google-apis-containeranalysis_v1alpha1 0.7.0 → 0.11.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed66951523efa08213d8ddd7f0b2a75a2452df8eea6bb6525a0a3d193971c6a0
4
- data.tar.gz: e6e7b837102054a87a4bffa143aef0880b8fae633947b348eea754f8d26de24b
3
+ metadata.gz: e810236f1c66a358608986d83593983687c74ce3882cd00b8bfbd2ac47114796
4
+ data.tar.gz: 3bb041b640f083490637154be50e3dde00abb162eb58663997917ce2e078f0bf
5
5
  SHA512:
6
- metadata.gz: e3c229fc16ee07ad6d3085870d8e4416ded816d815bc34f114e62935623561ebc04e821d490cd9e7ba11fd6646b755dbd33be157b71f5208d1fa96df449ba5d9
7
- data.tar.gz: 3c1ed7a6215803532501a416a3d9d8f40ff35fe25c470989e5910fc1386745eb81e108c2997b631c8ae9ff5973893040a6f4748f0ae54de931ba58ec4fd67652
6
+ metadata.gz: e305d0842ca414d012d9e86dcbbf5ed42927dfeee087e73217c76206382312d5828a850402321a289e6f48fb9e0e202f7d0ea9f6a73cc78345bf881aeaf861e4
7
+ data.tar.gz: 6bc36c58c825f22fcd2e6d75ac753963050b8688e2d101236fd3286ae349d801c85e9dbaab81995c579b61a647795f036e9a74491720c03f08c1437b65a2e488
data/CHANGELOG.md CHANGED
@@ -1,5 +1,21 @@
1
1
  # Release history for google-apis-containeranalysis_v1alpha1
2
2
 
3
+ ### v0.11.0 (2021-08-05)
4
+
5
+ * Regenerated from discovery document revision 20210730
6
+
7
+ ### v0.10.0 (2021-07-29)
8
+
9
+ * Regenerated from discovery document revision 20210723
10
+
11
+ ### v0.9.0 (2021-06-29)
12
+
13
+ * Regenerated using generator version 0.4.0
14
+
15
+ ### v0.8.0 (2021-06-24)
16
+
17
+ * Unspecified changes
18
+
3
19
  ### v0.7.0 (2021-06-10)
4
20
 
5
21
  * Regenerated from discovery document revision 20210604
@@ -259,6 +259,11 @@ module Google
259
259
  class BuildDetails
260
260
  include Google::Apis::Core::Hashable
261
261
 
262
+ # In-toto Provenance representation as defined in spec.
263
+ # Corresponds to the JSON property `intotoProvenance`
264
+ # @return [Google::Apis::ContaineranalysisV1alpha1::InTotoProvenance]
265
+ attr_accessor :intoto_provenance
266
+
262
267
  # Provenance of a build. Contains all information needed to verify the full
263
268
  # details about the build from source to completion.
264
269
  # Corresponds to the JSON property `provenance`
@@ -283,6 +288,7 @@ module Google
283
288
 
284
289
  # Update properties of this object
285
290
  def update!(**args)
291
+ @intoto_provenance = args[:intoto_provenance] if args.key?(:intoto_provenance)
286
292
  @provenance = args[:provenance] if args.key?(:provenance)
287
293
  @provenance_bytes = args[:provenance_bytes] if args.key?(:provenance_bytes)
288
294
  end
@@ -458,6 +464,25 @@ module Google
458
464
  end
459
465
  end
460
466
 
467
+ #
468
+ class BuilderConfig
469
+ include Google::Apis::Core::Hashable
470
+
471
+ #
472
+ # Corresponds to the JSON property `id`
473
+ # @return [String]
474
+ attr_accessor :id
475
+
476
+ def initialize(**args)
477
+ update!(**args)
478
+ end
479
+
480
+ # Update properties of this object
481
+ def update!(**args)
482
+ @id = args[:id] if args.key?(:id)
483
+ end
484
+ end
485
+
461
486
  # A compliance check that is a CIS benchmark.
462
487
  class CisBenchmark
463
488
  include Google::Apis::Core::Hashable
@@ -535,6 +560,43 @@ module Google
535
560
  end
536
561
  end
537
562
 
563
+ # Indicates that the builder claims certain fields in this message to be
564
+ # complete.
565
+ class Completeness
566
+ include Google::Apis::Core::Hashable
567
+
568
+ # If true, the builder claims that recipe.arguments is complete, meaning that
569
+ # all external inputs are properly captured in the recipe.
570
+ # Corresponds to the JSON property `arguments`
571
+ # @return [Boolean]
572
+ attr_accessor :arguments
573
+ alias_method :arguments?, :arguments
574
+
575
+ # If true, the builder claims that recipe.environment is claimed to be complete.
576
+ # Corresponds to the JSON property `environment`
577
+ # @return [Boolean]
578
+ attr_accessor :environment
579
+ alias_method :environment?, :environment
580
+
581
+ # If true, the builder claims that materials are complete, usually through some
582
+ # controls to prevent network access. Sometimes called "hermetic".
583
+ # Corresponds to the JSON property `materials`
584
+ # @return [Boolean]
585
+ attr_accessor :materials
586
+ alias_method :materials?, :materials
587
+
588
+ def initialize(**args)
589
+ update!(**args)
590
+ end
591
+
592
+ # Update properties of this object
593
+ def update!(**args)
594
+ @arguments = args[:arguments] if args.key?(:arguments)
595
+ @environment = args[:environment] if args.key?(:environment)
596
+ @materials = args[:materials] if args.key?(:materials)
597
+ end
598
+ end
599
+
538
600
  # ComplianceNote encapsulates all information about a specific compliance check.
539
601
  class ComplianceNote
540
602
  include Google::Apis::Core::Hashable
@@ -671,6 +733,83 @@ module Google
671
733
  end
672
734
  end
673
735
 
