successful completion
|
1030
|
+
# of all build steps.
|
1031
|
+
# Corresponds to the JSON property `objects`
|
1032
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects]
|
1033
|
+
attr_accessor :objects
|
1034
|
+
|
1035
|
+
def initialize(**args)
|
1036
|
+
update!(**args)
|
1037
|
+
end
|
1038
|
+
|
1039
|
+
# Update properties of this object
|
1040
|
+
def update!(**args)
|
1041
|
+
@images = args[:images] if args.key?(:images)
|
1042
|
+
@objects = args[:objects] if args.key?(:objects)
|
1043
|
+
end
|
1044
|
+
end
|
1045
|
+
|
1046
|
+
# Files in the workspace to upload to Cloud Storage upon successful completion
|
1047
|
+
# of all build steps.
|
1048
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects
|
1049
|
+
include Google::Apis::Core::Hashable
|
1050
|
+
|
1051
|
+
# Cloud Storage bucket and optional object path, in the form "gs://bucket/path/
|
1052
|
+
# to/somewhere/". (see [Bucket Name Requirements](https://cloud.google.com/
|
1053
|
+
# storage/docs/bucket-naming#requirements)). Files in the workspace matching any
|
1054
|
+
# path pattern will be uploaded to Cloud Storage with this location as a prefix.
|
1055
|
+
# Corresponds to the JSON property `location`
|
1056
|
+
# @return [String]
|
1057
|
+
attr_accessor :location
|
1058
|
+
|
1059
|
+
# Path globs used to match files in the build's workspace.
|
1060
|
+
# Corresponds to the JSON property `paths`
|
1061
|
+
# @return [Array<String>]
|
1062
|
+
attr_accessor :paths
|
1063
|
+
|
1064
|
+
# Start and end times for a build execution phase.
|
1065
|
+
# Corresponds to the JSON property `timing`
|
1066
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan]
|
1067
|
+
attr_accessor :timing
|
1068
|
+
|
1069
|
+
def initialize(**args)
|
1070
|
+
update!(**args)
|
1071
|
+
end
|
1072
|
+
|
1073
|
+
# Update properties of this object
|
1074
|
+
def update!(**args)
|
1075
|
+
@location = args[:location] if args.key?(:location)
|
1076
|
+
@paths = args[:paths] if args.key?(:paths)
|
1077
|
+
@timing = args[:timing] if args.key?(:timing)
|
1078
|
+
end
|
1079
|
+
end
|
1080
|
+
|
1081
|
+
# A build resource in the Cloud Build API. At a high level, a `Build` describes
|
1082
|
+
# where to find source code, how to build it (for example, the builder image to
|
1083
|
+
# run on the source), and where to store the built artifacts. Fields can include
|
1084
|
+
# the following variables, which will be expanded when the build is created: - $
|
1085
|
+
# PROJECT_ID: the project ID of the build. - $PROJECT_NUMBER: the project number
|
1086
|
+
# of the build. - $LOCATION: the location/region of the build. - $BUILD_ID: the
|
1087
|
+
# autogenerated ID of the build. - $REPO_NAME: the source repository name
|
1088
|
+
# specified by RepoSource. - $BRANCH_NAME: the branch name specified by
|
1089
|
+
# RepoSource. - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID
|
1090
|
+
# or $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the
|
1091
|
+
# specified branch or tag. - $SHORT_SHA: first 7 characters of $REVISION_ID or $
|
1092
|
+
# COMMIT_SHA.
|
1093
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Build
|
1094
|
+
include Google::Apis::Core::Hashable
|
1095
|
+
|
1096
|
+
# BuildApproval describes a build's approval configuration, state, and result.
|
1097
|
+
# Corresponds to the JSON property `approval`
|
1098
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval]
|
1099
|
+
attr_accessor :approval
|
1100
|
+
|
1101
|
+
# Artifacts produced by a build that should be uploaded upon successful
|
1102
|
+
# completion of all build steps.
|
1103
|
+
# Corresponds to the JSON property `artifacts`
|
1104
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts]
|
1105
|
+
attr_accessor :artifacts
|
1106
|
+
|
1107
|
+
# Secrets and secret environment variables.
|
1108
|
+
# Corresponds to the JSON property `availableSecrets`
|
1109
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets]
|
1110
|
+
attr_accessor :available_secrets
|
1111
|
+
|
1112
|
+
# Output only. The ID of the `BuildTrigger` that triggered this build, if it was
|
1113
|
+
# triggered automatically.
|
1114
|
+
# Corresponds to the JSON property `buildTriggerId`
|
1115
|
+
# @return [String]
|
1116
|
+
attr_accessor :build_trigger_id
|
1117
|
+
|
1118
|
+
# Output only. Time at which the request to create the build was received.
|
1119
|
+
# Corresponds to the JSON property `createTime`
|
1120
|
+
# @return [String]
|
1121
|
+
attr_accessor :create_time
|
1122
|
+
|
1123
|
+
# A fatal problem encountered during the execution of the build.
|
1124
|
+
# Corresponds to the JSON property `failureInfo`
|
1125
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo]
|
1126
|
+
attr_accessor :failure_info
|
1127
|
+
|
1128
|
+
# Output only. Time at which execution of the build was finished. The difference
|
1129
|
+
# between finish_time and start_time is the duration of the build's execution.
|
1130
|
+
# Corresponds to the JSON property `finishTime`
|
1131
|
+
# @return [String]
|
1132
|
+
attr_accessor :finish_time
|
1133
|
+
|
1134
|
+
# Output only. Unique identifier of the build.
|
1135
|
+
# Corresponds to the JSON property `id`
|
1136
|
+
# @return [String]
|
1137
|
+
attr_accessor :id
|
1138
|
+
|
1139
|
+
# A list of images to be pushed upon the successful completion of all build
|
1140
|
+
# steps. The images are pushed using the builder service account's credentials.
|
1141
|
+
# The digests of the pushed images will be stored in the `Build` resource's
|
1142
|
+
# results field. If any of the images fail to be pushed, the build status is
|
1143
|
+
# marked `FAILURE`.
|
1144
|
+
# Corresponds to the JSON property `images`
|
1145
|
+
# @return [Array<String>]
|
1146
|
+
attr_accessor :images
|
1147
|
+
|
1148
|
+
# Output only. URL to logs for this build in Google Cloud Console.
|
1149
|
+
# Corresponds to the JSON property `logUrl`
|
1150
|
+
# @return [String]
|
1151
|
+
attr_accessor :log_url
|
1152
|
+
|
1153
|
+
# Google Cloud Storage bucket where logs should be written (see [Bucket Name
|
1154
|
+
# Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)
|
1155
|
+
# ). Logs file names will be of the format `$`logs_bucket`/log-$`build_id`.txt`.
|
1156
|
+
# Corresponds to the JSON property `logsBucket`
|
1157
|
+
# @return [String]
|
1158
|
+
attr_accessor :logs_bucket
|
1159
|
+
|
1160
|
+
# Output only. The 'Build' name with format: `projects/`project`/locations/`
|
1161
|
+
# location`/builds/`build``, where `build` is a unique identifier generated by
|
1162
|
+
# the service.
|
1163
|
+
# Corresponds to the JSON property `name`
|
1164
|
+
# @return [String]
|
1165
|
+
attr_accessor :name
|
1166
|
+
|
1167
|
+
# Optional arguments to enable specific features of builds.
|
1168
|
+
# Corresponds to the JSON property `options`
|
1169
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions]
|
1170
|
+
attr_accessor :options
|
1171
|
+
|
1172
|
+
# Output only. ID of the project.
|
1173
|
+
# Corresponds to the JSON property `projectId`
|
1174
|
+
# @return [String]
|
1175
|
+
attr_accessor :project_id
|
1176
|
+
|
1177
|
+
# TTL in queue for this build. If provided and the build is enqueued longer than
|
1178
|
+
# this value, the build will expire and the build status will be `EXPIRED`. The
|
1179
|
+
# TTL starts ticking from create_time.
|
1180
|
+
# Corresponds to the JSON property `queueTtl`
|
1181
|
+
# @return [String]
|
1182
|
+
attr_accessor :queue_ttl
|
1183
|
+
|
1184
|
+
# Artifacts created by the build pipeline.
|
1185
|
+
# Corresponds to the JSON property `results`
|
1186
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Results]
|
1187
|
+
attr_accessor :results
|
1188
|
+
|
1189
|
+
# Secrets to decrypt using Cloud Key Management Service. Note: Secret Manager is
|
1190
|
+
# the recommended technique for managing sensitive data with Cloud Build. Use `
|
1191
|
+
# available_secrets` to configure builds to access secrets from Secret Manager.
|
1192
|
+
# For instructions, see: https://cloud.google.com/cloud-build/docs/securing-
|
1193
|
+
# builds/use-secrets
|
1194
|
+
# Corresponds to the JSON property `secrets`
|
1195
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Secret>]
|
1196
|
+
attr_accessor :secrets
|
1197
|
+
|
1198
|
+
# IAM service account whose credentials will be used at build runtime. Must be
|
1199
|
+
# of the format `projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT``. ACCOUNT can
|
1200
|
+
# be email address or uniqueId of the service account.
|
1201
|
+
# Corresponds to the JSON property `serviceAccount`
|
1202
|
+
# @return [String]
|
1203
|
+
attr_accessor :service_account
|
1204
|
+
|
1205
|
+
# Location of the source in a supported storage service.
|
1206
|
+
# Corresponds to the JSON property `source`
|
1207
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Source]
|
1208
|
+
attr_accessor :source
|
1209
|
+
|
1210
|
+
# Provenance of the source. Ways to find the original source, or verify that
|
1211
|
+
# some source was used for this build.
|
1212
|
+
# Corresponds to the JSON property `sourceProvenance`
|
1213
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance]
|
1214
|
+
attr_accessor :source_provenance
|
1215
|
+
|
1216
|
+
# Output only. Time at which execution of the build was started.
|
1217
|
+
# Corresponds to the JSON property `startTime`
|
1218
|
+
# @return [String]
|
1219
|
+
attr_accessor :start_time
|
1220
|
+
|
1221
|
+
# Output only. Status of the build.
|
1222
|
+
# Corresponds to the JSON property `status`
|
1223
|
+
# @return [String]
|
1224
|
+
attr_accessor :status
|
1225
|
+
|
1226
|
+
# Output only. Customer-readable message about the current status.
|
1227
|
+
# Corresponds to the JSON property `statusDetail`
|
1228
|
+
# @return [String]
|
1229
|
+
attr_accessor :status_detail
|
1230
|
+
|
1231
|
+
# Required. The operations to be performed on the workspace.
|
1232
|
+
# Corresponds to the JSON property `steps`
|
1233
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep>]
