google-cloud-container_analysis-v1 0.4.6 → 0.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +1 -1
- data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +3 -1
- data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +1 -1
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/grafeas/v1/attestation.rb +98 -0
- data/proto_docs/grafeas/v1/build.rb +64 -0
- data/proto_docs/grafeas/v1/compliance.rb +98 -0
- data/proto_docs/grafeas/v1/cvss.rb +105 -0
- data/proto_docs/grafeas/v1/deployment.rb +74 -0
- data/proto_docs/grafeas/v1/discovery.rb +95 -0
- data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
- data/proto_docs/grafeas/v1/grafeas.rb +419 -0
- data/proto_docs/grafeas/v1/image.rb +95 -0
- data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
- data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
- data/proto_docs/grafeas/v1/provenance.rb +318 -0
- data/proto_docs/grafeas/v1/severity.rb +43 -0
- data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
- data/proto_docs/grafeas/v1/upgrade.rb +148 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +1 -35
- metadata +25 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c43a62e17050d537cff4b2c65944b2b1923099f6c06a0ae8dd3d2ecf782daacc
|
4
|
+
data.tar.gz: 8b637b5e0210af995d7edcd781b09290e9e74515b327ad48f2344e77e7795a4c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7ee8eea2784b9b8900dfbb34a7071e6b17388a5036960488fb09136bd1a43a224f476b82586c1c707ca1778dffa73c3d572c8ab5222998965dc0827031faa79d
|
7
|
+
data.tar.gz: 5ae886224b1a0ce679044b2838887219655eac14f1131328dfc4d6fee584bbdfe76172006ff21f215b4e8095820b34ffd6be04e9ab860f4faa53be652974b689
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ request = ::Google::Iam::V1::SetIamPolicyRequest.new # (request fields as keywor
|
|
37
37
|
response = client.set_iam_policy request
|
38
38
|
```
|
39
39
|
|
40
|
-
View the [Client Library Documentation](https://
|
40
|
+
View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-container_analysis-v1/latest)
|
41
41
|
for class and method documentation.
|
42
42
|
|
43
43
|
See also the [Product Documentation](https://cloud.google.com/container-registry/docs/container-analysis)
|
@@ -472,7 +472,7 @@ module Google
|
|
472
472
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
473
473
|
#
|
474
474
|
# @param parent [::String]
|
475
|
-
# The name of the project to get a vulnerability summary for in the form of
|
475
|
+
# Required. The name of the project to get a vulnerability summary for in the form of
|
476
476
|
# `projects/[PROJECT_ID]`.
|
477
477
|
# @param filter [::String]
|
478
478
|
# The filter expression.
|
@@ -8,7 +8,9 @@ require 'google/api/resource_pb'
|
|
8
8
|
require 'google/iam/v1/iam_policy_pb'
|
9
9
|
require 'google/iam/v1/policy_pb'
|
10
10
|
require 'google/protobuf/timestamp_pb'
|
11
|
-
require 'grafeas/v1/
|
11
|
+
require 'grafeas/v1/common_pb'
|
12
|
+
require 'grafeas/v1/grafeas_pb'
|
13
|
+
require 'grafeas/v1/severity_pb'
|
12
14
|
require 'google/protobuf'
|
13
15
|
|
14
16
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -24,7 +24,7 @@ module Google
|
|
24
24
|
# Request to get a vulnerability summary for some set of occurrences.
|
25
25
|
# @!attribute [rw] parent
|
26
26
|
# @return [::String]
|
27
|
-
# The name of the project to get a vulnerability summary for in the form of
|
27
|
+
# Required. The name of the project to get a vulnerability summary for in the form of
|
28
28
|
# `projects/[PROJECT_ID]`.
|
29
29
|
# @!attribute [rw] filter
|
30
30
|
# @return [::String]
|
@@ -0,0 +1,141 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# `Any` contains an arbitrary serialized protocol buffer message along with a
