google-cloud-binary_authorization-v1beta1 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/client.rb +65 -37
- data/lib/google/cloud/binary_authorization/v1beta1/version.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging_pb.rb +55 -0
- data/lib/google/cloud/binaryauthorization/v1beta1/service_services_pb.rb +32 -18
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb +104 -0
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb +37 -22
- metadata +15 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1a598751352a1aa2c62791d1be940c7efeb9fdf5b4b5e291e88e3919d4e288d7
|
|
4
|
+
data.tar.gz: e6ea6e395211cc8e9ba7d9a1f9f2a8cf18c4ae126cfe723cf3012081acdbbafe
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: acbbff146956b340ec0ff90480b3d664672c362362593dbee868cf0e21e9d7d5156eda098beff172926a59d182c55e5c217b90902e9797c185aa10bb00e5a035
|
|
7
|
+
data.tar.gz: 9c6494ac01fe4ef6a4fc2d386d512b8e2f76a95f229e610621b59b0e56658603b0eaf1d79b79a17af8b461885e789745cf8ca546625ccb1503c9b919931b8ca6
|
|
@@ -207,13 +207,16 @@ module Google
|
|
|
207
207
|
# Service calls
|
|
208
208
|
|
|
209
209
|
##
|
|
210
|
-
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} specifies the
|
|
211
|
-
#
|
|
210
|
+
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} specifies the
|
|
211
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} that must
|
|
212
|
+
# attest to a container image, before the project is allowed to deploy that
|
|
212
213
|
# image. There is at most one policy per project. All image admission
|
|
213
214
|
# requests are permitted if a project has no policy.
|
|
214
215
|
#
|
|
215
|
-
# Gets the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for this
|
|
216
|
-
#
|
|
216
|
+
# Gets the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for this
|
|
217
|
+
# project. Returns a default
|
|
218
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} if the project
|
|
219
|
+
# does not have one.
|
|
217
220
|
#
|
|
218
221
|
# @overload get_policy(request, options = nil)
|
|
219
222
|
# Pass arguments to `get_policy` via a request object, either of type
|
|
@@ -231,8 +234,9 @@ module Google
|
|
|
231
234
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
232
235
|
#
|
|
233
236
|
# @param name [::String]
|
|
234
|
-
# Required. The resource name of the
|
|
235
|
-
#
|
|
237
|
+
# Required. The resource name of the
|
|
238
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve, in
|
|
239
|
+
# the format `projects/*/policy`.
|
|
236
240
|
#
|
|
237
241
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
238
242
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
|
@@ -280,11 +284,13 @@ module Google
|
|
|
280
284
|
end
|
|
281
285
|
|
|
282
286
|
##
|
|
283
|
-
# Creates or updates a project's
|
|
284
|
-
#
|
|
285
|
-
#
|
|
286
|
-
#
|
|
287
|
-
#
|
|
287
|
+
# Creates or updates a project's
|
|
288
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy}, and returns a
|
|
289
|
+
# copy of the new {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy}.
|
|
290
|
+
# A policy is always updated as a whole, to avoid race conditions with
|
|
291
|
+
# concurrent policy enforcement (or management!) requests. Returns NOT_FOUND
|
|
292
|
+
# if the project does not exist, INVALID_ARGUMENT if the request is
|
|
293
|
+
# malformed.
|
|
288
294
|
#
|
|
289
295
|
# @overload update_policy(request, options = nil)
|
|
290
296
|
# Pass arguments to `update_policy` via a request object, either of type
|
|
@@ -302,9 +308,11 @@ module Google
|
|
|
302
308
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
303
309
|
#
|
|
304
310
|
# @param policy [::Google::Cloud::BinaryAuthorization::V1beta1::Policy, ::Hash]
|
|
305
|
-
# Required. A new or updated
|
|
306
|
-
#
|
|
307
|
-
#
|
|
311
|
+
# Required. A new or updated
|
|
312
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The
