google-cloud-container_analysis-v1 0.4.3 → 0.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +1 -1
  3. data/AUTHENTICATION.md +7 -25
  4. data/README.md +1 -1
  5. data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +81 -13
  6. data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
  7. data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +5 -3
  8. data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb +1 -1
  9. data/proto_docs/google/api/resource.rb +10 -71
  10. data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +1 -1
  11. data/proto_docs/google/protobuf/any.rb +141 -0
  12. data/proto_docs/google/protobuf/empty.rb +36 -0
  13. data/proto_docs/google/protobuf/field_mask.rb +229 -0
  14. data/proto_docs/google/rpc/status.rb +46 -0
  15. data/proto_docs/grafeas/v1/attestation.rb +98 -0
  16. data/proto_docs/grafeas/v1/build.rb +64 -0
  17. data/proto_docs/grafeas/v1/common.rb +31 -2
  18. data/proto_docs/grafeas/v1/compliance.rb +98 -0
  19. data/proto_docs/grafeas/v1/cvss.rb +105 -0
  20. data/proto_docs/grafeas/v1/deployment.rb +74 -0
  21. data/proto_docs/grafeas/v1/discovery.rb +95 -0
  22. data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
  23. data/proto_docs/grafeas/v1/grafeas.rb +419 -0
  24. data/proto_docs/grafeas/v1/image.rb +95 -0
  25. data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
  26. data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
  27. data/proto_docs/grafeas/v1/package.rb +8 -0
  28. data/proto_docs/grafeas/v1/provenance.rb +318 -0
  29. data/proto_docs/grafeas/v1/severity.rb +43 -0
  30. data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
  31. data/proto_docs/grafeas/v1/upgrade.rb +148 -0
  32. data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
  33. metadata +31 -7
@@ -0,0 +1,229 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Protobuf
22
+ # `FieldMask` represents a set of symbolic field paths, for example:
23
+ #
24
+ # paths: "f.a"
25
+ # paths: "f.b.d"
26
+ #
27
+ # Here `f` represents a field in some root message, `a` and `b`
28
+ # fields in the message found in `f`, and `d` a field found in the
29
+ # message in `f.b`.
30
+ #
31
+ # Field masks are used to specify a subset of fields that should be
32
+ # returned by a get operation or modified by an update operation.
33
+ # Field masks also have a custom JSON encoding (see below).
34
+ #
35
+ # # Field Masks in Projections
36
+ #
37
+ # When used in the context of a projection, a response message or
38
+ # sub-message is filtered by the API to only contain those fields as
39
+ # specified in the mask. For example, if the mask in the previous
40
+ # example is applied to a response message as follows:
41
+ #
42
+ # f {
43
+ # a : 22
44
+ # b {
45
+ # d : 1
46
+ # x : 2
47
+ # }
48
+ # y : 13
49
+ # }
50
+ # z: 8
51
+ #
52
+ # The result will not contain specific values for fields x,y and z
53
+ # (their value will be set to the default, and omitted in proto text
54
+ # output):
55
+ #
56
+ #
57
+ # f {
58
+ # a : 22
59
+ # b {
60
+ # d : 1
61
+ # }
62
+ # }
63
+ #
64
+ # A repeated field is not allowed except at the last position of a
65
+ # paths string.
66
+ #
67
+ # If a FieldMask object is not present in a get operation, the
68
+ # operation applies to all fields (as if a FieldMask of all fields
69
+ # had been specified).
70
+ #
71
+ # Note that a field mask does not necessarily apply to the
72
+ # top-level response message. In case of a REST get operation, the
73
+ # field mask applies directly to the response, but in case of a REST
74
+ # list operation, the mask instead applies to each individual message
75
+ # in the returned resource list. In case of a REST custom method,
76
+ # other definitions may be used. Where the mask applies will be
77
+ # clearly documented together with its declaration in the API. In
78
+ # any case, the effect on the returned resource/resources is required
79
+ # behavior for APIs.
80
+ #
81
+ # # Field Masks in Update Operations
82
+ #
83
+ # A field mask in update operations specifies which fields of the
84
+ # targeted resource are going to be updated. The API is required
85
+ # to only change the values of the fields as specified in the mask
86
+ # and leave the others untouched. If a resource is passed in to
87
+ # describe the updated values, the API ignores the values of all
88
+ # fields not covered by the mask.