|
23
|
+
# URL that describes the type of the serialized message.
|
24
|
+
#
|
25
|
+
# Protobuf library provides support to pack/unpack Any values in the form
|
26
|
+
# of utility functions or additional generated methods of the Any type.
|
27
|
+
#
|
28
|
+
# Example 1: Pack and unpack a message in C++.
|
29
|
+
#
|
30
|
+
# Foo foo = ...;
|
31
|
+
# Any any;
|
32
|
+
# any.PackFrom(foo);
|
33
|
+
# ...
|
34
|
+
# if (any.UnpackTo(&foo)) {
|
35
|
+
# ...
|
36
|
+
# }
|
37
|
+
#
|
38
|
+
# Example 2: Pack and unpack a message in Java.
|
39
|
+
#
|
40
|
+
# Foo foo = ...;
|
41
|
+
# Any any = Any.pack(foo);
|
42
|
+
# ...
|
43
|
+
# if (any.is(Foo.class)) {
|
44
|
+
# foo = any.unpack(Foo.class);
|
45
|
+
# }
|
46
|
+
#
|
47
|
+
# Example 3: Pack and unpack a message in Python.
|
48
|
+
#
|
49
|
+
# foo = Foo(...)
|
50
|
+
# any = Any()
|
51
|
+
# any.Pack(foo)
|
52
|
+
# ...
|
53
|
+
# if any.Is(Foo.DESCRIPTOR):
|
54
|
+
# any.Unpack(foo)
|
55
|
+
# ...
|
56
|
+
#
|
57
|
+
# Example 4: Pack and unpack a message in Go
|
58
|
+
#
|
59
|
+
# foo := &pb.Foo{...}
|
60
|
+
# any, err := anypb.New(foo)
|
61
|
+
# if err != nil {
|
62
|
+
# ...
|
63
|
+
# }
|
64
|
+
# ...
|
65
|
+
# foo := &pb.Foo{}
|
66
|
+
# if err := any.UnmarshalTo(foo); err != nil {
|
67
|
+
# ...
|
68
|
+
# }
|
69
|
+
#
|
70
|
+
# The pack methods provided by protobuf library will by default use
|
71
|
+
# 'type.googleapis.com/full.type.name' as the type URL and the unpack
|
72
|
+
# methods only use the fully qualified type name after the last '/'
|
73
|
+
# in the type URL, for example "foo.bar.com/x/y.z" will yield type
|
74
|
+
# name "y.z".
|
75
|
+
#
|
76
|
+
#
|
77
|
+
# JSON
|
78
|
+
# ====
|
79
|
+
# The JSON representation of an `Any` value uses the regular
|
80
|
+
# representation of the deserialized, embedded message, with an
|
81
|
+
# additional field `@type` which contains the type URL. Example:
|
82
|
+
#
|
83
|
+
# package google.profile;
|
84
|
+
# message Person {
|
85
|
+
# string first_name = 1;
|
86
|
+
# string last_name = 2;
|
87
|
+
# }
|
88
|
+
#
|
89
|
+
# {
|
90
|
+
# "@type": "type.googleapis.com/google.profile.Person",
|
91
|
+
# "firstName": <string>,
|
92
|
+
# "lastName": <string>
|
93
|
+
# }
|
94
|
+
#
|
95
|
+
# If the embedded message type is well-known and has a custom JSON
|
96
|
+
# representation, that representation will be embedded adding a field
|
97
|
+
# `value` which holds the custom JSON in addition to the `@type`
|
98
|
+
# field. Example (for message [google.protobuf.Duration][]):
|
99
|
+
#
|
100
|
+
# {
|
101
|
+
# "@type": "type.googleapis.com/google.protobuf.Duration",
|
102
|
+
# "value": "1.212s"
|
103
|
+
# }
|
104
|
+
# @!attribute [rw] type_url
|
105
|
+
# @return [::String]
|
106
|
+
# A URL/resource name that uniquely identifies the type of the serialized
|
107
|
+
# protocol buffer message. This string must contain at least
|
108
|
+
# one "/" character. The last segment of the URL's path must represent
|
109
|
+
# the fully qualified name of the type (as in
|
110
|
+
# `path/google.protobuf.Duration`). The name should be in a canonical form
|
111
|
+
# (e.g., leading "." is not accepted).
|
112
|
+
#
|
113
|
+
# In practice, teams usually precompile into the binary all types that they
|
114
|
+
# expect it to use in the context of Any. However, for URLs which use the
|
115
|
+
# scheme `http`, `https`, or no scheme, one can optionally set up a type
|
116
|
+
# server that maps type URLs to message definitions as follows:
|
117
|
+
#
|
118
|
+
# * If no scheme is provided, `https` is assumed.
|
119
|
+
# * An HTTP GET on the URL must yield a [google.protobuf.Type][]
|
120
|
+
# value in binary format, or produce an error.
|
121
|
+
# * Applications are allowed to cache lookup results based on the
|
122
|
+
# URL, or have them precompiled into a binary to avoid any
|
123
|
+
# lookup. Therefore, binary compatibility needs to be preserved
|
124
|
+
# on changes to types. (Use versioned type names to manage
|
125
|
+
# breaking changes.)
|
126
|
+
#
|
127
|
+
# Note: this functionality is not currently available in the official
|
128
|
+
# protobuf release, and it is not used for type URLs beginning with
|
129
|
+
# type.googleapis.com.
|
130
|
+
#
|
131
|
+
# Schemes other than `http`, `https` (or the empty scheme) might be
|
132
|
+
# used with implementation specific semantics.
|
133
|
+
# @!attribute [rw] value
|
134
|
+
# @return [::String]
|
135
|
+
# Must be a valid serialized protocol buffer of the above specified type.
|
136
|
+
class Any
|
137
|
+
include ::Google::Protobuf::MessageExts
|
138
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
139
|
+
end
|
140
|
+
end
|
141
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# A generic empty message that you can re-use to avoid defining duplicated
|
23
|
+
# empty messages in your APIs. A typical example is to use it as the request
|
24
|
+
# or the response type of an API method. For instance:
|
25
|
+
#
|
26
|
+
# service Foo {
|
27
|
+
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
|
28
|
+
# }
|
29
|
+
#
|
30
|
+
# The JSON representation for `Empty` is empty JSON object `{}`.
|
31
|
+
class Empty
|
32
|
+
include ::Google::Protobuf::MessageExts
|
33
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,229 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# `FieldMask` represents a set of symbolic field paths, for example:
|
23
|
+
#
|
24
|
+
# paths: "f.a"
|
25
|
+
# paths: "f.b.d"
|
26
|
+
#
|
27
|
+
# Here `f` represents a field in some root message, `a` and `b`
|
28
|
+
# fields in the message found in `f`, and `d` a field found in the
|
29
|
+
# message in `f.b`.
|
30
|
+
#
|
31
|
+
# Field masks are used to specify a subset of fields that should be
|
32
|
+
# returned by a get operation or modified by an update operation.
|
33
|
+
# Field masks also have a custom JSON encoding (see below).
|
34
|
+
#
|
35
|
+
# # Field Masks in Projections
|
36
|
+
#
|
37
|
+
# When used in the context of a projection, a response message or
|
38
|
+
# sub-message is filtered by the API to only contain those fields as
|
39
|
+
# specified in the mask. For example, if the mask in the previous
|
40
|
+
# example is applied to a response message as follows:
|
41
|
+
#
|
42
|
+
# f {
|
43
|
+
# a : 22
|
44
|
+
# b {
|
45
|
+
# d : 1
|
46
|
+
# x : 2
|
47
|
+
# }
|
48
|
+
# y : 13
|
49
|
+
# }
|
50
|
+
# z: 8
|
51
|
+
#
|
52
|
+
# The result will not contain specific values for fields x,y and z
|
53
|
+
# (their value will be set to the default, and omitted in proto text
|
54
|
+
# output):
|
55
|
+
#
|
56
|
+
#
|
57
|
+
# f {
|
58
|
+
# a : 22
|
59
|
+
# b {
|
60
|
+
# d : 1
|
61
|
+
# }
|
62
|
+
# }
|
63
|
+
#
|
64
|
+
# A repeated field is not allowed except at the last position of a
|
65
|
+
# paths string.
|
66
|
+
#
|
67
|
+
# If a FieldMask object is not present in a get operation, the
|
68
|
+
# operation applies to all fields (as if a FieldMask of all fields
|
69
|
+
# had been specified).
|
70
|
+
#
|
71
|
+
# Note that a field mask does not necessarily apply to the
|
72
|
+
# top-level response message. In case of a REST get operation, the
|
73
|
+
# field mask applies directly to the response, but in case of a REST
|
74
|
+
# list operation, the mask instead applies to each individual message
|
75
|
+
# in the returned resource list. In case of a REST custom method,
|
76
|
+
# other definitions may be used. Where the mask applies will be
|
77
|
+
# clearly documented together with its declaration in the API. In
|
78
|
+
# any case, the effect on the returned resource/resources is required
|
79
|
+
# behavior for APIs.
|
80
|
+
#
|
81
|
+
# # Field Masks in Update Operations
|
82
|
+
#
|
83
|
+
# A field mask in update operations specifies which fields of the
|
84
|
+
# targeted resource are going to be updated. The API is required
|
85
|
+
# to only change the values of the fields as specified in the mask
|
86
|
+
# and leave the others untouched. If a resource is passed in to
|
87
|
+
# describe the updated values, the API ignores the values of all
|
88
|
+
# fields not covered by the mask.
|
89
|
+
#
|
90
|
+
# If a repeated field is specified for an update operation, new values will
|
91
|
+
# be appended to the existing repeated field in the target resource. Note that
|
92
|
+
# a repeated field is only allowed in the last position of a `paths` string.
|
93
|
+
#
|
94
|
+
