google-cloud-container_analysis-v1 0.4.3 → 0.4.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +7 -25
- data/README.md +1 -1
- data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +81 -13
- data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +5 -3
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb +1 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +1 -1
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/grafeas/v1/attestation.rb +98 -0
- data/proto_docs/grafeas/v1/build.rb +64 -0
- data/proto_docs/grafeas/v1/common.rb +31 -2
- data/proto_docs/grafeas/v1/compliance.rb +98 -0
- data/proto_docs/grafeas/v1/cvss.rb +105 -0
- data/proto_docs/grafeas/v1/deployment.rb +74 -0
- data/proto_docs/grafeas/v1/discovery.rb +95 -0
- data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
- data/proto_docs/grafeas/v1/grafeas.rb +419 -0
- data/proto_docs/grafeas/v1/image.rb +95 -0
- data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
- data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
- data/proto_docs/grafeas/v1/package.rb +8 -0
- data/proto_docs/grafeas/v1/provenance.rb +318 -0
- data/proto_docs/grafeas/v1/severity.rb +43 -0
- data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
- data/proto_docs/grafeas/v1/upgrade.rb +148 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
- metadata +31 -7
@@ -0,0 +1,65 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# Spec defined at
|
23
|
+
# https://github.com/in-toto/attestation/tree/main/spec#statement The
|
24
|
+
# serialized InTotoStatement will be stored as Envelope.payload.
|
25
|
+
# Envelope.payloadType is always "application/vnd.in-toto+json".
|
26
|
+
# @!attribute [rw] type
|
27
|
+
# @return [::String]
|
28
|
+
# Always `https://in-toto.io/Statement/v0.1`.
|
29
|
+
# @!attribute [rw] subject
|
30
|
+
# @return [::Array<::Grafeas::V1::Subject>]
|
31
|
+
# @!attribute [rw] predicate_type
|
32
|
+
# @return [::String]
|
33
|
+
# `https://slsa.dev/provenance/v0.1` for SlsaProvenance.
|
34
|
+
# @!attribute [rw] provenance
|
35
|
+
# @return [::Grafeas::V1::InTotoProvenance]
|
36
|
+
# @!attribute [rw] slsa_provenance
|
37
|
+
# @return [::Grafeas::V1::SlsaProvenance]
|
38
|
+
class InTotoStatement
|
39
|
+
include ::Google::Protobuf::MessageExts
|
40
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
41
|
+
end
|
42
|
+
|
43
|
+
# @!attribute [rw] name
|
44
|
+
# @return [::String]
|
45
|
+
# @!attribute [rw] digest
|
46
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
47
|
+
# `"<ALGORITHM>": "<HEX_VALUE>"`
|
48
|
+
# Algorithms can be e.g. sha256, sha512
|
49
|
+
# See
|
50
|
+
# https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
|
51
|
+
class Subject
|
52
|
+
include ::Google::Protobuf::MessageExts
|
53
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
54
|
+
|
55
|
+
# @!attribute [rw] key
|
56
|
+
# @return [::String]
|
57
|
+
# @!attribute [rw] value
|
58
|
+
# @return [::String]
|
59
|
+
class DigestEntry
|
60
|
+
include ::Google::Protobuf::MessageExts
|
61
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
@@ -101,6 +101,14 @@ module Grafeas
|
|
101
101
|
# @!attribute [rw] revision
|
102
102
|
# @return [::String]
|
103
103
|
# The iteration of the package build from the above version.
|
104
|
+
# @!attribute [rw] inclusive
|
105
|
+
# @return [::Boolean]
|
106
|
+
# Whether this version is specifying part of an inclusive range. Grafeas
|
107
|
+
# does not have the capability to specify version ranges; instead we have
|
108
|
+
# fields that specify start version and end versions. At times this is
|
109
|
+
# insufficient - we also need to specify whether the version is included in
|
110
|
+
# the range or is excluded from the range. This boolean is expected to be set
|
111
|
+
# to true when the version is included in a range.
|
104
112
|
# @!attribute [rw] kind
|
105
113
|
# @return [::Grafeas::V1::Version::VersionKind]
|
106
114
|
# Required. Distinguishes between sentinel MIN/MAX versions and normal
|
@@ -0,0 +1,318 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# Provenance of a build. Contains all information needed to verify the full
