google-cloud-container_analysis-v1 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 95e82a0c74026a0b6cabc8e3ed15fb79aedf4e28c52c82bbda82c48d30e00948
-  data.tar.gz: 3d3ffdfd4c5ac57edfa8c67536ea7606b54badb1114d55bc3407365dbca0b3f3
+  metadata.gz: 8d1cbd9138f8781f17601705ae5398aff614ed9720768c5cf158d9d53e09e70e
+  data.tar.gz: 9d08c7039599222ec3c47c8baa017d516cc1c10fe1dc2b74d6dee3857858c36c
 SHA512:
-  metadata.gz: 63779cb54349a9609aa8c64b1c42e66a44e60dceb7ba947b587483e513e44b7049e02d400690c2503eb6f60003f89f7015b69a6f8daf8e707fe5ed69a5ee25fc
-  data.tar.gz: 0c4efe5af3f4867f9a21ce0743b0c7b0d9abf06f9e755786281dd153e716e10f7e500dcadd7fec81377acdd6aab2e0ce1f423d2185f9127c9dd8c7feadd00ccb
+  metadata.gz: 14b4787205b8c0e797d80ec8172d861f73c2d79c98e0d48f0bc6d4ef45fc23eb5c4f64245b8dee0768e4e1eb66c21de5a6108e2dc7d3f80051f5dc5e65ce9e78
+  data.tar.gz: 1ad0cb2326769cb88bc7475b41c071746813ded803180021527d4c40bb48822c70cd45bf191cc68de9325bb09f9ec6ae2b63702630a31c4b45671566936392ae

data/lib/google/cloud/container_analysis/v1/container_analysis.rb

@@ -23,6 +23,7 @@ require "gapic/config/method"
 require "google/cloud/container_analysis/v1/version"
 
 require "google/cloud/container_analysis/v1/container_analysis/credentials"
+require "google/cloud/container_analysis/v1/container_analysis/paths"
 require "google/cloud/container_analysis/v1/container_analysis/client"
 
 module Google

data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb

@@ -42,6 +42,8 @@ module Google
           # image with the vulnerability referring to that note.
           #
           class Client
+            include Paths
+
             # @private
             attr_reader :container_analysis_stub
 
@@ -394,6 +396,75 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
 
+            ##
+            # Gets a summary of the number and severity of occurrences.
+            #
+            # @overload get_vulnerability_occurrences_summary(request, options = nil)
+            #   Pass arguments to `get_vulnerability_occurrences_summary` via a request object, either of type
+            #   {::Google::Cloud::ContainerAnalysis::V1::GetVulnerabilityOccurrencesSummaryRequest} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::ContainerAnalysis::V1::GetVulnerabilityOccurrencesSummaryRequest, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload get_vulnerability_occurrences_summary(parent: nil, filter: nil)
+            #   Pass arguments to `get_vulnerability_occurrences_summary` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param parent [::String]
+            #     The name of the project to get a vulnerability summary for in the form of
+            #     `projects/[PROJECT_ID]`.
+            #   @param filter [::String]
+            #     The filter expression.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Google::Cloud::ContainerAnalysis::V1::VulnerabilityOccurrencesSummary]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Google::Cloud::ContainerAnalysis::V1::VulnerabilityOccurrencesSummary]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            def get_vulnerability_occurrences_summary request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::ContainerAnalysis::V1::GetVulnerabilityOccurrencesSummaryRequest
+
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+              # Customize the options with defaults
+              metadata = @config.rpcs.get_vulnerability_occurrences_summary.metadata.to_h
+
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::ContainerAnalysis::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+              header_params = {
+                "parent" => request.parent
+              }
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+
+              options.apply_defaults timeout:      @config.rpcs.get_vulnerability_occurrences_summary.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.get_vulnerability_occurrences_summary.retry_policy
+              options.apply_defaults metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+
+              @container_analysis_stub.call_rpc :get_vulnerability_occurrences_summary, request, options: options do |response, operation|
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
+
             ##
             # Configuration class for the ContainerAnalysis API.
             #
@@ -545,6 +616,11 @@ module Google
                 # @return [::Gapic::Config::Method]
                 #
                 attr_reader :test_iam_permissions
+                ##
+                # RPC-specific configuration for `get_vulnerability_occurrences_summary`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :get_vulnerability_occurrences_summary
 
