google-cloud-binary_authorization-v1beta1 0.1.0 → 0.3.1

data/proto_docs/google/api/field_behavior.rb

@@ -54,6 +54,12 @@ module Google
       # This indicates that the field may be set once in a request to create a
       # resource, but may not be changed thereafter.
       IMMUTABLE = 5
+
+      # Denotes that a (repeated) field is an unordered list.
+      # This indicates that the service may provide the elements of the list
+      # in any arbitrary order, rather than the order the user originally
+      # provided. Additionally, the list's order may or may not be stable.
+      UNORDERED_LIST = 6
     end
   end
 end

data/proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module BinaryAuthorization
+      module V1beta1
+        # Represents an auditing event from Continuous Validation.
+        # @!attribute [rw] pod_event
+        #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent]
+        #     Pod event.
+        # @!attribute [rw] unsupported_policy_event
+        #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::UnsupportedPolicyEvent]
+        #     Unsupported policy event.
+        class ContinuousValidationEvent
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # An auditing event for one Pod.
+          # @!attribute [rw] pod
+          #   @return [::String]
+          #     The name of the Pod.
+          # @!attribute [rw] deploy_time
+          #   @return [::Google::Protobuf::Timestamp]
+          #     Deploy time of the Pod from k8s.
+          # @!attribute [rw] end_time
+          #   @return [::Google::Protobuf::Timestamp]
+          #     Termination time of the Pod from k8s, or nothing if still running.
+          # @!attribute [rw] verdict
+          #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict]
+          #     Auditing verdict for this Pod.
+          # @!attribute [rw] images
+          #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails>]
+          #     List of images with auditing details.
+          class ContinuousValidationPodEvent
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Container image with auditing details.
+            # @!attribute [rw] image
+            #   @return [::String]
+            #     The name of the image.
+            # @!attribute [rw] result
+            #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
+            #     The result of the audit for this image.
+            # @!attribute [rw] description
+            #   @return [::String]
+            #     Description of the above result.
+            class ImageDetails
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+
+              # Result of the audit.
+              module AuditResult
+                # Unspecified result. This is an error.
+                AUDIT_RESULT_UNSPECIFIED = 0
+
+                # Image is allowed.
+                ALLOW = 1
+
+                # Image is denied.
+                DENY = 2
+              end
+            end
+
+            # Audit time policy conformance verdict.
+            module PolicyConformanceVerdict
+              # We should always have a verdict. This is an error.
+              POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0
+
+              # The pod violates the policy.
+              VIOLATES_POLICY = 1
+            end
+          end
+
+          # An event describing that the project policy is unsupported by CV.
+          # @!attribute [rw] description
+          #   @return [::String]
+          #     A description of the unsupported policy.
+          class UnsupportedPolicyEvent
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb

@@ -21,7 +21,8 @@ module Google
   module Cloud
     module BinaryAuthorization
       module V1beta1
-        # A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for container image binary authorization.
+        # A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for container
+        # image binary authorization.
         # @!attribute [r] name
         #   @return [::String]
         #     Output only. The resource name, in the format `projects/*/policy`. There is
@@ -37,7 +38,7 @@ module Google
         #     has no effect when specified inside a global admission policy.
         # @!attribute [rw] admission_whitelist_patterns
         #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionWhitelistPattern>]
-        #     Optional. Admission policy whitelisting. A matching admission request will
+        #     Optional. Admission policy allowlisting. A matching admission request will
         #     always be permitted. This feature is typically used to exclude Google or
         #     third-party infrastructure images from Binary Authorization policies.
         # @!attribute [rw] cluster_admission_rules
@@ -81,11 +82,13 @@ module Google
           end
         end
 