89
+ #
90
+ # If a repeated field is specified for an update operation, new values will
91
+ # be appended to the existing repeated field in the target resource. Note that
92
+ # a repeated field is only allowed in the last position of a `paths` string.
93
+ #
94
+ # If a sub-message is specified in the last position of the field mask for an
95
+ # update operation, then new value will be merged into the existing sub-message
96
+ # in the target resource.
97
+ #
98
+ # For example, given the target message:
99
+ #
100
+ # f {
101
+ # b {
102
+ # d: 1
103
+ # x: 2
104
+ # }
105
+ # c: [1]
106
+ # }
107
+ #
108
+ # And an update message:
109
+ #
110
+ # f {
111
+ # b {
112
+ # d: 10
113
+ # }
114
+ # c: [2]
115
+ # }
116
+ #
117
+ # then if the field mask is:
118
+ #
119
+ # paths: ["f.b", "f.c"]
120
+ #
121
+ # then the result will be:
122
+ #
123
+ # f {
124
+ # b {
125
+ # d: 10
126
+ # x: 2
127
+ # }
128
+ # c: [1, 2]
129
+ # }
130
+ #
131
+ # An implementation may provide options to override this default behavior for
132
+ # repeated and message fields.
133
+ #
134
+ # In order to reset a field's value to the default, the field must
135
+ # be in the mask and set to the default value in the provided resource.
136
+ # Hence, in order to reset all fields of a resource, provide a default
137
+ # instance of the resource and set all fields in the mask, or do
138
+ # not provide a mask as described below.
139
+ #
140
+ # If a field mask is not present on update, the operation applies to
141
+ # all fields (as if a field mask of all fields has been specified).
142
+ # Note that in the presence of schema evolution, this may mean that
143
+ # fields the client does not know and has therefore not filled into
144
+ # the request will be reset to their default. If this is unwanted
145
+ # behavior, a specific service may require a client to always specify
146
+ # a field mask, producing an error if not.
147
+ #
148
+ # As with get operations, the location of the resource which
149
+ # describes the updated values in the request message depends on the
150
+ # operation kind. In any case, the effect of the field mask is
151
+ # required to be honored by the API.
152
+ #
153
+ # ## Considerations for HTTP REST
154
+ #
155
+ # The HTTP kind of an update operation which uses a field mask must
156
+ # be set to PATCH instead of PUT in order to satisfy HTTP semantics
157
+ # (PUT must only be used for full updates).
158
+ #
159
+ # # JSON Encoding of Field Masks
160
+ #
161
+ # In JSON, a field mask is encoded as a single string where paths are
162
+ # separated by a comma. Fields name in each path are converted
163
+ # to/from lower-camel naming conventions.
164
+ #
165
+ # As an example, consider the following message declarations:
166
+ #
167
+ # message Profile {
168
+ # User user = 1;
169
+ # Photo photo = 2;
170
+ # }
171
+ # message User {
172
+ # string display_name = 1;
173
+ # string address = 2;
174
+ # }
175
+ #
176
+ # In proto a field mask for `Profile` may look as such:
177
+ #
178
+ # mask {
179
+ # paths: "user.display_name"
180
+ # paths: "photo"
181
+ # }
182
+ #
183
+ # In JSON, the same mask is represented as below:
184
+ #
185
+ # {
186
+ # mask: "user.displayName,photo"
187
+ # }
188
+ #
189
+ # # Field Masks and Oneof Fields
190
+ #
191
+ # Field masks treat fields in oneofs just as regular fields. Consider the
192
+ # following message:
193
+ #
194
+ # message SampleMessage {
195
+ # oneof test_oneof {
196
+ # string name = 4;
197
+ # SubMessage sub_message = 9;
198
+ # }
199
+ # }
200
+ #
201
+ # The field mask can be:
202
+ #
203
+ # mask {
204
+ # paths: "name"
205
+ # }
206
+ #
207
+ # Or:
208
+ #
209
+ # mask {
210
+ # paths: "sub_message"
211
+ # }
212
+ #
213
+ # Note that oneof type names ("test_oneof" in this case) cannot be used in
214
+ # paths.
215
+ #
216
+ # ## Field Mask Verification
217
+ #
218
+ # The implementation of any API method which has a FieldMask type field in the
219
+ # request should verify the included field paths, and return an
220
+ # `INVALID_ARGUMENT` error if any path is unmappable.