|
|
313
|
+
# service will overwrite the [policy
|
|
314
|
+
# name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the
|
|
315
|
+
# resource name in the request URL, in the format `projects/*/policy`.
|
|
308
316
|
#
|
|
309
317
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
310
318
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
|
@@ -352,10 +360,13 @@ module Google
|
|
|
352
360
|
end
|
|
353
361
|
|
|
354
362
|
##
|
|
355
|
-
# Creates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor},
|
|
356
|
-
#
|
|
357
|
-
#
|
|
358
|
-
#
|
|
363
|
+
# Creates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor},
|
|
364
|
+
# and returns a copy of the new
|
|
365
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}. Returns
|
|
366
|
+
# NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is
|
|
367
|
+
# malformed, ALREADY_EXISTS if the
|
|
368
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} already
|
|
369
|
+
# exists.
|
|
359
370
|
#
|
|
360
371
|
# @overload create_attestor(request, options = nil)
|
|
361
372
|
# Pass arguments to `create_attestor` via a request object, either of type
|
|
@@ -373,13 +384,17 @@ module Google
|
|
|
373
384
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
374
385
|
#
|
|
375
386
|
# @param parent [::String]
|
|
376
|
-
# Required. The parent of this
|
|
387
|
+
# Required. The parent of this
|
|
388
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
377
389
|
# @param attestor_id [::String]
|
|
378
|
-
# Required. The
|
|
390
|
+
# Required. The
|
|
391
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
|
|
379
392
|
# @param attestor [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor, ::Hash]
|
|
380
|
-
# Required. The initial
|
|
381
|
-
#
|
|
382
|
-
#
|
|
393
|
+
# Required. The initial
|
|
394
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
395
|
+
# service will overwrite the [attestor
|
|
396
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
397
|
+
# the resource name, in the format `projects/*/attestors/*`.
|
|
383
398
|
#
|
|
384
399
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
385
400
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
@@ -428,7 +443,9 @@ module Google
|
|
|
428
443
|
|
|
429
444
|
##
|
|
430
445
|
# Gets an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
431
|
-
# Returns NOT_FOUND if the
|
|
446
|
+
# Returns NOT_FOUND if the
|
|
447
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
|
448
|
+
# exist.
|
|
432
449
|
#
|
|
433
450
|
# @overload get_attestor(request, options = nil)
|
|
434
451
|
# Pass arguments to `get_attestor` via a request object, either of type
|
|
@@ -446,8 +463,9 @@ module Google
|
|
|
446
463
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
447
464
|
#
|
|
448
465
|
# @param name [::String]
|
|
449
|
-
# Required. The name of the
|
|
450
|
-
#
|
|
466
|
+
# Required. The name of the
|
|
467
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve,
|
|
468
|
+
# in the format `projects/*/attestors/*`.
|
|
451
469
|
#
|
|
452
470
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
453
471
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
@@ -496,7 +514,9 @@ module Google
|
|
|
496
514
|
|
|
497
515
|
##
|
|
498
516
|
# Updates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
499
|
-
# Returns NOT_FOUND if the
|
|
517
|
+
# Returns NOT_FOUND if the
|
|
518
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
|
519
|
+
# exist.
|
|
500
520
|
#
|
|
501
521
|
# @overload update_attestor(request, options = nil)
|
|
502
522
|
# Pass arguments to `update_attestor` via a request object, either of type
|
|
@@ -514,9 +534,12 @@ module Google
|
|
|
514
534
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
515
535
|
#
|
|
516
536
|
# @param attestor [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor, ::Hash]
|