# If a sub-message is specified in the last position of the field mask for an
|
95
|
+
# update operation, then new value will be merged into the existing sub-message
|
96
|
+
# in the target resource.
|
97
|
+
#
|
98
|
+
# For example, given the target message:
|
99
|
+
#
|
100
|
+
# f {
|
101
|
+
# b {
|
102
|
+
# d: 1
|
103
|
+
# x: 2
|
104
|
+
# }
|
105
|
+
# c: [1]
|
106
|
+
# }
|
107
|
+
#
|
108
|
+
# And an update message:
|
109
|
+
#
|
110
|
+
# f {
|
111
|
+
# b {
|
112
|
+
# d: 10
|
113
|
+
# }
|
114
|
+
# c: [2]
|
115
|
+
# }
|
116
|
+
#
|
117
|
+
# then if the field mask is:
|
118
|
+
#
|
119
|
+
# paths: ["f.b", "f.c"]
|
120
|
+
#
|
121
|
+
# then the result will be:
|
122
|
+
#
|
123
|
+
# f {
|
124
|
+
# b {
|
125
|
+
# d: 10
|
126
|
+
# x: 2
|
127
|
+
# }
|
128
|
+
# c: [1, 2]
|
129
|
+
# }
|
130
|
+
#
|
131
|
+
# An implementation may provide options to override this default behavior for
|
132
|
+
# repeated and message fields.
|
133
|
+
#
|
134
|
+
# In order to reset a field's value to the default, the field must
|
135
|
+
# be in the mask and set to the default value in the provided resource.
|
136
|
+
# Hence, in order to reset all fields of a resource, provide a default
|
137
|
+
# instance of the resource and set all fields in the mask, or do
|
138
|
+
# not provide a mask as described below.
|
139
|
+
#
|
140
|
+
# If a field mask is not present on update, the operation applies to
|
141
|
+
# all fields (as if a field mask of all fields has been specified).
|
142
|
+
# Note that in the presence of schema evolution, this may mean that
|
143
|
+
# fields the client does not know and has therefore not filled into
|
144
|
+
# the request will be reset to their default. If this is unwanted
|
145
|
+
# behavior, a specific service may require a client to always specify
|
146
|
+
# a field mask, producing an error if not.
|
147
|
+
#
|
148
|
+
# As with get operations, the location of the resource which
|
149
|
+
# describes the updated values in the request message depends on the
|
150
|
+
# operation kind. In any case, the effect of the field mask is
|
151
|
+
# required to be honored by the API.
|
152
|
+
#
|
153
|
+
# ## Considerations for HTTP REST
|
154
|
+
#
|
155
|
+
# The HTTP kind of an update operation which uses a field mask must
|
156
|
+
# be set to PATCH instead of PUT in order to satisfy HTTP semantics
|
157
|
+
# (PUT must only be used for full updates).
|
158
|
+
#
|
159
|
+
# # JSON Encoding of Field Masks
|
160
|
+
#
|
161
|
+
# In JSON, a field mask is encoded as a single string where paths are
|
162
|
+
# separated by a comma. Fields name in each path are converted
|
163
|
+
# to/from lower-camel naming conventions.
|
164
|
+
#
|
165
|
+
# As an example, consider the following message declarations:
|
166
|
+
#
|
167
|
+
# message Profile {
|
168
|
+
# User user = 1;
|
169
|
+
# Photo photo = 2;
|
170
|
+
# }
|
171
|
+
# message User {
|
172
|
+
# string display_name = 1;
|
173
|
+
# string address = 2;
|
174
|
+
# }
|
175
|
+
#
|
176
|
+