221
+ # @!attribute [rw] paths
222
+ # @return [::Array<::String>]
223
+ # The set of field mask paths.
224
+ class FieldMask
225
+ include ::Google::Protobuf::MessageExts
226
+ extend ::Google::Protobuf::MessageExts::ClassMethods
227
+ end
228
+ end
229
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Rpc
22
+ # The `Status` type defines a logical error model that is suitable for
23
+ # different programming environments, including REST APIs and RPC APIs. It is
24
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
25
+ # three pieces of data: error code, error message, and error details.
26
+ #
27
+ # You can find out more about this error model and how to work with it in the
28
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
29
+ # @!attribute [rw] code
30
+ # @return [::Integer]
31
+ # The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
32
+ # @!attribute [rw] message
33
+ # @return [::String]
34
+ # A developer-facing error message, which should be in English. Any
35
+ # user-facing error message should be localized and sent in the
36
+ # {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
37
+ # @!attribute [rw] details
38
+ # @return [::Array<::Google::Protobuf::Any>]
39
+ # A list of messages that carry the error details. There is a common set of
40
+ # message types for APIs to use.
41
+ class Status
42
+ include ::Google::Protobuf::MessageExts
43
+ extend ::Google::Protobuf::MessageExts::ClassMethods
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,98 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Note kind that represents a logical attestation "role" or "authority". For
23
+ # example, an organization might have one `Authority` for "QA" and one for
24
+ # "build". This note is intended to act strictly as a grouping mechanism for
25
+ # the attached occurrences (Attestations). This grouping mechanism also
26
+ # provides a security boundary, since IAM ACLs gate the ability for a principle
27
+ # to attach an occurrence to a given note. It also provides a single point of
28
+ # lookup to find all attached attestation occurrences, even if they don't all
29
+ # live in the same project.
30
+ # @!attribute [rw] hint
31
+ # @return [::Grafeas::V1::AttestationNote::Hint]
32
+ # Hint hints at the purpose of the attestation authority.
33
+ class AttestationNote
34
+ include ::Google::Protobuf::MessageExts
35
+ extend ::Google::Protobuf::MessageExts::ClassMethods
36
+
37
+ # This submessage provides human-readable hints about the purpose of the
38
+ # authority. Because the name of a note acts as its resource reference, it is
39
+ # important to disambiguate the canonical name of the Note (which might be a
40
+ # UUID for security purposes) from "readable" names more suitable for debug
41
+ # output. Note that these hints should not be used to look up authorities in
42
+ # security sensitive contexts, such as when looking up attestations to
43
+ # verify.
44
+ # @!attribute [rw] human_readable_name
45
+ # @return [::String]
46
+ # Required. The human readable name of this attestation authority, for
47
+ # example "qa".
48
+ class Hint
49
+ include ::Google::Protobuf::MessageExts
50
+ extend ::Google::Protobuf::MessageExts::ClassMethods
51
+ end
52
+ end
53
+
54
+ # @!attribute [rw] compact_jwt
55
+ # @return [::String]
56
+ # The compact encoding of a JWS, which is always three base64 encoded strings
57
+ # joined by periods. For details, see:
58
+ # https://tools.ietf.org/html/rfc7515.html#section-3.1
59
+ class Jwt
60
+ include ::Google::Protobuf::MessageExts
61
+ extend ::Google::Protobuf::MessageExts::ClassMethods
62
+ end
63
+
64
+ # Occurrence that represents a single "attestation". The authenticity of an
65
+ # attestation can be verified using the attached signature. If the verifier
66
+ # trusts the public key of the signer, then verifying the signature is
67
+ # sufficient to establish trust. In this circumstance, the authority to which
68
+ # this attestation is attached is primarily useful for lookup (how to find
69
+ # this attestation if you already know the authority and artifact to be
70
+ # verified) and intent (for which authority this attestation was intended to
71
+ # sign.
72
+ # @!attribute [rw] serialized_payload
73
+ # @return [::String]
74
+ # Required. The serialized payload that is verified by one or more
75
+ # `signatures`.
76
+ # @!attribute [rw] signatures
77
+ # @return [::Array<::Grafeas::V1::Signature>]
78
+ # One or more signatures over `serialized_payload`. Verifier implementations
79
+ # should consider this attestation message verified if at least one
80
+ # `signature` verifies `serialized_payload`. See `Signature` in common.proto
81
+ # for more details on signature structure and verification.