|
517
|
-
# Required. The updated
|
|
518
|
-
#
|
|
519
|
-
#
|
|
537
|
+
# Required. The updated
|
|
538
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
539
|
+
# service will overwrite the [attestor
|
|
540
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
541
|
+
# the resource name in the request URL, in the format
|
|
542
|
+
# `projects/*/attestors/*`.
|
|
520
543
|
#
|
|
521
544
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
522
545
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
@@ -584,14 +607,16 @@ module Google
|
|
|
584
607
|
#
|
|
585
608
|
# @param parent [::String]
|
|
586
609
|
# Required. The resource name of the project associated with the
|
|
587
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
610
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
611
|
+
# format `projects/*`.
|
|
588
612
|
# @param page_size [::Integer]
|
|
589
613
|
# Requested page size. The server may return fewer results than requested. If
|
|
590
614
|
# unspecified, the server will pick an appropriate default.
|
|
591
615
|
# @param page_token [::String]
|
|
592
616
|
# A token identifying a page of results the server should return. Typically,
|
|
593
|
-
# this is the value of
|
|
594
|
-
#
|
|
617
|
+
# this is the value of
|
|
618
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token}
|
|
619
|
+
# returned from the previous call to the `ListAttestors` method.
|
|
595
620
|
#
|
|
596
621
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
597
622
|
# @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1beta1::Attestor>]
|
|
@@ -640,8 +665,10 @@ module Google
|
|
|
640
665
|
end
|
|
641
666
|
|
|
642
667
|
##
|
|
643
|
-
# Deletes an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
644
|
-
#
|
|
668
|
+
# Deletes an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
669
|
+
# Returns NOT_FOUND if the
|
|
670
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
|
671
|
+
# exist.
|
|
645
672
|
#
|
|
646
673
|
# @overload delete_attestor(request, options = nil)
|
|
647
674
|
# Pass arguments to `delete_attestor` via a request object, either of type
|
|
@@ -659,8 +686,9 @@ module Google
|
|
|
659
686
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
660
687
|
#
|
|
661
688
|
# @param name [::String]
|
|
662
|
-
# Required. The name of the
|
|
663
|
-
#
|
|
689
|
+
# Required. The name of the
|
|
690
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete,
|
|
691
|
+
# in the format `projects/*/attestors/*`.
|
|
664
692
|
#
|
|
665
693
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
666
694
|
# @yieldparam response [::Google::Protobuf::Empty]
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
+
# source: google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto
|
|
3
|
+
|
|
4
|
+
require 'google/protobuf'
|
|
5
|
+
|
|
6
|
+
require 'google/protobuf/timestamp_pb'
|
|
7
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
8
|
+
add_file("google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto", :syntax => :proto3) do
|
|
9
|
+
add_message "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent" do
|
|
10
|
+
oneof :event_type do
|
|
11
|
+
optional :pod_event, :message, 1, "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent"
|
|
12
|
+
optional :unsupported_policy_event, :message, 2, "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.UnsupportedPolicyEvent"
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
add_message "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent" do
|
|
16
|
+
optional :pod, :string, 1
|
|
17
|
+
optional :deploy_time, :message, 2, "google.protobuf.Timestamp"
|
|
18
|
+
optional :end_time, :message, 3, "google.protobuf.Timestamp"
|
|
19
|
+
optional :verdict, :enum, 4, "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict"
|
|
20
