google-cloud-binary_authorization-v1 1.6.0 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb +76 -37
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb +84 -37
- data/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1/bindings_override.rb +110 -0
- data/lib/google/cloud/binary_authorization/v1/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/client.rb +18 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb +26 -0
- data/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb +25 -6
- data/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb +33 -6
- data/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1/version.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1/resources_pb.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1/service_pb.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb +29 -20
- data/proto_docs/google/api/client.rb +149 -29
- data/proto_docs/google/cloud/binaryauthorization/v1/resources.rb +106 -52
- data/proto_docs/google/cloud/binaryauthorization/v1/service.rb +56 -34
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +23 -6
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2026 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
require "gapic/rest"
|
|
20
|
+
|
|
21
|
+
module Google
|
|
22
|
+
module Cloud
|
|
23
|
+
module BinaryAuthorization
|
|
24
|
+
##
|
|
25
|
+
# @example Loading just the REST part of this package, including all its services, and instantiating a REST client
|
|
26
|
+
#
|
|
27
|
+
# require "google/cloud/binary_authorization/v1/rest"
|
|
28
|
+
# client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new
|
|
29
|
+
#
|
|
30
|
+
module V1
|
|
31
|
+
##
|
|
32
|
+
# @private
|
|
33
|
+
# Initialize the mixin bindings configuration
|
|
34
|
+
#
|
|
35
|
+
def self.configure
|
|
36
|
+
@configure ||= begin
|
|
37
|
+
namespace = ["Google", "Cloud", "BinaryAuthorization"]
|
|
38
|
+
parent_config = while namespace.any?
|
|
39
|
+
parent_name = namespace.join "::"
|
|
40
|
+
parent_const = const_get parent_name
|
|
41
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
|
42
|
+
namespace.pop
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
default_config = ::Gapic::Rest::HttpBindingOverrideConfiguration.new parent_config
|
|
46
|
+
default_config.bindings_override["google.iam.v1.IAMPolicy.GetIamPolicy"] = [
|
|
47
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
48
|
+
uri_method: :get,
|
|
49
|
+
uri_template: "/v1/{resource}:getIamPolicy",
|
|
50
|
+
matches: [
|
|
51
|
+
["resource", %r{^projects/[^/]+/policy/?$}, false]
|
|
52
|
+
],
|
|
53
|
+
body: nil
|
|
54
|
+
),
|
|
55
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
56
|
+
uri_method: :get,
|
|
57
|
+
uri_template: "/v1/{resource}:getIamPolicy",
|
|
58
|
+
matches: [
|
|
59
|
+
["resource", %r{^projects/[^/]+/attestors/[^/]+/?$}, false]
|
|
60
|
+
],
|
|
61
|
+
body: nil
|
|
62
|
+
)
|
|
63
|
+
]
|
|
64
|
+
default_config.bindings_override["google.iam.v1.IAMPolicy.SetIamPolicy"] = [
|
|
65
|
+
|
|
66
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
67
|
+
uri_method: :post,
|
|
68
|
+
uri_template: "/v1/{resource}:setIamPolicy",
|
|
69
|
+
matches: [
|
|
70
|
+
["resource", %r{^projects/[^/]+/policy/?$}, false]
|
|
71
|
+
],
|
|
72
|
+
body: "*"
|
|
73
|
+
),
|
|
74
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
75
|
+
uri_method: :post,
|
|
76
|
+
uri_template: "/v1/{resource}:setIamPolicy",
|
|
77
|
+
matches: [
|
|
78
|
+
["resource", %r{^projects/[^/]+/attestors/[^/]+/?$}, false]
|
|
79
|
+
],
|
|
80
|
+
body: "*"
|
|
81
|
+
)
|
|
82
|
+
]
|
|
83
|
+
default_config.bindings_override["google.iam.v1.IAMPolicy.TestIamPermissions"] = [
|
|
84
|
+
|
|
85
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
86
|
+
uri_method: :post,
|
|
87
|
+
uri_template: "/v1/{resource}:testIamPermissions",
|
|
88
|
+
matches: [
|
|
89
|
+
["resource", %r{^projects/[^/]+/policy/?$}, false]
|
|
90
|
+
],
|
|
91
|
+
body: "*"
|
|
92
|
+
),
|
|
93
|
+
Gapic::Rest::GrpcTranscoder::HttpBinding.create_with_validation(
|
|
94
|
+
uri_method: :post,
|
|
95
|
+
uri_template: "/v1/{resource}:testIamPermissions",
|
|
96
|
+
matches: [
|
|
97
|
+
["resource", %r{^projects/[^/]+/attestors/[^/]+/?$}, false]
|
|
98
|
+
],
|
|
99
|
+
body: "*"
|
|
100
|
+
)
|
|
101
|
+
]
|
|
102
|
+
default_config
|
|
103
|
+
end
|
|
104
|
+
yield @configure if block_given?
