google-cloud-binary_authorization-v1 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +201 -0
- data/README.md +139 -0
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb +897 -0
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb +51 -0
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb +97 -0
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb +55 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/client.rb +371 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb +51 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb +66 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy.rb +49 -0
- data/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb +382 -0
- data/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb +51 -0
- data/lib/google/cloud/binary_authorization/v1/validation_helper.rb +48 -0
- data/lib/google/cloud/binary_authorization/v1/version.rb +28 -0
- data/lib/google/cloud/binary_authorization/v1.rb +40 -0
- data/lib/google/cloud/binaryauthorization/v1/resources_pb.rb +111 -0
- data/lib/google/cloud/binaryauthorization/v1/service_pb.rb +84 -0
- data/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb +115 -0
- data/lib/google-cloud-binary_authorization-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +71 -0
- data/proto_docs/google/api/resource.rb +283 -0
- data/proto_docs/google/cloud/binaryauthorization/v1/resources.rb +370 -0
- data/proto_docs/google/cloud/binaryauthorization/v1/service.rb +189 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/timestamp.rb +129 -0
- data/proto_docs/grafeas/v1/attestation.rb +77 -0
- data/proto_docs/grafeas/v1/common.rb +118 -0
- metadata +242 -0
@@ -0,0 +1,111 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/cloud/binaryauthorization/v1/resources.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/field_behavior_pb'
|
7
|
+
require 'google/api/resource_pb'
|
8
|
+
require 'google/protobuf/timestamp_pb'
|
9
|
+
require 'google/api/annotations_pb'
|
10
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
11
|
+
add_file("google/cloud/binaryauthorization/v1/resources.proto", :syntax => :proto3) do
|
12
|
+
add_message "google.cloud.binaryauthorization.v1.Policy" do
|
13
|
+
optional :name, :string, 1
|
14
|
+
optional :description, :string, 6
|
15
|
+
optional :global_policy_evaluation_mode, :enum, 7, "google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode"
|
16
|
+
repeated :admission_whitelist_patterns, :message, 2, "google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern"
|
17
|
+
map :cluster_admission_rules, :string, :message, 3, "google.cloud.binaryauthorization.v1.AdmissionRule"
|
18
|
+
map :kubernetes_namespace_admission_rules, :string, :message, 10, "google.cloud.binaryauthorization.v1.AdmissionRule"
|
19
|
+
map :kubernetes_service_account_admission_rules, :string, :message, 8, "google.cloud.binaryauthorization.v1.AdmissionRule"
|
20
|
+
map :istio_service_identity_admission_rules, :string, :message, 9, "google.cloud.binaryauthorization.v1.AdmissionRule"
|
21
|
+
optional :default_admission_rule, :message, 4, "google.cloud.binaryauthorization.v1.AdmissionRule"
|
22
|
+
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
23
|
+
end
|
24
|
+
add_enum "google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode" do
|
25
|
+
value :GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED, 0
|
26
|
+
value :ENABLE, 1
|
27
|
+
value :DISABLE, 2
|
28
|
+
end
|
29
|
+
add_message "google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern" do
|
30
|
+
optional :name_pattern, :string, 1
|
31
|
+
end
|
32
|
+
add_message "google.cloud.binaryauthorization.v1.AdmissionRule" do
|
33
|
+
optional :evaluation_mode, :enum, 1, "google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode"
|
34
|
+
repeated :require_attestations_by, :string, 2
|
35
|
+
optional :enforcement_mode, :enum, 3, "google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode"
|
36
|
+
end
|
37
|
+
add_enum "google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode" do
|
38
|
+
value :EVALUATION_MODE_UNSPECIFIED, 0
|
39
|
+
value :ALWAYS_ALLOW, 1
|
40
|
+
value :REQUIRE_ATTESTATION, 2
|
41
|
+
value :ALWAYS_DENY, 3
|
42
|
+
end
|
43
|
+
add_enum "google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode" do
|
44
|
+
value :ENFORCEMENT_MODE_UNSPECIFIED, 0
|
45
|
+
value :ENFORCED_BLOCK_AND_AUDIT_LOG, 1
|
46
|
+
value :DRYRUN_AUDIT_LOG_ONLY, 2
|
47
|
+
end
|
48
|
+
add_message "google.cloud.binaryauthorization.v1.Attestor" do
|
49
|
+
optional :name, :string, 1
|
50
|
+
optional :description, :string, 6
|
51
|
+
optional :update_time, :message, 4, "google.protobuf.Timestamp"
|
52
|
+
oneof :attestor_type do
|
53
|
+
optional :user_owned_grafeas_note, :message, 3, "google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