                 # @private
                 def initialize parent_rpcs = nil
@@ -554,6 +630,8 @@ module Google
                   @get_iam_policy = ::Gapic::Config::Method.new get_iam_policy_config
                   test_iam_permissions_config = parent_rpcs&.test_iam_permissions if parent_rpcs&.respond_to? :test_iam_permissions
                   @test_iam_permissions = ::Gapic::Config::Method.new test_iam_permissions_config
+                  get_vulnerability_occurrences_summary_config = parent_rpcs&.get_vulnerability_occurrences_summary if parent_rpcs&.respond_to? :get_vulnerability_occurrences_summary
+                  @get_vulnerability_occurrences_summary = ::Gapic::Config::Method.new get_vulnerability_occurrences_summary_config
 
                   yield self if block_given?
                 end

data/lib/google/cloud/container_analysis/v1/container_analysis/paths.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module ContainerAnalysis
+      module V1
+        module ContainerAnalysis
+          # Path helper methods for the ContainerAnalysis API.
+          module Paths
+            ##
+            # Create a fully-qualified Project resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}`
+            #
+            # @param project [String]
+            #
+            # @return [::String]
+            def project_path project:
+              "projects/#{project}"
+            end
+
+            extend self
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/container_analysis/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module ContainerAnalysis
       module V1
-        VERSION = "0.1.2"
+        VERSION = "0.2.0"
       end
     end
   end

data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb

@@ -5,11 +5,27 @@ require 'google/protobuf'
 
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
 require 'google/iam/v1/iam_policy_pb'
 require 'google/iam/v1/policy_pb'
 require 'google/protobuf/timestamp_pb'
+require 'grafeas/v1/vulnerability_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/devtools/containeranalysis/v1/containeranalysis.proto", :syntax => :proto3) do
+    add_message "google.devtools.containeranalysis.v1.GetVulnerabilityOccurrencesSummaryRequest" do
+      optional :parent, :string, 1
+      optional :filter, :string, 2
+    end
+    add_message "google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary" do
+      repeated :counts, :message, 1, "google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary.FixableTotalByDigest"
+    end
+    add_message "google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary.FixableTotalByDigest" do
+      optional :resource_uri, :string, 1
+      optional :severity, :enum, 2, "grafeas.v1.Severity"
+      optional :fixable_count, :int64, 3
+      optional :total_count, :int64, 4
+    end
   end
 end
 
@@ -17,6 +33,9 @@ module Google
   module Cloud
     module ContainerAnalysis
       module V1
+        GetVulnerabilityOccurrencesSummaryRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.devtools.containeranalysis.v1.GetVulnerabilityOccurrencesSummaryRequest").msgclass
+        VulnerabilityOccurrencesSummary = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary").msgclass
+        VulnerabilityOccurrencesSummary::FixableTotalByDigest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary.FixableTotalByDigest").msgclass
       end
     end
   end

data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb

@@ -1,7 +1,7 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # Source: google/devtools/containeranalysis/v1/containeranalysis.proto for package 'Google.Cloud.ContainerAnalysis.V1'
 # Original file comments:
-# Copyright 2019 Google LLC.
+# Copyright 2019 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-#
 
 require 'grpc'
 require 'google/devtools/containeranalysis/v1/containeranalysis_pb'
@@ -54,7 +53,7 @@ module Google
             # The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
             # notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
             # occurrences.
-            rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
+            rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
             # Gets the access control policy for a note or an occurrence resource.
             # Requires `containeranalysis.notes.setIamPolicy` or
             # `containeranalysis.occurrences.setIamPolicy` permission if the resource is
@@ -63,7 +62,7 @@ module Google
             # The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
             # notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
             # occurrences.
-            rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
+            rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
             # Returns the permissions that a caller has on the specified note or
             # occurrence. Requires list permission on the project (for example,
             # `containeranalysis.notes.list`).
@@ -71,7 +70,9 @@ module Google
             # The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
             # notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
             # occurrences.
-            rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
+            rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
+            # Gets a summary of the number and severity of occurrences.
+            rpc :GetVulnerabilityOccurrencesSummary, ::Google::Cloud::ContainerAnalysis::V1::GetVulnerabilityOccurrencesSummaryRequest, ::Google::Cloud::ContainerAnalysis::V1::VulnerabilityOccurrencesSummary
           end
 
