google-cloud-container_analysis-v1 0.4.7 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +8 -2
- data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
- data/lib/google/cloud/container_analysis/v1.rb +2 -0
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +0 -3
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +6 -33
- data/proto_docs/google/protobuf/any.rb +0 -141
- data/proto_docs/google/protobuf/empty.rb +0 -36
- data/proto_docs/google/protobuf/timestamp.rb +0 -129
- data/proto_docs/google/rpc/status.rb +0 -46
- data/proto_docs/grafeas/v1/attestation.rb +0 -98
- data/proto_docs/grafeas/v1/build.rb +0 -64
- data/proto_docs/grafeas/v1/common.rb +0 -147
- data/proto_docs/grafeas/v1/compliance.rb +0 -98
- data/proto_docs/grafeas/v1/cvss.rb +0 -216
- data/proto_docs/grafeas/v1/deployment.rb +0 -74
- data/proto_docs/grafeas/v1/discovery.rb +0 -95
- data/proto_docs/grafeas/v1/dsse_attestation.rb +0 -59
- data/proto_docs/grafeas/v1/grafeas.rb +0 -419
- data/proto_docs/grafeas/v1/image.rb +0 -95
- data/proto_docs/grafeas/v1/intoto_provenance.rb +0 -134
- data/proto_docs/grafeas/v1/intoto_statement.rb +0 -65
- data/proto_docs/grafeas/v1/package.rb +0 -152
- data/proto_docs/grafeas/v1/provenance.rb +0 -318
- data/proto_docs/grafeas/v1/slsa_provenance.rb +0 -152
- data/proto_docs/grafeas/v1/upgrade.rb +0 -148
- data/proto_docs/grafeas/v1/vulnerability.rb +0 -249
@@ -1,36 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2022 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Google
|
21
|
-
module Protobuf
|
22
|
-
# A generic empty message that you can re-use to avoid defining duplicated
|
23
|
-
# empty messages in your APIs. A typical example is to use it as the request
|
24
|
-
# or the response type of an API method. For instance:
|
25
|
-
#
|
26
|
-
# service Foo {
|
27
|
-
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
|
28
|
-
# }
|
29
|
-
#
|
30
|
-
# The JSON representation for `Empty` is empty JSON object `{}`.
|
31
|
-
class Empty
|
32
|
-
include ::Google::Protobuf::MessageExts
|
33
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
@@ -1,129 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2020 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Google
|
21
|
-
module Protobuf
|
22
|
-
# A Timestamp represents a point in time independent of any time zone or local
|
23
|
-
# calendar, encoded as a count of seconds and fractions of seconds at
|
24
|
-
# nanosecond resolution. The count is relative to an epoch at UTC midnight on
|
25
|
-
# January 1, 1970, in the proleptic Gregorian calendar which extends the
|
26
|
-
# Gregorian calendar backwards to year one.
|
27
|
-
#
|
28
|
-
# All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
|
29
|
-
# second table is needed for interpretation, using a [24-hour linear
|
30
|
-
# smear](https://developers.google.com/time/smear).
|
31
|
-
#
|
32
|
-
# The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
|
33
|
-
# restricting to that range, we ensure that we can convert to and from [RFC
|
34
|
-
# 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
|
35
|
-
#
|
36
|
-
# # Examples
|
37
|
-
#
|
38
|
-
# Example 1: Compute Timestamp from POSIX `time()`.
|
39
|
-
#
|
40
|
-
# Timestamp timestamp;
|
41
|
-
# timestamp.set_seconds(time(NULL));
|
42
|
-
# timestamp.set_nanos(0);
|
43
|
-
#
|
44
|
-
# Example 2: Compute Timestamp from POSIX `gettimeofday()`.
|
45
|
-
#
|
46
|
-
# struct timeval tv;
|
47
|
-
# gettimeofday(&tv, NULL);
|
48
|
-
#
|
49
|
-
# Timestamp timestamp;
|
50
|
-
# timestamp.set_seconds(tv.tv_sec);
|
51
|
-
# timestamp.set_nanos(tv.tv_usec * 1000);
|
52
|
-
#
|
53
|
-
# Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`.