add_message "google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote" do
|
57
|
+
optional :note_reference, :string, 1
|
58
|
+
repeated :public_keys, :message, 2, "google.cloud.binaryauthorization.v1.AttestorPublicKey"
|
59
|
+
optional :delegation_service_account_email, :string, 3
|
60
|
+
end
|
61
|
+
add_message "google.cloud.binaryauthorization.v1.PkixPublicKey" do
|
62
|
+
optional :public_key_pem, :string, 1
|
63
|
+
optional :signature_algorithm, :enum, 2, "google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm"
|
64
|
+
end
|
65
|
+
add_enum "google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm" do
|
66
|
+
value :SIGNATURE_ALGORITHM_UNSPECIFIED, 0
|
67
|
+
value :RSA_PSS_2048_SHA256, 1
|
68
|
+
value :RSA_PSS_3072_SHA256, 2
|
69
|
+
value :RSA_PSS_4096_SHA256, 3
|
70
|
+
value :RSA_PSS_4096_SHA512, 4
|
71
|
+
value :RSA_SIGN_PKCS1_2048_SHA256, 5
|
72
|
+
value :RSA_SIGN_PKCS1_3072_SHA256, 6
|
73
|
+
value :RSA_SIGN_PKCS1_4096_SHA256, 7
|
74
|
+
value :RSA_SIGN_PKCS1_4096_SHA512, 8
|
75
|
+
value :ECDSA_P256_SHA256, 9
|
76
|
+
value :EC_SIGN_P256_SHA256, 9
|
77
|
+
value :ECDSA_P384_SHA384, 10
|
78
|
+
value :EC_SIGN_P384_SHA384, 10
|
79
|
+
value :ECDSA_P521_SHA512, 11
|
80
|
+
value :EC_SIGN_P521_SHA512, 11
|
81
|
+
end
|
82
|
+
add_message "google.cloud.binaryauthorization.v1.AttestorPublicKey" do
|
83
|
+
optional :comment, :string, 1
|
84
|
+
optional :id, :string, 2
|
85
|
+
oneof :public_key do
|
86
|
+
optional :ascii_armored_pgp_public_key, :string, 3
|
87
|
+
optional :pkix_public_key, :message, 5, "google.cloud.binaryauthorization.v1.PkixPublicKey"
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
module Google
|
94
|
+
module Cloud
|
95
|
+
module BinaryAuthorization
|
96
|
+
module V1
|
97
|
+
Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy").msgclass
|
98
|
+
Policy::GlobalPolicyEvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode").enummodule
|
99
|
+
AdmissionWhitelistPattern = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern").msgclass
|
100
|
+
AdmissionRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule").msgclass
|
101
|
+
AdmissionRule::EvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode").enummodule
|
102
|
+
AdmissionRule::EnforcementMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode").enummodule
|
103
|
+
Attestor = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Attestor").msgclass
|
104
|
+
UserOwnedGrafeasNote = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote").msgclass
|
105
|
+
PkixPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey").msgclass
|
106
|
+
PkixPublicKey::SignatureAlgorithm = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm").enummodule
|
107
|
+
AttestorPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AttestorPublicKey").msgclass
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/cloud/binaryauthorization/v1/service.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/annotations_pb'
|
7
|
+
require 'google/api/client_pb'
|
8
|
+
require 'google/api/field_behavior_pb'
|
9
|
+
require 'google/api/resource_pb'
|
10
|
+
require 'google/cloud/binaryauthorization/v1/resources_pb'
|
11
|
+
require 'google/protobuf/empty_pb'
|
12
|
+
require 'grafeas/v1/attestation_pb'
|
13
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
14
|
+
add_file("google/cloud/binaryauthorization/v1/service.proto", :syntax => :proto3) do
|
15
|
+
add_message "google.cloud.binaryauthorization.v1.GetPolicyRequest" do
|
16
|
+
optional :name, :string, 1
|
17
|
+
end
|
18
|
+
add_message "google.cloud.binaryauthorization.v1.UpdatePolicyRequest" do
|
19
|
+
optional :policy, :message, 1, "google.cloud.binaryauthorization.v1.Policy"
|
20
|
+
end
|
21
|
+
add_message "google.cloud.binaryauthorization.v1.CreateAttestorRequest" do
|
22
|
+
optional :parent, :string, 1
|
23
|
+
optional :attestor_id, :string, 2
|
24
|
+
optional :attestor, :message, 3, "google.cloud.binaryauthorization.v1.Attestor"
|
25
|
+
end
|
26
|
+
add_message "google.cloud.binaryauthorization.v1.GetAttestorRequest" do
|
27
|
+
optional :name, :string, 1
|
28
|
+
end
|
29
|
+
add_message "google.cloud.binaryauthorization.v1.UpdateAttestorRequest" do
|
30
|
+
optional :attestor, :message, 1, "google.cloud.binaryauthorization.v1.Attestor"
|
31
|
+
end
|
32
|
+
add_message "google.cloud.binaryauthorization.v1.ListAttestorsRequest" do
|
33
|
+
optional :parent, :string, 1
|
34
|
+
optional :page_size, :int32, 2
|
35
|
+
optional :page_token, :string, 3
|
36
|
+
end
|
37
|
+
add_message "google.cloud.binaryauthorization.v1.ListAttestorsResponse" do
|
38
|
+
repeated :attestors, :message, 1, "google.cloud.binaryauthorization.v1.Attestor"
|
39
|
+
optional :next_page_token, :string, 2
|
40
|
+
end
|
41
|
+
add_message "google.cloud.binaryauthorization.v1.DeleteAttestorRequest" do
