google-cloud-binary_authorization-v1 0.1.0

data/proto_docs/google/cloud/binaryauthorization/v1/service.rb

@@ -0,0 +1,189 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module BinaryAuthorization
+      module V1
+        # Request message for [BinauthzManagementService.GetPolicy][].
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve,
+        #     in the format `projects/*/policy`.
+        class GetPolicyRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.UpdatePolicy][].
+        # @!attribute [rw] policy
+        #   @return [::Google::Cloud::BinaryAuthorization::V1::Policy]
+        #     Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will
+        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in
+        #     the request URL, in the format `projects/*/policy`.
+        class UpdatePolicyRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.CreateAttestor][].
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}.
+        # @!attribute [rw] attestor_id
+        #   @return [::String]
+        #     Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID.
+        # @!attribute [rw] attestor
+        #   @return [::Google::Cloud::BinaryAuthorization::V1::Attestor]
+        #     Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will
+        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name,
+        #     in the format `projects/*/attestors/*`.
+        class CreateAttestorRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.GetAttestor][].
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format
+        #     `projects/*/attestors/*`.
+        class GetAttestorRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.UpdateAttestor][].
+        # @!attribute [rw] attestor
+        #   @return [::Google::Cloud::BinaryAuthorization::V1::Attestor]
+        #     Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will
+        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name
+        #     in the request URL, in the format `projects/*/attestors/*`.
+        class UpdateAttestorRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.ListAttestors][].
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The resource name of the project associated with the
+        #     {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`.
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Requested page size. The server may return fewer results than requested. If
+        #     unspecified, the server will pick an appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return. Typically,
+        #     this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned
+        #     from the previous call to the `ListAttestors` method.
+        class ListAttestorsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for [BinauthzManagementService.ListAttestors][].
+        # @!attribute [rw] attestors
+        #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1::Attestor>]
+        #     The list of {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token to retrieve the next page of results. Pass this value in the
+        #     {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token} field in the subsequent call to the
+        #     `ListAttestors` method to retrieve the next page of results.
+        class ListAttestorsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for [BinauthzManagementService.DeleteAttestor][].
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format
+        #     `projects/*/attestors/*`.
+        class DeleteAttestorRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to read the current system policy.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name, in the format `locations/*/policy`.
+        #     Note that the system policy is not associated with a project.
+        class GetSystemPolicyRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for
+        # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelperV1::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}.
+        # @!attribute [rw] attestor
+        #   @return [::String]
+        #     Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
+        #     [occurrence][grafeas.v1.Occurrence], in the format
+        #     `projects/*/attestors/*`.
+        # @!attribute [rw] attestation
+        #   @return [::Grafeas::V1::AttestationOccurrence]
+        #     Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to
+        #     be checked that it can be verified by the Attestor. It does not have to be
+        #     an existing entity in Container Analysis. It must otherwise be a valid
+        #     AttestationOccurrence.
+        # @!attribute [rw] occurrence_note
+        #   @return [::String]
+        #     Required. The resource name of the [Note][grafeas.v1.Note] to which the
+        #     containing [Occurrence][grafeas.v1.Occurrence] is associated.
+        # @!attribute [rw] occurrence_resource_uri
+        #   @return [::String]
+        #     Required. The URI of the artifact (e.g. container image) that is the
+        #     subject of the containing [Occurrence][grafeas.v1.Occurrence].
+        class ValidateAttestationOccurrenceRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for
+        # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelperV1::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}.
+        # @!attribute [rw] result
+        #   @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse::Result]
+        #     The result of the Attestation validation.
+        # @!attribute [rw] denial_reason
+        #   @return [::String]
+        #     The reason for denial if the Attestation couldn't be validated.
+        class ValidateAttestationOccurrenceResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The enum returned in the "result" field.
+          module Result
+            # Unspecified.
+            RESULT_UNSPECIFIED = 0
+
+            # The Attestation was able to verified by the Attestor.
+            VERIFIED = 1
+
+            # The Attestation was not able to verified by the Attestor.
+            ATTESTATION_NOT_VERIFIABLE = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/protobuf/empty.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # A generic empty message that you can re-use to avoid defining duplicated
+    # empty messages in your APIs. A typical example is to use it as the request
+    # or the response type of an API method. For instance:
+    #
+    #     service Foo {
+    #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
+    #     }
+    #
+    # The JSON representation for `Empty` is empty JSON object `{}`.
+    class Empty
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/timestamp.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # A Timestamp represents a point in time independent of any time zone or local
+    # calendar, encoded as a count of seconds and fractions of seconds at
+    # nanosecond resolution. The count is relative to an epoch at UTC midnight on
+    # January 1, 1970, in the proleptic Gregorian calendar which extends the
+    # Gregorian calendar backwards to year one.