# In proto a field mask for `Profile` may look as such:
|
177
|
+
#
|
178
|
+
# mask {
|
179
|
+
# paths: "user.display_name"
|
180
|
+
# paths: "photo"
|
181
|
+
# }
|
182
|
+
#
|
183
|
+
# In JSON, the same mask is represented as below:
|
184
|
+
#
|
185
|
+
# {
|
186
|
+
# mask: "user.displayName,photo"
|
187
|
+
# }
|
188
|
+
#
|
189
|
+
# # Field Masks and Oneof Fields
|
190
|
+
#
|
191
|
+
# Field masks treat fields in oneofs just as regular fields. Consider the
|
192
|
+
# following message:
|
193
|
+
#
|
194
|
+
# message SampleMessage {
|
195
|
+
# oneof test_oneof {
|
196
|
+
# string name = 4;
|
197
|
+
# SubMessage sub_message = 9;
|
198
|
+
# }
|
199
|
+
# }
|
200
|
+
#
|
201
|
+
# The field mask can be:
|
202
|
+
#
|
203
|
+
# mask {
|
204
|
+
# paths: "name"
|
205
|
+
# }
|
206
|
+
#
|
207
|
+
# Or:
|
208
|
+
#
|
209
|
+
# mask {
|
210
|
+
# paths: "sub_message"
|
211
|
+
# }
|
212
|
+
#
|
213
|
+
# Note that oneof type names ("test_oneof" in this case) cannot be used in
|
214
|
+
# paths.
|
215
|
+
#
|
216
|
+
# ## Field Mask Verification
|
217
|
+
#
|
218
|
+
# The implementation of any API method which has a FieldMask type field in the
|
219
|
+
# request should verify the included field paths, and return an
|
220
|
+
# `INVALID_ARGUMENT` error if any path is unmappable.
|
221
|
+
# @!attribute [rw] paths
|
222
|
+
# @return [::Array<::String>]
|
223
|
+
# The set of field mask paths.
|
224
|
+
class FieldMask
|
225
|
+
include ::Google::Protobuf::MessageExts
|
226
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
227
|
+
end
|
228
|
+
end
|
229
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Rpc
|
22
|
+
# The `Status` type defines a logical error model that is suitable for
|
23
|
+
# different programming environments, including REST APIs and RPC APIs. It is
|
24
|
+
# used by [gRPC](https://github.com/grpc). Each `Status` message contains
|
25
|
+
# three pieces of data: error code, error message, and error details.
|
26
|
+
#
|
27
|
+
# You can find out more about this error model and how to work with it in the
|
28
|
+
# [API Design Guide](https://cloud.google.com/apis/design/errors).
|
29
|
+
# @!attribute [rw] code
|
30
|
+
# @return [::Integer]
|
31
|
+
# The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
|
32
|
+
# @!attribute [rw] message
|
33
|
+
# @return [::String]
|
34
|
+
# A developer-facing error message, which should be in English. Any
|
35
|
+
# user-facing error message should be localized and sent in the
|
36
|
+
# {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
|
37
|
+
# @!attribute [rw] details
|
38
|
+
# @return [::Array<::Google::Protobuf::Any>]
|
39
|
+
# A list of messages that carry the error details. There is a common set of
|
40
|
+
# message types for APIs to use.
|
41
|
+
class Status
|
42
|
+
include ::Google::Protobuf::MessageExts
|
43
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,98 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# Note kind that represents a logical attestation "role" or "authority". For