-        # An {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionWhitelistPattern admission whitelist pattern} exempts images
-        # from checks by {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule admission rules}.
+        # An [admission allowlist
+        # pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern]
+        # exempts images from checks by [admission
+        # rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule].
         # @!attribute [rw] name_pattern
         #   @return [::String]
-        #     An image name pattern to whitelist, in the form `registry/path/to/image`.
+        #     An image name pattern to allow, in the form `registry/path/to/image`.
         #     This supports a trailing `*` as a wildcard, but this is allowed only in
         #     text after the `registry/` part.
         class AdmissionWhitelistPattern
@@ -93,12 +96,14 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # An {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule admission rule} specifies either that all container images
-        # used in a pod creation request must be attested to by one or more
-        # {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, that all pod creations will be allowed, or that all
-        # pod creations will be denied.
+        # An {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule admission rule}
+        # specifies either that all container images used in a pod creation request
+        # must be attested to by one or more
+        # {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, that all pod
+        # creations will be allowed, or that all pod creations will be denied.
         #
-        # Images matching an {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionWhitelistPattern admission whitelist pattern}
+        # Images matching an [admission allowlist
+        # pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern]
         # are exempted from admission rules and will never block a pod creation.
         # @!attribute [rw] evaluation_mode
         #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule::EvaluationMode]
@@ -151,9 +156,9 @@ module Google
           end
         end
 
-        # An {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} that attests to container image
-        # artifacts. An existing attestor cannot be modified except where
-        # indicated.
+        # An {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} that attests
+        # to container image artifacts. An existing attestor cannot be modified except
+        # where indicated.
         # @!attribute [rw] name
         #   @return [::String]
         #     Required. The resource name, in the format:
@@ -173,8 +178,9 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # An {::Google::Cloud::BinaryAuthorization::V1beta1::UserOwnedDrydockNote user owned drydock note} references a Drydock
-        # ATTESTATION_AUTHORITY Note created by the user.
+        # An [user owned drydock
+        # note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote]
+        # references a Drydock ATTESTATION_AUTHORITY Note created by the user.
         # @!attribute [rw] note_reference
         #   @return [::String]
         #     Required. The Drydock resource name of a ATTESTATION_AUTHORITY Note,
@@ -275,8 +281,9 @@ module Google
           end
         end
 
-        # An {::Google::Cloud::BinaryAuthorization::V1beta1::AttestorPublicKey attestor public key} that will be used to verify
-        # attestations signed by this attestor.
+        # An [attestor public
+        # key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be
+        # used to verify attestations signed by this attestor.
         # @!attribute [rw] comment
         #   @return [::String]
         #     Optional. A descriptive comment. This field may be updated.

data/proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb

@@ -24,8 +24,9 @@ module Google
         # Request message for [BinauthzManagementService.GetPolicy][].
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve,
-        #     in the format `projects/*/policy`.
+        #     Required. The resource name of the
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve, in
+        #     the format `projects/*/policy`.
         class GetPolicyRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -34,9 +35,11 @@ module Google
         # Request message for [BinauthzManagementService.UpdatePolicy][].
         # @!attribute [rw] policy
         #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
-        #     Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The service will
-        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy#name policy name} field with the resource name in
-        #     the request URL, in the format `projects/*/policy`.
+        #     Required. A new or updated
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The
+        #     service will overwrite the [policy
+        #     name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the
+        #     resource name in the request URL, in the format `projects/*/policy`.
         class UpdatePolicyRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -45,15 +48,19 @@ module Google
         # Request message for [BinauthzManagementService.CreateAttestor][].
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
+        #     Required. The parent of this
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
         # @!attribute [rw] attestor_id
         #   @return [::String]
-        #     Required. The {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
+        #     Required. The
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
         # @!attribute [rw] attestor
         #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
-        #     Required. The initial {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The service will
-        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor#name attestor name} field with the resource name,
-        #     in the format `projects/*/attestors/*`.
+        #     Required. The initial
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
+        #     service will overwrite the [attestor
+        #     name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
+        #     the resource name, in the format `projects/*/attestors/*`.
         class CreateAttestorRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -62,8 +69,9 @@ module Google
         # Request message for [BinauthzManagementService.GetAttestor][].
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. The name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve, in the format
-        #     `projects/*/attestors/*`.
+        #     Required. The name of the
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve,
+        #     in the format `projects/*/attestors/*`.
         class GetAttestorRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -72,9 +80,12 @@ module Google
         # Request message for [BinauthzManagementService.UpdateAttestor][].
         # @!attribute [rw] attestor
         #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
-        #     Required. The updated {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The service will
-        #     overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor#name attestor name} field with the resource name
-        #     in the request URL, in the format `projects/*/attestors/*`.
+        #     Required. The updated
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
+        #     service will overwrite the [attestor
+        #     name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
+        #     the resource name in the request URL, in the format
+        #     `projects/*/attestors/*`.
         class UpdateAttestorRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -84,7 +95,8 @@ module Google
         # @!attribute [rw] parent
         #   @return [::String]
         #     Required. The resource name of the project associated with the
-        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the format `projects/*`.
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
+        #     format `projects/*`.
         # @!attribute [rw] page_size
         #   @return [::Integer]
         #     Requested page size. The server may return fewer results than requested. If
@@ -92,8 +104,9 @@ module Google
         # @!attribute [rw] page_token
         #   @return [::String]
         #     A token identifying a page of results the server should return. Typically,
-        #     this is the value of {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned
-        #     from the previous call to the `ListAttestors` method.
+        #     this is the value of
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token}
+        #     returned from the previous call to the `ListAttestors` method.
         class ListAttestorsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -106,8 +119,9 @@ module Google
         # @!attribute [rw] next_page_token
         #   @return [::String]
         #     A token to retrieve the next page of results. Pass this value in the
-        #     {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token} field in the subsequent call to the
-        #     `ListAttestors` method to retrieve the next page of results.
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token}
+        #     field in the subsequent call to the `ListAttestors` method to retrieve the
+        #     next page of results.
         class ListAttestorsResponse
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -116,8 +130,9 @@ module Google
         # Request message for [BinauthzManagementService.DeleteAttestor][].
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. The name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete, in the format
-        #     `projects/*/attestors/*`.
+        #     Required. The name of the
+        #     {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete,
+        #     in the format `projects/*/attestors/*`.
         class DeleteAttestorRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/protobuf/timestamp.rb