           Stub = Service.rpc_stub_class

data/proto_docs/google/api/resource.rb

@@ -43,12 +43,12 @@ module Google
     #
     # The ResourceDescriptor Yaml config will look like:
     #
-    #    resources:
-    #    - type: "pubsub.googleapis.com/Topic"
-    #      name_descriptor:
-    #        - pattern: "projects/\\{project}/topics/\\{topic}"
-    #          parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #          parent_name_extractor: "projects/\\{project}"
+    #     resources:
+    #     - type: "pubsub.googleapis.com/Topic"
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
     #
     # Sometimes, resources have multiple patterns, typically because they can
     # live under multiple parents.
@@ -183,15 +183,24 @@ module Google
     #         }
     # @!attribute [rw] plural
     #   @return [::String]
-    #     The plural name used in the resource name, such as 'projects' for
-    #     the name of 'projects/\\{project}'. It is the same concept of the `plural`
-    #     field in k8s CRD spec
+    #     The plural name used in the resource name and permission names, such as
+    #     'projects' for the resource name of 'projects/\\{project}' and the permission
+    #     name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
+    #     concept of the `plural` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #
+    #     Note: The plural form is required even for singleton resources. See
+    #     https://aip.dev/156
     # @!attribute [rw] singular
     #   @return [::String]
     #     The same concept of the `singular` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
     #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    # @!attribute [rw] style
+    #   @return [::Array<::Google::Api::ResourceDescriptor::Style>]
+    #     Style flag(s) for this resource.
+    #     These indicate that a resource is expected to conform to a given
+    #     style. See the specific style flags for additional information.
     class ResourceDescriptor
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -211,6 +220,22 @@ module Google
         # that from being necessary once there are multiple patterns.)
         FUTURE_MULTI_PATTERN = 2
       end
+
+      # A flag representing a specific style that a resource claims to conform to.
+      module Style
+        # The unspecified value. Do not use.
+        STYLE_UNSPECIFIED = 0
+
+        # This resource is intended to be "declarative-friendly".
+        #
+        # Declarative-friendly resources must be more strictly consistent, and
+        # setting this to true communicates to tools that this resource should
+        # adhere to declarative-friendly expectations.
+        #
+        # Note: This is used by the API linter (linter.aip.dev) to enable
+        # additional checks.
+        DECLARATIVE_FRIENDLY = 1
+      end
     end
 