82
+ # @!attribute [rw] jwts
83
+ # @return [::Array<::Grafeas::V1::Jwt>]
84
+ # One or more JWTs encoding a self-contained attestation.
85
+ # Each JWT encodes the payload that it verifies within the JWT itself.
86
+ # Verifier implementation SHOULD ignore the `serialized_payload` field
87
+ # when verifying these JWTs.
88
+ # If only JWTs are present on this AttestationOccurrence, then the
89
+ # `serialized_payload` SHOULD be left empty.
90
+ # Each JWT SHOULD encode a claim specific to the `resource_uri` of this
91
+ # Occurrence, but this is not validated by Grafeas metadata API
92
+ # implementations. The JWT itself is opaque to Grafeas.
93
+ class AttestationOccurrence
94
+ include ::Google::Protobuf::MessageExts
95
+ extend ::Google::Protobuf::MessageExts::ClassMethods
96
+ end
97
+ end
98
+ end
@@ -0,0 +1,64 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Note holding the version of the provider's builder and the signature of the
23
+ # provenance message in the build details occurrence.
24
+ # @!attribute [rw] builder_version
25
+ # @return [::String]
26
+ # Required. Immutable. Version of the builder which produced this build.
27
+ class BuildNote
28
+ include ::Google::Protobuf::MessageExts
29
+ extend ::Google::Protobuf::MessageExts::ClassMethods
30
+ end
31
+
32
+ # Details of a build occurrence.
33
+ # @!attribute [rw] provenance
34
+ # @return [::Grafeas::V1::BuildProvenance]
35
+ # The actual provenance for the build.
36
+ # @!attribute [rw] provenance_bytes
37
+ # @return [::String]
38
+ # Serialized JSON representation of the provenance, used in generating the
39
+ # build signature in the corresponding build note. After verifying the
40
+ # signature, `provenance_bytes` can be unmarshalled and compared to the
41
+ # provenance to confirm that it is unchanged. A base64-encoded string
42
+ # representation of the provenance bytes is used for the signature in order
43
+ # to interoperate with openssl which expects this format for signature
44
+ # verification.
45
+ #
46
+ # The serialized form is captured both to avoid ambiguity in how the
47
+ # provenance is marshalled to json as well to prevent incompatibilities with
48
+ # future changes.
49
+ # @!attribute [rw] intoto_provenance
50
+ # @return [::Grafeas::V1::InTotoProvenance]
51
+ # Deprecated. See InTotoStatement for the replacement.
52
+ # In-toto Provenance representation as defined in spec.
53
+ # @!attribute [rw] intoto_statement
54
+ # @return [::Grafeas::V1::InTotoStatement]
55
+ # In-toto Statement representation as defined in spec.
56
+ # The intoto_statement can contain any type of provenance. The serialized
57
+ # payload of the statement can be stored and signed in the Occurrence's
58
+ # envelope.
59
+ class BuildOccurrence
60
+ include ::Google::Protobuf::MessageExts
61
+ extend ::Google::Protobuf::MessageExts::ClassMethods
62
+ end
63
+ end
64
+ end
@@ -65,7 +65,7 @@ module Grafeas
65
65
  # @return [::String]
66
66
  # The identifier for the public key that verifies this signature.
67
67
  # * The `public_key_id` is required.
68
- # * The `public_key_id` MUST be an RFC3986 conformant URI.
68
+ # * The `public_key_id` SHOULD be an RFC3986 conformant URI.
69
69
  # * When possible, the `public_key_id` SHOULD be an immutable reference,
70
70
  # such as a cryptographic digest.
71
71
  #
@@ -85,9 +85,32 @@ module Grafeas
85
85
  extend ::Google::Protobuf::MessageExts::ClassMethods
86
86
  end
87
87
 
88
+ # MUST match
89
+ # https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An
90
+ # authenticated message of arbitrary type.
91
+ # @!attribute [rw] payload
92
+ # @return [::String]
93
+ # @!attribute [rw] payload_type
94
+ # @return [::String]
95
+ # @!attribute [rw] signatures
96
+ # @return [::Array<::Grafeas::V1::EnvelopeSignature>]
97
+ class Envelope
98
+ include ::Google::Protobuf::MessageExts
99
+ extend ::Google::Protobuf::MessageExts::ClassMethods
100
+ end
101
+
102
+ # @!attribute [rw] sig
103
+ # @return [::String]
104
+ # @!attribute [rw] keyid
105
+ # @return [::String]
106
+ class EnvelopeSignature
107
+ include ::Google::Protobuf::MessageExts
108
+ extend ::Google::Protobuf::MessageExts::ClassMethods
109
+ end
110
+
88
111
  # Kind represents the kinds of notes supported.
89
112
  module NoteKind
90
- # Unknown.