@@ -70,7 +70,16 @@ module Google
     #         .setNanos((int) ((millis % 1000) * 1000000)).build();
     #
     #
-    # Example 5: Compute Timestamp from current time in Python.
+    # Example 5: Compute Timestamp from Java `Instant.now()`.
+    #
+    #     Instant now = Instant.now();
+    #
+    #     Timestamp timestamp =
+    #         Timestamp.newBuilder().setSeconds(now.getEpochSecond())
+    #             .setNanos(now.getNano()).build();
+    #
+    #
+    # Example 6: Compute Timestamp from current time in Python.
     #
     #     timestamp = Timestamp()
     #     timestamp.GetCurrentTime()

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-binary_authorization-v1beta1
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-04 00:00:00.000000000 Z
+date: 2021-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 2.a
 - !ruby/object:Gem::Dependency
   name: google-cloud-errors
   requirement: !ruby/object:Gem::Requirement
@@ -44,14 +50,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.24.0
+        version: 1.25.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.24.0
+        version: 1.25.1
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -152,7 +158,10 @@ dependencies:
         version: '0.9'
 description: Binary Authorization is a service on Google Cloud that provides centralized
   software supply-chain security for applications that run on Google Kubernetes Engine
-  (GKE) and GKE on-prem.
+  (GKE) and GKE on-prem. Note that google-cloud-binary_authorization-v1beta1 is a
+  version-specific client library. For most uses, we recommend installing the main
+  client library google-cloud-binary_authorization instead. See the readme for more
+  details.
 email: googleapis-packages@google.com
 executables: []
 extensions: []
@@ -169,12 +178,14 @@ files:
 - lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/credentials.rb
 - lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/paths.rb
 - lib/google/cloud/binary_authorization/v1beta1/version.rb
+- lib/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging_pb.rb
 - lib/google/cloud/binaryauthorization/v1beta1/resources_pb.rb
 - lib/google/cloud/binaryauthorization/v1beta1/service_pb.rb
 - lib/google/cloud/binaryauthorization/v1beta1/service_services_pb.rb
 - proto_docs/README.md
 - proto_docs/google/api/field_behavior.rb
 - proto_docs/google/api/resource.rb
+- proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb
 - proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb
 - proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb
 - proto_docs/google/protobuf/empty.rb
@@ -191,14 +202,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.17
 signing_key: 
 specification_version: 4
 summary: API Client library for the Binary Authorization V1beta1 API