     # Defines a proto annotation that describes a string field that refers to
@@ -226,6 +251,17 @@ module Google
     #             type: "pubsub.googleapis.com/Topic"
     #           }];
     #         }
+    #
+    #     Occasionally, a field may reference an arbitrary resource. In this case,
+    #     APIs use the special value * in their resource reference.
+    #
+    #     Example:
+    #
+    #         message GetIamPolicyRequest {
+    #           string resource = 2 [(google.api.resource_reference) = {
+    #             type: "*"
+    #           }];
+    #         }
     # @!attribute [rw] child_type
     #   @return [::String]
     #     The resource type of a child collection that the annotated field
@@ -234,11 +270,11 @@ module Google
     #
     #     Example:
     #
-    #       message ListLogEntriesRequest {
-    #         string parent = 1 [(google.api.resource_reference) = {
-    #           child_type: "logging.googleapis.com/LogEntry"
-    #         };
-    #       }
+    #         message ListLogEntriesRequest {
+    #           string parent = 1 [(google.api.resource_reference) = {
+    #             child_type: "logging.googleapis.com/LogEntry"
+    #           };
+    #         }
     class ResourceReference
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module ContainerAnalysis
+      module V1
+        # Request to get a vulnerability summary for some set of occurrences.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     The name of the project to get a vulnerability summary for in the form of
+        #     `projects/[PROJECT_ID]`.
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     The filter expression.
+        class GetVulnerabilityOccurrencesSummaryRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A summary of how many vulnerability occurrences there are per resource and
+        # severity type.
+        # @!attribute [rw] counts
+        #   @return [::Array<::Google::Cloud::ContainerAnalysis::V1::VulnerabilityOccurrencesSummary::FixableTotalByDigest>]
+        #     A listing by resource of the number of fixable and total vulnerabilities.
+        class VulnerabilityOccurrencesSummary
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Per resource and severity counts of fixable and total vulnerabilities.
+          # @!attribute [rw] resource_uri
+          #   @return [::String]
+          #     The affected resource.
+          # @!attribute [rw] severity
+          #   @return [::Grafeas::V1::Severity]
+          #     The severity for this count. SEVERITY_UNSPECIFIED indicates total across
+          #     all severities.
+          # @!attribute [rw] fixable_count
+          #   @return [::Integer]
+          #     The number of fixable vulnerabilities associated with this resource.
+          # @!attribute [rw] total_count
+          #   @return [::Integer]
+          #     The total number of vulnerabilities associated with this resource.
+          class FixableTotalByDigest
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/common.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Metadata for any related URL information.
+    # @!attribute [rw] url
+    #   @return [::String]
+    #     Specific URL associated with the resource.
+    # @!attribute [rw] label
+    #   @return [::String]
+    #     Label to describe usage of the URL.
+    class RelatedUrl
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Verifiers (e.g. Kritis implementations) MUST verify signatures
+    # with respect to the trust anchors defined in policy (e.g. a Kritis policy).
+    # Typically this means that the verifier has been configured with a map from
+    # `public_key_id` to public key material (and any required parameters, e.g.
+    # signing algorithm).
+    #
+    # In particular, verification implementations MUST NOT treat the signature
+    # `public_key_id` as anything more than a key lookup hint. The `public_key_id`
+    # DOES NOT validate or authenticate a public key; it only provides a mechanism
+    # for quickly selecting a public key ALREADY CONFIGURED on the verifier through
+    # a trusted channel. Verification implementations MUST reject signatures in any
+    # of the following circumstances:
+    #   * The `public_key_id` is not recognized by the verifier.
+    #   * The public key that `public_key_id` refers to does not verify the
+    #     signature with respect to the payload.
+    #
+    # The `signature` contents SHOULD NOT be "attached" (where the payload is
+    # included with the serialized `signature` bytes). Verifiers MUST ignore any
+    # "attached" payload and only verify signatures with respect to explicitly
+    # provided payload (e.g. a `payload` field on the proto message that holds
+    # this Signature, or the canonical serialization of the proto message that
+    # holds this signature).
+    # @!attribute [rw] signature
+    #   @return [::String]
+    #     The content of the signature, an opaque bytestring.
+    #     The payload that this signature verifies MUST be unambiguously provided
+    #     with the Signature during verification. A wrapper message might provide
+    #     the payload explicitly. Alternatively, a message might have a canonical
+    #     serialization that can always be unambiguously computed to derive the
+    #     payload.
+    # @!attribute [rw] public_key_id
+    #   @return [::String]
+    #     The identifier for the public key that verifies this signature.
+    #       * The `public_key_id` is required.
+    #       * The `public_key_id` MUST be an RFC3986 conformant URI.
+    #       * When possible, the `public_key_id` SHOULD be an immutable reference,
+    #         such as a cryptographic digest.
+    #
+    #     Examples of valid `public_key_id`s:
+    #
+    #     OpenPGP V4 public key fingerprint:
+    #       * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
+    #     See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
+    #     details on this scheme.
+    #
+    #     RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
+    #     serialization):
+    #       * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
+    #       * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
+    class Signature
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Kind represents the kinds of notes supported.
+    module NoteKind
+      # Unknown.
+      NOTE_KIND_UNSPECIFIED = 0
+
+      # The note and occurrence represent a package vulnerability.
+      VULNERABILITY = 1
+
+      # The note and occurrence assert build provenance.
+      BUILD = 2
+
+      # This represents an image basis relationship.
+      IMAGE = 3
+
+      # This represents a package installed via a package manager.
+      PACKAGE = 4
+
+      # The note and occurrence track deployment events.
+      DEPLOYMENT = 5
+
+      # The note and occurrence track the initial discovery status of a resource.
+      DISCOVERY = 6
+
+      # This represents a logical "role" that can attest to artifacts.
+      ATTESTATION = 7
+
+      # This represents an available package upgrade.
+      UPGRADE = 8
+    end
+  end
+end