113
+ # Default value. This value is unused.
91
114
  NOTE_KIND_UNSPECIFIED = 0
92
115
 
93
116
  # The note and occurrence represent a package vulnerability.
@@ -113,6 +136,12 @@ module Grafeas
113
136
 
114
137
  # This represents an available package upgrade.
115
138
  UPGRADE = 8
139
+
140
+ # This represents a Compliance Note
141
+ COMPLIANCE = 9
142
+
143
+ # This represents a DSSE attestation Note
144
+ DSSE_ATTESTATION = 10
116
145
  end
117
146
  end
118
147
  end
@@ -0,0 +1,98 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # @!attribute [rw] title
23
+ # @return [::String]
24
+ # The title that identifies this compliance check.
25
+ # @!attribute [rw] description
26
+ # @return [::String]
27
+ # A description about this compliance check.
28
+ # @!attribute [rw] version
29
+ # @return [::Array<::Grafeas::V1::ComplianceVersion>]
30
+ # The OS and config versions the benchmark applies to.
31
+ # @!attribute [rw] rationale
32
+ # @return [::String]
33
+ # A rationale for the existence of this compliance check.
34
+ # @!attribute [rw] remediation
35
+ # @return [::String]
36
+ # A description of remediation steps if the compliance check fails.
37
+ # @!attribute [rw] cis_benchmark
38
+ # @return [::Grafeas::V1::ComplianceNote::CisBenchmark]
39
+ # @!attribute [rw] scan_instructions
40
+ # @return [::String]
41
+ # Serialized scan instructions with a predefined format.
42
+ class ComplianceNote
43
+ include ::Google::Protobuf::MessageExts
44
+ extend ::Google::Protobuf::MessageExts::ClassMethods
45
+
46
+ # A compliance check that is a CIS benchmark.
47
+ # @!attribute [rw] profile_level
48
+ # @return [::Integer]
49
+ # @!attribute [rw] severity
50
+ # @return [::Grafeas::V1::Severity]
51
+ class CisBenchmark
52
+ include ::Google::Protobuf::MessageExts
53
+ extend ::Google::Protobuf::MessageExts::ClassMethods
54
+ end
55
+ end
56
+
57
+ # Describes the CIS benchmark version that is applicable to a given OS and
58
+ # os version.
59
+ # @!attribute [rw] cpe_uri
60
+ # @return [::String]
61
+ # The CPE URI (https://cpe.mitre.org/specification/) this benchmark is
62
+ # applicable to.
63
+ # @!attribute [rw] version
64
+ # @return [::String]
65
+ # The version of the benchmark. This is set to the version of the OS-specific
66
+ # CIS document the benchmark is defined in.
67
+ class ComplianceVersion
68
+ include ::Google::Protobuf::MessageExts
69
+ extend ::Google::Protobuf::MessageExts::ClassMethods
70
+ end
71
+
72
+ # An indication that the compliance checks in the associated ComplianceNote
73
+ # were not satisfied for particular resources or a specified reason.
74
+ # @!attribute [rw] non_compliant_files
75
+ # @return [::Array<::Grafeas::V1::NonCompliantFile>]
76
+ # @!attribute [rw] non_compliance_reason
77
+ # @return [::String]
78
+ class ComplianceOccurrence
79
+ include ::Google::Protobuf::MessageExts
80
+ extend ::Google::Protobuf::MessageExts::ClassMethods
81
+ end
82
+
83
+ # Details about files that caused a compliance check to fail.
84
+ # @!attribute [rw] path
85
+ # @return [::String]
86
+ # Empty if `display_command` is set.
87
+ # @!attribute [rw] display_command
88
+ # @return [::String]
89
+ # Command to display the non-compliant files.
90
+ # @!attribute [rw] reason
91
+ # @return [::String]
92
+ # Explains why a file is non compliant for a CIS check.
93
+ class NonCompliantFile
94
+ include ::Google::Protobuf::MessageExts
95
+ extend ::Google::Protobuf::MessageExts::ClassMethods
96
+ end
97
+ end
98
+ end