google-cloud-binary_authorization-v1 1.7.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -18,6 +18,7 @@
18
18
 
19
19
  require "google/cloud/errors"
20
20
  require "google/cloud/binaryauthorization/v1/service_pb"
21
+ require "google/iam/v1"
21
22
 
22
23
  module Google
23
24
  module Cloud
@@ -170,8 +171,23 @@ module Google
170
171
  entry.set "defaultTimeout", @config.timeout if @config.timeout
171
172
  entry.set "quotaProject", @quota_project_id if @quota_project_id
172
173
  end
174
+
175
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Client.new do |config|
176
+ config.credentials = credentials
177
+ config.quota_project = @quota_project_id
178
+ config.endpoint = @system_policy_stub.endpoint
179
+ config.universe_domain = @system_policy_stub.universe_domain
180
+ config.logger = @system_policy_stub.logger if config.respond_to? :logger=
181
+ end
173
182
  end
174
183
 
184
+ ##
185
+ # Get the associated client for mix-in of the IAMPolicy.
186
+ #
187
+ # @return [Google::Iam::V1::IAMPolicy::Client]
188
+ #
189
+ attr_reader :iam_policy_client
190
+
175
191
  ##
176
192
  # The logger used for request/response debug logging.
177
193
  #
@@ -19,6 +19,7 @@
19
19
  require "google/cloud/errors"
20
20
  require "google/cloud/binaryauthorization/v1/service_pb"
21
21
  require "google/cloud/binary_authorization/v1/system_policy/rest/service_stub"
22
+ require "google/iam/v1/rest"
22
23
 
23
24
  module Google
24
25
  module Cloud
@@ -163,8 +164,24 @@ module Google
163
164
  entry.set "defaultTimeout", @config.timeout if @config.timeout
164
165
  entry.set "quotaProject", @quota_project_id if @quota_project_id
165
166
  end
167
+
168
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
169
+ config.credentials = credentials
170
+ config.quota_project = @quota_project_id
171
+ config.endpoint = @system_policy_stub.endpoint
172
+ config.universe_domain = @system_policy_stub.universe_domain
173
+ config.bindings_override = @config.bindings_override
174
+ config.logger = @system_policy_stub.logger if config.respond_to? :logger=
175
+ end
166
176
  end
167
177
 
178
+ ##
179
+ # Get the associated client for mix-in of the IAMPolicy.
180
+ #
181
+ # @return [Google::Iam::V1::IAMPolicy::Rest::Client]
182
+ #
183
+ attr_reader :iam_policy_client
184
+
168
185
  ##
169
186
  # The logger used for request/response debug logging.
170
187
  #
@@ -363,6 +380,13 @@ module Google
363
380
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
364
381
  config_attr :quota_project, nil, ::String, nil
365
382
  config_attr :universe_domain, nil, ::String, nil
383
+
384
+ # @private
385
+ # Overrides for http bindings for the RPCs of this service
386
+ # are only used when this service is used as mixin, and only
387
+ # by the host service.
388
+ # @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
389
+ config_attr :bindings_override, {}, ::Hash, nil
366
390
  config_attr :logger, :default, ::Logger, nil, :default
367
391
 
368
392
  # @private
@@ -21,6 +21,7 @@ require "gapic/config"
21
21
  require "gapic/config/method"
22
22
 
23
23
  require "google/cloud/binary_authorization/v1/version"
24
+ require "google/cloud/binary_authorization/v1/bindings_override"
24
25
 
25
26
  require "google/cloud/binary_authorization/v1/system_policy/credentials"
26
27
  require "google/cloud/binary_authorization/v1/system_policy/paths"
@@ -18,6 +18,7 @@
18
18
 
19
19
  require "google/cloud/errors"
20
20
  require "google/cloud/binaryauthorization/v1/service_pb"
21
+ require "google/iam/v1"
21
22
 