data/proto_docs/grafeas/v1/cvss.rb

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Common Vulnerability Scoring System version 3.
+    # For details, see https://www.first.org/cvss/specification-document
+    # @!attribute [rw] base_score
+    #   @return [::Float]
+    #     The base score is a function of the base metric scores.
+    # @!attribute [rw] exploitability_score
+    #   @return [::Float]
+    # @!attribute [rw] impact_score
+    #   @return [::Float]
+    # @!attribute [rw] attack_vector
+    #   @return [::Grafeas::V1::CVSSv3::AttackVector]
+    #     Base Metrics
+    #     Represents the intrinsic characteristics of a vulnerability that are
+    #     constant over time and across user environments.
+    # @!attribute [rw] attack_complexity
+    #   @return [::Grafeas::V1::CVSSv3::AttackComplexity]
+    # @!attribute [rw] privileges_required
+    #   @return [::Grafeas::V1::CVSSv3::PrivilegesRequired]
+    # @!attribute [rw] user_interaction
+    #   @return [::Grafeas::V1::CVSSv3::UserInteraction]
+    # @!attribute [rw] scope
+    #   @return [::Grafeas::V1::CVSSv3::Scope]
+    # @!attribute [rw] confidentiality_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    # @!attribute [rw] integrity_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    # @!attribute [rw] availability_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    class CVSSv3
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      module AttackVector
+        ATTACK_VECTOR_UNSPECIFIED = 0
+
+        ATTACK_VECTOR_NETWORK = 1
+
+        ATTACK_VECTOR_ADJACENT = 2
+
+        ATTACK_VECTOR_LOCAL = 3
+
+        ATTACK_VECTOR_PHYSICAL = 4
+      end
+
+      module AttackComplexity
+        ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+        ATTACK_COMPLEXITY_LOW = 1
+
+        ATTACK_COMPLEXITY_HIGH = 2
+      end
+
+      module PrivilegesRequired
+        PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+        PRIVILEGES_REQUIRED_NONE = 1
+
+        PRIVILEGES_REQUIRED_LOW = 2
+
+        PRIVILEGES_REQUIRED_HIGH = 3
+      end
+
+      module UserInteraction
+        USER_INTERACTION_UNSPECIFIED = 0
+
+        USER_INTERACTION_NONE = 1
+
+        USER_INTERACTION_REQUIRED = 2
+      end
+
+      module Scope
+        SCOPE_UNSPECIFIED = 0
+
+        SCOPE_UNCHANGED = 1
+
+        SCOPE_CHANGED = 2
+      end
+
+      module Impact
+        IMPACT_UNSPECIFIED = 0
+
+        IMPACT_HIGH = 1
+
+        IMPACT_LOW = 2
+
+        IMPACT_NONE = 3
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/package.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # This represents a particular channel of distribution for a given package.
+    # E.g., Debian's jessie-backports dpkg mirror.
+    # @!attribute [rw] cpe_uri
+    #   @return [::String]
+    #     Required. The cpe_uri in [CPE format](https://cpe.mitre.org/specification/)
+    #     denoting the package manager version distributing a package.
+    # @!attribute [rw] architecture
+    #   @return [::Grafeas::V1::Architecture]
+    #     The CPU architecture for which packages in this distribution channel were
+    #     built.
+    # @!attribute [rw] latest_version
+    #   @return [::Grafeas::V1::Version]
+    #     The latest available version of this package in this distribution channel.
+    # @!attribute [rw] maintainer
+    #   @return [::String]
+    #     A freeform string denoting the maintainer of this package.
+    # @!attribute [rw] url
+    #   @return [::String]