|
1234
|
+
attr_accessor :steps
|
1235
|
+
|
1236
|
+
# Substitutions data for `Build` resource.
|
1237
|
+
# Corresponds to the JSON property `substitutions`
|
1238
|
+
# @return [Hash<String,String>]
|
1239
|
+
attr_accessor :substitutions
|
1240
|
+
|
1241
|
+
# Tags for annotation of a `Build`. These are not docker tags.
|
1242
|
+
# Corresponds to the JSON property `tags`
|
1243
|
+
# @return [Array<String>]
|
1244
|
+
attr_accessor :tags
|
1245
|
+
|
1246
|
+
# Amount of time that this build should be allowed to run, to second granularity.
|
1247
|
+
# If this amount of time elapses, work on the build will cease and the build
|
1248
|
+
# status will be `TIMEOUT`. `timeout` starts ticking from `startTime`. Default
|
1249
|
+
# time is ten minutes.
|
1250
|
+
# Corresponds to the JSON property `timeout`
|
1251
|
+
# @return [String]
|
1252
|
+
attr_accessor :timeout
|
1253
|
+
|
1254
|
+
# Output only. Stores timing information for phases of the build. Valid keys are:
|
1255
|
+
# * BUILD: time to execute all build steps. * PUSH: time to push all specified
|
1256
|
+
# images. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time to set up
|
1257
|
+
# build. If the build does not specify source or images, these keys will not be
|
1258
|
+
# included.
|
1259
|
+
# Corresponds to the JSON property `timing`
|
1260
|
+
# @return [Hash<String,Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan>]
|
1261
|
+
attr_accessor :timing
|
1262
|
+
|
1263
|
+
# Output only. Non-fatal problems encountered during the execution of the build.
|
1264
|
+
# Corresponds to the JSON property `warnings`
|
1265
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning>]
|
1266
|
+
attr_accessor :warnings
|
1267
|
+
|
1268
|
+
def initialize(**args)
|
1269
|
+
update!(**args)
|
1270
|
+
end
|
1271
|
+
|
1272
|
+
# Update properties of this object
|
1273
|
+
def update!(**args)
|
1274
|
+
@approval = args[:approval] if args.key?(:approval)
|
1275
|
+
@artifacts = args[:artifacts] if args.key?(:artifacts)
|
1276
|
+
@available_secrets = args[:available_secrets] if args.key?(:available_secrets)
|
1277
|
+
@build_trigger_id = args[:build_trigger_id] if args.key?(:build_trigger_id)
|
1278
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
1279
|
+
@failure_info = args[:failure_info] if args.key?(:failure_info)
|
1280
|
+
@finish_time = args[:finish_time] if args.key?(:finish_time)
|
1281
|
+
@id = args[:id] if args.key?(:id)
|
1282
|
+
@images = args[:images] if args.key?(:images)
|
1283
|
+
@log_url = args[:log_url] if args.key?(:log_url)
|
1284
|
+
@logs_bucket = args[:logs_bucket] if args.key?(:logs_bucket)
|
1285
|
+
@name = args[:name] if args.key?(:name)
|
1286
|
+
@options = args[:options] if args.key?(:options)
|
1287
|
+
@project_id = args[:project_id] if args.key?(:project_id)
|
1288
|
+
@queue_ttl = args[:queue_ttl] if args.key?(:queue_ttl)
|
1289
|
+
@results = args[:results] if args.key?(:results)
|
1290
|
+
@secrets = args[:secrets] if args.key?(:secrets)
|
1291
|
+
@service_account = args[:service_account] if args.key?(:service_account)
|
1292
|
+
@source = args[:source] if args.key?(:source)
|
1293
|
+
@source_provenance = args[:source_provenance] if args.key?(:source_provenance)
|
1294
|
+
@start_time = args[:start_time] if args.key?(:start_time)
|
1295
|
+
@status = args[:status] if args.key?(:status)
|
1296
|
+
@status_detail = args[:status_detail] if args.key?(:status_detail)
|
1297
|
+
@steps = args[:steps] if args.key?(:steps)
|
1298
|
+
@substitutions = args[:substitutions] if args.key?(:substitutions)
|
1299
|
+
@tags = args[:tags] if args.key?(:tags)
|
1300
|
+
@timeout = args[:timeout] if args.key?(:timeout)
|
1301
|
+
@timing = args[:timing] if args.key?(:timing)
|
1302
|
+
@warnings = args[:warnings] if args.key?(:warnings)
|
1303
|
+
end
|
1304
|
+
end
|
1305
|
+
|
1306
|
+
# BuildApproval describes a build's approval configuration, state, and result.
|
1307
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval
|
1308
|
+
include Google::Apis::Core::Hashable
|
1309
|
+
|
1310
|
+
# ApprovalConfig describes configuration for manual approval of a build.
|
1311
|
+
# Corresponds to the JSON property `config`
|
1312
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig]
|
1313
|
+
attr_accessor :config
|
1314
|
+
|
1315
|
+
# ApprovalResult describes the decision and associated metadata of a manual
|
1316
|
+
# approval of a build.
|
1317
|
+
# Corresponds to the JSON property `result`
|
1318
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult]
|
1319
|
+
attr_accessor :result
|
1320
|
+
|
1321
|
+
# Output only. The state of this build's approval.
|
1322
|
+
# Corresponds to the JSON property `state`
|
1323
|
+
# @return [String]
|
1324
|
+
attr_accessor :state
|
1325
|
+
|
1326
|
+
def initialize(**args)
|
1327
|
+
update!(**args)
|
1328
|
+
end
|
1329
|
+
|
1330
|
+
# Update properties of this object
|
1331
|
+
def update!(**args)
|
1332
|
+
@config = args[:config] if args.key?(:config)
|
1333
|
+
@result = args[:result] if args.key?(:result)
|
1334
|
+
@state = args[:state] if args.key?(:state)
|
1335
|
+
end
|
1336
|
+
end
|
1337
|
+
|
1338
|
+
# A fatal problem encountered during the execution of the build.
|
1339
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo
|
1340
|
+
include Google::Apis::Core::Hashable
|
1341
|
+
|
1342
|
+
# Explains the failure issue in more detail using hard-coded text.
|
1343
|
+
# Corresponds to the JSON property `detail`
|
1344
|
+
# @return [String]
|
1345
|
+
attr_accessor :detail
|
1346
|
+
|
1347
|
+
# The name of the failure.
|
1348
|
+
# Corresponds to the JSON property `type`
|
1349
|
+
# @return [String]
|
1350
|
+
attr_accessor :type
|
1351
|
+
|
1352
|
+
def initialize(**args)
|
1353
|
+
update!(**args)
|
1354
|
+
end
|
1355
|
+
|
1356
|
+
# Update properties of this object
|
1357
|
+
def update!(**args)
|
1358
|
+
@detail = args[:detail] if args.key?(:detail)
|
1359
|
+
@type = args[:type] if args.key?(:type)
|
1360
|
+
end
|
1361
|
+
end
|
1362
|
+
|
1363
|
+
# Optional arguments to enable specific features of builds.
|
1364
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions
|
1365
|
+
include Google::Apis::Core::Hashable
|
1366
|
+
|
1367
|
+
# Requested disk size for the VM that runs the build. Note that this is *NOT* "
|
1368
|
+
# disk free"; some of the space will be used by the operating system and build
|
1369
|
+
# utilities. Also note that this is the minimum disk size that will be allocated
|
1370
|
+
# for the build -- the build may run with a larger disk than requested. At
|
1371
|
+
# present, the maximum disk size is 1000GB; builds that request more than the
|
1372
|
+
# maximum are rejected with an error.
|
1373
|
+
# Corresponds to the JSON property `diskSizeGb`
|
1374
|
+
# @return [Fixnum]
|
1375
|
+
attr_accessor :disk_size_gb
|
1376
|
+
|
1377
|
+
# Option to specify whether or not to apply bash style string operations to the
|
1378
|
+
# substitutions. NOTE: this is always enabled for triggered builds and cannot be
|
1379
|
+
# overridden in the build configuration file.
|
1380
|
+
# Corresponds to the JSON property `dynamicSubstitutions`
|
1381
|
+
# @return [Boolean]
|
1382
|
+
attr_accessor :dynamic_substitutions
|
1383
|
+
alias_method :dynamic_substitutions?, :dynamic_substitutions
|
1384
|
+
|
1385
|
+
# A list of global environment variable definitions that will exist for all
|
1386
|
+
# build steps in this build. If a variable is defined in both globally and in a
|
1387
|
+
# build step, the variable will use the build step value. The elements are of
|
1388
|
+
# the form "KEY=VALUE" for the environment variable "KEY" being given the value "
|
1389
|
+
# VALUE".
|
1390
|
+
# Corresponds to the JSON property `env`
|
1391
|
+
# @return [Array<String>]
|
1392
|
+
attr_accessor :env
|
1393
|
+
|
1394
|
+
# Option to define build log streaming behavior to Google Cloud Storage.
|
1395
|
+
# Corresponds to the JSON property `logStreamingOption`
|
1396
|
+
# @return [String]
|
1397
|
+
attr_accessor :log_streaming_option
|
1398
|
+
|
1399
|
+
# Option to specify the logging mode, which determines if and where build logs
|
1400
|
+
# are stored.
|
1401
|
+
# Corresponds to the JSON property `logging`
|
1402
|
+
# @return [String]
|
1403
|
+
attr_accessor :logging
|
1404
|
+
|
1405
|
+
# Compute Engine machine type on which to run the build.
|
1406
|
+
# Corresponds to the JSON property `machineType`
|
1407
|
+
# @return [String]
|
1408
|
+
attr_accessor :machine_type
|
1409
|
+
|
1410
|
+
# Details about how a build should be executed on a `WorkerPool`. See [running
|
1411
|
+
# builds in a private pool](https://cloud.google.com/build/docs/private-pools/
|
1412
|
+
# run-builds-in-private-pool) for more information.
|
1413
|
+
# Corresponds to the JSON property `pool`
|
1414
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption]
|
1415
|
+
attr_accessor :pool
|
1416
|
+
|
1417
|
+
# Requested verifiability options.
|
1418
|
+
# Corresponds to the JSON property `requestedVerifyOption`
|
1419
|
+
# @return [String]
|
1420
|
+
attr_accessor :requested_verify_option
|
1421
|
+
|
1422
|
+
# A list of global environment variables, which are encrypted using a Cloud Key
|
1423
|
+
# Management Service crypto key. These values must be specified in the build's `
|
1424
|
+
# Secret`. These variables will be available to all build steps in this build.
|
1425
|
+
# Corresponds to the JSON property `secretEnv`
|
1426
|
+
# @return [Array<String>]
|
1427
|
+
attr_accessor :secret_env
|
1428
|
+
|
1429
|
+
# Requested hash for SourceProvenance.
|
1430
|
+
# Corresponds to the JSON property `sourceProvenanceHash`
|
1431
|
+
# @return [Array<String>]
|
1432
|
+
attr_accessor :source_provenance_hash
|
1433
|
+
|
1434
|
+
# Option to specify behavior when there is an error in the substitution checks.
|
1435
|
+
# NOTE: this is always set to ALLOW_LOOSE for triggered builds and cannot be
|
1436
|
+
# overridden in the build configuration file.
|
1437
|
+
# Corresponds to the JSON property `substitutionOption`
|
1438
|
+
# @return [String]
|
1439
|
+
attr_accessor :substitution_option
|
1440
|
+
|
1441
|
+
# Global list of volumes to mount for ALL build steps Each volume is created as
|
1442
|
+
# an empty volume prior to starting the build process. Upon completion of the
|
1443
|
+
# build, volumes and their contents are discarded. Global volume names and paths
|
1444
|
+
# cannot conflict with the volumes defined a build step. Using a global volume
|
1445
|
+
# in a build with only one step is not valid as it is indicative of a build
|
1446
|
+
# request with an incorrect configuration.
|
1447
|
+
# Corresponds to the JSON property `volumes`
|
1448
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Volume>]
|
1449
|
+
attr_accessor :volumes
|
1450
|
+
|
1451
|
+
# This field deprecated; please use `pool.name` instead.
|
1452
|
+
# Corresponds to the JSON property `workerPool`
|
1453
|
+
# @return [String]
|
1454
|
+
attr_accessor :worker_pool
|
1455
|
+
|
1456
|
+
def initialize(**args)
|
1457
|
+
update!(**args)
|
1458
|
+
end
|
1459
|
+
|
1460
|
+
# Update properties of this object
|
1461
|
+
def update!(**args)
|
1462
|
+
@disk_size_gb = args[:disk_size_gb] if args.key?(:disk_size_gb)
|
1463
|
+
@dynamic_substitutions = args[:dynamic_substitutions] if args.key?(:dynamic_substitutions)
|
1464
|
+
@env = args[:env] if args.key?(:env)
|
1465
|
+
@log_streaming_option = args[:log_streaming_option] if args.key?(:log_streaming_option)
|
1466
|
+
@logging = args[:logging] if args.key?(:logging)
|
1467
|
+
@machine_type = args[:machine_type] if args.key?(:machine_type)
|
1468
|
+
@pool = args[:pool] if args.key?(:pool)
|
1469
|
+
@requested_verify_option = args[:requested_verify_option] if args.key?(:requested_verify_option)
|
1470
|
+
@secret_env = args[:secret_env] if args.key?(:secret_env)
|
1471
|
+
@source_provenance_hash = args[:source_provenance_hash] if args.key?(:source_provenance_hash)
|
1472
|
+
@substitution_option = args[:substitution_option] if args.key?(:substitution_option)
|
1473
|
+
@volumes = args[:volumes] if args.key?(:volumes)
|
1474
|
+
@worker_pool = args[:worker_pool] if args.key?(:worker_pool)