|
+
repeated :images, :message, 5, "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails"
|
|
21
|
+
end
|
|
22
|
+
add_message "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails" do
|
|
23
|
+
optional :image, :string, 1
|
|
24
|
+
optional :result, :enum, 2, "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult"
|
|
25
|
+
optional :description, :string, 3
|
|
26
|
+
end
|
|
27
|
+
add_enum "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult" do
|
|
28
|
+
value :AUDIT_RESULT_UNSPECIFIED, 0
|
|
29
|
+
value :ALLOW, 1
|
|
30
|
+
value :DENY, 2
|
|
31
|
+
end
|
|
32
|
+
add_enum "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict" do
|
|
33
|
+
value :POLICY_CONFORMANCE_VERDICT_UNSPECIFIED, 0
|
|
34
|
+
value :VIOLATES_POLICY, 1
|
|
35
|
+
end
|
|
36
|
+
add_message "google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.UnsupportedPolicyEvent" do
|
|
37
|
+
optional :description, :string, 1
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
module Google
|
|
43
|
+
module Cloud
|
|
44
|
+
module BinaryAuthorization
|
|
45
|
+
module V1beta1
|
|
46
|
+
ContinuousValidationEvent = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent").msgclass
|
|
47
|
+
ContinuousValidationEvent::ContinuousValidationPodEvent = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent").msgclass
|
|
48
|
+
ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails").msgclass
|
|
49
|
+
ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult").enummodule
|
|
50
|
+
ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict").enummodule
|
|
51
|
+
ContinuousValidationEvent::UnsupportedPolicyEvent = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.UnsupportedPolicyEvent").msgclass
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
end
|
|
@@ -36,42 +36,56 @@ module Google
|
|
|
36
36
|
# * [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor]
|
|
37
37
|
class Service
|
|
38
38
|
|
|
39
|
-
include GRPC::GenericService
|
|
39
|
+
include ::GRPC::GenericService
|
|
40
40
|
|
|
41
41
|
self.marshal_class_method = :encode
|
|
42
42
|
self.unmarshal_class_method = :decode
|
|
43
43
|
self.service_name = 'google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1'
|
|
44
44
|
|
|
45
|
-
# A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the
|
|
46
|
-
#
|
|
45
|
+
# A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the
|
|
46
|
+
# [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must
|
|
47
|
+
# attest to a container image, before the project is allowed to deploy that
|
|
47
48
|
# image. There is at most one policy per project. All image admission
|
|
48
49
|
# requests are permitted if a project has no policy.
|
|
49
50
|
#
|
|
50
|
-
# Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this
|
|
51
|
-
#
|
|
51
|
+
# Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this
|
|
52
|
+
# project. Returns a default
|
|
53
|
+
# [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project
|
|
54
|
+
# does not have one.
|
|
52
55
|
rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1beta1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Policy
|
|
53
|
-
# Creates or updates a project's
|
|
54
|
-
#
|
|
55
|
-
#
|
|
56
|
-
#
|
|
57
|
-
#
|
|
56
|
+
# Creates or updates a project's
|
|
57
|
+
# [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a
|
|
58
|
+
# copy of the new [policy][google.cloud.binaryauthorization.v1beta1.Policy].
|
|
59
|
+
# A policy is always updated as a whole, to avoid race conditions with
|
|
60
|
+
# concurrent policy enforcement (or management!) requests. Returns NOT_FOUND
|
|
61
|
+
# if the project does not exist, INVALID_ARGUMENT if the request is
|
|
62
|
+
# malformed.
|
|
58
63
|
rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1beta1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Policy