|
42
|
+
optional :name, :string, 1
|
43
|
+
end
|
44
|
+
add_message "google.cloud.binaryauthorization.v1.GetSystemPolicyRequest" do
|
45
|
+
optional :name, :string, 1
|
46
|
+
end
|
47
|
+
add_message "google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest" do
|
48
|
+
optional :attestor, :string, 1
|
49
|
+
optional :attestation, :message, 2, "grafeas.v1.AttestationOccurrence"
|
50
|
+
optional :occurrence_note, :string, 3
|
51
|
+
optional :occurrence_resource_uri, :string, 4
|
52
|
+
end
|
53
|
+
add_message "google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse" do
|
54
|
+
optional :result, :enum, 1, "google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result"
|
55
|
+
optional :denial_reason, :string, 2
|
56
|
+
end
|
57
|
+
add_enum "google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result" do
|
58
|
+
value :RESULT_UNSPECIFIED, 0
|
59
|
+
value :VERIFIED, 1
|
60
|
+
value :ATTESTATION_NOT_VERIFIABLE, 2
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
module Google
|
66
|
+
module Cloud
|
67
|
+
module BinaryAuthorization
|
68
|
+
module V1
|
69
|
+
GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetPolicyRequest").msgclass
|
70
|
+
UpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdatePolicyRequest").msgclass
|
71
|
+
CreateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.CreateAttestorRequest").msgclass
|
72
|
+
GetAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetAttestorRequest").msgclass
|
73
|
+
UpdateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdateAttestorRequest").msgclass
|
74
|
+
ListAttestorsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsRequest").msgclass
|
75
|
+
ListAttestorsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsResponse").msgclass
|
76
|
+
DeleteAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.DeleteAttestorRequest").msgclass
|
77
|
+
GetSystemPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetSystemPolicyRequest").msgclass
|
78
|
+
ValidateAttestationOccurrenceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest").msgclass
|
79
|
+
ValidateAttestationOccurrenceResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse").msgclass
|
80
|
+
ValidateAttestationOccurrenceResponse::Result = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result").enummodule
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
@@ -0,0 +1,115 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# Source: google/cloud/binaryauthorization/v1/service.proto for package 'Google.Cloud.BinaryAuthorization.V1'
|
3
|
+
# Original file comments:
|
4
|
+
# Copyright 2021 Google LLC
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
#
|
18
|
+
|
19
|
+
require 'grpc'
|
20
|
+
require 'google/cloud/binaryauthorization/v1/service_pb'
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Cloud
|
24
|
+
module BinaryAuthorization
|
25
|
+
module V1
|
26
|
+
module BinauthzManagementServiceV1
|
27
|
+
# Customer-facing API for Cloud Binary Authorization.
|
28
|
+
#
|
29
|
+
# Google Cloud Management Service for Binary Authorization admission policies
|
30
|
+
# and attestation authorities.
|
31
|
+
#
|
32
|
+
# This API implements a REST model with the following objects:
|
33
|
+
#
|
34
|
+
# * [Policy][google.cloud.binaryauthorization.v1.Policy]
|
35
|
+
# * [Attestor][google.cloud.binaryauthorization.v1.Attestor]
|
36
|
+
class Service
|
37
|
+
|
38
|
+
include ::GRPC::GenericService
|
39
|
+
|
40
|
+
self.marshal_class_method = :encode
|
41
|
+
self.unmarshal_class_method = :decode
|
42
|
+
self.service_name = 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1'
|
43
|
+
|
44
|
+
# A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to
|
45
|
+
# a container image, before the project is allowed to deploy that
|
46
|
+
# image. There is at most one policy per project. All image admission
|
47
|
+
# requests are permitted if a project has no policy.
|
48
|
+
#
|
49
|
+
# Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default
|
50
|
+
# [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.
|
51
|
+
rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
|
52
|
+
# Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the
|
53
|
+
# new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race
|
54
|
+
# conditions with concurrent policy enforcement (or management!)
|
55
|
+
# requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
|
56
|
+
# if the request is malformed.
|
57
|
+
rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
|
58
|
+
# Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new
|
59
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist,
|
60
|
+
# INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
|
61
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.
