google-cloud-container_analysis-v1 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +68 -0
- data/lib/google/cloud/container_analysis/v1.rb +3 -0
- data/lib/google/cloud/container_analysis/v1/container_analysis.rb +1 -0
- data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +87 -3
- data/lib/google/cloud/container_analysis/v1/container_analysis/paths.rb +47 -0
- data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +19 -0
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb +6 -5
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/api/resource.rb +50 -14
- data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +68 -0
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- data/proto_docs/grafeas/v1/common.rb +118 -0
- data/proto_docs/grafeas/v1/cvss.rb +111 -0
- data/proto_docs/grafeas/v1/package.rb +144 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +245 -0
- metadata +14 -6
@@ -0,0 +1,245 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# A security vulnerability that can be found in resources.
|
23
|
+
# @!attribute [rw] cvss_score
|
24
|
+
# @return [::Float]
|
25
|
+
# The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
|
26
|
+
# where 0 indicates low severity and 10 indicates high severity.
|
27
|
+
# @!attribute [rw] severity
|
28
|
+
# @return [::Grafeas::V1::Severity]
|
29
|
+
# The note provider assigned severity of this vulnerability.
|
30
|
+
# @!attribute [rw] details
|
31
|
+
# @return [::Array<::Grafeas::V1::VulnerabilityNote::Detail>]
|
32
|
+
# Details of all known distros and packages affected by this vulnerability.
|
33
|
+
# @!attribute [rw] cvss_v3
|
34
|
+
# @return [::Grafeas::V1::CVSSv3]
|
35
|
+
# The full description of the CVSSv3 for this vulnerability.
|
36
|
+
# @!attribute [rw] windows_details
|
37
|
+
# @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail>]
|
38
|
+
# Windows details get their own format because the information format and
|
39
|
+
# model don't match a normal detail. Specifically Windows updates are done as
|
40
|
+
# patches, thus Windows vulnerabilities really are a missing package, rather
|
41
|
+
# than a package being at an incorrect version.
|
42
|
+
# @!attribute [rw] source_update_time
|
43
|
+
# @return [::Google::Protobuf::Timestamp]
|
44
|
+
# The time this information was last changed at the source. This is an
|
45
|
+
# upstream timestamp from the underlying information source - e.g. Ubuntu
|
46
|
+
# security tracker.
|
47
|
+
class VulnerabilityNote
|
48
|
+
include ::Google::Protobuf::MessageExts
|
49
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
50
|
+
|
51
|
+
# A detail for a distro and package affected by this vulnerability and its
|
52
|
+
# associated fix (if one is available).
|
53
|
+
# @!attribute [rw] severity_name
|
54
|
+
# @return [::String]
|
55
|
+
# The distro assigned severity of this vulnerability.
|
56
|
+
# @!attribute [rw] description
|
57
|
+
# @return [::String]
|
58
|
+
# A vendor-specific description of this vulnerability.
|
59
|
+
# @!attribute [rw] package_type
|
60
|
+
# @return [::String]
|
61
|
+
# The type of package; whether native or non native (e.g., ruby gems,
|
62
|
+
# node.js packages, etc.).
|
63
|
+
# @!attribute [rw] affected_cpe_uri
|
64
|
+
# @return [::String]
|
65
|
+
# Required. The [CPE URI](https://cpe.mitre.org/specification/) this
|
66
|
+
# vulnerability affects.
|
67
|
+
# @!attribute [rw] affected_package
|
68
|
+
# @return [::String]
|
69
|
+
# Required. The package this vulnerability affects.
|
70
|
+
# @!attribute [rw] affected_version_start
|
71
|
+
# @return [::Grafeas::V1::Version]
|
72
|
+
# The version number at the start of an interval in which this
|
73
|
+
# vulnerability exists. A vulnerability can affect a package between
|
74
|
+
# version numbers that are disjoint sets of intervals (example:
|