22
23
  module Google
23
24
  module Cloud
@@ -168,8 +169,23 @@ module Google
168
169
  entry.set "defaultTimeout", @config.timeout if @config.timeout
169
170
  entry.set "quotaProject", @quota_project_id if @quota_project_id
170
171
  end
172
+
173
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Client.new do |config|
174
+ config.credentials = credentials
175
+ config.quota_project = @quota_project_id
176
+ config.endpoint = @validation_helper_stub.endpoint
177
+ config.universe_domain = @validation_helper_stub.universe_domain
178
+ config.logger = @validation_helper_stub.logger if config.respond_to? :logger=
179
+ end
171
180
  end
172
181
 
182
+ ##
183
+ # Get the associated client for mix-in of the IAMPolicy.
184
+ #
185
+ # @return [Google::Iam::V1::IAMPolicy::Client]
186
+ #
187
+ attr_reader :iam_policy_client
188
+
173
189
  ##
174
190
  # The logger used for request/response debug logging.
175
191
  #
@@ -182,8 +198,8 @@ module Google
182
198
  # Service calls
183
199
 
184
200
  ##
185
- # Returns whether the given Attestation for the given image URI
186
- # was signed by the given Attestor
201
+ # Returns whether the given `Attestation` for the given image URI
202
+ # was signed by the given `Attestor`
187
203
  #
188
204
  # @overload validate_attestation_occurrence(request, options = nil)
189
205
  # Pass arguments to `validate_attestation_occurrence` via a request object, either of type
@@ -201,14 +217,15 @@ module Google
201
217
  # the default parameter values, pass an empty Hash as a request object (see above).
202
218
  #
203
219
  # @param attestor [::String]
204
- # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
220
+ # Required. The resource name of the
221
+ # {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
205
222
  # [occurrence][grafeas.v1.Occurrence], in the format
206
223
  # `projects/*/attestors/*`.
207
224
  # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash]
208
225
  # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to
209
- # be checked that it can be verified by the Attestor. It does not have to be
210
- # an existing entity in Container Analysis. It must otherwise be a valid
211
- # AttestationOccurrence.
226
+ # be checked that it can be verified by the `Attestor`. It does not have to
227
+ # be an existing entity in Container Analysis. It must otherwise be a valid
228
+ # `AttestationOccurrence`.
212
229
  # @param occurrence_note [::String]
213
230
  # Required. The resource name of the [Note][grafeas.v1.Note] to which the
214
231
  # containing [Occurrence][grafeas.v1.Occurrence] is associated.
@@ -19,6 +19,7 @@
19
19
  require "google/cloud/errors"
20
20
  require "google/cloud/binaryauthorization/v1/service_pb"
21
21
  require "google/cloud/binary_authorization/v1/validation_helper/rest/service_stub"
22
+ require "google/iam/v1/rest"
22
23
 
23
24
  module Google
24
25
  module Cloud
@@ -161,8 +162,24 @@ module Google
161
162
  entry.set "defaultTimeout", @config.timeout if @config.timeout
162
163
  entry.set "quotaProject", @quota_project_id if @quota_project_id
163
164
  end
165
+
166
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
167
+ config.credentials = credentials
168
+ config.quota_project = @quota_project_id
169
+ config.endpoint = @validation_helper_stub.endpoint
170
+ config.universe_domain = @validation_helper_stub.universe_domain
171
+ config.bindings_override = @config.bindings_override
172
+ config.logger = @validation_helper_stub.logger if config.respond_to? :logger=
173
+ end
164
174
  end
165
175
 
176
+ ##
177
+ # Get the associated client for mix-in of the IAMPolicy.
178
+ #
179
+ # @return [Google::Iam::V1::IAMPolicy::Rest::Client]
180
+ #
181
+ attr_reader :iam_policy_client
182
+
166
183
  ##
167
184
  # The logger used for request/response debug logging.
168
185
  #
@@ -175,8 +192,8 @@ module Google
175
192
  # Service calls
176
193
 