|
23
|
+
# example, an organization might have one `Authority` for "QA" and one for
|
24
|
+
# "build". This note is intended to act strictly as a grouping mechanism for
|
25
|
+
# the attached occurrences (Attestations). This grouping mechanism also
|
26
|
+
# provides a security boundary, since IAM ACLs gate the ability for a principle
|
27
|
+
# to attach an occurrence to a given note. It also provides a single point of
|
28
|
+
# lookup to find all attached attestation occurrences, even if they don't all
|
29
|
+
# live in the same project.
|
30
|
+
# @!attribute [rw] hint
|
31
|
+
# @return [::Grafeas::V1::AttestationNote::Hint]
|
32
|
+
# Hint hints at the purpose of the attestation authority.
|
33
|
+
class AttestationNote
|
34
|
+
include ::Google::Protobuf::MessageExts
|
35
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
|
37
|
+
# This submessage provides human-readable hints about the purpose of the
|
38
|
+
# authority. Because the name of a note acts as its resource reference, it is
|
39
|
+
# important to disambiguate the canonical name of the Note (which might be a
|
40
|
+
# UUID for security purposes) from "readable" names more suitable for debug
|
41
|
+
# output. Note that these hints should not be used to look up authorities in
|
42
|
+
# security sensitive contexts, such as when looking up attestations to
|
43
|
+
# verify.
|
44
|
+
# @!attribute [rw] human_readable_name
|
45
|
+
# @return [::String]
|
46
|
+
# Required. The human readable name of this attestation authority, for
|
47
|
+
# example "qa".
|
48
|
+
class Hint
|
49
|
+
include ::Google::Protobuf::MessageExts
|
50
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
# @!attribute [rw] compact_jwt
|
55
|
+
# @return [::String]
|
56
|
+
# The compact encoding of a JWS, which is always three base64 encoded strings
|
57
|
+
# joined by periods. For details, see:
|
58
|
+
# https://tools.ietf.org/html/rfc7515.html#section-3.1
|
59
|
+
class Jwt
|
60
|
+
include ::Google::Protobuf::MessageExts
|
61
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
62
|
+
end
|
63
|
+
|
64
|
+
# Occurrence that represents a single "attestation". The authenticity of an
|
65
|
+
# attestation can be verified using the attached signature. If the verifier
|
66
|
+
# trusts the public key of the signer, then verifying the signature is
|
67
|
+
# sufficient to establish trust. In this circumstance, the authority to which
|
68
|
+
# this attestation is attached is primarily useful for lookup (how to find
|
69
|
+
# this attestation if you already know the authority and artifact to be
|
70
|
+
# verified) and intent (for which authority this attestation was intended to
|
71
|
+
# sign.
|
72
|
+
# @!attribute [rw] serialized_payload
|
73
|
+
# @return [::String]
|
74
|
+
# Required. The serialized payload that is verified by one or more
|
75
|
+
# `signatures`.
|
76
|
+
# @!attribute [rw] signatures
|
77
|
+
# @return [::Array<::Grafeas::V1::Signature>]
|
78
|
+
# One or more signatures over `serialized_payload`. Verifier implementations
|
79
|
+
# should consider this attestation message verified if at least one
|
80
|