|
|
105
|
+
@configure
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
end
|
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
require "google/cloud/binary_authorization/v1/binauthz_management_service/rest"
|
|
20
20
|
require "google/cloud/binary_authorization/v1/system_policy/rest"
|
|
21
21
|
require "google/cloud/binary_authorization/v1/validation_helper/rest"
|
|
22
|
+
require "google/cloud/binary_authorization/v1/bindings_override"
|
|
22
23
|
require "google/cloud/binary_authorization/v1/version"
|
|
23
24
|
|
|
24
25
|
module Google
|
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1/service_pb"
|
|
21
|
+
require "google/iam/v1"
|
|
21
22
|
|
|
22
23
|
module Google
|
|
23
24
|
module Cloud
|
|
@@ -170,8 +171,23 @@ module Google
|
|
|
170
171
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
171
172
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
172
173
|
end
|
|
174
|
+
|
|
175
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Client.new do |config|
|
|
176
|
+
config.credentials = credentials
|
|
177
|
+
config.quota_project = @quota_project_id
|
|
178
|
+
config.endpoint = @system_policy_stub.endpoint
|
|
179
|
+
config.universe_domain = @system_policy_stub.universe_domain
|
|
180
|
+
config.logger = @system_policy_stub.logger if config.respond_to? :logger=
|
|
181
|
+
end
|
|
173
182
|
end
|
|
174
183
|
|
|
184
|
+
##
|
|
185
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
186
|
+
#
|
|
187
|
+
# @return [Google::Iam::V1::IAMPolicy::Client]
|
|
188
|
+
#
|
|
189
|
+
attr_reader :iam_policy_client
|
|
190
|
+
|
|
175
191
|
##
|
|
176
192
|
# The logger used for request/response debug logging.
|
|
177
193
|
#
|
|
@@ -365,6 +381,7 @@ module Google
|
|
|
365
381
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
366
382
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
367
383
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
384
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
368
385
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
369
386
|
# trigger a retry.
|
|
370
387
|
# @return [::Hash]
|
|
@@ -448,6 +465,7 @@ module Google
|
|
|
448
465
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
449
466
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
450
467
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
468
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
451
469
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
452
470
|
# trigger a retry.
|
|
453
471
|
#
|
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1/service_pb"
|
|
21
21
|
require "google/cloud/binary_authorization/v1/system_policy/rest/service_stub"
|
|
22
|
+
require "google/iam/v1/rest"