177
194
  ##
178
- # Returns whether the given Attestation for the given image URI
179
- # was signed by the given Attestor
195
+ # Returns whether the given `Attestation` for the given image URI
196
+ # was signed by the given `Attestor`
180
197
  #
181
198
  # @overload validate_attestation_occurrence(request, options = nil)
182
199
  # Pass arguments to `validate_attestation_occurrence` via a request object, either of type
@@ -194,14 +211,15 @@ module Google
194
211
  # the default parameter values, pass an empty Hash as a request object (see above).
195
212
  #
196
213
  # @param attestor [::String]
197
- # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
214
+ # Required. The resource name of the
215
+ # {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the
198
216
  # [occurrence][grafeas.v1.Occurrence], in the format
199
217
  # `projects/*/attestors/*`.
200
218
  # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash]
201
219
  # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to
202
- # be checked that it can be verified by the Attestor. It does not have to be
203
- # an existing entity in Container Analysis. It must otherwise be a valid
204
- # AttestationOccurrence.
220
+ # be checked that it can be verified by the `Attestor`. It does not have to
221
+ # be an existing entity in Container Analysis. It must otherwise be a valid
222
+ # `AttestationOccurrence`.
205
223
  # @param occurrence_note [::String]
206
224
  # Required. The resource name of the [Note][grafeas.v1.Note] to which the
207
225
  # containing [Occurrence][grafeas.v1.Occurrence] is associated.
@@ -374,6 +392,13 @@ module Google
374
392
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
375
393
  config_attr :quota_project, nil, ::String, nil
376
394
  config_attr :universe_domain, nil, ::String, nil
395
+
396
+ # @private
397
+ # Overrides for http bindings for the RPCs of this service
398
+ # are only used when this service is used as mixin, and only
399
+ # by the host service.
400
+ # @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
401
+ config_attr :bindings_override, {}, ::Hash, nil
377
402
  config_attr :logger, :default, ::Logger, nil, :default
378
403
 
379
404
  # @private
@@ -21,6 +21,7 @@ require "gapic/config"
21
21
  require "gapic/config/method"
22
22
 
23
23
  require "google/cloud/binary_authorization/v1/version"
24
+ require "google/cloud/binary_authorization/v1/bindings_override"
24
25
 
25
26
  require "google/cloud/binary_authorization/v1/validation_helper/credentials"
26
27
  require "google/cloud/binary_authorization/v1/validation_helper/rest/client"
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module BinaryAuthorization
23
23
  module V1
24
- VERSION = "1.7.0"
24
+ VERSION = "1.8.0"
25
25
  end
26
26
  end
27
27
  end
@@ -9,7 +9,7 @@ require 'google/api/resource_pb'
9
9
  require 'google/protobuf/timestamp_pb'
10
10
 
11
11
 
12
- descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xf8\x0c\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12r\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12i\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32>.google.cloud.binaryauthorization.v1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12l\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32\x46.google.cloud.binaryauthorization.v1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x85\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32R.google.cloud.binaryauthorization.v1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x90\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32W.google.cloud.binaryauthorization.v1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x88\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32S.google.cloud.binaryauthorization.v1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12W\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x1ap\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a|\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a}\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xda\x03\n\rAdmissionRule\x12_\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x41.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32\x42.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xb7\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\\\n\x17user_owned_grafeas_note\x18\x03 \x01(\x0b\x32\x39.google.cloud.binaryauthorization.v1.UserOwnedGrafeasNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb4\x01\n\x14UserOwnedGrafeasNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12P\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32\x36.google.cloud.binaryauthorization.v1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xbf\x04\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12\x62\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32\x45.google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm\"\xb1\x03\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x1a\x02\x10\x01\"\xba\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12M\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
12
+ descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\x8b\r\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12r\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12i\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32>.google.cloud.binaryauthorization.v1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12l\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32\x46.google.cloud.binaryauthorization.v1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x85\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32R.google.cloud.binaryauthorization.v1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x90\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32W.google.cloud.binaryauthorization.v1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x88\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32S.google.cloud.binaryauthorization.v1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12W\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x0b \x01(\tB\x03\xe0\x41\x01\x1ap\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a|\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a}\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xda\x03\n\rAdmissionRule\x12_\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x41.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32\x42.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xca\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\\\n\x17user_owned_grafeas_note\x18\x03 \x01(\x0b\x32\x39.google.cloud.binaryauthorization.v1.UserOwnedGrafeasNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x07 \x01(\tB\x03\xe0\x41\x01:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb4\x01\n\x14UserOwnedGrafeasNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12P\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32\x36.google.cloud.binaryauthorization.v1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xdb\x05\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12\x62\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32\x45.google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm\x12\x13\n\x06key_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xb8\x04\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x1c\n\x18RSA_SIGN_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x1c\n\x18RSA_SIGN_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x12\r\n\tML_DSA_65\x10\r\x1a\x02\x10\x01\"\xba\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12M\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\x89\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
13
13
 