736
+ # A note describing an attestation
737
+ class DsseAttestationNote
738
+ include Google::Apis::Core::Hashable
739
+
740
+ # This submessage provides human-readable hints about the purpose of the
741
+ # authority. Because the name of a note acts as its resource reference, it is
742
+ # important to disambiguate the canonical name of the Note (which might be a
743
+ # UUID for security purposes) from "readable" names more suitable for debug
744
+ # output. Note that these hints should not be used to look up authorities in
745
+ # security sensitive contexts, such as when looking up attestations to verify.
746
+ # Corresponds to the JSON property `hint`
747
+ # @return [Google::Apis::ContaineranalysisV1alpha1::DsseHint]
748
+ attr_accessor :hint
749
+
750
+ def initialize(**args)
751
+ update!(**args)
752
+ end
753
+
754
+ # Update properties of this object
755
+ def update!(**args)
756
+ @hint = args[:hint] if args.key?(:hint)
757
+ end
758
+ end
759
+
760
+ # An occurrence describing an attestation on a resource
761
+ class DsseAttestationOccurrence
762
+ include Google::Apis::Core::Hashable
763
+
764
+ # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.
765
+ # proto. An authenticated message of arbitrary type.
766
+ # Corresponds to the JSON property `envelope`
767
+ # @return [Google::Apis::ContaineranalysisV1alpha1::Envelope]
768
+ attr_accessor :envelope
769
+
770
+ # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#
771
+ # statement The serialized InTotoStatement will be stored as Envelope.payload.
772
+ # Envelope.payloadType is always "application/vnd.in-toto+json".
773
+ # Corresponds to the JSON property `statement`
774
+ # @return [Google::Apis::ContaineranalysisV1alpha1::InTotoStatement]
775
+ attr_accessor :statement
776
+
777
+ def initialize(**args)
778
+ update!(**args)
779
+ end
780
+
781
+ # Update properties of this object
782
+ def update!(**args)
783
+ @envelope = args[:envelope] if args.key?(:envelope)
784
+ @statement = args[:statement] if args.key?(:statement)
785
+ end
786
+ end
787
+
788
+ # This submessage provides human-readable hints about the purpose of the
789
+ # authority. Because the name of a note acts as its resource reference, it is
790
+ # important to disambiguate the canonical name of the Note (which might be a
791
+ # UUID for security purposes) from "readable" names more suitable for debug
792
+ # output. Note that these hints should not be used to look up authorities in
793
+ # security sensitive contexts, such as when looking up attestations to verify.
794
+ class DsseHint
795
+ include Google::Apis::Core::Hashable
796
+
797
+ # Required. The human readable name of this attestation authority, for example "
798
+ # cloudbuild-prod".
799
+ # Corresponds to the JSON property `humanReadableName`
800
+ # @return [String]
801
+ attr_accessor :human_readable_name
802
+
803
+ def initialize(**args)
804
+ update!(**args)
805
+ end
806
+
807
+ # Update properties of this object
808
+ def update!(**args)
809
+ @human_readable_name = args[:human_readable_name] if args.key?(:human_readable_name)
810
+ end
811
+ end
812
+
674
813
  # An artifact that can be deployed in some runtime.
675
814
  class Deployable
676
815
  include Google::Apis::Core::Hashable
@@ -1007,6 +1146,112 @@ module Google
1007
1146
  end
1008
1147
  end
1009
1148
 
1149
+ # DocumentNote represents an SPDX Document Creation Infromation section: https://
1150
+ # spdx.github.io/spdx-spec/2-document-creation-information/
1151
+ class DocumentNote
1152
+ include Google::Apis::Core::Hashable
1153
+
1154
+ # Compliance with the SPDX specification includes populating the SPDX fields
1155
+ # therein with data related to such fields ("SPDX-Metadata")
1156
+ # Corresponds to the JSON property `dataLicence`
1157
+ # @return [String]
1158
+ attr_accessor :data_licence
1159
+
1160
+ # Provide a reference number that can be used to understand how to parse and
1161
+ # interpret the rest of the file
1162
+ # Corresponds to the JSON property `spdxVersion`
1163
+ # @return [String]
1164
+ attr_accessor :spdx_version
1165
+
1166
+ def initialize(**args)
1167
+ update!(**args)
1168
+ end
1169
+
1170
+ # Update properties of this object
1171
+ def update!(**args)
1172
+ @data_licence = args[:data_licence] if args.key?(:data_licence)
1173
+ @spdx_version = args[:spdx_version] if args.key?(:spdx_version)
1174
+ end
1175
+ end
1176
+
1177
+ # DocumentOccurrence represents an SPDX Document Creation Information section:
1178
+ # https://spdx.github.io/spdx-spec/2-document-creation-information/
1179
+ class DocumentOccurrence
1180
+ include Google::Apis::Core::Hashable
1181
+
1182
+ # Identify when the SPDX file was originally created. The date is to be
1183
+ # specified according to combined date and time in UTC format as specified in
1184
+ # ISO 8601 standard
1185
+ # Corresponds to the JSON property `createTime`
1186
+ # @return [String]
1187
+ attr_accessor :create_time
1188
+
1189
+ # A field for creators of the SPDX file to provide general comments about the
1190
+ # creation of the SPDX file or any other relevant comment not included in the
1191
+ # other fields
1192
+ # Corresponds to the JSON property `creatorComment`
1193
+ # @return [String]
1194
+ attr_accessor :creator_comment
1195
+
1196
+ # Identify who (or what, in the case of a tool) created the SPDX file. If the
1197
+ # SPDX file was created by an individual, indicate the person's name
1198
+ # Corresponds to the JSON property `creators`
1199
+ # @return [Array<String>]
1200
+ attr_accessor :creators
1201
+
1202
+ # A field for creators of the SPDX file content to provide comments to the
1203
+ # consumers of the SPDX document
1204
+ # Corresponds to the JSON property `documentComment`
1205
+ # @return [String]
1206
+ attr_accessor :document_comment
1207
+
1208
+ # Identify any external SPDX documents referenced within this SPDX document
1209
+ # Corresponds to the JSON property `externalDocumentRefs`
1210
+ # @return [Array<String>]
1211
+ attr_accessor :external_document_refs
1212
+
1213
+ # Identify the current SPDX document which may be referenced in relationships by
1214
+ # other files, packages internally and documents externally
1215
+ # Corresponds to the JSON property `id`
1216
+ # @return [String]
1217
+ attr_accessor :id
1218
+
1219
+ # A field for creators of the SPDX file to provide the version of the SPDX
1220
+ # License List used when the SPDX file was created
1221
+ # Corresponds to the JSON property `licenseListVersion`
1222
+ # @return [String]
1223
+ attr_accessor :license_list_version
1224
+
1225
+ # Provide an SPDX document specific namespace as a unique absolute Uniform
1226
+ # Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘
1227
+ # #’ delimiter
1228
+ # Corresponds to the JSON property `namespace`
1229
+ # @return [String]
1230
+ attr_accessor :namespace
1231
+
1232
+ # Identify name of this document as designated by creator
1233
+ # Corresponds to the JSON property `title`
1234
+ # @return [String]
1235
+ attr_accessor :title
1236
+
1237
+ def initialize(**args)
1238
+ update!(**args)
1239
+ end
1240
+
1241
+ # Update properties of this object
1242
+ def update!(**args)
1243
+ @create_time = args[:create_time] if args.key?(:create_time)
1244
+ @creator_comment = args[:creator_comment] if args.key?(:creator_comment)
1245
+ @creators = args[:creators] if args.key?(:creators)
1246
+ @document_comment = args[:document_comment] if args.key?(:document_comment)
1247
+ @external_document_refs = args[:external_document_refs] if args.key?(:external_document_refs)
1248
+ @id = args[:id] if args.key?(:id)
1249
+ @license_list_version = args[:license_list_version] if args.key?(:license_list_version)
1250
+ @namespace = args[:namespace] if args.key?(:namespace)
1251
+ @title = args[:title] if args.key?(:title)
1252
+ end
1253
+ end
1254
+
1010
1255
  # A generic empty message that you can re-use to avoid defining duplicated empty
1011
1256
  # messages in your APIs. A typical example is to use it as the request or the
1012
1257
  # response type of an API method. For instance: service Foo ` rpc Bar(google.
@@ -1024,6 +1269,65 @@ module Google
1024
1269
  end
1025
1270
  end
1026
1271
 