+    #     The distribution channel-specific homepage for this package.
+    # @!attribute [rw] description
+    #   @return [::String]
+    #     The distribution channel-specific description of this package.
+    class Distribution
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # An occurrence of a particular package installation found within a system's
+    # filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.
+    # @!attribute [rw] cpe_uri
+    #   @return [::String]
+    #     Required. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)
+    #     denoting the package manager version distributing a package.
+    # @!attribute [rw] version
+    #   @return [::Grafeas::V1::Version]
+    #     The version installed at this location.
+    # @!attribute [rw] path
+    #   @return [::String]
+    #     The path from which we gathered that this package/version is installed.
+    class Location
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # This represents a particular package that is distributed over various
+    # channels. E.g., glibc (aka libc6) is distributed by many, at various
+    # versions.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Required. Immutable. The name of the package.
+    # @!attribute [rw] distribution
+    #   @return [::Array<::Grafeas::V1::Distribution>]
+    #     The various channels by which a package is distributed.
+    class PackageNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Details on how a particular software package was installed on a system.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Output only. The name of the installed package.
+    # @!attribute [rw] location
+    #   @return [::Array<::Grafeas::V1::Location>]
+    #     Required. All of the places within the filesystem versions of this package
+    #     have been found.
+    class PackageOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Version contains structured information about the version of a package.
+    # @!attribute [rw] epoch
+    #   @return [::Integer]
+    #     Used to correct mistakes in the version numbering scheme.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Required only when version kind is NORMAL. The main part of the version
+    #     name.
+    # @!attribute [rw] revision
+    #   @return [::String]
+    #     The iteration of the package build from the above version.
+    # @!attribute [rw] kind
+    #   @return [::Grafeas::V1::Version::VersionKind]
+    #     Required. Distinguishes between sentinel MIN/MAX versions and normal
+    #     versions.
+    # @!attribute [rw] full_name
+    #   @return [::String]
+    #     Human readable version string. This string is of the form
+    #     <epoch>:<name>-<revision> and is only set when kind is NORMAL.
+    class Version
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # Whether this is an ordinary package version or a sentinel MIN/MAX version.
+      module VersionKind
+        # Unknown.
+        VERSION_KIND_UNSPECIFIED = 0
+
+        # A standard package version.
+        NORMAL = 1
+
+        # A special version representing negative infinity.
+        MINIMUM = 2
+
+        # A special version representing positive infinity.
+        MAXIMUM = 3
+      end
+    end
+
+    # Instruction set architectures supported by various package managers.
+    module Architecture
+      # Unknown architecture.
+      ARCHITECTURE_UNSPECIFIED = 0
+
+      # X86 architecture.
+      X86 = 1
+
+      # X64 architecture.
+      X64 = 2
+    end
+  end
+end