|
23
|
+
# details about the build from source to completion.
|
24
|
+
# @!attribute [rw] id
|
25
|
+
# @return [::String]
|
26
|
+
# Required. Unique identifier of the build.
|
27
|
+
# @!attribute [rw] project_id
|
28
|
+
# @return [::String]
|
29
|
+
# ID of the project.
|
30
|
+
# @!attribute [rw] commands
|
31
|
+
# @return [::Array<::Grafeas::V1::Command>]
|
32
|
+
# Commands requested by the build.
|
33
|
+
# @!attribute [rw] built_artifacts
|
34
|
+
# @return [::Array<::Grafeas::V1::Artifact>]
|
35
|
+
# Output of the build.
|
36
|
+
# @!attribute [rw] create_time
|
37
|
+
# @return [::Google::Protobuf::Timestamp]
|
38
|
+
# Time at which the build was created.
|
39
|
+
# @!attribute [rw] start_time
|
40
|
+
# @return [::Google::Protobuf::Timestamp]
|
41
|
+
# Time at which execution of the build was started.
|
42
|
+
# @!attribute [rw] end_time
|
43
|
+
# @return [::Google::Protobuf::Timestamp]
|
44
|
+
# Time at which execution of the build was finished.
|
45
|
+
# @!attribute [rw] creator
|
46
|
+
# @return [::String]
|
47
|
+
# E-mail address of the user who initiated this build. Note that this was the
|
48
|
+
# user's e-mail address at the time the build was initiated; this address may
|
49
|
+
# not represent the same end-user for all time.
|
50
|
+
# @!attribute [rw] logs_uri
|
51
|
+
# @return [::String]
|
52
|
+
# URI where any logs for this provenance were written.
|
53
|
+
# @!attribute [rw] source_provenance
|
54
|
+
# @return [::Grafeas::V1::Source]
|
55
|
+
# Details of the Source input to the build.
|
56
|
+
# @!attribute [rw] trigger_id
|
57
|
+
# @return [::String]
|
58
|
+
# Trigger identifier if the build was triggered automatically; empty if not.
|
59
|
+
# @!attribute [rw] build_options
|
60
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
61
|
+
# Special options applied to this build. This is a catch-all field where
|
62
|
+
# build providers can enter any desired additional details.
|
63
|
+
# @!attribute [rw] builder_version
|
64
|
+
# @return [::String]
|
65
|
+
# Version string of the builder at the time this build was executed.
|
66
|
+
class BuildProvenance
|
67
|
+
include ::Google::Protobuf::MessageExts
|
68
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
69
|
+
|
70
|
+
# @!attribute [rw] key
|
71
|
+
# @return [::String]
|
72
|
+
# @!attribute [rw] value
|
73
|
+
# @return [::String]
|
74
|
+
class BuildOptionsEntry
|
75
|
+
include ::Google::Protobuf::MessageExts
|
76
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
# Source describes the location of the source used for the build.
|
81
|
+
# @!attribute [rw] artifact_storage_source_uri
|
82
|
+
# @return [::String]
|
83
|
+
# If provided, the input binary artifacts for the build came from this
|
84
|
+
# location.
|
85
|
+
# @!attribute [rw] file_hashes
|
86
|
+
# @return [::Google::Protobuf::Map{::String => ::Grafeas::V1::FileHashes}]
|
87
|
+
# Hash(es) of the build source, which can be used to verify that the original
|
88
|
+
# source integrity was maintained in the build.
|
89
|
+
#
|
90
|
+
# The keys to this map are file paths used as build source and the values
|
91
|
+
# contain the hash values for those files.
|
92
|
+
#
|
93
|
+
# If the build source came in a single package such as a gzipped tarfile
|
94
|
+
# (.tar.gz), the FileHash will be for the single path to that file.
|
95
|
+
# @!attribute [rw] context
|
96
|
+
# @return [::Grafeas::V1::SourceContext]
|