1272
+ # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.
1273
+ # proto. An authenticated message of arbitrary type.
1274
+ class Envelope
1275
+ include Google::Apis::Core::Hashable
1276
+
1277
+ # The bytes being signed
1278
+ # Corresponds to the JSON property `payload`
1279
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1280
+ # @return [String]
1281
+ attr_accessor :payload
1282
+
1283
+ # The type of payload being signed
1284
+ # Corresponds to the JSON property `payloadType`
1285
+ # @return [String]
1286
+ attr_accessor :payload_type
1287
+
1288
+ # The signatures over the payload
1289
+ # Corresponds to the JSON property `signatures`
1290
+ # @return [Array<Google::Apis::ContaineranalysisV1alpha1::EnvelopeSignature>]
1291
+ attr_accessor :signatures
1292
+
1293
+ def initialize(**args)
1294
+ update!(**args)
1295
+ end
1296
+
1297
+ # Update properties of this object
1298
+ def update!(**args)
1299
+ @payload = args[:payload] if args.key?(:payload)
1300
+ @payload_type = args[:payload_type] if args.key?(:payload_type)
1301
+ @signatures = args[:signatures] if args.key?(:signatures)
1302
+ end
1303
+ end
1304
+
1305
+ # A DSSE signature
1306
+ class EnvelopeSignature
1307
+ include Google::Apis::Core::Hashable
1308
+
1309
+ # A reference id to the key being used for signing
1310
+ # Corresponds to the JSON property `keyid`
1311
+ # @return [String]
1312
+ attr_accessor :keyid
1313
+
1314
+ # The signature itself
1315
+ # Corresponds to the JSON property `sig`
1316
+ # NOTE: Values are automatically base64 encoded/decoded in the client library.
1317
+ # @return [String]
1318
+ attr_accessor :sig
1319
+
1320
+ def initialize(**args)
1321
+ update!(**args)
1322
+ end
1323
+
1324
+ # Update properties of this object
1325
+ def update!(**args)
1326
+ @keyid = args[:keyid] if args.key?(:keyid)
1327
+ @sig = args[:sig] if args.key?(:sig)
1328
+ end
1329
+ end
1330
+
1027
1331
  # Represents a textual expression in the Common Expression Language (CEL) syntax.
1028
1332
  # CEL is a C-like expression language. The syntax and semantics of CEL are
1029
1333
  # documented at https://github.com/google/cel-spec. Example (Comparison): title:
@@ -1078,6 +1382,48 @@ module Google
1078
1382
  end
1079
1383
  end
1080
1384
 
1385
+ # An External Reference allows a Package to reference an external source of
1386
+ # additional information, metadata, enumerations, asset identifiers, or
1387
+ # downloadable content believed to be relevant to the Package
1388
+ class ExternalRef
1389
+ include Google::Apis::Core::Hashable
1390
+
1391
+ # An External Reference allows a Package to reference an external source of
1392
+ # additional information, metadata, enumerations, asset identifiers, or
1393
+ # downloadable content believed to be relevant to the Package
1394
+ # Corresponds to the JSON property `category`
1395
+ # @return [String]
1396
+ attr_accessor :category
1397
+
1398
+ # Human-readable information about the purpose and target of the reference
1399
+ # Corresponds to the JSON property `comment`
1400
+ # @return [String]
1401
+ attr_accessor :comment
1402
+
1403
+ # The unique string with no spaces necessary to access the package-specific
1404
+ # information, metadata, or content within the target location
1405
+ # Corresponds to the JSON property `locator`
1406
+ # @return [String]
1407
+ attr_accessor :locator
1408
+
1409
+ # Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)
1410
+ # Corresponds to the JSON property `type`
1411
+ # @return [String]
1412
+ attr_accessor :type
1413
+
1414
+ def initialize(**args)
1415
+ update!(**args)
1416
+ end
1417
+
1418
+ # Update properties of this object
1419
+ def update!(**args)
1420
+ @category = args[:category] if args.key?(:category)
1421
+ @comment = args[:comment] if args.key?(:comment)
1422
+ @locator = args[:locator] if args.key?(:locator)
1423
+ @type = args[:type] if args.key?(:type)
1424
+ end
1425
+ end
1426
+
1081
1427
  # Container message for hashes of byte content of files, used in Source messages
1082
1428
  # to verify integrity of source input to the build.
1083
1429
  class FileHashes
@@ -1098,6 +1444,117 @@ module Google
1098
1444
  end
1099
1445
  end
1100
1446
 