data/proto_docs/grafeas/v1/vulnerability.rb

@@ -0,0 +1,245 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # A security vulnerability that can be found in resources.
+    # @!attribute [rw] cvss_score
+    #   @return [::Float]
+    #     The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
+    #     where 0 indicates low severity and 10 indicates high severity.
+    # @!attribute [rw] severity
+    #   @return [::Grafeas::V1::Severity]
+    #     The note provider assigned severity of this vulnerability.
+    # @!attribute [rw] details
+    #   @return [::Array<::Grafeas::V1::VulnerabilityNote::Detail>]
+    #     Details of all known distros and packages affected by this vulnerability.
+    # @!attribute [rw] cvss_v3
+    #   @return [::Grafeas::V1::CVSSv3]
+    #     The full description of the CVSSv3 for this vulnerability.
+    # @!attribute [rw] windows_details
+    #   @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail>]
+    #     Windows details get their own format because the information format and
+    #     model don't match a normal detail. Specifically Windows updates are done as
+    #     patches, thus Windows vulnerabilities really are a missing package, rather
+    #     than a package being at an incorrect version.
+    # @!attribute [rw] source_update_time
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The time this information was last changed at the source. This is an
+    #     upstream timestamp from the underlying information source - e.g. Ubuntu
+    #     security tracker.
+    class VulnerabilityNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A detail for a distro and package affected by this vulnerability and its
+      # associated fix (if one is available).
+      # @!attribute [rw] severity_name
+      #   @return [::String]
+      #     The distro assigned severity of this vulnerability.
+      # @!attribute [rw] description
+      #   @return [::String]
+      #     A vendor-specific description of this vulnerability.
+      # @!attribute [rw] package_type
+      #   @return [::String]
+      #     The type of package; whether native or non native (e.g., ruby gems,
+      #     node.js packages, etc.).
+      # @!attribute [rw] affected_cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability affects.
+      # @!attribute [rw] affected_package
+      #   @return [::String]
+      #     Required. The package this vulnerability affects.
+      # @!attribute [rw] affected_version_start
+      #   @return [::Grafeas::V1::Version]
+      #     The version number at the start of an interval in which this
+      #     vulnerability exists. A vulnerability can affect a package between
+      #     version numbers that are disjoint sets of intervals (example:
+      #     [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
+      #     represented in its own Detail. If a specific affected version is provided
+      #     by a vulnerability database, affected_version_start and
+      #     affected_version_end will be the same in that Detail.
+      # @!attribute [rw] affected_version_end
+      #   @return [::Grafeas::V1::Version]
+      #     The version number at the end of an interval in which this vulnerability
+      #     exists. A vulnerability can affect a package between version numbers
+      #     that are disjoint sets of intervals (example: [1.0.0-1.1.0],
+      #     [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
+      #     own Detail. If a specific affected version is provided by a vulnerability
+      #     database, affected_version_start and affected_version_end will be the
+      #     same in that Detail.
+      # @!attribute [rw] fixed_cpe_uri
+      #   @return [::String]
+      #     The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
+      #     to update to that contains a fix for this vulnerability. It is possible
+      #     for this to be different from the affected_cpe_uri.
+      # @!attribute [rw] fixed_package
+      #   @return [::String]
+      #     The distro recommended package to update to that contains a fix for this
+      #     vulnerability. It is possible for this to be different from the
+      #     affected_package.
+      # @!attribute [rw] fixed_version
+      #   @return [::Grafeas::V1::Version]
+      #     The distro recommended version to update to that contains a
+      #     fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
+      #     such version is yet available.
+      # @!attribute [rw] is_obsolete
+      #   @return [::Boolean]
+      #     Whether this detail is obsolete. Occurrences are expected not to point to
+      #     obsolete details.
+      # @!attribute [rw] source_update_time
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The time this information was last changed at the source. This is an
+      #     upstream timestamp from the underlying information source - e.g. Ubuntu
+      #     security tracker.
+      class Detail
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability affects.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Required. The name of this vulnerability.
+      # @!attribute [rw] description
+      #   @return [::String]
+      #     The description of this vulnerability.
+      # @!attribute [rw] fixing_kbs
+      #   @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail::KnowledgeBase>]
+      #     Required. The names of the KBs which have hotfixes to mitigate this
+      #     vulnerability. Note that there may be multiple hotfixes (and thus
+      #     multiple KBs) that mitigate a given vulnerability. Currently any listed