|
1475
|
+
end
|
1476
|
+
end
|
1477
|
+
|
1478
|
+
# Details about how a build should be executed on a `WorkerPool`. See [running
|
1479
|
+
# builds in a private pool](https://cloud.google.com/build/docs/private-pools/
|
1480
|
+
# run-builds-in-private-pool) for more information.
|
1481
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption
|
1482
|
+
include Google::Apis::Core::Hashable
|
1483
|
+
|
1484
|
+
# The `WorkerPool` resource to execute the build on. You must have `cloudbuild.
|
1485
|
+
# workerpools.use` on the project hosting the WorkerPool. Format projects/`
|
1486
|
+
# project`/locations/`location`/workerPools/`workerPoolId`
|
1487
|
+
# Corresponds to the JSON property `name`
|
1488
|
+
# @return [String]
|
1489
|
+
attr_accessor :name
|
1490
|
+
|
1491
|
+
def initialize(**args)
|
1492
|
+
update!(**args)
|
1493
|
+
end
|
1494
|
+
|
1495
|
+
# Update properties of this object
|
1496
|
+
def update!(**args)
|
1497
|
+
@name = args[:name] if args.key?(:name)
|
1498
|
+
end
|
1499
|
+
end
|
1500
|
+
|
1501
|
+
# A step in the build pipeline.
|
1502
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep
|
1503
|
+
include Google::Apis::Core::Hashable
|
1504
|
+
|
1505
|
+
# A list of arguments that will be presented to the step when it is started. If
|
1506
|
+
# the image used to run the step's container has an entrypoint, the `args` are
|
1507
|
+
# used as arguments to that entrypoint. If the image does not define an
|
1508
|
+
# entrypoint, the first element in args is used as the entrypoint, and the
|
1509
|
+
# remainder will be used as arguments.
|
1510
|
+
# Corresponds to the JSON property `args`
|
1511
|
+
# @return [Array<String>]
|
1512
|
+
attr_accessor :args
|
1513
|
+
|
1514
|
+
# Working directory to use when running this step's container. If this value is
|
1515
|
+
# a relative path, it is relative to the build's working directory. If this
|
1516
|
+
# value is absolute, it may be outside the build's working directory, in which
|
1517
|
+
# case the contents of the path may not be persisted across build step
|
1518
|
+
# executions, unless a `volume` for that path is specified. If the build
|
1519
|
+
# specifies a `RepoSource` with `dir` and a step with a `dir`, which specifies
|
1520
|
+
# an absolute path, the `RepoSource` `dir` is ignored for the step's execution.
|
1521
|
+
# Corresponds to the JSON property `dir`
|
1522
|
+
# @return [String]
|
1523
|
+
attr_accessor :dir
|
1524
|
+
|
1525
|
+
# Entrypoint to be used instead of the build step image's default entrypoint. If
|
1526
|
+
# unset, the image's default entrypoint is used.
|
1527
|
+
# Corresponds to the JSON property `entrypoint`
|
1528
|
+
# @return [String]
|
1529
|
+
attr_accessor :entrypoint
|
1530
|
+
|
1531
|
+
# A list of environment variable definitions to be used when running a step. The
|
1532
|
+
# elements are of the form "KEY=VALUE" for the environment variable "KEY" being
|
1533
|
+
# given the value "VALUE".
|
1534
|
+
# Corresponds to the JSON property `env`
|
1535
|
+
# @return [Array<String>]
|
1536
|
+
attr_accessor :env
|
1537
|
+
|
1538
|
+
# Unique identifier for this build step, used in `wait_for` to reference this
|
1539
|
+
# build step as a dependency.
|
1540
|
+
# Corresponds to the JSON property `id`
|
1541
|
+
# @return [String]
|
1542
|
+
attr_accessor :id
|
1543
|
+
|
1544
|
+
# Required. The name of the container image that will run this particular build
|
1545
|
+
# step. If the image is available in the host's Docker daemon's cache, it will
|
1546
|
+
# be run directly. If not, the host will attempt to pull the image first, using
|
1547
|
+
# the builder service account's credentials if necessary. The Docker daemon's
|
1548
|
+
# cache will already have the latest versions of all of the officially supported
|
1549
|
+
# build steps ([https://github.com/GoogleCloudPlatform/cloud-builders](https://
|
1550
|
+
# github.com/GoogleCloudPlatform/cloud-builders)). The Docker daemon will also
|
1551
|
+
# have cached many of the layers for some popular images, like "ubuntu", "debian"
|
1552
|
+
# , but they will be refreshed at the time you attempt to use them. If you built
|
1553
|
+
# an image in a previous build step, it will be stored in the host's Docker
|
1554
|
+
# daemon's cache and is available to use as the name for a later build step.
|
1555
|
+
# Corresponds to the JSON property `name`
|
1556
|
+
# @return [String]
|
1557
|
+
attr_accessor :name
|
1558
|
+
|
1559
|
+
# Start and end times for a build execution phase.
|
1560
|
+
# Corresponds to the JSON property `pullTiming`
|
1561
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan]
|
1562
|
+
attr_accessor :pull_timing
|
1563
|
+
|
1564
|
+
# A shell script to be executed in the step. When script is provided, the user
|
1565
|
+
# cannot specify the entrypoint or args.
|
1566
|
+
# Corresponds to the JSON property `script`
|
1567
|
+
# @return [String]
|
1568
|
+
attr_accessor :script
|
1569
|
+
|
1570
|
+
# A list of environment variables which are encrypted using a Cloud Key
|
1571
|
+
# Management Service crypto key. These values must be specified in the build's `
|
1572
|
+
# Secret`.
|
1573
|
+
# Corresponds to the JSON property `secretEnv`
|
1574
|
+
# @return [Array<String>]
|
1575
|
+
attr_accessor :secret_env
|
1576
|
+
|
1577
|
+
# Output only. Status of the build step. At this time, build step status is only
|
1578
|
+
# updated on build completion; step status is not updated in real-time as the
|
1579
|
+
# build progresses.
|
1580
|
+
# Corresponds to the JSON property `status`
|
1581
|
+
# @return [String]
|
1582
|
+
attr_accessor :status
|
1583
|
+
|
1584
|
+
# Time limit for executing this build step. If not defined, the step has no time
|
1585
|
+
# limit and will be allowed to continue to run until either it completes or the
|
1586
|
+
# build itself times out.
|
1587
|
+
# Corresponds to the JSON property `timeout`
|
1588
|
+
# @return [String]
|
1589
|
+
attr_accessor :timeout
|
1590
|
+
|
1591
|
+
# Start and end times for a build execution phase.
|
1592
|
+
# Corresponds to the JSON property `timing`
|
1593
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan]
|
1594
|
+
attr_accessor :timing
|
1595
|
+
|
1596
|
+
# List of volumes to mount into the build step. Each volume is created as an
|
1597
|
+
# empty volume prior to execution of the build step. Upon completion of the
|
1598
|
+
# build, volumes and their contents are discarded. Using a named volume in only
|
1599
|
+
# one step is not valid as it is indicative of a build request with an incorrect
|
1600
|
+
# configuration.
|
1601
|
+
# Corresponds to the JSON property `volumes`
|
1602
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Volume>]
|
1603
|
+
attr_accessor :volumes
|
1604
|
+
|
1605
|
+
# The ID(s) of the step(s) that this build step depends on. This build step will
|
1606
|
+
# not start until all the build steps in `wait_for` have completed successfully.
|
1607
|
+
# If `wait_for` is empty, this build step will start when all previous build
|
1608
|
+
# steps in the `Build.Steps` list have completed successfully.
|
1609
|
+
# Corresponds to the JSON property `waitFor`
|
1610
|
+
# @return [Array<String>]
|
1611
|
+
attr_accessor :wait_for
|
1612
|
+
|
1613
|
+
def initialize(**args)
|
1614
|
+
update!(**args)
|
1615
|
+
end
|
1616
|
+
|
1617
|
+
# Update properties of this object
|
1618
|
+
def update!(**args)
|
1619
|
+
@args = args[:args] if args.key?(:args)
|
1620
|
+
@dir = args[:dir] if args.key?(:dir)
|
1621
|
+
@entrypoint = args[:entrypoint] if args.key?(:entrypoint)
|
1622
|
+
@env = args[:env] if args.key?(:env)
|
1623
|
+
@id = args[:id] if args.key?(:id)
|
1624
|
+
@name = args[:name] if args.key?(:name)
|
1625
|
+
@pull_timing = args[:pull_timing] if args.key?(:pull_timing)
|
1626
|
+
@script = args[:script] if args.key?(:script)
|
1627
|
+
@secret_env = args[:secret_env] if args.key?(:secret_env)
|
1628
|
+
@status = args[:status] if args.key?(:status)
|
1629
|
+
@timeout = args[:timeout] if args.key?(:timeout)
|
1630
|
+
@timing = args[:timing] if args.key?(:timing)
|
1631
|
+
@volumes = args[:volumes] if args.key?(:volumes)
|
1632
|
+
@wait_for = args[:wait_for] if args.key?(:wait_for)
|
1633
|
+
end
|
1634
|
+
end
|
1635
|
+
|
1636
|
+
# A non-fatal problem encountered during the execution of the build.
|
1637
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning
|
1638
|
+
include Google::Apis::Core::Hashable
|
1639
|
+
|
1640
|
+
# The priority for this warning.
|
1641
|
+
# Corresponds to the JSON property `priority`
|
1642
|
+
# @return [String]
|
1643
|
+
attr_accessor :priority
|
1644
|
+
|
1645
|
+
# Explanation of the warning generated.
|
1646
|
+
# Corresponds to the JSON property `text`
|
1647
|
+
# @return [String]
|
1648
|
+
attr_accessor :text
|
1649
|
+
|
1650
|
+
def initialize(**args)
|
1651
|
+
update!(**args)
|
1652
|
+
end
|
1653
|
+
|
1654
|
+
# Update properties of this object
|
1655
|
+
def update!(**args)
|
1656
|
+
@priority = args[:priority] if args.key?(:priority)
|
1657
|
+
@text = args[:text] if args.key?(:text)
|
1658
|
+
end
|
1659
|
+
end
|
1660
|
+
|
1661
|
+
# An image built by the pipeline.
|
1662
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage
|
1663
|
+
include Google::Apis::Core::Hashable
|
1664
|
+
|
1665
|
+
# Docker Registry 2.0 digest.
|
1666
|
+
# Corresponds to the JSON property `digest`
|
1667
|
+
# @return [String]
|
1668
|
+
attr_accessor :digest
|
1669
|
+
|
1670
|
+
# Name used to push the container image to Google Container Registry, as
|
1671
|
+
# presented to `docker push`.
|
1672
|
+
# Corresponds to the JSON property `name`
|
1673
|
+
# @return [String]
|
1674
|
+
attr_accessor :name
|
1675
|
+
|
1676
|
+
# Start and end times for a build execution phase.
|
1677
|
+
# Corresponds to the JSON property `pushTiming`
|
1678
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan]
|
1679
|
+
attr_accessor :push_timing
|
1680
|
+
|
1681
|
+
def initialize(**args)
|
1682
|
+
update!(**args)
|
1683
|
+
end
|
1684
|
+
|
1685
|
+
# Update properties of this object
|
1686
|
+
def update!(**args)
|
1687
|
+
@digest = args[:digest] if args.key?(:digest)
|
1688
|
+
@name = args[:name] if args.key?(:name)
|
1689
|
+
@push_timing = args[:push_timing] if args.key?(:push_timing)