|
54
|
-
#
|
55
|
-
# FILETIME ft;
|
56
|
-
# GetSystemTimeAsFileTime(&ft);
|
57
|
-
# UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime;
|
58
|
-
#
|
59
|
-
# // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z
|
60
|
-
# // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z.
|
61
|
-
# Timestamp timestamp;
|
62
|
-
# timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL));
|
63
|
-
# timestamp.set_nanos((INT32) ((ticks % 10000000) * 100));
|
64
|
-
#
|
65
|
-
# Example 4: Compute Timestamp from Java `System.currentTimeMillis()`.
|
66
|
-
#
|
67
|
-
# long millis = System.currentTimeMillis();
|
68
|
-
#
|
69
|
-
# Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
|
70
|
-
# .setNanos((int) ((millis % 1000) * 1000000)).build();
|
71
|
-
#
|
72
|
-
#
|
73
|
-
# Example 5: Compute Timestamp from Java `Instant.now()`.
|
74
|
-
#
|
75
|
-
# Instant now = Instant.now();
|
76
|
-
#
|
77
|
-
# Timestamp timestamp =
|
78
|
-
# Timestamp.newBuilder().setSeconds(now.getEpochSecond())
|
79
|
-
# .setNanos(now.getNano()).build();
|
80
|
-
#
|
81
|
-
#
|
82
|
-
# Example 6: Compute Timestamp from current time in Python.
|
83
|
-
#
|
84
|
-
# timestamp = Timestamp()
|
85
|
-
# timestamp.GetCurrentTime()
|
86
|
-
#
|
87
|
-
# # JSON Mapping
|
88
|
-
#
|
89
|
-
# In JSON format, the Timestamp type is encoded as a string in the
|
90
|
-
# [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the
|
91
|
-
# format is "\\{year}-\\{month}-\\{day}T\\{hour}:\\{min}:\\{sec}[.\\{frac_sec}]Z"
|
92
|
-
# where \\{year} is always expressed using four digits while \\{month}, \\{day},
|
93
|
-
# \\{hour}, \\{min}, and \\{sec} are zero-padded to two digits each. The fractional
|
94
|
-
# seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution),
|
95
|
-
# are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone
|
96
|
-
# is required. A proto3 JSON serializer should always use UTC (as indicated by
|
97
|
-
# "Z") when printing the Timestamp type and a proto3 JSON parser should be
|
98
|
-
# able to accept both UTC and other timezones (as indicated by an offset).
|
99
|
-
#
|
100
|
-
# For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past
|
101
|
-
# 01:30 UTC on January 15, 2017.
|
102
|
-
#
|
103
|
-
# In JavaScript, one can convert a Date object to this format using the
|
104
|
-
# standard
|
105
|
-
# [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
|
106
|
-
# method. In Python, a standard `datetime.datetime` object can be converted
|
107
|
-
# to this format using
|
108
|
-
# [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
|
109
|
-
# the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
|
110
|
-
# the Joda Time's [`ISODateTimeFormat.dateTime()`](
|
111
|
-
# http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
|
112
|
-
# ) to obtain a formatter capable of generating timestamps in this format.
|
113
|
-
# @!attribute [rw] seconds
|
114
|
-
# @return [::Integer]
|
115
|
-
# Represents seconds of UTC time since Unix epoch
|
116
|
-
# 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
|
117
|
-
# 9999-12-31T23:59:59Z inclusive.
|
118
|
-
# @!attribute [rw] nanos
|
119
|
-
# @return [::Integer]
|
120
|
-
# Non-negative fractions of a second at nanosecond resolution. Negative
|
121
|
-
# second values with fractions must still have non-negative nanos values
|
122
|
-
# that count forward in time. Must be from 0 to 999,999,999
|
123
|
-
# inclusive.
|
124
|
-
class Timestamp
|
125
|
-
include ::Google::Protobuf::MessageExts
|
126
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
127
|
-
end
|
128
|
-
end
|
129
|
-
end
|
@@ -1,46 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2022 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Google
|
21
|
-
module Rpc
|
22
|
-
# The `Status` type defines a logical error model that is suitable for
|
23
|
-
# different programming environments, including REST APIs and RPC APIs. It is
|
24
|
-
# used by [gRPC](https://github.com/grpc). Each `Status` message contains
|
25
|
-
# three pieces of data: error code, error message, and error details.
|
26
|
-
#
|
27
|
-
# You can find out more about this error model and how to work with it in the
|
28
|
-
# [API Design Guide](https://cloud.google.com/apis/design/errors).
|
29
|
-
# @!attribute [rw] code
|
30
|
-
# @return [::Integer]
|
31
|
-
# The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
|
32
|
-
# @!attribute [rw] message
|
33
|
-
# @return [::String]
|
34
|
-
# A developer-facing error message, which should be in English. Any
|
35
|
-
# user-facing error message should be localized and sent in the
|
36
|
-
# {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
|
37
|
-
# @!attribute [rw] details
|
38
|
-
# @return [::Array<::Google::Protobuf::Any>]
|
39
|
-
# A list of messages that carry the error details. There is a common set of
|
40
|
-
# message types for APIs to use.
|
41
|
-
class Status
|
42
|
-
include ::Google::Protobuf::MessageExts
|
43
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|
@@ -1,98 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2022 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Grafeas