75
|
+
# [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
|
76
|
+
# represented in its own Detail. If a specific affected version is provided
|
77
|
+
# by a vulnerability database, affected_version_start and
|
78
|
+
# affected_version_end will be the same in that Detail.
|
79
|
+
# @!attribute [rw] affected_version_end
|
80
|
+
# @return [::Grafeas::V1::Version]
|
81
|
+
# The version number at the end of an interval in which this vulnerability
|
82
|
+
# exists. A vulnerability can affect a package between version numbers
|
83
|
+
# that are disjoint sets of intervals (example: [1.0.0-1.1.0],
|
84
|
+
# [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
|
85
|
+
# own Detail. If a specific affected version is provided by a vulnerability
|
86
|
+
# database, affected_version_start and affected_version_end will be the
|
87
|
+
# same in that Detail.
|
88
|
+
# @!attribute [rw] fixed_cpe_uri
|
89
|
+
# @return [::String]
|
90
|
+
# The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
|
91
|
+
# to update to that contains a fix for this vulnerability. It is possible
|
92
|
+
# for this to be different from the affected_cpe_uri.
|
93
|
+
# @!attribute [rw] fixed_package
|
94
|
+
# @return [::String]
|
95
|
+
# The distro recommended package to update to that contains a fix for this
|
96
|
+
# vulnerability. It is possible for this to be different from the
|
97
|
+
# affected_package.
|
98
|
+
# @!attribute [rw] fixed_version
|
99
|
+
# @return [::Grafeas::V1::Version]
|
100
|
+
# The distro recommended version to update to that contains a
|
101
|
+
# fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
|
102
|
+
# such version is yet available.
|
103
|
+
# @!attribute [rw] is_obsolete
|
104
|
+
# @return [::Boolean]
|
105
|
+
# Whether this detail is obsolete. Occurrences are expected not to point to
|
106
|
+
# obsolete details.
|
107
|
+
# @!attribute [rw] source_update_time
|
108
|
+
# @return [::Google::Protobuf::Timestamp]
|
109
|
+
# The time this information was last changed at the source. This is an
|
110
|
+
# upstream timestamp from the underlying information source - e.g. Ubuntu
|
111
|
+
# security tracker.
|
112
|
+
class Detail
|
113
|
+
include ::Google::Protobuf::MessageExts
|
114
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
115
|
+
end
|
116
|
+
|
117
|
+
# @!attribute [rw] cpe_uri
|
118
|
+
# @return [::String]
|
119
|
+
# Required. The [CPE URI](https://cpe.mitre.org/specification/) this
|
120
|
+
# vulnerability affects.
|
121
|
+
# @!attribute [rw] name
|
122
|
+
# @return [::String]
|
123
|
+
# Required. The name of this vulnerability.
|
124
|
+
# @!attribute [rw] description
|
125
|
+
# @return [::String]
|
126
|
+
# The description of this vulnerability.
|
127
|
+
# @!attribute [rw] fixing_kbs
|
128
|
+
# @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail::KnowledgeBase>]
|
129
|
+
# Required. The names of the KBs which have hotfixes to mitigate this
|
130
|
+
# vulnerability. Note that there may be multiple hotfixes (and thus
|
131
|
+
# multiple KBs) that mitigate a given vulnerability. Currently any listed
|
132
|
+
# KBs presence is considered a fix.
|
133
|
+
class WindowsDetail
|
134
|
+
include ::Google::Protobuf::MessageExts
|
135
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
136
|
+
|
137
|
+
# @!attribute [rw] name
|
138
|
+
# @return [::String]
|
139
|
+
# The KB name (generally of the form KB[0-9]+ (e.g., KB123456)).
|
140
|
+
# @!attribute [rw] url
|
141
|
+
# @return [::String]
|
142
|
+
# A link to the KB in the [Windows update catalog]
|
143
|
+
# (https://www.catalog.update.microsoft.com/).
|
144
|
+
class KnowledgeBase
|
145
|
+
include ::Google::Protobuf::MessageExts
|
146
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
# An occurrence of a severity vulnerability on a resource.
|