1447
+ # FileNote represents an SPDX File Information section: https://spdx.github.io/
1448
+ # spdx-spec/4-file-information/
1449
+ class FileNote
1450
+ include Google::Apis::Core::Hashable
1451
+
1452
+ # Provide a unique identifier to match analysis information on each specific
1453
+ # file in a package
1454
+ # Corresponds to the JSON property `checksum`
1455
+ # @return [Array<String>]
1456
+ attr_accessor :checksum
1457
+
1458
+ # This field provides information about the type of file identified
1459
+ # Corresponds to the JSON property `fileType`
1460
+ # @return [String]
1461
+ attr_accessor :file_type
1462
+
1463
+ # Identify the full path and filename that corresponds to the file information
1464
+ # in this section
1465
+ # Corresponds to the JSON property `title`
1466
+ # @return [String]
1467
+ attr_accessor :title
1468
+
1469
+ def initialize(**args)
1470
+ update!(**args)
1471
+ end
1472
+
1473
+ # Update properties of this object
1474
+ def update!(**args)
1475
+ @checksum = args[:checksum] if args.key?(:checksum)
1476
+ @file_type = args[:file_type] if args.key?(:file_type)
1477
+ @title = args[:title] if args.key?(:title)
1478
+ end
1479
+ end
1480
+
1481
+ # FileOccurrence represents an SPDX File Information section: https://spdx.
1482
+ # github.io/spdx-spec/4-file-information/
1483
+ class FileOccurrence
1484
+ include Google::Apis::Core::Hashable
1485
+
1486
+ # This field provides a place for the SPDX data creator to record, at the file
1487
+ # level, acknowledgements that may be needed to be communicated in some contexts
1488
+ # Corresponds to the JSON property `attributions`
1489
+ # @return [Array<String>]
1490
+ attr_accessor :attributions
1491
+
1492
+ # This field provides a place for the SPDX file creator to record any general
1493
+ # comments about the file
1494
+ # Corresponds to the JSON property `comment`
1495
+ # @return [String]
1496
+ attr_accessor :comment
1497
+
1498
+ # This field provides a place for the SPDX file creator to record file
1499
+ # contributors
1500
+ # Corresponds to the JSON property `contributors`
1501
+ # @return [Array<String>]
1502
+ attr_accessor :contributors
1503
+
1504
+ # Identify the copyright holder of the file, as well as any dates present
1505
+ # Corresponds to the JSON property `copyright`
1506
+ # @return [String]
1507
+ attr_accessor :copyright
1508
+
1509
+ # This field contains the license information actually found in the file, if any
1510
+ # Corresponds to the JSON property `filesLicenseInfo`
1511
+ # @return [Array<String>]
1512
+ attr_accessor :files_license_info
1513
+
1514
+ # Uniquely identify any element in an SPDX document which may be referenced by
1515
+ # other elements
1516
+ # Corresponds to the JSON property `id`
1517
+ # @return [String]
1518
+ attr_accessor :id
1519
+
1520
+ # This field provides a place for the SPDX file creator to record any relevant
1521
+ # background references or analysis that went in to arriving at the Concluded
1522
+ # License for a file
1523
+ # Corresponds to the JSON property `licenseComments`
1524
+ # @return [String]
1525
+ attr_accessor :license_comments
1526
+
1527
+ # This field contains the license the SPDX file creator has concluded as
1528
+ # governing the file or alternative values if the governing license cannot be
1529
+ # determined
1530
+ # Corresponds to the JSON property `licenseConcluded`
1531
+ # @return [String]
1532
+ attr_accessor :license_concluded
1533
+
1534
+ # This field provides a place for the SPDX file creator to record license
1535
+ # notices or other such related notices found in the file
1536
+ # Corresponds to the JSON property `notice`
1537
+ # @return [String]
1538
+ attr_accessor :notice
1539
+
1540
+ def initialize(**args)
1541
+ update!(**args)
1542
+ end
1543
+
1544
+ # Update properties of this object
1545
+ def update!(**args)
1546
+ @attributions = args[:attributions] if args.key?(:attributions)
1547
+ @comment = args[:comment] if args.key?(:comment)
1548
+ @contributors = args[:contributors] if args.key?(:contributors)
1549
+ @copyright = args[:copyright] if args.key?(:copyright)
1550
+ @files_license_info = args[:files_license_info] if args.key?(:files_license_info)
1551
+ @id = args[:id] if args.key?(:id)
1552
+ @license_comments = args[:license_comments] if args.key?(:license_comments)
1553
+ @license_concluded = args[:license_concluded] if args.key?(:license_concluded)
1554
+ @notice = args[:notice] if args.key?(:notice)
1555
+ end
1556
+ end
1557
+
1101
1558
  # A set of properties that uniquely identify a given Docker image.
1102
1559
  class Fingerprint
1103
1560
  include Google::Apis::Core::Hashable
@@ -1461,6 +1918,86 @@ module Google
1461
1918
  end
1462
1919
  end
1463
1920
 
1921
+ #
1922
+ class InTotoProvenance
1923
+ include Google::Apis::Core::Hashable
1924
+
1925
+ # required
1926
+ # Corresponds to the JSON property `builderConfig`
1927
+ # @return [Google::Apis::ContaineranalysisV1alpha1::BuilderConfig]
1928
+ attr_accessor :builder_config
1929
+
1930
+ # The collection of artifacts that influenced the build including sources,
1931
+ # dependencies, build tools, base images, and so on. This is considered to be
1932
+ # incomplete unless metadata.completeness.materials is true. Unset or null is
1933
+ # equivalent to empty.
1934
+ # Corresponds to the JSON property `materials`
1935
+ # @return [Array<String>]
1936
+ attr_accessor :materials
1937
+
1938
+ # Other properties of the build.
1939
+ # Corresponds to the JSON property `metadata`
1940
+ # @return [Google::Apis::ContaineranalysisV1alpha1::Metadata]
1941
+ attr_accessor :metadata
1942
+
1943
+ # Steps taken to build the artifact. For a TaskRun, typically each container
1944
+ # corresponds to one step in the recipe.
1945
+ # Corresponds to the JSON property `recipe`
1946
+ # @return [Google::Apis::ContaineranalysisV1alpha1::Recipe]
1947
+ attr_accessor :recipe
1948
+
1949
+ def initialize(**args)
1950
+ update!(**args)
1951
+ end
1952
+
1953
+ # Update properties of this object
1954
+ def update!(**args)
1955
+ @builder_config = args[:builder_config] if args.key?(:builder_config)
1956
+ @materials = args[:materials] if args.key?(:materials)
1957
+ @metadata = args[:metadata] if args.key?(:metadata)
1958
+ @recipe = args[:recipe] if args.key?(:recipe)
1959
+ end
1960
+ end
1961
+
1962
+ # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#
1963
+ # statement The serialized InTotoStatement will be stored as Envelope.payload.
1964
+ # Envelope.payloadType is always "application/vnd.in-toto+json".
1965
+ class InTotoStatement
1966
+ include Google::Apis::Core::Hashable
1967
+
1968
+ # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
1969
+ # Corresponds to the JSON property `predicateType`
1970
+ # @return [String]
1971
+ attr_accessor :predicate_type
1972
+
1973
+ #
1974
+ # Corresponds to the JSON property `provenance`
1975
+ # @return [Google::Apis::ContaineranalysisV1alpha1::InTotoProvenance]
1976
+ attr_accessor :provenance
1977
+
1978
+ #
1979
+ # Corresponds to the JSON property `subject`
1980
+ # @return [Array<Google::Apis::ContaineranalysisV1alpha1::Subject>]
1981
+ attr_accessor :subject
1982
+
1983
+ # Always "https://in-toto.io/Statement/v0.1".
1984
+ # Corresponds to the JSON property `type`
1985
+ # @return [String]
1986
+ attr_accessor :type
1987
+
1988
+ def initialize(**args)
1989
+ update!(**args)
1990
+ end
1991
+
1992
+ # Update properties of this object
1993
+ def update!(**args)
1994
+ @predicate_type = args[:predicate_type] if args.key?(:predicate_type)
1995
+ @provenance = args[:provenance] if args.key?(:provenance)
1996
+ @subject = args[:subject] if args.key?(:subject)
1997
+ @type = args[:type] if args.key?(:type)
1998
+ end
1999
+ end
2000
+
1464
2001
  # This represents how a particular software package may be installed on a system.
1465
2002
  class Installation
1466
2003
  include Google::Apis::Core::Hashable
@@ -1650,6 +2187,54 @@ module Google
1650
2187
  end
1651
2188
  end
1652
2189
 