|
21
|
-
module V1
|
22
|
-
# Note kind that represents a logical attestation "role" or "authority". For
|
23
|
-
# example, an organization might have one `Authority` for "QA" and one for
|
24
|
-
# "build". This note is intended to act strictly as a grouping mechanism for
|
25
|
-
# the attached occurrences (Attestations). This grouping mechanism also
|
26
|
-
# provides a security boundary, since IAM ACLs gate the ability for a principle
|
27
|
-
# to attach an occurrence to a given note. It also provides a single point of
|
28
|
-
# lookup to find all attached attestation occurrences, even if they don't all
|
29
|
-
# live in the same project.
|
30
|
-
# @!attribute [rw] hint
|
31
|
-
# @return [::Grafeas::V1::AttestationNote::Hint]
|
32
|
-
# Hint hints at the purpose of the attestation authority.
|
33
|
-
class AttestationNote
|
34
|
-
include ::Google::Protobuf::MessageExts
|
35
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
-
|
37
|
-
# This submessage provides human-readable hints about the purpose of the
|
38
|
-
# authority. Because the name of a note acts as its resource reference, it is
|
39
|
-
# important to disambiguate the canonical name of the Note (which might be a
|
40
|
-
# UUID for security purposes) from "readable" names more suitable for debug
|
41
|
-
# output. Note that these hints should not be used to look up authorities in
|
42
|
-
# security sensitive contexts, such as when looking up attestations to
|
43
|
-
# verify.
|
44
|
-
# @!attribute [rw] human_readable_name
|
45
|
-
# @return [::String]
|
46
|
-
# Required. The human readable name of this attestation authority, for
|
47
|
-
# example "qa".
|
48
|
-
class Hint
|
49
|
-
include ::Google::Protobuf::MessageExts
|
50
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
# @!attribute [rw] compact_jwt
|
55
|
-
# @return [::String]
|
56
|
-
# The compact encoding of a JWS, which is always three base64 encoded strings
|
57
|
-
# joined by periods. For details, see:
|
58
|
-
# https://tools.ietf.org/html/rfc7515.html#section-3.1
|
59
|
-
class Jwt
|
60
|
-
include ::Google::Protobuf::MessageExts
|
61
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
62
|
-
end
|
63
|
-
|
64
|
-
# Occurrence that represents a single "attestation". The authenticity of an
|
65
|
-
# attestation can be verified using the attached signature. If the verifier
|
66
|
-
# trusts the public key of the signer, then verifying the signature is
|
67
|
-
# sufficient to establish trust. In this circumstance, the authority to which
|
68
|
-
# this attestation is attached is primarily useful for lookup (how to find
|
69
|
-
# this attestation if you already know the authority and artifact to be
|
70
|
-
# verified) and intent (for which authority this attestation was intended to
|
71
|
-
# sign.
|
72
|
-
# @!attribute [rw] serialized_payload
|
73
|
-
# @return [::String]
|
74
|
-
# Required. The serialized payload that is verified by one or more
|
75
|
-
# `signatures`.
|
76
|
-
# @!attribute [rw] signatures
|
77
|
-
# @return [::Array<::Grafeas::V1::Signature>]
|
78
|
-
# One or more signatures over `serialized_payload`. Verifier implementations
|
79
|
-
# should consider this attestation message verified if at least one
|
80
|
-
# `signature` verifies `serialized_payload`. See `Signature` in common.proto
|
81
|
-