|
1690
|
+
end
|
1691
|
+
end
|
1692
|
+
|
1693
|
+
# Container message for hashes of byte content of files, used in
|
1694
|
+
# SourceProvenance messages to verify integrity of source input to the build.
|
1695
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes
|
1696
|
+
include Google::Apis::Core::Hashable
|
1697
|
+
|
1698
|
+
# Collection of file hashes.
|
1699
|
+
# Corresponds to the JSON property `fileHash`
|
1700
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1Hash>]
|
1701
|
+
attr_accessor :file_hash
|
1702
|
+
|
1703
|
+
def initialize(**args)
|
1704
|
+
update!(**args)
|
1705
|
+
end
|
1706
|
+
|
1707
|
+
# Update properties of this object
|
1708
|
+
def update!(**args)
|
1709
|
+
@file_hash = args[:file_hash] if args.key?(:file_hash)
|
1710
|
+
end
|
1711
|
+
end
|
1712
|
+
|
1713
|
+
# Container message for hash values.
|
1714
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Hash
|
1715
|
+
include Google::Apis::Core::Hashable
|
1716
|
+
|
1717
|
+
# The type of hash that was performed.
|
1718
|
+
# Corresponds to the JSON property `type`
|
1719
|
+
# @return [String]
|
1720
|
+
attr_accessor :type
|
1721
|
+
|
1722
|
+
# The hash value.
|
1723
|
+
# Corresponds to the JSON property `value`
|
1724
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1725
|
+
# @return [String]
|
1726
|
+
attr_accessor :value
|
1727
|
+
|
1728
|
+
def initialize(**args)
|
1729
|
+
update!(**args)
|
1730
|
+
end
|
1731
|
+
|
1732
|
+
# Update properties of this object
|
1733
|
+
def update!(**args)
|
1734
|
+
@type = args[:type] if args.key?(:type)
|
1735
|
+
@value = args[:value] if args.key?(:value)
|
1736
|
+
end
|
1737
|
+
end
|
1738
|
+
|
1739
|
+
# Pairs a set of secret environment variables mapped to encrypted values with
|
1740
|
+
# the Cloud KMS key to use to decrypt the value.
|
1741
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret
|
1742
|
+
include Google::Apis::Core::Hashable
|
1743
|
+
|
1744
|
+
# Map of environment variable name to its encrypted value. Secret environment
|
1745
|
+
# variables must be unique across all of a build's secrets, and must be used by
|
1746
|
+
# at least one build step. Values can be at most 64 KB in size. There can be at
|
1747
|
+
# most 100 secret values across all of a build's secrets.
|
1748
|
+
# Corresponds to the JSON property `envMap`
|
1749
|
+
# @return [Hash<String,String>]
|
1750
|
+
attr_accessor :env_map
|
1751
|
+
|
1752
|
+
# Resource name of Cloud KMS crypto key to decrypt the encrypted value. In
|
1753
|
+
# format: projects/*/locations/*/keyRings/*/cryptoKeys/*
|
1754
|
+
# Corresponds to the JSON property `kmsKeyName`
|
1755
|
+
# @return [String]
|
1756
|
+
attr_accessor :kms_key_name
|
1757
|
+
|
1758
|
+
def initialize(**args)
|
1759
|
+
update!(**args)
|
1760
|
+
end
|
1761
|
+
|
1762
|
+
# Update properties of this object
|
1763
|
+
def update!(**args)
|
1764
|
+
@env_map = args[:env_map] if args.key?(:env_map)
|
1765
|
+
@kms_key_name = args[:kms_key_name] if args.key?(:kms_key_name)
|
1766
|
+
end
|
1767
|
+
end
|
1768
|
+
|
1769
|
+
# Location of the source in a Google Cloud Source Repository.
|
1770
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource
|
1771
|
+
include Google::Apis::Core::Hashable
|
1772
|
+
|
1773
|
+
# Regex matching branches to build. The syntax of the regular expressions
|
1774
|
+
# accepted is the syntax accepted by RE2 and described at https://github.com/
|
1775
|
+
# google/re2/wiki/Syntax
|
1776
|
+
# Corresponds to the JSON property `branchName`
|
1777
|
+
# @return [String]
|
1778
|
+
attr_accessor :branch_name
|
1779
|
+
|
1780
|
+
# Explicit commit SHA to build.
|
1781
|
+
# Corresponds to the JSON property `commitSha`
|
1782
|
+
# @return [String]
|
1783
|
+
attr_accessor :commit_sha
|
1784
|
+
|
1785
|
+
# Directory, relative to the source root, in which to run the build. This must
|
1786
|
+
# be a relative path. If a step's `dir` is specified and is an absolute path,
|
1787
|
+
# this value is ignored for that step's execution.
|
1788
|
+
# Corresponds to the JSON property `dir`
|
1789
|
+
# @return [String]
|
1790
|
+
attr_accessor :dir
|
1791
|
+
|
1792
|
+
# Only trigger a build if the revision regex does NOT match the revision regex.
|
1793
|
+
# Corresponds to the JSON property `invertRegex`
|
1794
|
+
# @return [Boolean]
|
1795
|
+
attr_accessor :invert_regex
|
1796
|
+
alias_method :invert_regex?, :invert_regex
|
1797
|
+
|
1798
|
+
# ID of the project that owns the Cloud Source Repository. If omitted, the
|
1799
|
+
# project ID requesting the build is assumed.
|
1800
|
+
# Corresponds to the JSON property `projectId`
|
1801
|
+
# @return [String]
|
1802
|
+
attr_accessor :project_id
|
1803
|
+
|
1804
|
+
# Name of the Cloud Source Repository.
|
1805
|
+
# Corresponds to the JSON property `repoName`
|
1806
|
+
# @return [String]
|
1807
|
+
attr_accessor :repo_name
|
1808
|
+
|
1809
|
+
# Substitutions to use in a triggered build. Should only be used with
|
1810
|
+
# RunBuildTrigger
|
1811
|
+
# Corresponds to the JSON property `substitutions`
|
1812
|
+
# @return [Hash<String,String>]
|
1813
|
+
attr_accessor :substitutions
|
1814
|
+
|
1815
|
+
# Regex matching tags to build. The syntax of the regular expressions accepted
|
1816
|
+
# is the syntax accepted by RE2 and described at https://github.com/google/re2/
|
1817
|
+
# wiki/Syntax
|
1818
|
+
# Corresponds to the JSON property `tagName`
|
1819
|
+
# @return [String]
|
1820
|
+
attr_accessor :tag_name
|
1821
|
+
|
1822
|
+
def initialize(**args)
|
1823
|
+
update!(**args)
|
1824
|
+
end
|
1825
|
+
|
1826
|
+
# Update properties of this object
|
1827
|
+
def update!(**args)
|
1828
|
+
@branch_name = args[:branch_name] if args.key?(:branch_name)
|
1829
|
+
@commit_sha = args[:commit_sha] if args.key?(:commit_sha)
|
1830
|
+
@dir = args[:dir] if args.key?(:dir)
|
1831
|
+
@invert_regex = args[:invert_regex] if args.key?(:invert_regex)
|
1832
|
+
@project_id = args[:project_id] if args.key?(:project_id)
|
1833
|
+
@repo_name = args[:repo_name] if args.key?(:repo_name)
|
1834
|
+
@substitutions = args[:substitutions] if args.key?(:substitutions)
|
1835
|
+
@tag_name = args[:tag_name] if args.key?(:tag_name)
|
1836
|
+
end
|
1837
|
+
end
|
1838
|
+
|
1839
|
+
# Artifacts created by the build pipeline.
|
1840
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Results
|
1841
|
+
include Google::Apis::Core::Hashable
|
1842
|
+
|
1843
|
+
# Path to the artifact manifest. Only populated when artifacts are uploaded.
|
1844
|
+
# Corresponds to the JSON property `artifactManifest`
|
1845
|
+
# @return [String]
|
1846
|
+
attr_accessor :artifact_manifest
|
1847
|
+
|
1848
|
+
# Start and end times for a build execution phase.
|
1849
|
+
# Corresponds to the JSON property `artifactTiming`
|
1850
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan]
|
1851
|
+
attr_accessor :artifact_timing
|
1852
|
+
|
1853
|
+
# List of build step digests, in the order corresponding to build step indices.
|
1854
|
+
# Corresponds to the JSON property `buildStepImages`
|
1855
|
+
# @return [Array<String>]
|
1856
|
+
attr_accessor :build_step_images
|
1857
|
+
|
1858
|
+
# List of build step outputs, produced by builder images, in the order
|
1859
|
+
# corresponding to build step indices. [Cloud Builders](https://cloud.google.com/
|
1860
|
+
# cloud-build/docs/cloud-builders) can produce this output by writing to `$
|
1861
|
+
# BUILDER_OUTPUT/output`. Only the first 4KB of data is stored.
|
1862
|
+
# Corresponds to the JSON property `buildStepOutputs`
|
1863
|
+
# @return [Array<String>]
|
1864
|
+
attr_accessor :build_step_outputs
|
1865
|
+
|
1866
|
+
# Container images that were built as a part of the build.
|
1867
|
+
# Corresponds to the JSON property `images`
|
1868
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage>]
|
1869
|
+
attr_accessor :images
|
1870
|
+
|
1871
|
+
# Number of artifacts uploaded. Only populated when artifacts are uploaded.
|
1872
|
+
# Corresponds to the JSON property `numArtifacts`
|
1873
|
+
# @return [Fixnum]
|
1874
|
+
attr_accessor :num_artifacts
|
1875
|
+
|
1876
|
+
def initialize(**args)
|
1877
|
+
update!(**args)
|
1878
|
+
end
|
1879
|
+
|
1880
|
+
# Update properties of this object
|
1881
|
+
def update!(**args)
|
1882
|
+
@artifact_manifest = args[:artifact_manifest] if args.key?(:artifact_manifest)
|
1883
|
+
@artifact_timing = args[:artifact_timing] if args.key?(:artifact_timing)
|
1884
|
+
@build_step_images = args[:build_step_images] if args.key?(:build_step_images)
|
1885
|
+
@build_step_outputs = args[:build_step_outputs] if args.key?(:build_step_outputs)
|
1886
|
+
@images = args[:images] if args.key?(:images)
|
1887
|
+
@num_artifacts = args[:num_artifacts] if args.key?(:num_artifacts)
|
1888
|
+
end
|
1889
|
+
end
|
1890
|
+
|
1891
|
+
# Pairs a set of secret environment variables containing encrypted values with
|
1892
|
+
# the Cloud KMS key to use to decrypt the value. Note: Use `kmsKeyName` with `
|
1893
|
+
# available_secrets` instead of using `kmsKeyName` with `secret`. For
|
1894
|
+
# instructions see: https://cloud.google.com/cloud-build/docs/securing-builds/
|
1895
|
+
# use-encrypted-credentials.
|
1896
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Secret
|
1897
|
+
include Google::Apis::Core::Hashable
|
1898
|
+
|
1899
|
+
# Cloud KMS key name to use to decrypt these envs.
|
1900
|
+
# Corresponds to the JSON property `kmsKeyName`
|
1901
|
+
# @return [String]
|
1902
|
+
attr_accessor :kms_key_name
|
1903
|
+
|
1904
|
+
# Map of environment variable name to its encrypted value. Secret environment
|
1905
|
+
# variables must be unique across all of a build's secrets, and must be used by
|
1906
|
+
# at least one build step. Values can be at most 64 KB in size. There can be at
|
1907
|
+
# most 100 secret values across all of a build's secrets.
|
1908
|
+
# Corresponds to the JSON property `secretEnv`
|
1909
|
+
# @return [Hash<String,String>]
|
1910
|
+
attr_accessor :secret_env
|
1911
|
+
|
1912
|
+
def initialize(**args)
|
1913
|
+
update!(**args)
|
1914
|
+
end
|
1915
|
+
|
1916
|
+
# Update properties of this object
|
1917
|
+
def update!(**args)
|
1918
|
+
@kms_key_name = args[:kms_key_name] if args.key?(:kms_key_name)
|
1919
|
+
@secret_env = args[:secret_env] if args.key?(:secret_env)