2190
+ # Other properties of the build.
2191
+ class Metadata
2192
+ include Google::Apis::Core::Hashable
2193
+
2194
+ # The timestamp of when the build completed.
2195
+ # Corresponds to the JSON property `buildFinishedOn`
2196
+ # @return [String]
2197
+ attr_accessor :build_finished_on
2198
+
2199
+ # Identifies the particular build invocation, which can be useful for finding
2200
+ # associated logs or other ad-hoc analysis. The value SHOULD be globally unique,
2201
+ # per in-toto Provenance spec.
2202
+ # Corresponds to the JSON property `buildInvocationId`
2203
+ # @return [String]
2204
+ attr_accessor :build_invocation_id
2205
+
2206
+ # The timestamp of when the build started.
2207
+ # Corresponds to the JSON property `buildStartedOn`
2208
+ # @return [String]
2209
+ attr_accessor :build_started_on
2210
+
2211
+ # Indicates that the builder claims certain fields in this message to be
2212
+ # complete.
2213
+ # Corresponds to the JSON property `completeness`
2214
+ # @return [Google::Apis::ContaineranalysisV1alpha1::Completeness]
2215
+ attr_accessor :completeness
2216
+
2217
+ # If true, the builder claims that running the recipe on materials will produce
2218
+ # bit-for-bit identical output.
2219
+ # Corresponds to the JSON property `reproducible`
2220
+ # @return [Boolean]
2221
+ attr_accessor :reproducible
2222
+ alias_method :reproducible?, :reproducible
2223
+
2224
+ def initialize(**args)
2225
+ update!(**args)
2226
+ end
2227
+
2228
+ # Update properties of this object
2229
+ def update!(**args)
2230
+ @build_finished_on = args[:build_finished_on] if args.key?(:build_finished_on)
2231
+ @build_invocation_id = args[:build_invocation_id] if args.key?(:build_invocation_id)
2232
+ @build_started_on = args[:build_started_on] if args.key?(:build_started_on)
2233
+ @completeness = args[:completeness] if args.key?(:completeness)
2234
+ @reproducible = args[:reproducible] if args.key?(:reproducible)
2235
+ end
2236
+ end
2237
+
1653
2238
  # Details about files that caused a compliance check to fail.
1654
2239
  class NonCompliantFile
1655
2240
  include Google::Apis::Core::Hashable
@@ -1737,6 +2322,11 @@ module Google
1737
2322
  # @return [Google::Apis::ContaineranalysisV1alpha1::Discovery]
1738
2323
  attr_accessor :discovery
1739
2324
 
2325
+ # A note describing an attestation
2326
+ # Corresponds to the JSON property `dsseAttestation`
2327
+ # @return [Google::Apis::ContaineranalysisV1alpha1::DsseAttestationNote]
2328
+ attr_accessor :dsse_attestation
2329
+
1740
2330
  # Time of expiration for this note, null if note does not expire.
1741
2331
  # Corresponds to the JSON property `expirationTime`
1742
2332
  # @return [String]
@@ -1770,11 +2360,35 @@ module Google
1770
2360
  # @return [Array<Google::Apis::ContaineranalysisV1alpha1::RelatedUrl>]
1771
2361
  attr_accessor :related_url
1772
2362
 
2363
+ # DocumentNote represents an SPDX Document Creation Infromation section: https://
2364
+ # spdx.github.io/spdx-spec/2-document-creation-information/
2365
+ # Corresponds to the JSON property `sbom`
2366
+ # @return [Google::Apis::ContaineranalysisV1alpha1::DocumentNote]
2367
+ attr_accessor :sbom
2368
+
1773
2369
  # A one sentence description of this `Note`.
1774
2370
  # Corresponds to the JSON property `shortDescription`
1775
2371
  # @return [String]
1776
2372
  attr_accessor :short_description
1777
2373
 
2374
+ # FileNote represents an SPDX File Information section: https://spdx.github.io/
2375
+ # spdx-spec/4-file-information/
2376
+ # Corresponds to the JSON property `spdxFile`
2377
+ # @return [Google::Apis::ContaineranalysisV1alpha1::FileNote]
2378
+ attr_accessor :spdx_file
2379
+
2380
+ # PackageNote represents an SPDX Package Information section: https://spdx.
2381
+ # github.io/spdx-spec/3-package-information/
2382
+ # Corresponds to the JSON property `spdxPackage`
2383
+ # @return [Google::Apis::ContaineranalysisV1alpha1::PackageNote]
2384
+ attr_accessor :spdx_package
2385
+
2386
+ # RelationshipNote represents an SPDX Relationship section: https://spdx.github.
2387
+ # io/spdx-spec/7-relationships-between-SPDX-elements/
2388
+ # Corresponds to the JSON property `spdxRelationship`
2389
+ # @return [Google::Apis::ContaineranalysisV1alpha1::RelationshipNote]
2390
+ attr_accessor :spdx_relationship
2391
+
1778
2392
  # Output only. The time this note was last updated. This field can be used as a
1779
2393
  # filter in list requests.
1780
2394
  # Corresponds to the JSON property `updateTime`
@@ -1806,13 +2420,18 @@ module Google
1806
2420
  @create_time = args[:create_time] if args.key?(:create_time)
1807
2421
  @deployable = args[:deployable] if args.key?(:deployable)
1808
2422
  @discovery = args[:discovery] if args.key?(:discovery)
2423
+ @dsse_attestation = args[:dsse_attestation] if args.key?(:dsse_attestation)
1809
2424
  @expiration_time = args[:expiration_time] if args.key?(:expiration_time)
1810
2425
  @kind = args[:kind] if args.key?(:kind)
1811
2426
  @long_description = args[:long_description] if args.key?(:long_description)
1812
2427
  @name = args[:name] if args.key?(:name)
1813
2428
  @package = args[:package] if args.key?(:package)
1814
2429
  @related_url = args[:related_url] if args.key?(:related_url)
2430
+ @sbom = args[:sbom] if args.key?(:sbom)
1815
2431
  @short_description = args[:short_description] if args.key?(:short_description)
2432
+ @spdx_file = args[:spdx_file] if args.key?(:spdx_file)
2433
+ @spdx_package = args[:spdx_package] if args.key?(:spdx_package)
2434
+ @spdx_relationship = args[:spdx_relationship] if args.key?(:spdx_relationship)
1816
2435
  @update_time = args[:update_time] if args.key?(:update_time)
1817
2436
  @upgrade = args[:upgrade] if args.key?(:upgrade)
1818
2437
  @vulnerability_type = args[:vulnerability_type] if args.key?(:vulnerability_type)
@@ -1867,6 +2486,17 @@ module Google
1867
2486
  # @return [Google::Apis::ContaineranalysisV1alpha1::Discovered]
1868
2487
  attr_accessor :discovered
1869
2488
 