# for more details on signature structure and verification.
|
82
|
-
# @!attribute [rw] jwts
|
83
|
-
# @return [::Array<::Grafeas::V1::Jwt>]
|
84
|
-
# One or more JWTs encoding a self-contained attestation.
|
85
|
-
# Each JWT encodes the payload that it verifies within the JWT itself.
|
86
|
-
# Verifier implementation SHOULD ignore the `serialized_payload` field
|
87
|
-
# when verifying these JWTs.
|
88
|
-
# If only JWTs are present on this AttestationOccurrence, then the
|
89
|
-
# `serialized_payload` SHOULD be left empty.
|
90
|
-
# Each JWT SHOULD encode a claim specific to the `resource_uri` of this
|
91
|
-
# Occurrence, but this is not validated by Grafeas metadata API
|
92
|
-
# implementations. The JWT itself is opaque to Grafeas.
|
93
|
-
class AttestationOccurrence
|
94
|
-
include ::Google::Protobuf::MessageExts
|
95
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
@@ -1,64 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2022 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Grafeas
|
21
|
-
module V1
|
22
|
-
# Note holding the version of the provider's builder and the signature of the
|
23
|
-
# provenance message in the build details occurrence.
|
24
|
-
# @!attribute [rw] builder_version
|
25
|
-
# @return [::String]
|
26
|
-
# Required. Immutable. Version of the builder which produced this build.
|
27
|
-
class BuildNote
|
28
|
-
include ::Google::Protobuf::MessageExts
|
29
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
30
|
-
end
|
31
|
-
|
32
|
-
# Details of a build occurrence.
|
33
|
-
# @!attribute [rw] provenance
|
34
|
-
# @return [::Grafeas::V1::BuildProvenance]
|
35
|
-
# The actual provenance for the build.
|
36
|
-
# @!attribute [rw] provenance_bytes
|
37
|
-
# @return [::String]
|
38
|
-
# Serialized JSON representation of the provenance, used in generating the
|
39
|
-
# build signature in the corresponding build note. After verifying the
|
40
|
-
# signature, `provenance_bytes` can be unmarshalled and compared to the
|
41
|
-
# provenance to confirm that it is unchanged. A base64-encoded string
|
42
|
-
# representation of the provenance bytes is used for the signature in order
|
43
|
-
# to interoperate with openssl which expects this format for signature
|
44
|
-
# verification.
|
45
|
-
#
|
46
|
-
# The serialized form is captured both to avoid ambiguity in how the
|
47
|
-
# provenance is marshalled to json as well to prevent incompatibilities with
|
48
|
-
# future changes.
|
49
|
-
# @!attribute [rw] intoto_provenance
|
50
|
-
# @return [::Grafeas::V1::InTotoProvenance]
|
51
|
-
# Deprecated. See InTotoStatement for the replacement.
|
52
|
-
# In-toto Provenance representation as defined in spec.
|
53
|
-
# @!attribute [rw] intoto_statement
|
54
|
-
# @return [::Grafeas::V1::InTotoStatement]
|
55
|
-
# In-toto Statement representation as defined in spec.
|
56
|
-
# The intoto_statement can contain any type of provenance. The serialized
|
57
|
-
# payload of the statement can be stored and signed in the Occurrence's
|
58
|
-
# envelope.
|
59
|
-
class BuildOccurrence
|
60
|
-
include ::Google::Protobuf::MessageExts
|
61
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
62
|
-
end
|
63
|
-
end
|
64
|
-
end
|
@@ -1,147 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2020 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Grafeas