+
# `signature` verifies `serialized_payload`. See `Signature` in common.proto
|
81
|
+
# for more details on signature structure and verification.
|
82
|
+
# @!attribute [rw] jwts
|
83
|
+
# @return [::Array<::Grafeas::V1::Jwt>]
|
84
|
+
# One or more JWTs encoding a self-contained attestation.
|
85
|
+
# Each JWT encodes the payload that it verifies within the JWT itself.
|
86
|
+
# Verifier implementation SHOULD ignore the `serialized_payload` field
|
87
|
+
# when verifying these JWTs.
|
88
|
+
# If only JWTs are present on this AttestationOccurrence, then the
|
89
|
+
# `serialized_payload` SHOULD be left empty.
|
90
|
+
# Each JWT SHOULD encode a claim specific to the `resource_uri` of this
|
91
|
+
# Occurrence, but this is not validated by Grafeas metadata API
|
92
|
+
# implementations. The JWT itself is opaque to Grafeas.
|
93
|
+
class AttestationOccurrence
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
@@ -0,0 +1,64 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# Note holding the version of the provider's builder and the signature of the
|
23
|
+
# provenance message in the build details occurrence.
|
24
|
+
# @!attribute [rw] builder_version
|
25
|
+
# @return [::String]
|
26
|
+
# Required. Immutable. Version of the builder which produced this build.
|
27
|
+
class BuildNote
|
28
|
+
include ::Google::Protobuf::MessageExts
|
29
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
30
|
+
end
|
31
|
+
|
32
|
+
# Details of a build occurrence.
|
33
|
+
# @!attribute [rw] provenance
|
34
|
+
# @return [::Grafeas::V1::BuildProvenance]
|
35
|
+
# The actual provenance for the build.
|
36
|
+
# @!attribute [rw] provenance_bytes
|
37
|
+
# @return [::String]
|
38
|
+
# Serialized JSON representation of the provenance, used in generating the
|
39
|
+
# build signature in the corresponding build note. After verifying the
|
40
|
+
# signature, `provenance_bytes` can be unmarshalled and compared to the
|
41
|
+
# provenance to confirm that it is unchanged. A base64-encoded string
|
42
|
+
# representation of the provenance bytes is used for the signature in order
|
43
|
+
# to interoperate with openssl which expects this format for signature
|
44
|
+
# verification.
|
45
|
+
#
|
46
|
+
# The serialized form is captured both to avoid ambiguity in how the
|
47
|
+
# provenance is marshalled to json as well to prevent incompatibilities with
|
48
|
+
# future changes.
|
49
|
+
# @!attribute [rw] intoto_provenance
|
50
|
+
# @return [::Grafeas::V1::InTotoProvenance]
|
51
|
+
# Deprecated. See InTotoStatement for the replacement.
|
52
|
+
# In-toto Provenance representation as defined in spec.
|
53
|
+
# @!attribute [rw] intoto_statement
|
54
|
+
# @return [::Grafeas::V1::InTotoStatement]
|
55
|
+
# In-toto Statement representation as defined in spec.
|
56
|
+
# The intoto_statement can contain any type of provenance. The serialized
|
57
|
+
# payload of the statement can be stored and signed in the Occurrence's
|
58
|
+
# envelope.
|
59
|
+
class BuildOccurrence
|
60
|
+
include ::Google::Protobuf::MessageExts
|
61
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|