2489
+ # An occurrence describing an attestation on a resource
2490
+ # Corresponds to the JSON property `dsseAttestation`
2491
+ # @return [Google::Apis::ContaineranalysisV1alpha1::DsseAttestationOccurrence]
2492
+ attr_accessor :dsse_attestation
2493
+
2494
+ # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.
2495
+ # proto. An authenticated message of arbitrary type.
2496
+ # Corresponds to the JSON property `envelope`
2497
+ # @return [Google::Apis::ContaineranalysisV1alpha1::Envelope]
2498
+ attr_accessor :envelope
2499
+
1870
2500
  # This represents how a particular software package may be installed on a system.
1871
2501
  # Corresponds to the JSON property `installation`
1872
2502
  # @return [Google::Apis::ContaineranalysisV1alpha1::Installation]
@@ -1908,6 +2538,30 @@ module Google
1908
2538
  # @return [String]
1909
2539
  attr_accessor :resource_url
1910
2540
 
2541
+ # DocumentOccurrence represents an SPDX Document Creation Information section:
2542
+ # https://spdx.github.io/spdx-spec/2-document-creation-information/
2543
+ # Corresponds to the JSON property `sbom`
2544
+ # @return [Google::Apis::ContaineranalysisV1alpha1::DocumentOccurrence]
2545
+ attr_accessor :sbom
2546
+
2547
+ # FileOccurrence represents an SPDX File Information section: https://spdx.
2548
+ # github.io/spdx-spec/4-file-information/
2549
+ # Corresponds to the JSON property `spdxFile`
2550
+ # @return [Google::Apis::ContaineranalysisV1alpha1::FileOccurrence]
2551
+ attr_accessor :spdx_file
2552
+
2553
+ # PackageOccurrence represents an SPDX Package Information section: https://spdx.
2554
+ # github.io/spdx-spec/3-package-information/
2555
+ # Corresponds to the JSON property `spdxPackage`
2556
+ # @return [Google::Apis::ContaineranalysisV1alpha1::PackageOccurrence]
2557
+ attr_accessor :spdx_package
2558
+
2559
+ # RelationshipOccurrence represents an SPDX Relationship section: https://spdx.
2560
+ # github.io/spdx-spec/7-relationships-between-SPDX-elements/
2561
+ # Corresponds to the JSON property `spdxRelationship`
2562
+ # @return [Google::Apis::ContaineranalysisV1alpha1::RelationshipOccurrence]
2563
+ attr_accessor :spdx_relationship
2564
+
1911
2565
  # Output only. The time this `Occurrence` was last updated.
1912
2566
  # Corresponds to the JSON property `updateTime`
1913
2567
  # @return [String]
@@ -1939,6 +2593,8 @@ module Google
1939
2593
  @deployment = args[:deployment] if args.key?(:deployment)
1940
2594
  @derived_image = args[:derived_image] if args.key?(:derived_image)
1941
2595
  @discovered = args[:discovered] if args.key?(:discovered)
2596
+ @dsse_attestation = args[:dsse_attestation] if args.key?(:dsse_attestation)
2597
+ @envelope = args[:envelope] if args.key?(:envelope)
1942
2598
  @installation = args[:installation] if args.key?(:installation)
1943
2599
  @kind = args[:kind] if args.key?(:kind)
1944
2600
  @name = args[:name] if args.key?(:name)
@@ -1946,6 +2602,10 @@ module Google
1946
2602
  @remediation = args[:remediation] if args.key?(:remediation)
1947
2603
  @resource = args[:resource] if args.key?(:resource)
1948
2604
  @resource_url = args[:resource_url] if args.key?(:resource_url)
2605
+ @sbom = args[:sbom] if args.key?(:sbom)
2606
+ @spdx_file = args[:spdx_file] if args.key?(:spdx_file)
2607
+ @spdx_package = args[:spdx_package] if args.key?(:spdx_package)
2608
+ @spdx_relationship = args[:spdx_relationship] if args.key?(:spdx_relationship)
1949
2609
  @update_time = args[:update_time] if args.key?(:update_time)
1950
2610
  @upgrade = args[:upgrade] if args.key?(:upgrade)
1951
2611
  @vulnerability_details = args[:vulnerability_details] if args.key?(:vulnerability_details)
@@ -2072,6 +2732,189 @@ module Google
2072
2732
  end
2073
2733
  end
2074
2734
 