152
|
+
# @!attribute [rw] type
|
153
|
+
# @return [::String]
|
154
|
+
# The type of package; whether native or non native (e.g., ruby gems, node.js
|
155
|
+
# packages, etc.).
|
156
|
+
# @!attribute [rw] severity
|
157
|
+
# @return [::Grafeas::V1::Severity]
|
158
|
+
# Output only. The note provider assigned severity of this vulnerability.
|
159
|
+
# @!attribute [rw] cvss_score
|
160
|
+
# @return [::Float]
|
161
|
+
# Output only. The CVSS score of this vulnerability. CVSS score is on a
|
162
|
+
# scale of 0 - 10 where 0 indicates low severity and 10 indicates high
|
163
|
+
# severity.
|
164
|
+
# @!attribute [rw] package_issue
|
165
|
+
# @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
|
166
|
+
# Required. The set of affected locations and their fixes (if available)
|
167
|
+
# within the associated resource.
|
168
|
+
# @!attribute [rw] short_description
|
169
|
+
# @return [::String]
|
170
|
+
# Output only. A one sentence description of this vulnerability.
|
171
|
+
# @!attribute [rw] long_description
|
172
|
+
# @return [::String]
|
173
|
+
# Output only. A detailed description of this vulnerability.
|
174
|
+
# @!attribute [rw] related_urls
|
175
|
+
# @return [::Array<::Grafeas::V1::RelatedUrl>]
|
176
|
+
# Output only. URLs related to this vulnerability.
|
177
|
+
# @!attribute [rw] effective_severity
|
178
|
+
# @return [::Grafeas::V1::Severity]
|
179
|
+
# The distro assigned severity for this vulnerability when it is available,
|
180
|
+
# otherwise this is the note provider assigned severity.
|
181
|
+
# @!attribute [rw] fix_available
|
182
|
+
# @return [::Boolean]
|
183
|
+
# Output only. Whether at least one of the affected packages has a fix
|
184
|
+
# available.
|
185
|
+
class VulnerabilityOccurrence
|
186
|
+
include ::Google::Protobuf::MessageExts
|
187
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
188
|
+
|
189
|
+
# A detail for a distro and package this vulnerability occurrence was found
|
190
|
+
# in and its associated fix (if one is available).
|
191
|
+
# @!attribute [rw] affected_cpe_uri
|
192
|
+
# @return [::String]
|
193
|
+
# Required. The [CPE URI](https://cpe.mitre.org/specification/) this
|
194
|
+
# vulnerability was found in.
|
195
|
+
# @!attribute [rw] affected_package
|
196
|
+
# @return [::String]
|
197
|
+
# Required. The package this vulnerability was found in.
|
198
|
+
# @!attribute [rw] affected_version
|
199
|
+
# @return [::Grafeas::V1::Version]
|
200
|
+
# Required. The version of the package that is installed on the resource
|
201
|
+
# affected by this vulnerability.
|
202
|
+
# @!attribute [rw] fixed_cpe_uri
|
203
|
+
# @return [::String]
|
204
|
+
# The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
|
205
|
+
# was fixed in. It is possible for this to be different from the
|
206
|
+
# affected_cpe_uri.
|
207
|
+
# @!attribute [rw] fixed_package
|
208
|
+
# @return [::String]
|
209
|
+
# The package this vulnerability was fixed in. It is possible for this to
|
210
|
+
# be different from the affected_package.
|
211
|
+
# @!attribute [rw] fixed_version
|
212
|
+
# @return [::Grafeas::V1::Version]
|
213
|
+
# Required. The version of the package this vulnerability was fixed in.
|
214
|
+
# Setting this to VersionKind.MAXIMUM means no fix is yet available.
|
215
|
+
# @!attribute [rw] fix_available
|
216
|
+
# @return [::Boolean]
|
217
|
+
# Output only. Whether a fix is available for this package.
|
218
|
+
class PackageIssue
|
219
|
+
include ::Google::Protobuf::MessageExts
|
220
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
221
|
+
end
|
222
|
+
end
|
223
|
+
|
224
|
+
# Note provider assigned severity/impact ranking.
|
225
|
+
module Severity
|
226
|
+
# Unknown.
|
227
|
+
SEVERITY_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# Minimal severity.