|
1920
|
+
end
|
1921
|
+
end
|
1922
|
+
|
1923
|
+
# Pairs a secret environment variable with a SecretVersion in Secret Manager.
|
1924
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret
|
1925
|
+
include Google::Apis::Core::Hashable
|
1926
|
+
|
1927
|
+
# Environment variable name to associate with the secret. Secret environment
|
1928
|
+
# variables must be unique across all of a build's secrets, and must be used by
|
1929
|
+
# at least one build step.
|
1930
|
+
# Corresponds to the JSON property `env`
|
1931
|
+
# @return [String]
|
1932
|
+
attr_accessor :env
|
1933
|
+
|
1934
|
+
# Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/*
|
1935
|
+
# Corresponds to the JSON property `versionName`
|
1936
|
+
# @return [String]
|
1937
|
+
attr_accessor :version_name
|
1938
|
+
|
1939
|
+
def initialize(**args)
|
1940
|
+
update!(**args)
|
1941
|
+
end
|
1942
|
+
|
1943
|
+
# Update properties of this object
|
1944
|
+
def update!(**args)
|
1945
|
+
@env = args[:env] if args.key?(:env)
|
1946
|
+
@version_name = args[:version_name] if args.key?(:version_name)
|
1947
|
+
end
|
1948
|
+
end
|
1949
|
+
|
1950
|
+
# Secrets and secret environment variables.
|
1951
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets
|
1952
|
+
include Google::Apis::Core::Hashable
|
1953
|
+
|
1954
|
+
# Secrets encrypted with KMS key and the associated secret environment variable.
|
1955
|
+
# Corresponds to the JSON property `inline`
|
1956
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret>]
|
1957
|
+
attr_accessor :inline
|
1958
|
+
|
1959
|
+
# Secrets in Secret Manager and associated secret environment variable.
|
1960
|
+
# Corresponds to the JSON property `secretManager`
|
1961
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret>]
|
1962
|
+
attr_accessor :secret_manager
|
1963
|
+
|
1964
|
+
def initialize(**args)
|
1965
|
+
update!(**args)
|
1966
|
+
end
|
1967
|
+
|
1968
|
+
# Update properties of this object
|
1969
|
+
def update!(**args)
|
1970
|
+
@inline = args[:inline] if args.key?(:inline)
|
1971
|
+
@secret_manager = args[:secret_manager] if args.key?(:secret_manager)
|
1972
|
+
end
|
1973
|
+
end
|
815
1974
|
|
816
|
-
|
817
|
-
|
818
|
-
|
819
|
-
# @return [String]
|
820
|
-
attr_accessor :id
|
1975
|
+
# Location of the source in a supported storage service.
|
1976
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Source
|
1977
|
+
include Google::Apis::Core::Hashable
|
821
1978
|
|
822
|
-
#
|
823
|
-
#
|
824
|
-
#
|
825
|
-
|
826
|
-
attr_accessor :name
|
1979
|
+
# Location of the source in a Google Cloud Source Repository.
|
1980
|
+
# Corresponds to the JSON property `repoSource`
|
1981
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource]
|
1982
|
+
attr_accessor :repo_source
|
827
1983
|
|
828
|
-
#
|
829
|
-
# Corresponds to the JSON property `
|
830
|
-
# @return [
|
831
|
-
attr_accessor :
|
1984
|
+
# Location of the source in an archive file in Google Cloud Storage.
|
1985
|
+
# Corresponds to the JSON property `storageSource`
|
1986
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource]
|
1987
|
+
attr_accessor :storage_source
|
1988
|
+
|
1989
|
+
# Location of the source manifest in Google Cloud Storage. This feature is in
|
1990
|
+
# Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-
|
1991
|
+
# builders/tree/master/gcs-fetcher).
|
1992
|
+
# Corresponds to the JSON property `storageSourceManifest`
|
1993
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest]
|
1994
|
+
attr_accessor :storage_source_manifest
|
832
1995
|
|
833
1996
|
def initialize(**args)
|
834
1997
|
update!(**args)
|
@@ -836,39 +1999,44 @@ module Google
|
|
836
1999
|
|
837
2000
|
# Update properties of this object
|
838
2001
|
def update!(**args)
|
839
|
-
@
|
840
|
-
@
|
841
|
-
@
|
842
|
-
@id = args[:id] if args.key?(:id)
|
843
|
-
@name = args[:name] if args.key?(:name)
|
844
|
-
@wait_for = args[:wait_for] if args.key?(:wait_for)
|
2002
|
+
@repo_source = args[:repo_source] if args.key?(:repo_source)
|
2003
|
+
@storage_source = args[:storage_source] if args.key?(:storage_source)
|
2004
|
+
@storage_source_manifest = args[:storage_source_manifest] if args.key?(:storage_source_manifest)
|
845
2005
|
end
|
846
2006
|
end
|
847
2007
|
|
848
|
-
#
|
849
|
-
#
|
850
|
-
class
|
2008
|
+
# Provenance of the source. Ways to find the original source, or verify that
|
2009
|
+
# some source was used for this build.
|
2010
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance
|
851
2011
|
include Google::Apis::Core::Hashable
|
852
2012
|
|
853
|
-
#
|
854
|
-
#
|
855
|
-
#
|
856
|
-
#
|
857
|
-
|
858
|
-
|
2013
|
+
# Output only. Hash(es) of the build source, which can be used to verify that
|
2014
|
+
# the original source integrity was maintained in the build. Note that `
|
2015
|
+
# FileHashes` will only be populated if `BuildOptions` has requested a `
|
2016
|
+
# SourceProvenanceHash`. The keys to this map are file paths used as build
|
2017
|
+
# source and the values contain the hash values for those files. If the build
|
2018
|
+
# source came in a single package such as a gzipped tarfile (`.tar.gz`), the `
|
2019
|
+
# FileHash` will be for the single path to that file.
|
2020
|
+
# Corresponds to the JSON property `fileHashes`
|
2021
|
+
# @return [Hash<String,Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes>]
|
2022
|
+
attr_accessor :file_hashes
|
859
2023
|
|
860
|
-
#
|
861
|
-
# Corresponds to the JSON property `
|
862
|
-
# @return [
|
863
|
-
attr_accessor :
|
864
|
-
alias_method :environment?, :environment
|
2024
|
+
# Location of the source in a Google Cloud Source Repository.
|
2025
|
+
# Corresponds to the JSON property `resolvedRepoSource`
|
2026
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource]
|
2027
|
+
attr_accessor :resolved_repo_source
|
865
2028
|
|
866
|
-
#
|
867
|
-
#
|
868
|
-
#
|
869
|
-
|
870
|
-
|
871
|
-
|
2029
|
+
# Location of the source in an archive file in Google Cloud Storage.
|
2030
|
+
# Corresponds to the JSON property `resolvedStorageSource`
|
2031
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource]
|
2032
|
+
attr_accessor :resolved_storage_source
|
2033
|
+
|
2034
|
+
# Location of the source manifest in Google Cloud Storage. This feature is in
|
2035
|
+
# Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-
|
2036
|
+
# builders/tree/master/gcs-fetcher).
|
2037
|
+
# Corresponds to the JSON property `resolvedStorageSourceManifest`
|
2038
|
+
# @return [Google::Apis::ContaineranalysisV1::ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest]
|
2039
|
+
attr_accessor :resolved_storage_source_manifest
|
872
2040
|
|
873
2041
|
def initialize(**args)
|
874
2042
|
update!(**args)
|
@@ -876,51 +2044,72 @@ module Google
|
|
876
2044
|
|
877
2045
|
# Update properties of this object
|
878
2046
|
def update!(**args)
|
879
|
-
@
|
880
|
-
@
|
881
|
-
@
|
2047
|
+
@file_hashes = args[:file_hashes] if args.key?(:file_hashes)
|
2048
|
+
@resolved_repo_source = args[:resolved_repo_source] if args.key?(:resolved_repo_source)
|
2049
|
+
@resolved_storage_source = args[:resolved_storage_source] if args.key?(:resolved_storage_source)
|
2050
|
+
@resolved_storage_source_manifest = args[:resolved_storage_source_manifest] if args.key?(:resolved_storage_source_manifest)
|
882
2051
|
end
|
883
2052
|
end
|
884
2053
|
|
885
|
-
#
|
886
|
-
class
|
2054
|
+
# Location of the source in an archive file in Google Cloud Storage.
|
2055
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource
|
887
2056
|
include Google::Apis::Core::Hashable
|
888
2057
|
|
889
|
-
#
|
890
|
-
#
|
891
|
-
#
|
892
|
-
|
893
|
-
|
894
|
-
# A description about this compliance check.
|
895
|
-
# Corresponds to the JSON property `description`
|
2058
|
+
# Google Cloud Storage bucket containing the source (see [Bucket Name
|
2059
|
+
# Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)
|
2060
|
+
# ).
|
2061
|
+
# Corresponds to the JSON property `bucket`
|
896
2062
|
# @return [String]
|
897
|
-
attr_accessor :
|
2063
|
+
attr_accessor :bucket
|
898
2064
|
|
899
|
-
#
|
900
|
-
#
|
901
|
-
#
|
902
|
-
|
2065
|
+
# Google Cloud Storage generation for the object. If the generation is omitted,
|
2066
|
+
# the latest generation will be used.
|
2067
|
+
# Corresponds to the JSON property `generation`
|
2068
|
+
# @return [Fixnum]
|
2069
|
+
attr_accessor :generation
|
903
2070
|
|
904
|
-
#
|
905
|
-
#
|
2071
|
+
# Google Cloud Storage object containing the source. This object must be a
|
2072
|
+
# zipped (`.zip`) or gzipped archive file (`.tar.gz`) containing source to build.
|
2073
|
+
# Corresponds to the JSON property `object`
|
906
2074
|
# @return [String]
|
907
|
-
attr_accessor :
|
2075
|
+
attr_accessor :object
|
908
2076
|
|
909
|
-
|
910
|
-
|
911
|
-
|
912
|
-
# @return [String]
|
913
|
-
attr_accessor :scan_instructions
|
2077
|
+
def initialize(**args)
|
2078
|
+
update!(**args)
|
2079
|
+
end
|
914
2080
|
|
915
|
-
#
|
916
|
-
|
2081
|
+
# Update properties of this object
|
2082
|
+
def update!(**args)
|
2083
|
+
@bucket = args[:bucket] if args.key?(:bucket)
|
2084
|
+
@generation = args[:generation] if args.key?(:generation)
|
2085
|
+
@object = args[:object] if args.key?(:object)
|
2086
|
+
end
|
2087
|
+
end
|
2088
|
+
|
2089
|
+
# Location of the source manifest in Google Cloud Storage. This feature is in
|
2090
|
+
# Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-
|
2091
|
+
# builders/tree/master/gcs-fetcher).
|
2092
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest
|
2093
|
+
include Google::Apis::Core::Hashable
|
2094
|
+
|
2095
|
+
# Google Cloud Storage bucket containing the source manifest (see [Bucket Name
|
2096
|
+
# Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)
|
2097
|
+
# ).
|
2098
|
+
# Corresponds to the JSON property `bucket`
|
917
2099
|
# @return [String]
|
918
|
-
attr_accessor :
|
2100
|
+
attr_accessor :bucket
|
919
2101
|
|
920
|
-
#
|
921
|
-
#
|
922
|
-
#
|
923
|
-
|
2102
|
+
# Google Cloud Storage generation for the object. If the generation is omitted,
|
2103
|
+
# the latest generation will be used.
|
2104
|
+
# Corresponds to the JSON property `generation`
|
2105
|
+
# @return [Fixnum]
|
2106
|
+
attr_accessor :generation
|
2107
|
+
|
2108
|
+
# Google Cloud Storage object containing the source manifest. This object must
|
2109
|
+
# be a JSON file.
|
2110
|
+
# Corresponds to the JSON property `object`
|
2111
|
+
# @return [String]
|
2112
|
+
attr_accessor :object
|
924
2113
|
|
925
2114
|
def initialize(**args)
|
926
2115
|
update!(**args)
|
@@ -928,30 +2117,25 @@ module Google
|
|
928
2117
|
|
929
2118
|
# Update properties of this object
|
930
2119
|
def update!(**args)
|
931
|
-
@
|
932
|
-
@
|
933
|
-
@
|
934
|
-
@remediation = args[:remediation] if args.key?(:remediation)
|
935
|
-
@scan_instructions = args[:scan_instructions] if args.key?(:scan_instructions)
|
936
|
-
@title = args[:title] if args.key?(:title)
|
937
|
-
@version = args[:version] if args.key?(:version)
|
2120
|
+
@bucket = args[:bucket] if args.key?(:bucket)
|
2121
|
+
@generation = args[:generation] if args.key?(:generation)
|
2122
|
+
@object = args[:object] if args.key?(:object)