+    #
+    # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
+    # second table is needed for interpretation, using a [24-hour linear
+    # smear](https://developers.google.com/time/smear).
+    #
+    # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
+    # restricting to that range, we ensure that we can convert to and from [RFC
+    # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
+    #
+    # # Examples
+    #
+    # Example 1: Compute Timestamp from POSIX `time()`.
+    #
+    #     Timestamp timestamp;
+    #     timestamp.set_seconds(time(NULL));
+    #     timestamp.set_nanos(0);
+    #
+    # Example 2: Compute Timestamp from POSIX `gettimeofday()`.
+    #
+    #     struct timeval tv;
+    #     gettimeofday(&tv, NULL);
+    #
+    #     Timestamp timestamp;
+    #     timestamp.set_seconds(tv.tv_sec);
+    #     timestamp.set_nanos(tv.tv_usec * 1000);
+    #
+    # Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`.
+    #
+    #     FILETIME ft;
+    #     GetSystemTimeAsFileTime(&ft);
+    #     UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime;
+    #
+    #     // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z
+    #     // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z.
+    #     Timestamp timestamp;
+    #     timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL));
+    #     timestamp.set_nanos((INT32) ((ticks % 10000000) * 100));
+    #
+    # Example 4: Compute Timestamp from Java `System.currentTimeMillis()`.
+    #
+    #     long millis = System.currentTimeMillis();
+    #
+    #     Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
+    #         .setNanos((int) ((millis % 1000) * 1000000)).build();
+    #
+    #
+    # Example 5: Compute Timestamp from Java `Instant.now()`.
+    #
+    #     Instant now = Instant.now();
+    #
+    #     Timestamp timestamp =
+    #         Timestamp.newBuilder().setSeconds(now.getEpochSecond())
+    #             .setNanos(now.getNano()).build();
+    #
+    #
+    # Example 6: Compute Timestamp from current time in Python.
+    #
+    #     timestamp = Timestamp()
+    #     timestamp.GetCurrentTime()
+    #
+    # # JSON Mapping
+    #
+    # In JSON format, the Timestamp type is encoded as a string in the
+    # [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the
+    # format is "\\{year}-\\{month}-\\{day}T\\{hour}:\\{min}:\\{sec}[.\\{frac_sec}]Z"
+    # where \\{year} is always expressed using four digits while \\{month}, \\{day},
+    # \\{hour}, \\{min}, and \\{sec} are zero-padded to two digits each. The fractional
+    # seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution),
+    # are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone
+    # is required. A proto3 JSON serializer should always use UTC (as indicated by
+    # "Z") when printing the Timestamp type and a proto3 JSON parser should be
+    # able to accept both UTC and other timezones (as indicated by an offset).
+    #
+    # For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past
+    # 01:30 UTC on January 15, 2017.
+    #
+    # In JavaScript, one can convert a Date object to this format using the
+    # standard
+    # [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
+    # method. In Python, a standard `datetime.datetime` object can be converted
+    # to this format using
+    # [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
+    # the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
+    # the Joda Time's [`ISODateTimeFormat.dateTime()`](
+    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
+    # ) to obtain a formatter capable of generating timestamps in this format.
+    # @!attribute [rw] seconds
+    #   @return [::Integer]
+    #     Represents seconds of UTC time since Unix epoch
+    #     1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
+    #     9999-12-31T23:59:59Z inclusive.
+    # @!attribute [rw] nanos
+    #   @return [::Integer]
+    #     Non-negative fractions of a second at nanosecond resolution. Negative
+    #     second values with fractions must still have non-negative nanos values
+    #     that count forward in time. Must be from 0 to 999,999,999
+    #     inclusive.
+    class Timestamp
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/attestation.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Note kind that represents a logical attestation "role" or "authority". For
+    # example, an organization might have one `Authority` for "QA" and one for
+    # "build". This note is intended to act strictly as a grouping mechanism for
+    # the attached occurrences (Attestations). This grouping mechanism also
+    # provides a security boundary, since IAM ACLs gate the ability for a principle
+    # to attach an occurrence to a given note. It also provides a single point of
+    # lookup to find all attached attestation occurrences, even if they don't all
+    # live in the same project.
+    # @!attribute [rw] hint
+    #   @return [::Grafeas::V1::AttestationNote::Hint]
+    #     Hint hints at the purpose of the attestation authority.
+    class AttestationNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # This submessage provides human-readable hints about the purpose of the
+      # authority. Because the name of a note acts as its resource reference, it is
+      # important to disambiguate the canonical name of the Note (which might be a
+      # UUID for security purposes) from "readable" names more suitable for debug
+      # output. Note that these hints should not be used to look up authorities in
+      # security sensitive contexts, such as when looking up attestations to
+      # verify.