|
230
|
+
MINIMAL = 1
|
231
|
+
|
232
|
+
# Low severity.
|
233
|
+
LOW = 2
|
234
|
+
|
235
|
+
# Medium severity.
|
236
|
+
MEDIUM = 3
|
237
|
+
|
238
|
+
# High severity.
|
239
|
+
HIGH = 4
|
240
|
+
|
241
|
+
# Critical severity.
|
242
|
+
CRITICAL = 5
|
243
|
+
end
|
244
|
+
end
|
245
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-container_analysis-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.3'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0.
|
26
|
+
version: '0.3'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: google-cloud-errors
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -186,7 +186,9 @@ dependencies:
|
|
186
186
|
version: '0.9'
|
187
187
|
description: The Container Analysis API is an implementation of Grafeas. It stores,
|
188
188
|
and enables querying and retrieval of, critical metadata about all of your software
|
189
|
-
artifacts.
|
189
|
+
artifacts. Note that google-cloud-container_analysis-v1 is a version-specific client
|
190
|
+
library. For most uses, we recommend installing the main client library google-cloud-container_analysis
|
191
|
+
instead. See the readme for more details.
|
190
192
|
email: googleapis-packages@google.com
|
191
193
|
executables: []
|
192
194
|
extensions: []
|
@@ -202,17 +204,23 @@ files:
|
|
202
204
|
- lib/google/cloud/container_analysis/v1/container_analysis/client.rb
|
203
205
|
- lib/google/cloud/container_analysis/v1/container_analysis/credentials.rb
|
204
206
|
- lib/google/cloud/container_analysis/v1/container_analysis/helpers.rb
|
207
|
+
- lib/google/cloud/container_analysis/v1/container_analysis/paths.rb
|
205
208
|
- lib/google/cloud/container_analysis/v1/version.rb
|
206
209
|
- lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb
|
207
210
|
- lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb
|
208
211
|
- proto_docs/README.md
|
209
212
|
- proto_docs/google/api/field_behavior.rb
|
210
213
|
- proto_docs/google/api/resource.rb
|
214
|
+
- proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb
|
211
215
|
- proto_docs/google/iam/v1/iam_policy.rb
|
212
216
|
- proto_docs/google/iam/v1/options.rb
|
213
217
|
- proto_docs/google/iam/v1/policy.rb
|
214
218
|
- proto_docs/google/protobuf/timestamp.rb
|
215
219
|
- proto_docs/google/type/expr.rb
|
220
|
+
- proto_docs/grafeas/v1/common.rb
|
221
|
+
- proto_docs/grafeas/v1/cvss.rb
|
222
|
+
- proto_docs/grafeas/v1/package.rb
|
223
|
+
- proto_docs/grafeas/v1/vulnerability.rb
|
216
224
|
homepage: https://github.com/googleapis/google-cloud-ruby
|
217
225
|
licenses:
|
218
226
|
- Apache-2.0
|
@@ -232,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
232
240
|
- !ruby/object:Gem::Version
|
233
241
|
version: '0'
|
234
242
|
requirements: []
|
235
|
-
rubygems_version: 3.
|
243
|
+
rubygems_version: 3.2.6
|
236
244
|
signing_key:
|
237
245
|
specification_version: 4
|
238
246
|
summary: API Client library for the Container Analysis V1 API
|