|
|
59
|
-
# Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor],
|
|
60
|
-
#
|
|
61
|
-
#
|
|
62
|
-
#
|
|
64
|
+
# Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor],
|
|
65
|
+
# and returns a copy of the new
|
|
66
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns
|
|
67
|
+
# NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is
|
|
68
|
+
# malformed, ALREADY_EXISTS if the
|
|
69
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already
|
|
70
|
+
# exists.
|
|
63
71
|
rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
64
72
|
# Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
65
|
-
# Returns NOT_FOUND if the
|
|
73
|
+
# Returns NOT_FOUND if the
|
|
74
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
75
|
+
# exist.
|
|
66
76
|
rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
67
77
|
# Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
68
|
-
# Returns NOT_FOUND if the
|
|
78
|
+
# Returns NOT_FOUND if the
|
|
79
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
80
|
+
# exist.
|
|
69
81
|
rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
70
82
|
# Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
71
83
|
# Returns INVALID_ARGUMENT if the project does not exist.
|
|
72
84
|
rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse
|
|
73
|
-
# Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
74
|
-
#
|
|
85
|
+
# Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
86
|
+
# Returns NOT_FOUND if the
|
|
87
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
88
|
+
# exist.
|
|
75
89
|
rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::DeleteAttestorRequest, ::Google::Protobuf::Empty
|
|
76
90
|
end
|
|
77
91
|
|
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2021 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module BinaryAuthorization
|
|
23
|
+
module V1beta1
|
|
24
|
+
# Represents an auditing event from Continuous Validation.
|
|
25
|
+
# @!attribute [rw] pod_event
|
|
26
|
+
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent]
|
|
27
|
+
# Pod event.
|
|
28
|
+
# @!attribute [rw] unsupported_policy_event
|
|
29
|
+
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::UnsupportedPolicyEvent]
|
|
30
|
+
# Unsupported policy event.
|
|
31
|
+
class ContinuousValidationEvent
|
|
32
|
+
include ::Google::Protobuf::MessageExts
|
|
33
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
34
|
+
|
|
35
|
+
# An auditing event for one Pod.
|
|
36
|
+
# @!attribute [rw] pod
|
|
37
|
+
# @return [::String]
|
|
38
|
+
# The name of the Pod.
|
|
39
|
+
# @!attribute [rw] deploy_time
|
|
40
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
41
|
+
# Deploy time of the Pod from k8s.
|
|
42
|
+
# @!attribute [rw] end_time
|
|
43
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
44
|
+
# Termination time of the Pod from k8s, or nothing if still running.
|
|
45
|
+
# @!attribute [rw] verdict
|
|
46
|
+
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict]
|
|
47
|
+
# Auditing verdict for this Pod.
|
|
48
|
+
# @!attribute [rw] images
|
|
49
|
+
# @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails>]
|
|
50
|
+
# List of images with auditing details.
|
|
51
|
+
class ContinuousValidationPodEvent
|
|
52
|
+
include ::Google::Protobuf::MessageExts
|
|
53
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
|
+
|
|
55
|
+
# Container image with auditing details.
|
|
56
|
+
# @!attribute [rw] image
|
|
57
|
+
# @return [::String]
|
|
58
|
+
# The name of the image.
|
|
59
|
+
# @!attribute [rw] result
|
|
60
|
+
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
|
|
61
|
+
# The result of the audit for this image.
|
|
62
|
+
# @!attribute [rw] description
|
|
63
|
+
# @return [::String]
|
|
64
|
+
# Description of the above result.
|
|
65
|
+
class ImageDetails
|
|
66
|
+
include ::Google::Protobuf::MessageExts
|
|
67
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
68
|
+
|
|
69
|
+
# Result of the audit.
|
|
70
|
+
module AuditResult
|
|
71
|
+
# Unspecified result. This is an error.
|
|
72
|
+
AUDIT_RESULT_UNSPECIFIED = 0
|
|
73
|
+
|
|
74
|
+
# Image is allowed.
|
|
75
|
+
ALLOW = 1
|
|
76
|
+
|
|
77
|
+
# Image is denied.
|
|
78
|
+
DENY = 2
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# Audit time policy conformance verdict.