|
62
|
+
rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
63
|
+
# Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
64
|
+
# Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
65
|
+
rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
66
|
+
# Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
67
|
+
# Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
68
|
+
rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
69
|
+
# Lists [attestors][google.cloud.binaryauthorization.v1.Attestor].
|
70
|
+
# Returns INVALID_ARGUMENT if the project does not exist.
|
71
|
+
rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse
|
72
|
+
# Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the
|
73
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
74
|
+
rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Google::Protobuf::Empty
|
75
|
+
end
|
76
|
+
|
77
|
+
Stub = Service.rpc_stub_class
|
78
|
+
end
|
79
|
+
module SystemPolicyV1
|
80
|
+
# API for working with the system policy.
|
81
|
+
class Service
|
82
|
+
|
83
|
+
include ::GRPC::GenericService
|
84
|
+
|
85
|
+
self.marshal_class_method = :encode
|
86
|
+
self.unmarshal_class_method = :decode
|
87
|
+
self.service_name = 'google.cloud.binaryauthorization.v1.SystemPolicyV1'
|
88
|
+
|
89
|
+
# Gets the current system policy in the specified location.
|
90
|
+
rpc :GetSystemPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
|
91
|
+
end
|
92
|
+
|
93
|
+
Stub = Service.rpc_stub_class
|
94
|
+
end
|
95
|
+
module ValidationHelperV1
|
96
|
+
# BinAuthz Attestor verification
|
97
|
+
class Service
|
98
|
+
|
99
|
+
include ::GRPC::GenericService
|
100
|
+
|
101
|
+
self.marshal_class_method = :encode
|
102
|
+
self.unmarshal_class_method = :decode
|
103
|
+
self.service_name = 'google.cloud.binaryauthorization.v1.ValidationHelperV1'
|
104
|
+
|
105
|
+
# Returns whether the given Attestation for the given image URI
|
106
|
+
# was signed by the given Attestor
|
107
|
+
rpc :ValidateAttestationOccurrence, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse
|
108
|
+
end
|
109
|
+
|
110
|
+
Stub = Service.rpc_stub_class
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
# This gem does not autoload during Bundler.require. To load this gem,
|
20
|
+
# issue explicit require statements for the packages desired, e.g.:
|
21
|
+
# require "google/cloud/binary_authorization/v1"
|
@@ -0,0 +1,71 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Api
|
22
|
+
# An indicator of the behavior of a given field (for example, that a field
|
23
|
+
# is required in requests, or given as output but ignored as input).
|
24
|
+
# This **does not** change the behavior in protocol buffers itself; it only
|
25
|
+
# denotes the behavior and may affect how API tooling handles the field.
|
26
|
+
#
|
27
|
+
# Note: This enum **may** receive new values in the future.
|
28
|
+
module FieldBehavior
|
29
|
+
# Conventional default for enums. Do not use this.
|
30
|
+
FIELD_BEHAVIOR_UNSPECIFIED = 0
|
31
|
+
|
32
|
+
# Specifically denotes a field as optional.
|
33
|
+
# While all fields in protocol buffers are optional, this may be specified
|
34
|
+
# for emphasis if appropriate.
|
35
|
+
OPTIONAL = 1
|
36
|
+
|
37
|
+
# Denotes a field as required.
|
38
|
+
# This indicates that the field **must** be provided as part of the request,
|
39
|
+
# and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
|
40
|
+
REQUIRED = 2
|
41
|
+
|
42
|
+
# Denotes a field as output only.
|
43
|
+
# This indicates that the field is provided in responses, but including the
|
44
|
+
# field in a request does nothing (the server *must* ignore it and
|
45
|
+
# *must not* throw an error as a result of the field's presence).
|
46
|
+
OUTPUT_ONLY = 3
|
47
|
+
|
48
|
+
# Denotes a field as input only.
|
49
|
+
# This indicates that the field is provided in requests, and the
|
50
|
+
# corresponding field is not included in output.
|
51
|
+
INPUT_ONLY = 4
|
52
|
+
|
53
|
+
# Denotes a field as immutable.
|
54
|
+
# This indicates that the field may be set once in a request to create a
|
55
|
+
# resource, but may not be changed thereafter.
|
56
|
+
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
63
|
+
|
64
|
+
# Denotes that this field returns a non-empty default value if not set.
|
65
|
+
# This indicates that if the user provides the empty value in a request,
|
66
|
+
# a non-empty value will be returned. The user will not be aware of what
|
67
|
+
# non-empty value to expect.
|
68
|
+
NON_EMPTY_DEFAULT = 7
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|