|
938
2123
|
end
|
939
2124
|
end
|
940
2125
|
|
941
|
-
#
|
942
|
-
|
943
|
-
class ComplianceOccurrence
|
2126
|
+
# Start and end times for a build execution phase.
|
2127
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan
|
944
2128
|
include Google::Apis::Core::Hashable
|
945
2129
|
|
946
|
-
#
|
947
|
-
# Corresponds to the JSON property `
|
2130
|
+
# End of time span.
|
2131
|
+
# Corresponds to the JSON property `endTime`
|
948
2132
|
# @return [String]
|
949
|
-
attr_accessor :
|
2133
|
+
attr_accessor :end_time
|
950
2134
|
|
951
|
-
#
|
952
|
-
# Corresponds to the JSON property `
|
953
|
-
# @return [
|
954
|
-
attr_accessor :
|
2135
|
+
# Start of time span.
|
2136
|
+
# Corresponds to the JSON property `startTime`
|
2137
|
+
# @return [String]
|
2138
|
+
attr_accessor :start_time
|
955
2139
|
|
956
2140
|
def initialize(**args)
|
957
2141
|
update!(**args)
|
@@ -959,27 +2143,29 @@ module Google
|
|
959
2143
|
|
960
2144
|
# Update properties of this object
|
961
2145
|
def update!(**args)
|
962
|
-
@
|
963
|
-
@
|
2146
|
+
@end_time = args[:end_time] if args.key?(:end_time)
|
2147
|
+
@start_time = args[:start_time] if args.key?(:start_time)
|
964
2148
|
end
|
965
2149
|
end
|
966
2150
|
|
967
|
-
#
|
968
|
-
#
|
969
|
-
class
|
2151
|
+
# Volume describes a Docker container volume which is mounted into build steps
|
2152
|
+
# in order to persist files across build step execution.
|
2153
|
+
class ContaineranalysisGoogleDevtoolsCloudbuildV1Volume
|
970
2154
|
include Google::Apis::Core::Hashable
|
971
2155
|
|
972
|
-
#
|
973
|
-
#
|
974
|
-
#
|
2156
|
+
# Name of the volume to mount. Volume names must be unique per build step and
|
2157
|
+
# must be valid names for Docker volumes. Each named volume must be used by at
|
2158
|
+
# least two build steps.
|
2159
|
+
# Corresponds to the JSON property `name`
|
975
2160
|
# @return [String]
|
976
|
-
attr_accessor :
|
2161
|
+
attr_accessor :name
|
977
2162
|
|
978
|
-
#
|
979
|
-
#
|
980
|
-
#
|
2163
|
+
# Path at which to mount the volume. Paths must be absolute and cannot conflict
|
2164
|
+
# with other volume paths on the same build step or with certain reserved volume
|
2165
|
+
# paths.
|
2166
|
+
# Corresponds to the JSON property `path`
|
981
2167
|
# @return [String]
|
982
|
-
attr_accessor :
|
2168
|
+
attr_accessor :path
|
983
2169
|
|
984
2170
|
def initialize(**args)
|
985
2171
|
update!(**args)
|
@@ -987,8 +2173,8 @@ module Google
|
|
987
2173
|
|
988
2174
|
# Update properties of this object
|
989
2175
|
def update!(**args)
|
990
|
-
@
|
991
|
-
@
|
2176
|
+
@name = args[:name] if args.key?(:name)
|
2177
|
+
@path = args[:path] if args.key?(:path)
|
992
2178
|
end
|
993
2179
|
end
|
994
2180
|
|
@@ -1016,7 +2202,8 @@ module Google
|
|
1016
2202
|
end
|
1017
2203
|
end
|
1018
2204
|
|
1019
|
-
#
|
2205
|
+
# Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at
|
2206
|
+
# the top level of the Occurrence.
|
1020
2207
|
class DsseAttestationOccurrence
|
1021
2208
|
include Google::Apis::Core::Hashable
|
1022
2209
|
|
@@ -1292,6 +2479,12 @@ module Google
|
|
1292
2479
|
# @return [Google::Apis::ContaineranalysisV1::Status]
|
1293
2480
|
attr_accessor :analysis_status_error
|
1294
2481
|
|
2482
|
+
# Output only. The time occurrences related to this discovery occurrence were
|
2483
|
+
# archived.
|
2484
|
+
# Corresponds to the JSON property `archiveTime`
|
2485
|
+
# @return [String]
|
2486
|
+
attr_accessor :archive_time
|
2487
|
+
|
1295
2488
|
# Whether the resource is continuously analyzed.
|
1296
2489
|
# Corresponds to the JSON property `continuousAnalysis`
|
1297
2490
|
# @return [String]
|
@@ -1315,6 +2508,7 @@ module Google
|
|
1315
2508
|
def update!(**args)
|
1316
2509
|
@analysis_status = args[:analysis_status] if args.key?(:analysis_status)
|
1317
2510
|
@analysis_status_error = args[:analysis_status_error] if args.key?(:analysis_status_error)
|
2511
|
+
@archive_time = args[:archive_time] if args.key?(:archive_time)
|
1318
2512
|
@continuous_analysis = args[:continuous_analysis] if args.key?(:continuous_analysis)
|
1319
2513
|
@cpe = args[:cpe] if args.key?(:cpe)
|
1320
2514
|
@last_scan_time = args[:last_scan_time] if args.key?(:last_scan_time)
|
@@ -1656,13 +2850,16 @@ module Google
|
|
1656
2850
|
class GetPolicyOptions
|
1657
2851
|
include Google::Apis::Core::Hashable
|
1658
2852
|
|
1659
|
-
# Optional. The policy
|
1660
|
-
# 3. Requests specifying an invalid value will be
|
1661
|
-
# policies with any conditional bindings must
|
1662
|
-
#
|
1663
|
-
# field unset.
|
1664
|
-
#
|
1665
|
-
#
|
2853
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
2854
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
2855
|
+
# rejected. Requests for policies with any conditional role bindings must
|
2856
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
2857
|
+
# valid value or leave the field unset. The policy in the response might use the
|
2858
|
+
# policy version that you specified, or it might use a lower policy version. For
|
2859
|
+
# example, if you specify version 3, but the policy has no conditional role
|
2860
|
+
# bindings, the response uses version 1. To learn which resources support
|
2861
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
2862
|
+
# google.com/iam/help/conditions/resource-policies).
|
1666
2863
|
# Corresponds to the JSON property `requestedPolicyVersion`
|
1667
2864
|
# @return [Fixnum]
|
1668
2865
|
attr_accessor :requested_policy_version
|
@@ -1921,7 +3118,12 @@ module Google
|
|
1921
3118
|
class InTotoStatement
|
1922
3119
|
include Google::Apis::Core::Hashable
|
1923
3120
|
|
1924
|
-
#
|
3121
|
+
# Always `https://in-toto.io/Statement/v0.1`.
|
3122
|
+
# Corresponds to the JSON property `_type`
|
3123
|
+
# @return [String]
|
3124
|
+
attr_accessor :_type
|
3125
|
+
|
3126
|
+
# `https://slsa.dev/provenance/v0.1` for SlsaProvenance.
|
1925
3127
|
# Corresponds to the JSON property `predicateType`
|
1926
3128
|
# @return [String]
|
1927
3129
|
attr_accessor :predicate_type
|
@@ -1931,26 +3133,27 @@ module Google
|
|
1931
3133
|
# @return [Google::Apis::ContaineranalysisV1::InTotoProvenance]
|
1932
3134
|
attr_accessor :provenance
|
1933
3135
|
|
3136
|
+
#
|
3137
|
+
# Corresponds to the JSON property `slsaProvenance`
|
3138
|
+
# @return [Google::Apis::ContaineranalysisV1::SlsaProvenance]
|
3139
|
+
attr_accessor :slsa_provenance
|
3140
|
+
|
1934
3141
|
#
|
1935
3142
|
# Corresponds to the JSON property `subject`
|
1936
3143
|
# @return [Array<Google::Apis::ContaineranalysisV1::Subject>]
|
1937
3144
|
attr_accessor :subject
|
1938
3145
|
|
1939
|
-
# Always "https://in-toto.io/Statement/v0.1".
|
1940
|
-
# Corresponds to the JSON property `type`
|
1941
|
-
# @return [String]
|
1942
|
-
attr_accessor :type
|
1943
|
-
|
1944
3146
|
def initialize(**args)
|
1945
3147
|
update!(**args)
|
1946
3148
|
end
|
1947
3149
|
|
1948
3150
|
# Update properties of this object
|
1949
3151
|
def update!(**args)
|
3152
|
+
@_type = args[:_type] if args.key?(:_type)
|
1950
3153
|
@predicate_type = args[:predicate_type] if args.key?(:predicate_type)
|
1951
3154
|
@provenance = args[:provenance] if args.key?(:provenance)
|
3155
|
+
@slsa_provenance = args[:slsa_provenance] if args.key?(:slsa_provenance)
|
1952
3156
|
@subject = args[:subject] if args.key?(:subject)
|
1953
|
-
@type = args[:type] if args.key?(:type)
|
1954
3157
|
end
|
1955
3158
|
end
|
1956
3159
|
|
@@ -2104,31 +3307,6 @@ module Google
|
|
2104
3307
|
end
|
2105
3308
|
end
|
2106
3309
|
|
2107
|
-
# The response message for Operations.ListOperations.
|
2108
|
-
class ListOperationsResponse
|
2109
|
-
include Google::Apis::Core::Hashable
|
2110
|
-
|
2111
|
-
# The standard List next-page token.
|
2112
|
-
# Corresponds to the JSON property `nextPageToken`
|
2113
|
-
# @return [String]
|
2114
|
-
attr_accessor :next_page_token
|
2115
|
-
|
2116
|
-
# A list of operations that matches the specified filter in the request.
|
2117
|
-
# Corresponds to the JSON property `operations`
|
2118
|
-
# @return [Array<Google::Apis::ContaineranalysisV1::Operation>]
|
2119
|
-
attr_accessor :operations
|
2120
|
-
|
2121
|
-
def initialize(**args)
|
2122
|
-
update!(**args)
|
2123
|
-
end
|
2124
|
-
|
2125
|
-
# Update properties of this object
|
2126
|
-
def update!(**args)
|
2127
|
-
@next_page_token = args[:next_page_token] if args.key?(:next_page_token)
|
2128
|
-
@operations = args[:operations] if args.key?(:operations)
|
2129
|
-
end
|
2130
|
-
end
|
2131
|
-
|
2132
3310
|
# An occurrence of a particular package installation found within a system's
|
2133
3311
|
# filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.
|
2134
3312
|
class Location
|
@@ -2162,6 +3340,31 @@ module Google
|
|
2162
3340
|
end
|
2163
3341
|
end
|
2164
3342
|
|
3343
|
+
#
|
3344
|
+
class Material
|
3345
|
+
include Google::Apis::Core::Hashable
|
3346
|
+
|
3347
|
+
#
|
3348
|
+
# Corresponds to the JSON property `digest`
|
3349
|
+
# @return [Hash<String,String>]
|
3350
|
+
attr_accessor :digest
|
3351
|
+
|
3352
|
+
#
|
3353
|
+
# Corresponds to the JSON property `uri`
|
3354
|
+
# @return [String]
|
3355
|
+
attr_accessor :uri
|
3356
|
+
|
3357
|
+
def initialize(**args)
|
3358
|
+
update!(**args)
|
3359
|
+
end
|
3360
|
+
|
3361
|
+
# Update properties of this object
|
3362
|
+
def update!(**args)
|
3363
|
+
@digest = args[:digest] if args.key?(:digest)
|
3364
|
+
@uri = args[:uri] if args.key?(:uri)