|
|
22
23
|
|
|
23
24
|
module Google
|
|
24
25
|
module Cloud
|
|
@@ -163,8 +164,24 @@ module Google
|
|
|
163
164
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
164
165
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
165
166
|
end
|
|
167
|
+
|
|
168
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
|
|
169
|
+
config.credentials = credentials
|
|
170
|
+
config.quota_project = @quota_project_id
|
|
171
|
+
config.endpoint = @system_policy_stub.endpoint
|
|
172
|
+
config.universe_domain = @system_policy_stub.universe_domain
|
|
173
|
+
config.bindings_override = @config.bindings_override
|
|
174
|
+
config.logger = @system_policy_stub.logger if config.respond_to? :logger=
|
|
175
|
+
end
|
|
166
176
|
end
|
|
167
177
|
|
|
178
|
+
##
|
|
179
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
180
|
+
#
|
|
181
|
+
# @return [Google::Iam::V1::IAMPolicy::Rest::Client]
|
|
182
|
+
#
|
|
183
|
+
attr_reader :iam_policy_client
|
|
184
|
+
|
|
168
185
|
##
|
|
169
186
|
# The logger used for request/response debug logging.
|
|
170
187
|
#
|
|
@@ -325,6 +342,7 @@ module Google
|
|
|
325
342
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
326
343
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
327
344
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
345
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
328
346
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
329
347
|
# trigger a retry.
|
|
330
348
|
# @return [::Hash]
|
|
@@ -362,6 +380,13 @@ module Google
|
|
|
362
380
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
363
381
|
config_attr :quota_project, nil, ::String, nil
|
|
364
382
|
config_attr :universe_domain, nil, ::String, nil
|
|
383
|
+
|
|
384
|
+
# @private
|
|
385
|
+
# Overrides for http bindings for the RPCs of this service
|
|
386
|
+
# are only used when this service is used as mixin, and only
|
|
387
|
+
# by the host service.
|
|
388
|
+
# @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
|
|
389
|
+
config_attr :bindings_override, {}, ::Hash, nil
|
|
365
390
|
config_attr :logger, :default, ::Logger, nil, :default
|
|
366
391
|
|
|
367
392
|
# @private
|
|
@@ -397,6 +422,7 @@ module Google
|
|
|
397
422
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
398
423
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
399
424
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
425
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
400
426
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
401
427
|
# trigger a retry.
|
|
402
428
|
#
|
|
@@ -21,6 +21,7 @@ require "gapic/config"
|
|
|
21
21
|
require "gapic/config/method"
|
|
22
22
|
|
|
23
23
|
require "google/cloud/binary_authorization/v1/version"
|
|
24
|
+
require "google/cloud/binary_authorization/v1/bindings_override"
|
|
24
25
|
|
|
25
26
|
require "google/cloud/binary_authorization/v1/system_policy/credentials"
|
|
26
27
|
require "google/cloud/binary_authorization/v1/system_policy/paths"
|
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1/service_pb"
|
|
21
|
+
require "google/iam/v1"