|
|
83
|
+
module PolicyConformanceVerdict
|
|
84
|
+
# We should always have a verdict. This is an error.
|
|
85
|
+
POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0
|
|
86
|
+
|
|
87
|
+
# The pod violates the policy.
|
|
88
|
+
VIOLATES_POLICY = 1
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
# An event describing that the project policy is unsupported by CV.
|
|
93
|
+
# @!attribute [rw] description
|
|
94
|
+
# @return [::String]
|
|
95
|
+
# A description of the unsupported policy.
|
|
96
|
+
class UnsupportedPolicyEvent
|
|
97
|
+
include ::Google::Protobuf::MessageExts
|
|
98
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
@@ -24,8 +24,9 @@ module Google
|
|
|
24
24
|
# Request message for [BinauthzManagementService.GetPolicy][].
|
|
25
25
|
# @!attribute [rw] name
|
|
26
26
|
# @return [::String]
|
|
27
|
-
# Required. The resource name of the
|
|
28
|
-
#
|
|
27
|
+
# Required. The resource name of the
|
|
28
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve, in
|
|
29
|
+
# the format `projects/*/policy`.
|
|
29
30
|
class GetPolicyRequest
|
|
30
31
|
include ::Google::Protobuf::MessageExts
|
|
31
32
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -34,9 +35,11 @@ module Google
|
|
|
34
35
|
# Request message for [BinauthzManagementService.UpdatePolicy][].
|
|
35
36
|
# @!attribute [rw] policy
|
|
36
37
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
|
37
|
-
# Required. A new or updated
|
|
38
|
-
#
|
|
39
|
-
#
|
|
38
|
+
# Required. A new or updated
|
|
39
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The
|
|
40
|
+
# service will overwrite the [policy
|
|
41
|
+
# name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the
|
|
42
|
+
# resource name in the request URL, in the format `projects/*/policy`.
|
|
40
43
|
class UpdatePolicyRequest
|
|
41
44
|
include ::Google::Protobuf::MessageExts
|
|
42
45
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -45,15 +48,19 @@ module Google
|
|
|
45
48
|
# Request message for [BinauthzManagementService.CreateAttestor][].
|
|
46
49
|
# @!attribute [rw] parent
|
|
47
50
|
# @return [::String]
|
|
48
|
-
# Required. The parent of this
|
|
51
|
+
# Required. The parent of this
|
|
52
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
49
53
|
# @!attribute [rw] attestor_id
|
|
50
54
|
# @return [::String]
|
|
51
|
-
# Required. The
|
|
55
|
+
# Required. The
|
|
56
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
|
|
52
57
|
# @!attribute [rw] attestor
|
|
53
58
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
54
|
-
# Required. The initial
|
|
55
|
-
#
|
|
56
|
-
#
|
|
59
|
+
# Required. The initial
|
|
60
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
61
|
+
# service will overwrite the [attestor
|
|
62
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
63
|
+
# the resource name, in the format `projects/*/attestors/*`.
|
|
57
64
|
class CreateAttestorRequest
|
|
58
65
|
include ::Google::Protobuf::MessageExts
|
|
59
66
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -62,8 +69,9 @@ module Google
|
|
|
62
69
|
# Request message for [BinauthzManagementService.GetAttestor][].
|
|
63
70
|
# @!attribute [rw] name
|
|
64
71
|
# @return [::String]
|
|
65
|
-
# Required. The name of the
|
|
66
|
-
#
|
|
72
|
+
# Required. The name of the
|
|
73
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve,
|
|
74
|
+
# in the format `projects/*/attestors/*`.
|
|
67
75
|
class GetAttestorRequest
|
|
68
76
|
include ::Google::Protobuf::MessageExts
|
|
69
77
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -72,9 +80,12 @@ module Google
|
|
|
72
80
|
# Request message for [BinauthzManagementService.UpdateAttestor][].
|
|
73
81
|
# @!attribute [rw] attestor
|
|
74
82
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
75
|
-
# Required. The updated
|
|
76
|
-
#
|
|
77
|
-
#
|
|
83
|
+
# Required. The updated
|
|
84
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
85
|
+
# service will overwrite the [attestor
|
|
86
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
87
|
+
# the resource name in the request URL, in the format
|
|
88
|
+
# `projects/*/attestors/*`.
|
|
78
89
|
class UpdateAttestorRequest
|
|
79
90
|
include ::Google::Protobuf::MessageExts
|
|
80
91
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -84,7 +95,8 @@ module Google