97
|
+
# If provided, the source code used for the build came from this location.
|
98
|
+
# @!attribute [rw] additional_contexts
|
99
|
+
# @return [::Array<::Grafeas::V1::SourceContext>]
|
100
|
+
# If provided, some of the source code used for the build may be found in
|
101
|
+
# these locations, in the case where the source repository had multiple
|
102
|
+
# remotes or submodules. This list will not include the context specified in
|
103
|
+
# the context field.
|
104
|
+
class Source
|
105
|
+
include ::Google::Protobuf::MessageExts
|
106
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
107
|
+
|
108
|
+
# @!attribute [rw] key
|
109
|
+
# @return [::String]
|
110
|
+
# @!attribute [rw] value
|
111
|
+
# @return [::Grafeas::V1::FileHashes]
|
112
|
+
class FileHashesEntry
|
113
|
+
include ::Google::Protobuf::MessageExts
|
114
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
# Container message for hashes of byte content of files, used in source
|
119
|
+
# messages to verify integrity of source input to the build.
|
120
|
+
# @!attribute [rw] file_hash
|
121
|
+
# @return [::Array<::Grafeas::V1::Hash>]
|
122
|
+
# Required. Collection of file hashes.
|
123
|
+
class FileHashes
|
124
|
+
include ::Google::Protobuf::MessageExts
|
125
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
126
|
+
end
|
127
|
+
|
128
|
+
# Container message for hash values.
|
129
|
+
# @!attribute [rw] type
|
130
|
+
# @return [::String]
|
131
|
+
# Required. The type of hash that was performed, e.g. "SHA-256".
|
132
|
+
# @!attribute [rw] value
|
133
|
+
# @return [::String]
|
134
|
+
# Required. The hash value.
|
135
|
+
class Hash
|
136
|
+
include ::Google::Protobuf::MessageExts
|
137
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
138
|
+
end
|
139
|
+
|
140
|
+
# Command describes a step performed as part of the build pipeline.
|
141
|
+
# @!attribute [rw] name
|
142
|
+
# @return [::String]
|
143
|
+
# Required. Name of the command, as presented on the command line, or if the
|
144
|
+
# command is packaged as a Docker container, as presented to `docker pull`.
|
145
|
+
# @!attribute [rw] env
|
146
|
+
# @return [::Array<::String>]
|
147
|
+
# Environment variables set before running this command.
|
148
|
+
# @!attribute [rw] args
|
149
|
+
# @return [::Array<::String>]
|
150
|
+
# Command-line arguments used when executing this command.
|
151
|
+
# @!attribute [rw] dir
|
152
|
+
# @return [::String]
|
153
|
+
# Working directory (relative to project source root) used when running this
|
154
|
+
# command.
|
155
|
+
# @!attribute [rw] id
|
156
|
+
# @return [::String]
|
157
|
+
# Optional unique identifier for this command, used in wait_for to reference
|
158
|
+
# this command as a dependency.
|
159
|
+
# @!attribute [rw] wait_for
|
160
|
+
# @return [::Array<::String>]
|
161
|
+
# The ID(s) of the command(s) that this command depends on.
|
162
|
+
class Command
|
163
|
+
include ::Google::Protobuf::MessageExts
|
164
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
|
+
end
|
166
|
+
|
167
|
+
# Artifact describes a build product.
|
168
|
+
# @!attribute [rw] checksum
|
169
|
+
# @return [::String]
|
170
|
+
# Hash or checksum value of a binary, or Docker Registry 2.0 digest of a
|
171
|
+
# container.
|
172
|
+
# @!attribute [rw] id
|
173
|
+
# @return [::String]
|
174
|
+
# Artifact ID, if any; for container images, this will be a URL by digest
|
175
|
+