|
3365
|
+
end
|
3366
|
+
end
|
3367
|
+
|
2165
3368
|
# Other properties of the build.
|
2166
3369
|
class Metadata
|
2167
3370
|
include Google::Apis::Core::Hashable
|
@@ -2210,7 +3413,10 @@ module Google
|
|
2210
3413
|
end
|
2211
3414
|
end
|
2212
3415
|
|
2213
|
-
# Details about files that caused a compliance check to fail.
|
3416
|
+
# Details about files that caused a compliance check to fail. display_command is
|
3417
|
+
# a single command that can be used to display a list of non compliant files.
|
3418
|
+
# When there is no such command, we can also iterate a list of non compliant
|
3419
|
+
# file using 'path'.
|
2214
3420
|
class NonCompliantFile
|
2215
3421
|
include Google::Apis::Core::Hashable
|
2216
3422
|
|
@@ -2219,9 +3425,7 @@ module Google
|
|
2219
3425
|
# @return [String]
|
2220
3426
|
attr_accessor :display_command
|
2221
3427
|
|
2222
|
-
# display_command is
|
2223
|
-
# compliant files. When there is no such command, we can also iterate a list of
|
2224
|
-
# non compliant file using 'path'. Empty if `display_command` is set.
|
3428
|
+
# Empty if `display_command` is set.
|
2225
3429
|
# Corresponds to the JSON property `path`
|
2226
3430
|
# @return [String]
|
2227
3431
|
attr_accessor :path
|
@@ -2431,7 +3635,8 @@ module Google
|
|
2431
3635
|
# @return [Google::Apis::ContaineranalysisV1::DiscoveryOccurrence]
|
2432
3636
|
attr_accessor :discovery
|
2433
3637
|
|
2434
|
-
#
|
3638
|
+
# Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at
|
3639
|
+
# the top level of the Occurrence.
|
2435
3640
|
# Corresponds to the JSON property `dsseAttestation`
|
2436
3641
|
# @return [Google::Apis::ContaineranalysisV1::DsseAttestationOccurrence]
|
2437
3642
|
attr_accessor :dsse_attestation
|
@@ -2512,83 +3717,21 @@ module Google
|
|
2512
3717
|
@attestation = args[:attestation] if args.key?(:attestation)
|
2513
3718
|
@build = args[:build] if args.key?(:build)
|
2514
3719
|
@compliance = args[:compliance] if args.key?(:compliance)
|
2515
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
2516
|
-
@deployment = args[:deployment] if args.key?(:deployment)
|
2517
|
-
@discovery = args[:discovery] if args.key?(:discovery)
|
2518
|
-
@dsse_attestation = args[:dsse_attestation] if args.key?(:dsse_attestation)
|
2519
|
-
@envelope = args[:envelope] if args.key?(:envelope)
|
2520
|
-
@image = args[:image] if args.key?(:image)
|
2521
|
-
@kind = args[:kind] if args.key?(:kind)
|
2522
|
-
@name = args[:name] if args.key?(:name)
|
2523
|
-
@note_name = args[:note_name] if args.key?(:note_name)
|
2524
|
-
@package = args[:package] if args.key?(:package)
|
2525
|
-
@remediation = args[:remediation] if args.key?(:remediation)
|
2526
|
-
@resource_uri = args[:resource_uri] if args.key?(:resource_uri)
|
2527
|
-
@update_time = args[:update_time] if args.key?(:update_time)
|
2528
|
-
@upgrade = args[:upgrade] if args.key?(:upgrade)
|
2529
|
-
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
2530
|
-
end
|
2531
|
-
end
|
2532
|
-
|
2533
|
-
# This resource represents a long-running operation that is the result of a
|
2534
|
-
# network API call.
|
2535
|
-
class Operation
|
2536
|
-
include Google::Apis::Core::Hashable
|
2537
|
-
|
2538
|
-
# If the value is `false`, it means the operation is still in progress. If `true`
|
2539
|
-
# , the operation is completed, and either `error` or `response` is available.
|
2540
|
-
# Corresponds to the JSON property `done`
|
2541
|
-
# @return [Boolean]
|
2542
|
-
attr_accessor :done
|
2543
|
-
alias_method :done?, :done
|
2544
|
-
|
2545
|
-
# The `Status` type defines a logical error model that is suitable for different
|
2546
|
-
# programming environments, including REST APIs and RPC APIs. It is used by [
|
2547
|
-
# gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
|
2548
|
-
# data: error code, error message, and error details. You can find out more
|
2549
|
-
# about this error model and how to work with it in the [API Design Guide](https:
|
2550
|
-
# //cloud.google.com/apis/design/errors).
|
2551
|
-
# Corresponds to the JSON property `error`
|
2552
|
-
# @return [Google::Apis::ContaineranalysisV1::Status]
|
2553
|
-
attr_accessor :error
|
2554
|
-
|
2555
|
-
# Service-specific metadata associated with the operation. It typically contains
|
2556
|
-
# progress information and common metadata such as create time. Some services
|
2557
|
-
# might not provide such metadata. Any method that returns a long-running
|
2558
|
-
# operation should document the metadata type, if any.
|
2559
|
-
# Corresponds to the JSON property `metadata`
|
2560
|
-
# @return [Hash<String,Object>]
|
2561
|
-
attr_accessor :metadata
|
2562
|
-
|
2563
|
-
# The server-assigned name, which is only unique within the same service that
|
2564
|
-
# originally returns it. If you use the default HTTP mapping, the `name` should
|
2565
|
-
# be a resource name ending with `operations/`unique_id``.
|
2566
|
-
# Corresponds to the JSON property `name`
|
2567
|
-
# @return [String]
|
2568
|
-
attr_accessor :name
|
2569
|
-
|
2570
|
-
# The normal response of the operation in case of success. If the original
|
2571
|
-
# method returns no data on success, such as `Delete`, the response is `google.
|
2572
|
-
# protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`,
|
2573
|
-
# the response should be the resource. For other methods, the response should
|
2574
|
-
# have the type `XxxResponse`, where `Xxx` is the original method name. For
|
2575
|
-
# example, if the original method name is `TakeSnapshot()`, the inferred
|
2576
|
-
# response type is `TakeSnapshotResponse`.
|
2577
|
-
# Corresponds to the JSON property `response`
|
2578
|
-
# @return [Hash<String,Object>]
|
2579
|
-
attr_accessor :response
|
2580
|
-
|
2581
|
-
def initialize(**args)
|
2582
|
-
update!(**args)
|
2583
|
-
end
|
2584
|
-
|
2585
|
-
# Update properties of this object
|
2586
|
-
def update!(**args)
|
2587
|
-
@done = args[:done] if args.key?(:done)
|
2588
|
-
@error = args[:error] if args.key?(:error)
|
2589
|
-
@metadata = args[:metadata] if args.key?(:metadata)
|
3720
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
3721
|
+
@deployment = args[:deployment] if args.key?(:deployment)
|
3722
|
+
@discovery = args[:discovery] if args.key?(:discovery)
|
3723
|
+
@dsse_attestation = args[:dsse_attestation] if args.key?(:dsse_attestation)
|
3724
|
+
@envelope = args[:envelope] if args.key?(:envelope)
|
3725
|
+
@image = args[:image] if args.key?(:image)
|
3726
|
+
@kind = args[:kind] if args.key?(:kind)
|
2590
3727
|
@name = args[:name] if args.key?(:name)
|
2591
|
-
@
|
3728
|
+
@note_name = args[:note_name] if args.key?(:note_name)
|
3729
|
+
@package = args[:package] if args.key?(:package)
|
3730
|
+
@remediation = args[:remediation] if args.key?(:remediation)
|
3731
|
+
@resource_uri = args[:resource_uri] if args.key?(:resource_uri)
|
3732
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
3733
|
+
@upgrade = args[:upgrade] if args.key?(:upgrade)
|
3734
|
+
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
2592
3735
|
end
|
2593
3736
|
end
|
2594
3737
|
|
@@ -3045,6 +4188,210 @@ module Google
|
|
3045
4188
|
end
|
3046
4189
|
end
|
3047
4190
|
|
4191
|
+
#
|
4192
|
+
class SlsaBuilder
|
4193
|
+
include Google::Apis::Core::Hashable
|
4194
|
+
|
4195
|
+
#
|
4196
|
+
# Corresponds to the JSON property `id`
|
4197
|
+
# @return [String]
|
4198
|
+
attr_accessor :id
|
4199
|
+
|
4200
|
+
def initialize(**args)
|
4201
|
+
update!(**args)
|
4202
|
+
end
|
4203
|
+
|
4204
|
+
# Update properties of this object
|
4205
|
+
def update!(**args)
|
4206
|
+
@id = args[:id] if args.key?(:id)
|
4207
|
+
end
|
4208
|
+
end
|
4209
|
+
|
4210
|
+
# Indicates that the builder claims certain fields in this message to be
|
4211
|
+
# complete.
|
4212
|
+
class SlsaCompleteness
|
4213
|
+
include Google::Apis::Core::Hashable
|
4214
|
+
|
4215
|
+
# If true, the builder claims that recipe.arguments is complete, meaning that
|
4216
|
+
# all external inputs are properly captured in the recipe.
|
4217
|
+
# Corresponds to the JSON property `arguments`
|
4218
|
+
# @return [Boolean]
|
4219
|
+
attr_accessor :arguments
|
4220
|
+
alias_method :arguments?, :arguments
|
4221
|
+
|
4222
|
+
# If true, the builder claims that recipe.environment is claimed to be complete.
|
4223
|
+
# Corresponds to the JSON property `environment`
|
4224
|
+
# @return [Boolean]
|
4225
|
+
attr_accessor :environment
|
4226
|
+
alias_method :environment?, :environment
|
4227
|
+
|
4228
|
+
# If true, the builder claims that materials are complete, usually through some
|
4229
|
+
# controls to prevent network access. Sometimes called "hermetic".
|
4230
|
+
# Corresponds to the JSON property `materials`
|
4231
|
+
# @return [Boolean]
|
4232
|
+
attr_accessor :materials
|
4233
|
+
alias_method :materials?, :materials
|
4234
|
+
|
4235
|
+
def initialize(**args)
|
4236
|
+
update!(**args)
|
4237
|
+
end
|
4238
|
+
|
4239
|
+
# Update properties of this object
|
4240
|
+
def update!(**args)
|
4241
|
+
@arguments = args[:arguments] if args.key?(:arguments)
|
4242
|
+
@environment = args[:environment] if args.key?(:environment)
|
4243
|
+
@materials = args[:materials] if args.key?(:materials)