+      #     KBs presence is considered a fix.
+      class WindowsDetail
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The KB name (generally of the form KB[0-9]+ (e.g., KB123456)).
+        # @!attribute [rw] url
+        #   @return [::String]
+        #     A link to the KB in the [Windows update catalog]
+        #     (https://www.catalog.update.microsoft.com/).
+        class KnowledgeBase
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+
+    # An occurrence of a severity vulnerability on a resource.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The type of package; whether native or non native (e.g., ruby gems, node.js
+    #     packages, etc.).
+    # @!attribute [rw] severity
+    #   @return [::Grafeas::V1::Severity]
+    #     Output only. The note provider assigned severity of this vulnerability.
+    # @!attribute [rw] cvss_score
+    #   @return [::Float]
+    #     Output only. The CVSS score of this vulnerability. CVSS score is on a
+    #     scale of 0 - 10 where 0 indicates low severity and 10 indicates high
+    #     severity.
+    # @!attribute [rw] package_issue
+    #   @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
+    #     Required. The set of affected locations and their fixes (if available)
+    #     within the associated resource.
+    # @!attribute [rw] short_description
+    #   @return [::String]
+    #     Output only. A one sentence description of this vulnerability.
+    # @!attribute [rw] long_description
+    #   @return [::String]
+    #     Output only. A detailed description of this vulnerability.
+    # @!attribute [rw] related_urls
+    #   @return [::Array<::Grafeas::V1::RelatedUrl>]
+    #     Output only. URLs related to this vulnerability.
+    # @!attribute [rw] effective_severity
+    #   @return [::Grafeas::V1::Severity]
+    #     The distro assigned severity for this vulnerability when it is available,
+    #     otherwise this is the note provider assigned severity.
+    # @!attribute [rw] fix_available
+    #   @return [::Boolean]
+    #     Output only. Whether at least one of the affected packages has a fix
+    #     available.
+    class VulnerabilityOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A detail for a distro and package this vulnerability occurrence was found
+      # in and its associated fix (if one is available).
+      # @!attribute [rw] affected_cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability was found in.
+      # @!attribute [rw] affected_package
+      #   @return [::String]
+      #     Required. The package this vulnerability was found in.
+      # @!attribute [rw] affected_version
+      #   @return [::Grafeas::V1::Version]
+      #     Required. The version of the package that is installed on the resource
+      #     affected by this vulnerability.
+      # @!attribute [rw] fixed_cpe_uri
+      #   @return [::String]
+      #     The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
+      #     was fixed in. It is possible for this to be different from the
+      #     affected_cpe_uri.
+      # @!attribute [rw] fixed_package
+      #   @return [::String]
+      #     The package this vulnerability was fixed in. It is possible for this to
+      #     be different from the affected_package.
+      # @!attribute [rw] fixed_version
+      #   @return [::Grafeas::V1::Version]
+      #     Required. The version of the package this vulnerability was fixed in.
+      #     Setting this to VersionKind.MAXIMUM means no fix is yet available.
+      # @!attribute [rw] fix_available
+      #   @return [::Boolean]
+      #     Output only. Whether a fix is available for this package.
+      class PackageIssue
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # Note provider assigned severity/impact ranking.
+    module Severity
+      # Unknown.
+      SEVERITY_UNSPECIFIED = 0
+
+      # Minimal severity.
+      MINIMAL = 1
+
+      # Low severity.
+      LOW = 2
+
+      # Medium severity.
+      MEDIUM = 3
+
+      # High severity.
+      HIGH = 4
+
+      # Critical severity.
+      CRITICAL = 5
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-container_analysis-v1
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-10 00:00:00.000000000 Z
+date: 2020-10-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -202,17 +202,23 @@ files:
 - lib/google/cloud/container_analysis/v1/container_analysis/client.rb
 - lib/google/cloud/container_analysis/v1/container_analysis/credentials.rb
 - lib/google/cloud/container_analysis/v1/container_analysis/helpers.rb
+- lib/google/cloud/container_analysis/v1/container_analysis/paths.rb
 - lib/google/cloud/container_analysis/v1/version.rb
 - lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb
 - lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb
 - proto_docs/README.md
 - proto_docs/google/api/field_behavior.rb
 - proto_docs/google/api/resource.rb
+- proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb
 - proto_docs/google/iam/v1/iam_policy.rb
 - proto_docs/google/iam/v1/options.rb
 - proto_docs/google/iam/v1/policy.rb
 - proto_docs/google/protobuf/timestamp.rb
 - proto_docs/google/type/expr.rb
+- proto_docs/grafeas/v1/common.rb
+- proto_docs/grafeas/v1/cvss.rb
+- proto_docs/grafeas/v1/package.rb
+- proto_docs/grafeas/v1/vulnerability.rb
 homepage: https://github.com/googleapis/google-cloud-ruby
 licenses:
 - Apache-2.0
@@ -232,7 +238,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.3
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: API Client library for the Container Analysis V1 API