|
21
|
-
module V1
|
22
|
-
# Metadata for any related URL information.
|
23
|
-
# @!attribute [rw] url
|
24
|
-
# @return [::String]
|
25
|
-
# Specific URL associated with the resource.
|
26
|
-
# @!attribute [rw] label
|
27
|
-
# @return [::String]
|
28
|
-
# Label to describe usage of the URL.
|
29
|
-
class RelatedUrl
|
30
|
-
include ::Google::Protobuf::MessageExts
|
31
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
32
|
-
end
|
33
|
-
|
34
|
-
# Verifiers (e.g. Kritis implementations) MUST verify signatures
|
35
|
-
# with respect to the trust anchors defined in policy (e.g. a Kritis policy).
|
36
|
-
# Typically this means that the verifier has been configured with a map from
|
37
|
-
# `public_key_id` to public key material (and any required parameters, e.g.
|
38
|
-
# signing algorithm).
|
39
|
-
#
|
40
|
-
# In particular, verification implementations MUST NOT treat the signature
|
41
|
-
# `public_key_id` as anything more than a key lookup hint. The `public_key_id`
|
42
|
-
# DOES NOT validate or authenticate a public key; it only provides a mechanism
|
43
|
-
# for quickly selecting a public key ALREADY CONFIGURED on the verifier through
|
44
|
-
# a trusted channel. Verification implementations MUST reject signatures in any
|
45
|
-
# of the following circumstances:
|
46
|
-
# * The `public_key_id` is not recognized by the verifier.
|
47
|
-
# * The public key that `public_key_id` refers to does not verify the
|
48
|
-
# signature with respect to the payload.
|
49
|
-
#
|
50
|
-
# The `signature` contents SHOULD NOT be "attached" (where the payload is
|
51
|
-
# included with the serialized `signature` bytes). Verifiers MUST ignore any
|
52
|
-
# "attached" payload and only verify signatures with respect to explicitly
|
53
|
-
# provided payload (e.g. a `payload` field on the proto message that holds
|
54
|
-
# this Signature, or the canonical serialization of the proto message that
|
55
|
-
# holds this signature).
|
56
|
-
# @!attribute [rw] signature
|
57
|
-
# @return [::String]
|
58
|
-
# The content of the signature, an opaque bytestring.
|
59
|
-
# The payload that this signature verifies MUST be unambiguously provided
|
60
|
-
# with the Signature during verification. A wrapper message might provide
|
61
|
-
# the payload explicitly. Alternatively, a message might have a canonical
|
62
|
-
# serialization that can always be unambiguously computed to derive the
|
63
|
-
# payload.
|
64
|
-
# @!attribute [rw] public_key_id
|
65
|
-
# @return [::String]
|
66
|
-
# The identifier for the public key that verifies this signature.
|
67
|
-
# * The `public_key_id` is required.
|
68
|
-
# * The `public_key_id` SHOULD be an RFC3986 conformant URI.
|
69
|
-
# * When possible, the `public_key_id` SHOULD be an immutable reference,
|
70
|
-
# such as a cryptographic digest.
|
71
|
-
#
|
72
|
-
# Examples of valid `public_key_id`s:
|
73
|
-
#
|
74
|
-
# OpenPGP V4 public key fingerprint:
|
75
|
-
# * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
|
76
|
-
# See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
|
77
|
-
# details on this scheme.
|
78
|
-
#
|
79
|
-
# RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
|
80
|
-
# serialization):
|
81
|
-
# * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
|
82
|
-
# * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
|
83
|
-
class Signature
|
84
|
-
include ::Google::Protobuf::MessageExts
|
85
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
86
|
-
end
|
87
|
-
|
88
|
-
# MUST match
|
89
|
-
# https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An
|