|
4244
|
+
end
|
4245
|
+
end
|
4246
|
+
|
4247
|
+
# Other properties of the build.
|
4248
|
+
class SlsaMetadata
|
4249
|
+
include Google::Apis::Core::Hashable
|
4250
|
+
|
4251
|
+
# The timestamp of when the build completed.
|
4252
|
+
# Corresponds to the JSON property `buildFinishedOn`
|
4253
|
+
# @return [String]
|
4254
|
+
attr_accessor :build_finished_on
|
4255
|
+
|
4256
|
+
# Identifies the particular build invocation, which can be useful for finding
|
4257
|
+
# associated logs or other ad-hoc analysis. The value SHOULD be globally unique,
|
4258
|
+
# per in-toto Provenance spec.
|
4259
|
+
# Corresponds to the JSON property `buildInvocationId`
|
4260
|
+
# @return [String]
|
4261
|
+
attr_accessor :build_invocation_id
|
4262
|
+
|
4263
|
+
# The timestamp of when the build started.
|
4264
|
+
# Corresponds to the JSON property `buildStartedOn`
|
4265
|
+
# @return [String]
|
4266
|
+
attr_accessor :build_started_on
|
4267
|
+
|
4268
|
+
# Indicates that the builder claims certain fields in this message to be
|
4269
|
+
# complete.
|
4270
|
+
# Corresponds to the JSON property `completeness`
|
4271
|
+
# @return [Google::Apis::ContaineranalysisV1::SlsaCompleteness]
|
4272
|
+
attr_accessor :completeness
|
4273
|
+
|
4274
|
+
# If true, the builder claims that running the recipe on materials will produce
|
4275
|
+
# bit-for-bit identical output.
|
4276
|
+
# Corresponds to the JSON property `reproducible`
|
4277
|
+
# @return [Boolean]
|
4278
|
+
attr_accessor :reproducible
|
4279
|
+
alias_method :reproducible?, :reproducible
|
4280
|
+
|
4281
|
+
def initialize(**args)
|
4282
|
+
update!(**args)
|
4283
|
+
end
|
4284
|
+
|
4285
|
+
# Update properties of this object
|
4286
|
+
def update!(**args)
|
4287
|
+
@build_finished_on = args[:build_finished_on] if args.key?(:build_finished_on)
|
4288
|
+
@build_invocation_id = args[:build_invocation_id] if args.key?(:build_invocation_id)
|
4289
|
+
@build_started_on = args[:build_started_on] if args.key?(:build_started_on)
|
4290
|
+
@completeness = args[:completeness] if args.key?(:completeness)
|
4291
|
+
@reproducible = args[:reproducible] if args.key?(:reproducible)
|
4292
|
+
end
|
4293
|
+
end
|
4294
|
+
|
4295
|
+
#
|
4296
|
+
class SlsaProvenance
|
4297
|
+
include Google::Apis::Core::Hashable
|
4298
|
+
|
4299
|
+
# required
|
4300
|
+
# Corresponds to the JSON property `builder`
|
4301
|
+
# @return [Google::Apis::ContaineranalysisV1::SlsaBuilder]
|
4302
|
+
attr_accessor :builder
|
4303
|
+
|
4304
|
+
# The collection of artifacts that influenced the build including sources,
|
4305
|
+
# dependencies, build tools, base images, and so on. This is considered to be
|
4306
|
+
# incomplete unless metadata.completeness.materials is true. Unset or null is
|
4307
|
+
# equivalent to empty.
|
4308
|
+
# Corresponds to the JSON property `materials`
|
4309
|
+
# @return [Array<Google::Apis::ContaineranalysisV1::Material>]
|
4310
|
+
attr_accessor :materials
|
4311
|
+
|
4312
|
+
# Other properties of the build.
|
4313
|
+
# Corresponds to the JSON property `metadata`
|
4314
|
+
# @return [Google::Apis::ContaineranalysisV1::SlsaMetadata]
|
4315
|
+
attr_accessor :metadata
|
4316
|
+
|
4317
|
+
# Steps taken to build the artifact. For a TaskRun, typically each container
|
4318
|
+
# corresponds to one step in the recipe.
|
4319
|
+
# Corresponds to the JSON property `recipe`
|
4320
|
+
# @return [Google::Apis::ContaineranalysisV1::SlsaRecipe]
|
4321
|
+
attr_accessor :recipe
|
4322
|
+
|
4323
|
+
def initialize(**args)
|
4324
|
+
update!(**args)
|
4325
|
+
end
|
4326
|
+
|
4327
|
+
# Update properties of this object
|
4328
|
+
def update!(**args)
|
4329
|
+
@builder = args[:builder] if args.key?(:builder)
|
4330
|
+
@materials = args[:materials] if args.key?(:materials)
|
4331
|
+
@metadata = args[:metadata] if args.key?(:metadata)
|
4332
|
+
@recipe = args[:recipe] if args.key?(:recipe)
|
4333
|
+
end
|
4334
|
+
end
|
4335
|
+
|
4336
|
+
# Steps taken to build the artifact. For a TaskRun, typically each container
|
4337
|
+
# corresponds to one step in the recipe.
|
4338
|
+
class SlsaRecipe
|
4339
|
+
include Google::Apis::Core::Hashable
|
4340
|
+
|
4341
|
+
# Collection of all external inputs that influenced the build on top of recipe.
|
4342
|
+
# definedInMaterial and recipe.entryPoint. For example, if the recipe type were "
|
4343
|
+
# make", then this might be the flags passed to make aside from the target,
|
4344
|
+
# which is captured in recipe.entryPoint. Depending on the recipe Type, the
|
4345
|
+
# structure may be different.
|
4346
|
+
# Corresponds to the JSON property `arguments`
|
4347
|
+
# @return [Hash<String,Object>]
|
4348
|
+
attr_accessor :arguments
|
4349
|
+
|
4350
|
+
# Index in materials containing the recipe steps that are not implied by recipe.
|
4351
|
+
# type. For example, if the recipe type were "make", then this would point to
|
4352
|
+
# the source containing the Makefile, not the make program itself. Set to -1 if
|
4353
|
+
# the recipe doesn't come from a material, as zero is default unset value for
|
4354
|
+
# int64.
|
4355
|
+
# Corresponds to the JSON property `definedInMaterial`
|
4356
|
+
# @return [Fixnum]
|
4357
|
+
attr_accessor :defined_in_material
|
4358
|
+
|
4359
|
+
# String identifying the entry point into the build. This is often a path to a
|
4360
|
+
# configuration file and/or a target label within that file. The syntax and
|
4361
|
+
# meaning are defined by recipe.type. For example, if the recipe type were "make"
|
4362
|
+
# , then this would reference the directory in which to run make as well as
|
4363
|
+
# which target to use.
|
4364
|
+
# Corresponds to the JSON property `entryPoint`
|
4365
|
+
# @return [String]
|
4366
|
+
attr_accessor :entry_point
|
4367
|
+
|
4368
|
+
# Any other builder-controlled inputs necessary for correctly evaluating the
|
4369
|
+
# recipe. Usually only needed for reproducing the build but not evaluated as
|
4370
|
+
# part of policy. Depending on the recipe Type, the structure may be different.
|
4371
|
+
# Corresponds to the JSON property `environment`
|
4372
|
+
# @return [Hash<String,Object>]
|
4373
|
+
attr_accessor :environment
|
4374
|
+
|
4375
|
+
# URI indicating what type of recipe was performed. It determines the meaning of
|
4376
|
+
# recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
|
4377
|
+
# Corresponds to the JSON property `type`
|
4378
|
+
# @return [String]
|
4379
|
+
attr_accessor :type
|
4380
|
+
|
4381
|
+
def initialize(**args)
|
4382
|
+
update!(**args)
|
4383
|
+
end
|
4384
|
+
|
4385
|
+
# Update properties of this object
|
4386
|
+
def update!(**args)
|
4387
|
+
@arguments = args[:arguments] if args.key?(:arguments)
|
4388
|
+
@defined_in_material = args[:defined_in_material] if args.key?(:defined_in_material)
|
4389
|
+
@entry_point = args[:entry_point] if args.key?(:entry_point)
|
4390
|
+
@environment = args[:environment] if args.key?(:environment)
|
4391
|
+
@type = args[:type] if args.key?(:type)
|
4392
|
+
end
|
4393
|
+
end
|
4394
|
+
|
3048
4395
|
# Source describes the location of the source used for the build.
|
3049
4396
|
class Source
|
3050
4397
|
include Google::Apis::Core::Hashable
|
@@ -3173,7 +4520,8 @@ module Google
|
|
3173
4520
|
class Subject
|
3174
4521
|
include Google::Apis::Core::Hashable
|
3175
4522
|
|
3176
|
-
# "": ""
|
4523
|
+
# `"": ""` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/
|
4524
|
+
# attestation/blob/main/spec/field_types.md#DigestSet
|
3177
4525
|
# Corresponds to the JSON property `digest`
|
3178
4526
|
# @return [Hash<String,String>]
|
3179
4527
|
attr_accessor :digest
|
@@ -3234,31 +4582,6 @@ module Google
|
|
3234
4582
|
end
|
3235
4583
|
end
|
3236
4584
|
|
3237
|
-
# Start and end times for a build execution phase.
|
3238
|
-
class TimeSpan
|
3239
|
-
include Google::Apis::Core::Hashable
|
3240
|
-
|
3241
|
-
# End of time span.
|
3242
|
-
# Corresponds to the JSON property `endTime`
|
3243
|
-
# @return [String]
|
3244
|
-
attr_accessor :end_time
|
3245
|
-
|
3246
|
-
# Start of time span.
|
3247
|
-
# Corresponds to the JSON property `startTime`
|
3248
|
-
# @return [String]
|
3249
|
-
attr_accessor :start_time
|
3250
|
-
|
3251
|
-
def initialize(**args)
|
3252
|
-
update!(**args)
|
3253
|
-
end
|
3254
|
-
|
3255
|
-
# Update properties of this object
|
3256
|
-
def update!(**args)
|
3257
|
-
@end_time = args[:end_time] if args.key?(:end_time)
|
3258
|
-
@start_time = args[:start_time] if args.key?(:start_time)
|
3259
|
-
end
|
3260
|
-
end
|
3261
|
-
|
3262
4585
|
# The Upgrade Distribution represents metadata about the Upgrade for each
|
3263
4586
|
# operating system (CPE). Some distributions have additional metadata around
|
3264
4587
|
# updates, classifying them into various categories and severities.
|
@@ -3447,36 +4770,6 @@ module Google
|
|
3447
4770
|
end
|
3448
4771
|
end
|
3449
4772
|
|
3450
|
-
# Volume describes a Docker container volume which is mounted into build steps
|
3451
|
-
# in order to persist files across build step execution.
|
3452
|
-
class Volume
|
3453
|
-
include Google::Apis::Core::Hashable
|
3454
|
-
|
3455
|
-
# Name of the volume to mount. Volume names must be unique per build step and
|
3456
|
-
# must be valid names for Docker volumes. Each named volume must be used by at
|
3457
|
-
# least two build steps.
|
3458
|
-
# Corresponds to the JSON property `name`
|
3459
|
-
# @return [String]
|
3460
|
-
attr_accessor :name
|
3461
|
-
|
3462
|
-
# Path at which to mount the volume. Paths must be absolute and cannot conflict
|
3463
|
-
# with other volume paths on the same build step or with certain reserved volume
|
3464
|
-
# paths.
|
3465
|
-
# Corresponds to the JSON property `path`
|
3466
|
-
# @return [String]
|
3467
|
-
attr_accessor :path
|
3468
|
-
|
3469
|
-
def initialize(**args)
|
3470
|
-
update!(**args)
|
3471
|
-
end
|
3472
|
-
|
3473
|
-
# Update properties of this object
|
3474
|
-
def update!(**args)
|
3475
|
-
@name = args[:name] if args.key?(:name)
|
3476
|
-
@path = args[:path] if args.key?(:path)
|
3477
|
-
end
|
3478
|
-
end
|
3479
|
-
|
3480
4773
|
# A security vulnerability that can be found in resources.
|
3481
4774
|
class VulnerabilityNote
|
3482
4775
|
include Google::Apis::Core::Hashable
|
@@ -3543,6 +4836,15 @@ module Google
|
|
3543
4836
|
# @return [Float]
|
3544
4837
|
attr_accessor :cvss_score
|
3545
4838
|
|
4839
|
+
# Common Vulnerability Scoring System. For details, see https://www.first.org/
|
4840
|
+
# cvss/specification-document This is a message we will try to use for storing
|
4841
|
+
# multiple versions of CVSS. The intention is that as new versions of CVSS
|
4842
|
+
# scores get added, we will be able to modify this message rather than adding
|
4843
|
+
# new protos for each new version of the score.
|
4844
|
+
# Corresponds to the JSON property `cvssv3`
|
4845
|
+
# @return [Google::Apis::ContaineranalysisV1::Cvss]
|
4846
|
+
attr_accessor :cvssv3
|
4847
|
+
|
3546
4848
|
# The distro assigned severity for this vulnerability when it is available,
|
3547
4849
|
# otherwise this is the note provider assigned severity. When there are multiple
|
3548
4850
|
# PackageIssues for this vulnerability, they can have different effective
|
@@ -3600,6 +4902,7 @@ module Google
|
|
3600
4902
|
# Update properties of this object
|
3601
4903
|
def update!(**args)
|
3602
4904
|
@cvss_score = args[:cvss_score] if args.key?(:cvss_score)
|
4905
|
+
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
3603
4906
|
@effective_severity = args[:effective_severity] if args.key?(:effective_severity)
|
3604
4907
|
@fix_available = args[:fix_available] if args.key?(:fix_available)
|
3605
4908
|
@long_description = args[:long_description] if args.key?(:long_description)
|