# like `gcr.io/projectID/imagename@sha256:123456`.
|
176
|
+
# @!attribute [rw] names
|
177
|
+
# @return [::Array<::String>]
|
178
|
+
# Related artifact names. This may be the path to a binary or jar file, or in
|
179
|
+
# the case of a container build, the name used to push the container image to
|
180
|
+
# Google Container Registry, as presented to `docker push`. Note that a
|
181
|
+
# single Artifact ID can have multiple names, for example if two tags are
|
182
|
+
# applied to one image.
|
183
|
+
class Artifact
|
184
|
+
include ::Google::Protobuf::MessageExts
|
185
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
186
|
+
end
|
187
|
+
|
188
|
+
# A SourceContext is a reference to a tree of files. A SourceContext together
|
189
|
+
# with a path point to a unique revision of a single file or directory.
|
190
|
+
# @!attribute [rw] cloud_repo
|
191
|
+
# @return [::Grafeas::V1::CloudRepoSourceContext]
|
192
|
+
# A SourceContext referring to a revision in a Google Cloud Source Repo.
|
193
|
+
# @!attribute [rw] gerrit
|
194
|
+
# @return [::Grafeas::V1::GerritSourceContext]
|
195
|
+
# A SourceContext referring to a Gerrit project.
|
196
|
+
# @!attribute [rw] git
|
197
|
+
# @return [::Grafeas::V1::GitSourceContext]
|
198
|
+
# A SourceContext referring to any third party Git repo (e.g., GitHub).
|
199
|
+
# @!attribute [rw] labels
|
200
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
201
|
+
# Labels with user defined metadata.
|
202
|
+
class SourceContext
|
203
|
+
include ::Google::Protobuf::MessageExts
|
204
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
205
|
+
|
206
|
+
# @!attribute [rw] key
|
207
|
+
# @return [::String]
|
208
|
+
# @!attribute [rw] value
|
209
|
+
# @return [::String]
|
210
|
+
class LabelsEntry
|
211
|
+
include ::Google::Protobuf::MessageExts
|
212
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
213
|
+
end
|
214
|
+
end
|
215
|
+
|
216
|
+
# An alias to a repo revision.
|
217
|
+
# @!attribute [rw] kind
|
218
|
+
# @return [::Grafeas::V1::AliasContext::Kind]
|
219
|
+
# The alias kind.
|
220
|
+
# @!attribute [rw] name
|
221
|
+
# @return [::String]
|
222
|
+
# The alias name.
|
223
|
+
class AliasContext
|
224
|
+
include ::Google::Protobuf::MessageExts
|
225
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
226
|
+
|
227
|
+
# The type of an alias.
|
228
|
+
module Kind
|
229
|
+
# Unknown.
|
230
|
+
KIND_UNSPECIFIED = 0
|
231
|
+
|
232
|
+
# Git tag.
|
233
|
+
FIXED = 1
|
234
|
+
|
235
|
+
# Git branch.
|
236
|
+
MOVABLE = 2
|
237
|
+
|
238
|
+
# Used to specify non-standard aliases. For example, if a Git repo has a
|
239
|
+
# ref named "refs/foo/bar".
|
240
|
+
OTHER = 4
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
# A CloudRepoSourceContext denotes a particular revision in a Google Cloud
|
245
|
+
# Source Repo.
|
246
|
+
# @!attribute [rw] repo_id
|
247
|
+
# @return [::Grafeas::V1::RepoId]
|
248
|
+
# The ID of the repo.
|
249
|
+
# @!attribute [rw] revision_id
|
250
|
+
# @return [::String]
|
251
|
+
# A revision ID.
|
252
|
+
# @!attribute [rw] alias_context
|
253
|
+
# @return [::Grafeas::V1::AliasContext]
|
254
|
+
# An alias, which may be a branch or tag.
|
255
|
+
class CloudRepoSourceContext
|
256
|
+
include ::Google::Protobuf::MessageExts
|
257
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
258
|
+
end
|
259
|
+
|
260
|
+
# A SourceContext referring to a Gerrit project.
|
261
|
+