+      # @!attribute [rw] human_readable_name
+      #   @return [::String]
+      #     Required. The human readable name of this attestation authority, for
+      #     example "qa".
+      class Hint
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # Occurrence that represents a single "attestation". The authenticity of an
+    # attestation can be verified using the attached signature. If the verifier
+    # trusts the public key of the signer, then verifying the signature is
+    # sufficient to establish trust. In this circumstance, the authority to which
+    # this attestation is attached is primarily useful for lookup (how to find
+    # this attestation if you already know the authority and artifact to be
+    # verified) and intent (for which authority this attestation was intended to
+    # sign.
+    # @!attribute [rw] serialized_payload
+    #   @return [::String]
+    #     Required. The serialized payload that is verified by one or more
+    #     `signatures`.
+    # @!attribute [rw] signatures
+    #   @return [::Array<::Grafeas::V1::Signature>]
+    #     One or more signatures over `serialized_payload`.  Verifier implementations
+    #     should consider this attestation message verified if at least one
+    #     `signature` verifies `serialized_payload`.  See `Signature` in common.proto
+    #     for more details on signature structure and verification.
+    class AttestationOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/common.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Metadata for any related URL information.
+    # @!attribute [rw] url
+    #   @return [::String]
+    #     Specific URL associated with the resource.
+    # @!attribute [rw] label
+    #   @return [::String]
+    #     Label to describe usage of the URL.
+    class RelatedUrl
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Verifiers (e.g. Kritis implementations) MUST verify signatures
+    # with respect to the trust anchors defined in policy (e.g. a Kritis policy).
+    # Typically this means that the verifier has been configured with a map from
+    # `public_key_id` to public key material (and any required parameters, e.g.
+    # signing algorithm).
+    #
+    # In particular, verification implementations MUST NOT treat the signature
+    # `public_key_id` as anything more than a key lookup hint. The `public_key_id`
+    # DOES NOT validate or authenticate a public key; it only provides a mechanism
+    # for quickly selecting a public key ALREADY CONFIGURED on the verifier through
+    # a trusted channel. Verification implementations MUST reject signatures in any
+    # of the following circumstances:
+    #   * The `public_key_id` is not recognized by the verifier.
+    #   * The public key that `public_key_id` refers to does not verify the
+    #     signature with respect to the payload.
+    #
+    # The `signature` contents SHOULD NOT be "attached" (where the payload is
+    # included with the serialized `signature` bytes). Verifiers MUST ignore any
+    # "attached" payload and only verify signatures with respect to explicitly
+    # provided payload (e.g. a `payload` field on the proto message that holds
+    # this Signature, or the canonical serialization of the proto message that
+    # holds this signature).
+    # @!attribute [rw] signature
+    #   @return [::String]
+    #     The content of the signature, an opaque bytestring.
+    #     The payload that this signature verifies MUST be unambiguously provided
+    #     with the Signature during verification. A wrapper message might provide
+    #     the payload explicitly. Alternatively, a message might have a canonical
+    #     serialization that can always be unambiguously computed to derive the
+    #     payload.
+    # @!attribute [rw] public_key_id
+    #   @return [::String]
+    #     The identifier for the public key that verifies this signature.
+    #       * The `public_key_id` is required.
+    #       * The `public_key_id` MUST be an RFC3986 conformant URI.
+    #       * When possible, the `public_key_id` SHOULD be an immutable reference,
+    #         such as a cryptographic digest.
+    #
+    #     Examples of valid `public_key_id`s:
+    #
+    #     OpenPGP V4 public key fingerprint:
+    #       * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
+    #     See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
+    #     details on this scheme.
+    #
+    #     RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
+    #     serialization):
+    #       * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
+    #       * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
+    class Signature
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Kind represents the kinds of notes supported.
+    module NoteKind
+      # Unknown.
+      NOTE_KIND_UNSPECIFIED = 0
+
+      # The note and occurrence represent a package vulnerability.
+      VULNERABILITY = 1
+
+      # The note and occurrence assert build provenance.
+      BUILD = 2
+
+      # This represents an image basis relationship.
+      IMAGE = 3
+
+      # This represents a package installed via a package manager.
+      PACKAGE = 4
+
+      # The note and occurrence track deployment events.
+      DEPLOYMENT = 5
+
+      # The note and occurrence track the initial discovery status of a resource.
+      DISCOVERY = 6
+
+      # This represents a logical "role" that can attest to artifacts.
+      ATTESTATION = 7
+
+      # This represents an available package upgrade.
+      UPGRADE = 8
+    end
+  end
+end