14
14
  pool = ::Google::Protobuf::DescriptorPool.generated_pool
15
15
  pool.add_serialized_file(descriptor_data)
@@ -13,7 +13,7 @@ require 'google/protobuf/empty_pb'
13
13
  require 'grafeas/v1/attestation_pb'
14
14
 
15
15
 
16
- descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
16
+ descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x89\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3"
17
17
 
18
18
  pool = ::Google::Protobuf::DescriptorPool.generated_pool
19
19
  pool.add_serialized_file(descriptor_data)
@@ -41,35 +41,44 @@ module Google
41
41
  self.unmarshal_class_method = :decode
42
42
  self.service_name = 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1'
43
43
 
44
- # A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to
45
- # a container image, before the project is allowed to deploy that
46
- # image. There is at most one policy per project. All image admission
47
- # requests are permitted if a project has no policy.
44
+ # A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the
45
+ # [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest
46
+ # to a container image, before the project is allowed to deploy that image.
47
+ # There is at most one policy per project. All image admission requests are
48
+ # permitted if a project has no policy.
48
49
  #
49
- # Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default
50
- # [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.
50
+ # Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this
51
+ # project. Returns a default
52
+ # [policy][google.cloud.binaryauthorization.v1.Policy] if the project does
53
+ # not have one.
51
54
  rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
52
- # Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the
53
- # new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race
54
- # conditions with concurrent policy enforcement (or management!)
55
- # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
56
- # if the request is malformed.
55
+ # Creates or updates a project's
56
+ # [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of
57
+ # the new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is
58
+ # always updated as a whole, to avoid race conditions with concurrent policy
59
+ # enforcement (or management!) requests. Returns `NOT_FOUND` if the project
60
+ # does not exist, `INVALID_ARGUMENT` if the request is malformed.
57
61
  rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy
58
- # Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new
59
- # [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist,
60
- # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
62
+ # Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and
63
+ # returns a copy of the new
64
+ # [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns
65
+ # `NOT_FOUND` if the project does not exist, `INVALID_ARGUMENT` if the
66
+ # request is malformed, `ALREADY_EXISTS` if the
61
67
  # [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.
62
68
  rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
63
69
  # Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor].
64
- # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
70
+ # Returns `NOT_FOUND` if the
71
+ # [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
65
72
  rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
66
73
  # Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor].
67
- # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
74
+ # Returns `NOT_FOUND` if the
75
+ # [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
68
76
  rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor
69
77
  # Lists [attestors][google.cloud.binaryauthorization.v1.Attestor].
70
- # Returns INVALID_ARGUMENT if the project does not exist.
78
+ # Returns `INVALID_ARGUMENT` if the project does not exist.
71
79
  rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse
72
- # Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the
80
+ # Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor].
81
+ # Returns `NOT_FOUND` if the
73
82
  # [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
74
83
  rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Google::Protobuf::Empty
75
84
  end
@@ -102,8 +111,8 @@ module Google
102
111
  self.unmarshal_class_method = :decode
103
112
  self.service_name = 'google.cloud.binaryauthorization.v1.ValidationHelperV1'
104
113
 
105
- # Returns whether the given Attestation for the given image URI
106
- # was signed by the given Attestor
114
+ # Returns whether the given `Attestation` for the given image URI
115
+ # was signed by the given `Attestor`
107
116
  rpc :ValidateAttestationOccurrence, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse
108
117
  end
109
118