# @!attribute [rw] host_uri
|
262
|
+
# @return [::String]
|
263
|
+
# The URI of a running Gerrit instance.
|
264
|
+
# @!attribute [rw] gerrit_project
|
265
|
+
# @return [::String]
|
266
|
+
# The full project name within the host. Projects may be nested, so
|
267
|
+
# "project/subproject" is a valid project name. The "repo name" is the
|
268
|
+
# hostURI/project.
|
269
|
+
# @!attribute [rw] revision_id
|
270
|
+
# @return [::String]
|
271
|
+
# A revision (commit) ID.
|
272
|
+
# @!attribute [rw] alias_context
|
273
|
+
# @return [::Grafeas::V1::AliasContext]
|
274
|
+
# An alias, which may be a branch or tag.
|
275
|
+
class GerritSourceContext
|
276
|
+
include ::Google::Protobuf::MessageExts
|
277
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
278
|
+
end
|
279
|
+
|
280
|
+
# A GitSourceContext denotes a particular revision in a third party Git
|
281
|
+
# repository (e.g., GitHub).
|
282
|
+
# @!attribute [rw] url
|
283
|
+
# @return [::String]
|
284
|
+
# Git repository URL.
|
285
|
+
# @!attribute [rw] revision_id
|
286
|
+
# @return [::String]
|
287
|
+
# Git commit hash.
|
288
|
+
class GitSourceContext
|
289
|
+
include ::Google::Protobuf::MessageExts
|
290
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
291
|
+
end
|
292
|
+
|
293
|
+
# A unique identifier for a Cloud Repo.
|
294
|
+
# @!attribute [rw] project_repo_id
|
295
|
+
# @return [::Grafeas::V1::ProjectRepoId]
|
296
|
+
# A combination of a project ID and a repo name.
|
297
|
+
# @!attribute [rw] uid
|
298
|
+
# @return [::String]
|
299
|
+
# A server-assigned, globally unique identifier.
|
300
|
+
class RepoId
|
301
|
+
include ::Google::Protobuf::MessageExts
|
302
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
303
|
+
end
|
304
|
+
|
305
|
+
# Selects a repo using a Google Cloud Platform project ID (e.g.,
|
306
|
+
# winged-cargo-31) and a repo name within that project.
|
307
|
+
# @!attribute [rw] project_id
|
308
|
+
# @return [::String]
|
309
|
+
# The ID of the project.
|
310
|
+
# @!attribute [rw] repo_name
|
311
|
+
# @return [::String]
|
312
|
+
# The name of the repo. Leave empty for the default repo.
|
313
|
+
class ProjectRepoId
|
314
|
+
include ::Google::Protobuf::MessageExts
|
315
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
316
|
+
end
|
317
|
+
end
|
318
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# Note provider assigned severity/impact ranking.
|
23
|
+
module Severity
|
24
|
+
# Unknown.
|
25
|
+
SEVERITY_UNSPECIFIED = 0
|
26
|
+
|
27
|
+
# Minimal severity.
|
28
|
+
MINIMAL = 1
|
29
|
+
|
30
|
+
# Low severity.
|
31
|
+
LOW = 2
|
32
|
+
|
33
|
+
# Medium severity.
|
34
|
+
MEDIUM = 3
|
35
|
+
|
36
|
+
# High severity.
|
37
|
+
HIGH = 4
|
38
|
+
|
39
|
+
# Critical severity.
|
40
|
+
CRITICAL = 5
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,152 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# @!attribute [rw] builder
|
23
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaBuilder]
|
24
|
+
# @!attribute [rw] recipe
|
25
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaRecipe]
|
26
|
+
# Identifies the configuration used for the build.
|
27
|
+
# When combined with materials, this SHOULD fully describe the build,
|
28
|
+
# such that re-running this recipe results in bit-for-bit identical output
|
29
|
+
# (if the build is reproducible).
|
30
|
+
# @!attribute [rw] metadata
|
31
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaMetadata]