2735
+ # PackageNote represents an SPDX Package Information section: https://spdx.
2736
+ # github.io/spdx-spec/3-package-information/
2737
+ class PackageNote
2738
+ include Google::Apis::Core::Hashable
2739
+
2740
+ # Indicates whether the file content of this package has been available for or
2741
+ # subjected to analysis when creating the SPDX document
2742
+ # Corresponds to the JSON property `analyzed`
2743
+ # @return [Boolean]
2744
+ attr_accessor :analyzed
2745
+ alias_method :analyzed?, :analyzed
2746
+
2747
+ # A place for the SPDX data creator to record, at the package level,
2748
+ # acknowledgements that may be needed to be communicated in some contexts
2749
+ # Corresponds to the JSON property `attribution`
2750
+ # @return [String]
2751
+ attr_accessor :attribution
2752
+
2753
+ # Provide an independently reproducible mechanism that permits unique
2754
+ # identification of a specific package that correlates to the data in this SPDX
2755
+ # file
2756
+ # Corresponds to the JSON property `checksum`
2757
+ # @return [String]
2758
+ attr_accessor :checksum
2759
+
2760
+ # Identify the copyright holders of the package, as well as any dates present
2761
+ # Corresponds to the JSON property `copyright`
2762
+ # @return [String]
2763
+ attr_accessor :copyright
2764
+
2765
+ # A more detailed description of the package
2766
+ # Corresponds to the JSON property `detailedDescription`
2767
+ # @return [String]
2768
+ attr_accessor :detailed_description
2769
+
2770
+ # This section identifies the download Universal Resource Locator (URL), or a
2771
+ # specific location within a version control system (VCS) for the package at the
2772
+ # time that the SPDX file was created
2773
+ # Corresponds to the JSON property `downloadLocation`
2774
+ # @return [String]
2775
+ attr_accessor :download_location
2776
+
2777
+ # ExternalRef
2778
+ # Corresponds to the JSON property `externalRefs`
2779
+ # @return [Array<Google::Apis::ContaineranalysisV1alpha1::ExternalRef>]
2780
+ attr_accessor :external_refs
2781
+
2782
+ # Contain the license the SPDX file creator has concluded as governing the This
2783
+ # field is to contain a list of all licenses found in the package. The
2784
+ # relationship between licenses (i.e., conjunctive, disjunctive) is not
2785
+ # specified in this field – it is simply a listing of all licenses found
2786
+ # Corresponds to the JSON property `filesLicenseInfo`
2787
+ # @return [Array<String>]
2788
+ attr_accessor :files_license_info
2789
+
2790
+ # Provide a place for the SPDX file creator to record a web site that serves as
2791
+ # the package's home page
2792
+ # Corresponds to the JSON property `homePage`
2793
+ # @return [String]
2794
+ attr_accessor :home_page
2795
+
2796
+ # List the licenses that have been declared by the authors of the package
2797
+ # Corresponds to the JSON property `licenseDeclared`
2798
+ # @return [String]
2799
+ attr_accessor :license_declared
2800
+
2801
+ # If the package identified in the SPDX file originated from a different person
2802
+ # or organization than identified as Package Supplier, this field identifies
2803
+ # from where or whom the package originally came
2804
+ # Corresponds to the JSON property `originator`
2805
+ # @return [String]
2806
+ attr_accessor :originator
2807
+
2808
+ # A short description of the package
2809
+ # Corresponds to the JSON property `summaryDescription`
2810
+ # @return [String]
2811
+ attr_accessor :summary_description
2812
+
2813
+ # Identify the actual distribution source for the package/directory identified
2814
+ # in the SPDX file
2815
+ # Corresponds to the JSON property `supplier`
2816
+ # @return [String]
2817
+ attr_accessor :supplier
2818
+
2819
+ # Identify the full name of the package as given by the Package Originator
2820
+ # Corresponds to the JSON property `title`
2821
+ # @return [String]
2822
+ attr_accessor :title
2823
+
2824
+ # This field provides an independently reproducible mechanism identifying
2825
+ # specific contents of a package based on the actual files (except the SPDX file
2826
+ # itself, if it is included in the package) that make up each package and that
2827
+ # correlates to the data in this SPDX file
2828
+ # Corresponds to the JSON property `verificationCode`
2829
+ # @return [String]
2830
+ attr_accessor :verification_code
2831
+
2832
+ # Identify the version of the package
2833
+ # Corresponds to the JSON property `version`
2834
+ # @return [String]
2835
+ attr_accessor :version
2836
+
2837
+ def initialize(**args)
2838
+ update!(**args)
2839
+ end
2840
+
2841
+ # Update properties of this object
2842
+ def update!(**args)
2843
+ @analyzed = args[:analyzed] if args.key?(:analyzed)
2844
+ @attribution = args[:attribution] if args.key?(:attribution)
2845
+ @checksum = args[:checksum] if args.key?(:checksum)
2846
+ @copyright = args[:copyright] if args.key?(:copyright)
2847
+ @detailed_description = args[:detailed_description] if args.key?(:detailed_description)
2848
+ @download_location = args[:download_location] if args.key?(:download_location)
2849
+ @external_refs = args[:external_refs] if args.key?(:external_refs)
2850
+ @files_license_info = args[:files_license_info] if args.key?(:files_license_info)
2851
+ @home_page = args[:home_page] if args.key?(:home_page)
2852
+ @license_declared = args[:license_declared] if args.key?(:license_declared)
2853
+ @originator = args[:originator] if args.key?(:originator)
2854
+ @summary_description = args[:summary_description] if args.key?(:summary_description)
2855
+ @supplier = args[:supplier] if args.key?(:supplier)
2856
+ @title = args[:title] if args.key?(:title)
2857
+ @verification_code = args[:verification_code] if args.key?(:verification_code)
2858
+ @version = args[:version] if args.key?(:version)
2859
+ end
2860
+ end
2861
+
2862
+ # PackageOccurrence represents an SPDX Package Information section: https://spdx.
2863
+ # github.io/spdx-spec/3-package-information/
2864
+ class PackageOccurrence
2865
+ include Google::Apis::Core::Hashable
2866
+
2867
+ # A place for the SPDX file creator to record any general comments about the
2868
+ # package being described
2869
+ # Corresponds to the JSON property `comment`
2870
+ # @return [String]
2871
+ attr_accessor :comment
2872
+
2873
+ # Provide the actual file name of the package, or path of the directory being
2874
+ # treated as a package
2875
+ # Corresponds to the JSON property `filename`
2876
+ # @return [String]
2877
+ attr_accessor :filename
2878
+
2879
+ # Uniquely identify any element in an SPDX document which may be referenced by
2880
+ # other elements
2881
+ # Corresponds to the JSON property `id`
2882
+ # @return [String]
2883
+ attr_accessor :id
2884
+
2885
+ # This field provides a place for the SPDX file creator to record any relevant
2886
+ # background information or analysis that went in to arriving at the Concluded
2887
+ # License for a package
2888
+ # Corresponds to the JSON property `licenseComments`
2889
+ # @return [String]
2890
+ attr_accessor :license_comments
2891
+
2892
+ # package or alternative values, if the governing license cannot be determined
2893
+ # Corresponds to the JSON property `licenseConcluded`
2894
+ # @return [String]
2895
+ attr_accessor :license_concluded
2896
+
2897
+ # Provide a place for the SPDX file creator to record any relevant background
2898
+ # information or additional comments about the origin of the package
2899
+ # Corresponds to the JSON property `sourceInfo`
2900
+ # @return [String]
2901
+ attr_accessor :source_info
2902
+
2903
+ def initialize(**args)
2904
+ update!(**args)
2905
+ end
2906
+
2907
+ # Update properties of this object
2908
+ def update!(**args)
2909
+ @comment = args[:comment] if args.key?(:comment)
2910
+ @filename = args[:filename] if args.key?(:filename)
2911
+ @id = args[:id] if args.key?(:id)
2912
+ @license_comments = args[:license_comments] if args.key?(:license_comments)
2913
+ @license_concluded = args[:license_concluded] if args.key?(:license_concluded)
2914
+ @source_info = args[:source_info] if args.key?(:source_info)
2915
+ end
2916
+ end
2917
+
2075
2918
  # An attestation wrapper with a PGP-compatible signature. This message only
2076
2919
  # supports `ATTACHED` signatures, where the payload that is signed is included
2077
2920
  # alongside the signature itself in the same file.
@@ -2209,6 +3052,64 @@ module Google
2209
3052
  end
2210
3053
  end
2211
3054
 