|
|
21
22
|
|
|
22
23
|
module Google
|
|
23
24
|
module Cloud
|
|
@@ -168,8 +169,23 @@ module Google
|
|
|
168
169
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
169
170
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
170
171
|
end
|
|
172
|
+
|
|
173
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Client.new do |config|
|
|
174
|
+
config.credentials = credentials
|
|
175
|
+
config.quota_project = @quota_project_id
|
|
176
|
+
config.endpoint = @validation_helper_stub.endpoint
|
|
177
|
+
config.universe_domain = @validation_helper_stub.universe_domain
|
|
178
|
+
config.logger = @validation_helper_stub.logger if config.respond_to? :logger=
|
|
179
|
+
end
|
|
171
180
|
end
|
|
172
181
|
|
|
182
|
+
##
|
|
183
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
184
|
+
#
|
|
185
|
+
# @return [Google::Iam::V1::IAMPolicy::Client]
|
|
186
|
+
#
|
|
187
|
+
attr_reader :iam_policy_client
|
|
188
|
+
|
|
173
189
|
##
|
|
174
190
|
# The logger used for request/response debug logging.
|
|
175
191
|
#
|
|
@@ -182,8 +198,8 @@ module Google
|
|
|
182
198
|
# Service calls
|
|
183
199
|
|
|
184
200
|
##
|
|
185
|
-
# Returns whether the given Attestation for the given image URI
|
|
186
|
-
# was signed by the given Attestor
|
|
201
|
+
# Returns whether the given `Attestation` for the given image URI
|
|
202
|
+
# was signed by the given `Attestor`
|
|
187
203
|
#
|
|
188
204
|
# @overload validate_attestation_occurrence(request, options = nil)
|
|
189
205
|
# Pass arguments to `validate_attestation_occurrence` via a request object, either of type
|
|
@@ -201,14 +217,15 @@ module Google
|
|
|
201
217
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
202
218
|
#
|
|
203
219
|
# @param attestor [::String]
|
|
204
|
-
# Required. The resource name of the
|
|
220
|
+
# Required. The resource name of the
|
|
221
|
+
# {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
|
|
205
222
|
# [occurrence][grafeas.v1.Occurrence], in the format
|
|
206
223
|
# `projects/*/attestors/*`.
|
|
207
224
|
# @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash]
|
|
208
225
|
# Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to
|
|
209
|
-
# be checked that it can be verified by the Attestor
|
|
210
|
-
# an existing entity in Container Analysis. It must otherwise be a valid
|
|
211
|
-
# AttestationOccurrence
|
|
226
|
+
# be checked that it can be verified by the `Attestor`. It does not have to
|
|
227
|
+
# be an existing entity in Container Analysis. It must otherwise be a valid
|
|
228
|
+
# `AttestationOccurrence`.
|
|
212
229
|
# @param occurrence_note [::String]
|
|
213
230
|
# Required. The resource name of the [Note][grafeas.v1.Note] to which the
|
|
214
231
|
# containing [Occurrence][grafeas.v1.Occurrence] is associated.
|
|
@@ -376,6 +393,7 @@ module Google
|
|
|
376
393
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
377
394
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
378
395
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
396
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
379
397
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
380
398
|
# trigger a retry.
|
|
381
399
|
# @return [::Hash]
|
|
@@ -459,6 +477,7 @@ module Google
|
|
|
459
477
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
460
478
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
461
479
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
480
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
462
481
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
463
482
|
# trigger a retry.
|
|
464
483
|
#
|
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1/service_pb"
|
|
21
21
|
require "google/cloud/binary_authorization/v1/validation_helper/rest/service_stub"
|
|
22
|
+
require "google/iam/v1/rest"