|
32
|
+
# @!attribute [rw] materials
|
33
|
+
# @return [::Array<::Grafeas::V1::SlsaProvenance::Material>]
|
34
|
+
# The collection of artifacts that influenced the build including sources,
|
35
|
+
# dependencies, build tools, base images, and so on. This is considered to be
|
36
|
+
# incomplete unless metadata.completeness.materials is true. Unset or null is
|
37
|
+
# equivalent to empty.
|
38
|
+
class SlsaProvenance
|
39
|
+
include ::Google::Protobuf::MessageExts
|
40
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
41
|
+
|
42
|
+
# Steps taken to build the artifact.
|
43
|
+
# For a TaskRun, typically each container corresponds to one step in the
|
44
|
+
# recipe.
|
45
|
+
# @!attribute [rw] type
|
46
|
+
# @return [::String]
|
47
|
+
# URI indicating what type of recipe was performed. It determines the
|
48
|
+
# meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and
|
49
|
+
# materials.
|
50
|
+
# @!attribute [rw] defined_in_material
|
51
|
+
# @return [::Integer]
|
52
|
+
# Index in materials containing the recipe steps that are not implied by
|
53
|
+
# recipe.type. For example, if the recipe type were "make", then this would
|
54
|
+
# point to the source containing the Makefile, not the make program itself.
|
55
|
+
# Set to -1 if the recipe doesn't come from a material, as zero is default
|
56
|
+
# unset value for int64.
|
57
|
+
# @!attribute [rw] entry_point
|
58
|
+
# @return [::String]
|
59
|
+
# String identifying the entry point into the build.
|
60
|
+
# This is often a path to a configuration file and/or a target label within
|
61
|
+
# that file. The syntax and meaning are defined by recipe.type. For
|
62
|
+
# example, if the recipe type were "make", then this would reference the
|
63
|
+
# directory in which to run make as well as which target to use.
|
64
|
+
# @!attribute [rw] arguments
|
65
|
+
# @return [::Google::Protobuf::Any]
|
66
|
+
# Collection of all external inputs that influenced the build on top of
|
67
|
+
# recipe.definedInMaterial and recipe.entryPoint. For example, if the
|
68
|
+
# recipe type were "make", then this might be the flags passed to make
|
69
|
+
# aside from the target, which is captured in recipe.entryPoint. Depending
|
70
|
+
# on the recipe Type, the structure may be different.
|
71
|
+
# @!attribute [rw] environment
|
72
|
+
# @return [::Google::Protobuf::Any]
|
73
|
+
# Any other builder-controlled inputs necessary for correctly evaluating
|
74
|
+
# the recipe. Usually only needed for reproducing the build but not
|
75
|
+
# evaluated as part of policy. Depending on the recipe Type, the structure
|
76
|
+
# may be different.
|
77
|
+
class SlsaRecipe
|
78
|
+
include ::Google::Protobuf::MessageExts
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
|
82
|
+
# Indicates that the builder claims certain fields in this message to be
|
83
|
+
# complete.
|
84
|
+
# @!attribute [rw] arguments
|
85
|
+
# @return [::Boolean]
|
86
|
+
# If true, the builder claims that recipe.arguments is complete, meaning
|
87
|
+
# that all external inputs are properly captured in the recipe.
|
88
|
+
# @!attribute [rw] environment
|
89
|
+
# @return [::Boolean]
|
90
|
+
# If true, the builder claims that recipe.environment is claimed to be
|
91
|
+
# complete.
|
92
|
+
# @!attribute [rw] materials
|
93
|
+
# @return [::Boolean]
|
94
|
+
# If true, the builder claims that materials are complete, usually through
|
95
|
+
# some controls to prevent network access. Sometimes called "hermetic".
|
96
|
+
class SlsaCompleteness
|
97
|
+
include ::Google::Protobuf::MessageExts
|
98
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
99
|
+
end
|
100
|
+
|
101
|
+
# Other properties of the build.
|
102
|
+
# @!attribute [rw] build_invocation_id
|
103
|
+
# @return [::String]
|
104
|
+
# Identifies the particular build invocation, which can be useful for
|
105
|
+
# finding associated logs or other ad-hoc analysis. The value SHOULD be
|
106
|
+
# globally unique, per in-toto Provenance spec.
|
107
|
+
# @!attribute [rw] build_started_on
|
108
|
+
# @return [::Google::Protobuf::Timestamp]
|
109
|
+
# The timestamp of when the build started.
|
110
|
+
# @!attribute [rw] build_finished_on
|
111
|
+
# @return [::Google::Protobuf::Timestamp]
|
112
|
+
# The timestamp of when the build completed.
|
113
|
+
# @!attribute [rw] completeness
|
114
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaCompleteness]
|
115
|
+
# Indicates that the builder claims certain fields in this message to be
|
116
|
+
# complete.
|
117
|
+
# @!attribute [rw] reproducible
|
118
|
+
# @return [::Boolean]
|
119
|
+
# If true, the builder claims that running the recipe on materials will
|
120
|
+
# produce bit-for-bit identical output.
|
121
|
+
class SlsaMetadata
|
122
|
+
include ::Google::Protobuf::MessageExts
|
123
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
124
|
+
end
|
125
|
+
|
126
|
+
# @!attribute [rw] id
|
127
|
+
# @return [::String]
|
128
|
+
class SlsaBuilder
|
129
|
+
include ::Google::Protobuf::MessageExts
|
130
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
131
|
+
end
|
132
|
+
|
133
|
+
# @!attribute [rw] uri
|
134
|
+
# @return [::String]
|
135
|
+
# @!attribute [rw] digest
|
136
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
137
|
+
class Material
|
138
|
+
include ::Google::Protobuf::MessageExts
|
139
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
140
|
+
|
141
|
+
# @!attribute [rw] key
|
142
|
+
# @return [::String]
|
143
|
+
# @!attribute [rw] value
|
144
|
+
# @return [::String]
|
145
|
+
class DigestEntry
|
146
|
+
include ::Google::Protobuf::MessageExts
|
147
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|