3055
+ # Steps taken to build the artifact. For a TaskRun, typically each container
3056
+ # corresponds to one step in the recipe.
3057
+ class Recipe
3058
+ include Google::Apis::Core::Hashable
3059
+
3060
+ # Collection of all external inputs that influenced the build on top of recipe.
3061
+ # definedInMaterial and recipe.entryPoint. For example, if the recipe type were "
3062
+ # make", then this might be the flags passed to make aside from the target,
3063
+ # which is captured in recipe.entryPoint.
3064
+ # Corresponds to the JSON property `arguments`
3065
+ # @return [Array<String>]
3066
+ attr_accessor :arguments
3067
+
3068
+ # Index in materials containing the recipe steps that are not implied by recipe.
3069
+ # type. For example, if the recipe type were "make", then this would point to
3070
+ # the source containing the Makefile, not the make program itself. Set to -1 if
3071
+ # the recipe doesn't come from a material, as zero is default unset value for
3072
+ # int64.
3073
+ # Corresponds to the JSON property `definedInMaterial`
3074
+ # @return [Fixnum]
3075
+ attr_accessor :defined_in_material
3076
+
3077
+ # String identifying the entry point into the build. This is often a path to a
3078
+ # configuration file and/or a target label within that file. The syntax and
3079
+ # meaning are defined by recipe.type. For example, if the recipe type were "make"
3080
+ # , then this would reference the directory in which to run make as well as
3081
+ # which target to use.
3082
+ # Corresponds to the JSON property `entryPoint`
3083
+ # @return [String]
3084
+ attr_accessor :entry_point
3085
+
3086
+ # Any other builder-controlled inputs necessary for correctly evaluating the
3087
+ # recipe. Usually only needed for reproducing the build but not evaluated as
3088
+ # part of policy.
3089
+ # Corresponds to the JSON property `environment`
3090
+ # @return [Hash<String,String>]
3091
+ attr_accessor :environment
3092
+
3093
+ # URI indicating what type of recipe was performed. It determines the meaning of
3094
+ # recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
3095
+ # Corresponds to the JSON property `type`
3096
+ # @return [String]
3097
+ attr_accessor :type
3098
+
3099
+ def initialize(**args)
3100
+ update!(**args)
3101
+ end
3102
+
3103
+ # Update properties of this object
3104
+ def update!(**args)
3105
+ @arguments = args[:arguments] if args.key?(:arguments)
3106
+ @defined_in_material = args[:defined_in_material] if args.key?(:defined_in_material)
3107
+ @entry_point = args[:entry_point] if args.key?(:entry_point)
3108
+ @environment = args[:environment] if args.key?(:environment)
3109
+ @type = args[:type] if args.key?(:type)
3110
+ end
3111
+ end
3112
+
2212
3113
  # Metadata for any related URL information
2213
3114
  class RelatedUrl
2214
3115
  include Google::Apis::Core::Hashable
@@ -2234,6 +3135,63 @@ module Google
2234
3135
  end
2235
3136
  end
2236
3137
 
3138
+ # RelationshipNote represents an SPDX Relationship section: https://spdx.github.
3139
+ # io/spdx-spec/7-relationships-between-SPDX-elements/
3140
+ class RelationshipNote
3141
+ include Google::Apis::Core::Hashable
3142
+
3143
+ def initialize(**args)
3144
+ update!(**args)
3145
+ end
3146
+
3147
+ # Update properties of this object
3148
+ def update!(**args)
3149
+ end
3150
+ end
3151
+
3152
+ # RelationshipOccurrence represents an SPDX Relationship section: https://spdx.
3153
+ # github.io/spdx-spec/7-relationships-between-SPDX-elements/
3154
+ class RelationshipOccurrence
3155
+ include Google::Apis::Core::Hashable
3156
+
3157
+ # A place for the SPDX file creator to record any general comments about the
3158
+ # relationship
3159
+ # Corresponds to the JSON property `comment`
3160
+ # @return [String]
3161
+ attr_accessor :comment
3162
+
3163
+ # Also referred to as SPDXRef-A The source SPDX element (file, package, etc)
3164
+ # Corresponds to the JSON property `source`
3165
+ # @return [String]
3166
+ attr_accessor :source
3167
+
3168
+ # Also referred to as SPDXRef-B The target SPDC element (file, package, etc) In
3169
+ # cases where there are "known unknowns", the use of the keyword NOASSERTION can
3170
+ # be used The keywords NONE can be used to indicate that an SPDX element (
3171
+ # package/file/snippet) has no other elements connected by some relationship to
3172
+ # it
3173
+ # Corresponds to the JSON property `target`
3174
+ # @return [String]
3175
+ attr_accessor :target
3176
+
3177
+ # The type of relationship between the source and target SPDX elements
3178
+ # Corresponds to the JSON property `type`
3179
+ # @return [String]
3180
+ attr_accessor :type
3181
+
3182
+ def initialize(**args)
3183
+ update!(**args)
3184
+ end
3185
+
3186
+ # Update properties of this object
3187
+ def update!(**args)
3188
+ @comment = args[:comment] if args.key?(:comment)
3189
+ @source = args[:source] if args.key?(:source)
3190
+ @target = args[:target] if args.key?(:target)
3191
+ @type = args[:type] if args.key?(:type)
3192
+ end
3193
+ end
3194
+
2237
3195
  # RepoSource describes the location of the source in a Google Cloud Source
2238
3196
  # Repository.
2239
3197
  class RepoSource
@@ -2557,6 +3515,31 @@ module Google
2557
3515
  end
2558
3516
  end
2559
3517
 
3518
+ #
3519
+ class Subject
3520
+ include Google::Apis::Core::Hashable
3521
+
3522
+ # "": ""
3523
+ # Corresponds to the JSON property `digest`
3524
+ # @return [Hash<String,String>]
3525
+ attr_accessor :digest
3526
+
3527
+ #
3528
+ # Corresponds to the JSON property `name`
3529
+ # @return [String]
3530
+ attr_accessor :name
3531
+
3532
+ def initialize(**args)
3533
+ update!(**args)
3534
+ end
3535
+
3536
+ # Update properties of this object
3537
+ def update!(**args)
3538
+ @digest = args[:digest] if args.key?(:digest)
3539
+ @name = args[:name] if args.key?(:name)
3540
+ end
3541
+ end
3542
+
2560
3543
  # Request message for `TestIamPermissions` method.
2561
3544
  class TestIamPermissionsRequest
2562
3545
  include Google::Apis::Core::Hashable