|
|
|
84
95
|
# @!attribute [rw] parent
|
|
85
96
|
# @return [::String]
|
|
86
97
|
# Required. The resource name of the project associated with the
|
|
87
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
98
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
99
|
+
# format `projects/*`.
|
|
88
100
|
# @!attribute [rw] page_size
|
|
89
101
|
# @return [::Integer]
|
|
90
102
|
# Requested page size. The server may return fewer results than requested. If
|
|
@@ -92,8 +104,9 @@ module Google
|
|
|
92
104
|
# @!attribute [rw] page_token
|
|
93
105
|
# @return [::String]
|
|
94
106
|
# A token identifying a page of results the server should return. Typically,
|
|
95
|
-
# this is the value of
|
|
96
|
-
#
|
|
107
|
+
# this is the value of
|
|
108
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token}
|
|
109
|
+
# returned from the previous call to the `ListAttestors` method.
|
|
97
110
|
class ListAttestorsRequest
|
|
98
111
|
include ::Google::Protobuf::MessageExts
|
|
99
112
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -106,8 +119,9 @@ module Google
|
|
|
106
119
|
# @!attribute [rw] next_page_token
|
|
107
120
|
# @return [::String]
|
|
108
121
|
# A token to retrieve the next page of results. Pass this value in the
|
|
109
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token}
|
|
110
|
-
# `ListAttestors` method to retrieve the
|
|
122
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token}
|
|
123
|
+
# field in the subsequent call to the `ListAttestors` method to retrieve the
|
|
124
|
+
# next page of results.
|
|
111
125
|
class ListAttestorsResponse
|
|
112
126
|
include ::Google::Protobuf::MessageExts
|
|
113
127
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -116,8 +130,9 @@ module Google
|
|
|
116
130
|
# Request message for [BinauthzManagementService.DeleteAttestor][].
|
|
117
131
|
# @!attribute [rw] name
|
|
118
132
|
# @return [::String]
|
|
119
|
-
# Required. The name of the
|
|
120
|
-
#
|
|
133
|
+
# Required. The name of the
|
|
134
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete,
|
|
135
|
+
# in the format `projects/*/attestors/*`.
|
|
121
136
|
class DeleteAttestorRequest
|
|
122
137
|
include ::Google::Protobuf::MessageExts
|
|
123
138
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
|
@@ -1,29 +1,35 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-binary_authorization-v1beta1
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0.5'
|
|
20
|
+
- - "<"
|
|
18
21
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
22
|
+
version: 2.a
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
version: '0.5'
|
|
30
|
+
- - "<"
|
|
25
31
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
32
|
+
version: 2.a
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: google-cloud-errors
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -172,12 +178,14 @@ files:
|
|
|
172
178
|
- lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/credentials.rb
|
|
173
179
|
- lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/paths.rb
|
|
174
180
|
- lib/google/cloud/binary_authorization/v1beta1/version.rb
|
|
181
|
+
- lib/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging_pb.rb
|
|
175
182
|
- lib/google/cloud/binaryauthorization/v1beta1/resources_pb.rb
|
|
176
183
|
- lib/google/cloud/binaryauthorization/v1beta1/service_pb.rb
|
|
177
184
|
- lib/google/cloud/binaryauthorization/v1beta1/service_services_pb.rb
|
|
178
185
|
- proto_docs/README.md
|
|
179
186
|
- proto_docs/google/api/field_behavior.rb
|
|
180
187
|
- proto_docs/google/api/resource.rb
|
|
188
|
+
- proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb
|
|
181
189
|
- proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb
|
|
182
190
|
- proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb
|
|
183
191
|
- proto_docs/google/protobuf/empty.rb
|
|
@@ -201,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
201
209
|
- !ruby/object:Gem::Version
|
|
202
210
|
version: '0'
|
|
203
211
|
requirements: []
|
|
204
|
-
rubygems_version: 3.2.
|
|
212
|
+
rubygems_version: 3.2.17
|
|
205
213
|
signing_key:
|
|
206
214
|
specification_version: 4
|
|
207
215
|
summary: API Client library for the Binary Authorization V1beta1 API
|