|
|
22
23
|
|
|
23
24
|
module Google
|
|
24
25
|
module Cloud
|
|
@@ -161,8 +162,24 @@ module Google
|
|
|
161
162
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
162
163
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
163
164
|
end
|
|
165
|
+
|
|
166
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
|
|
167
|
+
config.credentials = credentials
|
|
168
|
+
config.quota_project = @quota_project_id
|
|
169
|
+
config.endpoint = @validation_helper_stub.endpoint
|
|
170
|
+
config.universe_domain = @validation_helper_stub.universe_domain
|
|
171
|
+
config.bindings_override = @config.bindings_override
|
|
172
|
+
config.logger = @validation_helper_stub.logger if config.respond_to? :logger=
|
|
173
|
+
end
|
|
164
174
|
end
|
|
165
175
|
|
|
176
|
+
##
|
|
177
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
178
|
+
#
|
|
179
|
+
# @return [Google::Iam::V1::IAMPolicy::Rest::Client]
|
|
180
|
+
#
|
|
181
|
+
attr_reader :iam_policy_client
|
|
182
|
+
|
|
166
183
|
##
|
|
167
184
|
# The logger used for request/response debug logging.
|
|
168
185
|
#
|
|
@@ -175,8 +192,8 @@ module Google
|
|
|
175
192
|
# Service calls
|
|
176
193
|
|
|
177
194
|
##
|
|
178
|
-
# Returns whether the given Attestation for the given image URI
|
|
179
|
-
# was signed by the given Attestor
|
|
195
|
+
# Returns whether the given `Attestation` for the given image URI
|
|
196
|
+
# was signed by the given `Attestor`
|
|
180
197
|
#
|
|
181
198
|
# @overload validate_attestation_occurrence(request, options = nil)
|
|
182
199
|
# Pass arguments to `validate_attestation_occurrence` via a request object, either of type
|
|
@@ -194,14 +211,15 @@ module Google
|
|
|
194
211
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
195
212
|
#
|
|
196
213
|
# @param attestor [::String]
|
|
197
|
-
# Required. The resource name of the
|
|
214
|
+
# Required. The resource name of the
|
|
215
|
+
# {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
|
|
198
216
|
# [occurrence][grafeas.v1.Occurrence], in the format
|
|
199
217
|
# `projects/*/attestors/*`.
|
|
200
218
|
# @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash]
|
|
201
219
|
# Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to
|
|
202
|
-
# be checked that it can be verified by the Attestor
|
|
203
|
-
# an existing entity in Container Analysis. It must otherwise be a valid
|
|
204
|
-
# AttestationOccurrence
|
|
220
|
+
# be checked that it can be verified by the `Attestor`. It does not have to
|
|
221
|
+
# be an existing entity in Container Analysis. It must otherwise be a valid
|
|
222
|
+
# `AttestationOccurrence`.
|
|
205
223
|
# @param occurrence_note [::String]
|
|
206
224
|
# Required. The resource name of the [Note][grafeas.v1.Note] to which the
|
|
207
225
|
# containing [Occurrence][grafeas.v1.Occurrence] is associated.
|
|
@@ -336,6 +354,7 @@ module Google
|
|
|
336
354
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
337
355
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
338
356
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
357
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
339
358
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
340
359
|
# trigger a retry.
|
|
341
360
|
# @return [::Hash]
|
|
@@ -373,6 +392,13 @@ module Google
|
|
|
373
392
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
374
393
|
config_attr :quota_project, nil, ::String, nil
|
|
375
394
|
config_attr :universe_domain, nil, ::String, nil
|
|
395
|
+
|
|
396
|
+
# @private
|
|
397
|
+
# Overrides for http bindings for the RPCs of this service
|
|
398
|
+
# are only used when this service is used as mixin, and only
|
|
399
|
+
# by the host service.
|
|
400
|
+
# @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
|
|
401
|
+
config_attr :bindings_override, {}, ::Hash, nil
|
|
376
402
|
config_attr :logger, :default, ::Logger, nil, :default
|
|
377
403
|
|
|
378
404
|
# @private
|
|
@@ -408,6 +434,7 @@ module Google
|
|
|
408
434
|
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
409
435
|
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
410
436
|
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
437
|
+
# * `:jitter` (*type:* `Numeric`) - The jitter in seconds. Default: 1.0.
|
|
411
438
|
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
412
439
|
# trigger a retry.
|
|
413
440
|
#
|
|
@@ -21,6 +21,7 @@ require "gapic/config"
|
|
|
21
21
|
require "gapic/config/method"
|
|
22
22
|
|
|
23
23
|
require "google/cloud/binary_authorization/v1/version"
|
|
24
|
+
require "google/cloud/binary_authorization/v1/bindings_override"
|
|
24
25
|
|
|
25
26
|
require "google/cloud/binary_authorization/v1/validation_helper/credentials"
|
|
26
27
|
require "google/cloud/binary_authorization/v1/validation_helper/rest/client"
|
|
@@ -9,7 +9,7 @@ require 'google/api/resource_pb'
|
|
|
9
9
|
require 'google/protobuf/timestamp_pb'
|
|
10
10
|
|
|
11
11
|
|
|
12
|
-
descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\
|
|
12
|
+
descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\x8b\r\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12r\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12i\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32>.google.cloud.binaryauthorization.v1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12l\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32\x46.google.cloud.binaryauthorization.v1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x85\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32R.google.cloud.binaryauthorization.v1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x90\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32W.google.cloud.binaryauthorization.v1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x88\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32S.google.cloud.binaryauthorization.v1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12W\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x0b \x01(\tB\x03\xe0\x41\x01\x1ap\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a|\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a}\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xda\x03\n\rAdmissionRule\x12_\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x41.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32\x42.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xca\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\\\n\x17user_owned_grafeas_note\x18\x03 \x01(\x0b\x32\x39.google.cloud.binaryauthorization.v1.UserOwnedGrafeasNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x07 \x01(\tB\x03\xe0\x41\x01:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb4\x01\n\x14UserOwnedGrafeasNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12P\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32\x36.google.cloud.binaryauthorization.v1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xdb\x05\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12\x62\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32\x45.google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm\x12\x13\n\x06key_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xb8\x04\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x1c\n\x18RSA_SIGN_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x1c\n\x18RSA_SIGN_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x12\r\n\tML_DSA_65\x10\r\x1a\x02\x10\x01\"\xba\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12M\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\x89\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
|
|
13
13
|
|
|
14
14
|
pool = ::Google::Protobuf::DescriptorPool.generated_pool
|
|
15
15
|
pool.add_serialized_file(descriptor_data)
|
|
@@ -13,7 +13,7 @@ require 'google/protobuf/empty_pb'
|
|
|
13
13
|
require 'grafeas/v1/attestation_pb'
|
|
14
14
|
|
|
15
15
|
|
|
16
|
-
descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\
|
|
16
|
+
descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x89\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
|
|
17
17
|
|
|
18
18
|
pool = ::Google::Protobuf::DescriptorPool.generated_pool
|
|
19
19
|
pool.add_serialized_file(descriptor_data)
|
|
@@ -41,35 +41,44 @@ module Google
|
|
|
41
41
|
self.unmarshal_class_method = :decode
|
|
42
42
|
self.service_name = 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1'
|
|
43
43
|
|
|
44
|
-
# A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the
|
|
45
|
-
#
|
|
46
|
-
# image
|
|
47
|
-
#
|
|
44
|
+
# A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the
|
|
45
|
+
# [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest
|
|
46
|
+
# to a container image, before the project is allowed to deploy that image.
|
|
47
|
+
# There is at most one policy per project. All image admission requests are
|
|
48
|
+
# permitted if a project has no policy.
|
|
48
49
|
#
|
|
49
|
-
# Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this
|
|
50
|
-
#
|
|
50
|
+
# Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this
|
|
51
|
+
# project. Returns a default
|
|
52
|
+
# [policy][google.cloud.binaryauthorization.v1.Policy] if the project does
|
|
53
|
+
# not have one.
|
|
51
54
|
rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
|
|
52
|
-
# Creates or updates a project's
|
|
53
|
-
#
|
|
54
|
-
#
|
|
55
|
-
#
|
|
56
|
-
# if the
|
|
55
|
+
# Creates or updates a project's
|
|
56
|
+
# [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of
|
|
57
|
+
# the new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is
|
|
58
|
+
# always updated as a whole, to avoid race conditions with concurrent policy
|
|
59
|
+
# enforcement (or management!) requests. Returns `NOT_FOUND` if the project
|
|
60
|
+
# does not exist, `INVALID_ARGUMENT` if the request is malformed.
|
|
57
61
|
rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
|
|
58
|
-
# Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and
|
|
59
|
-
#
|
|
60
|
-
#
|
|
62
|
+
# Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and
|
|
63
|
+
# returns a copy of the new
|
|
64
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns
|
|
65
|
+
# `NOT_FOUND` if the project does not exist, `INVALID_ARGUMENT` if the
|
|
66
|
+
# request is malformed, `ALREADY_EXISTS` if the
|
|
61
67
|
# [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.
|
|
62
68
|
rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
|
63
69
|
# Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
|
64
|
-
# Returns NOT_FOUND if the
|
|
70
|
+
# Returns `NOT_FOUND` if the
|
|
71
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
|
65
72
|
rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
|
66
73
|
# Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
|
67
|
-
# Returns NOT_FOUND if the
|
|
74
|
+
# Returns `NOT_FOUND` if the
|
|
75
|
+
# [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
|
68
76
|
rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
|
|
69
77
|
# Lists [attestors][google.cloud.binaryauthorization.v1.Attestor].
|
|
70
|
-
# Returns INVALID_ARGUMENT if the project does not exist.
|
|
78
|
+
# Returns `INVALID_ARGUMENT` if the project does not exist.
|
|
71
79
|
rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse
|
|
72
|
-
# Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
|
80
|
+
# Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor].
|
|
81
|
+
# Returns `NOT_FOUND` if the
|
|
73
82
|
# [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
|
|
74
83
|
rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Google::Protobuf::Empty
|
|
75
84
|
end
|
|
@@ -102,8 +111,8 @@ module Google
|
|
|
102
111
|
self.unmarshal_class_method = :decode
|
|
103
112
|
self.service_name = 'google.cloud.binaryauthorization.v1.ValidationHelperV1'
|
|
104
113
|
|
|
105
|
-
# Returns whether the given Attestation for the given image URI
|
|
106
|
-
# was signed by the given Attestor
|
|
114
|
+
# Returns whether the given `Attestation` for the given image URI
|
|
115
|
+
# was signed by the given `Attestor`
|
|
107
116
|
rpc :ValidateAttestationOccurrence, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse
|
|
108
117
|
end
|
|
109
118
|
|