90
|
-
# authenticated message of arbitrary type.
|
91
|
-
# @!attribute [rw] payload
|
92
|
-
# @return [::String]
|
93
|
-
# @!attribute [rw] payload_type
|
94
|
-
# @return [::String]
|
95
|
-
# @!attribute [rw] signatures
|
96
|
-
# @return [::Array<::Grafeas::V1::EnvelopeSignature>]
|
97
|
-
class Envelope
|
98
|
-
include ::Google::Protobuf::MessageExts
|
99
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
100
|
-
end
|
101
|
-
|
102
|
-
# @!attribute [rw] sig
|
103
|
-
# @return [::String]
|
104
|
-
# @!attribute [rw] keyid
|
105
|
-
# @return [::String]
|
106
|
-
class EnvelopeSignature
|
107
|
-
include ::Google::Protobuf::MessageExts
|
108
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
109
|
-
end
|
110
|
-
|
111
|
-
# Kind represents the kinds of notes supported.
|
112
|
-
module NoteKind
|
113
|
-
# Default value. This value is unused.
|
114
|
-
NOTE_KIND_UNSPECIFIED = 0
|
115
|
-
|
116
|
-
# The note and occurrence represent a package vulnerability.
|
117
|
-
VULNERABILITY = 1
|
118
|
-
|
119
|
-
# The note and occurrence assert build provenance.
|
120
|
-
BUILD = 2
|
121
|
-
|
122
|
-
# This represents an image basis relationship.
|
123
|
-
IMAGE = 3
|
124
|
-
|
125
|
-
# This represents a package installed via a package manager.
|
126
|
-
PACKAGE = 4
|
127
|
-
|
128
|
-
# The note and occurrence track deployment events.
|
129
|
-
DEPLOYMENT = 5
|
130
|
-
|
131
|
-
# The note and occurrence track the initial discovery status of a resource.
|
132
|
-
DISCOVERY = 6
|
133
|
-
|
134
|
-
# This represents a logical "role" that can attest to artifacts.
|
135
|
-
ATTESTATION = 7
|
136
|
-
|
137
|
-
# This represents an available package upgrade.
|
138
|
-
UPGRADE = 8
|
139
|
-
|
140
|
-
# This represents a Compliance Note
|
141
|
-
COMPLIANCE = 9
|
142
|
-
|
143
|
-
# This represents a DSSE attestation Note
|
144
|
-
DSSE_ATTESTATION = 10
|
145
|
-
end
|
146
|
-
end
|
147
|
-
end
|
@@ -1,98 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2022 Google LLC
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
-
|
19
|
-
|
20
|
-
module Grafeas
|
21
|
-
module V1
|
22
|
-
# @!attribute [rw] title
|
23
|
-
# @return [::String]
|
24
|
-
# The title that identifies this compliance check.
|
25
|
-
# @!attribute [rw] description
|
26
|
-
# @return [::String]
|
27
|
-
# A description about this compliance check.
|
28
|
-
# @!attribute [rw] version
|
29
|
-
# @return [::Array<::Grafeas::V1::ComplianceVersion>]
|
30
|
-
# The OS and config versions the benchmark applies to.
|
31
|
-
# @!attribute [rw] rationale
|
32
|
-
# @return [::String]
|
33
|
-
# A rationale for the existence of this compliance check.
|
34
|
-
# @!attribute [rw] remediation
|
35
|
-
# @return [::String]
|
36
|
-
# A description of remediation steps if the compliance check fails.
|
37
|
-
# @!attribute [rw] cis_benchmark
|
38
|
-
# @return [::Grafeas::V1::ComplianceNote::CisBenchmark]
|
39
|
-
# @!attribute [rw] scan_instructions
|
40
|
-
# @return [::String]
|
41
|
-
# Serialized scan instructions with a predefined format.
|
42
|
-
class ComplianceNote
|
43
|
-
include ::Google::Protobuf::MessageExts
|
44
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
45
|
-
|
46
|
-
# A compliance check that is a CIS benchmark.
|
47
|
-
# @!attribute [rw] profile_level
|
48
|
-
# @return [::Integer]
|
49
|
-
# @!attribute [rw] severity
|
50
|
-
# @return [::Grafeas::V1::Severity]
|
51
|
-
class CisBenchmark
|
52
|
-
include ::Google::Protobuf::MessageExts
|
53
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
# Describes the CIS benchmark version that is applicable to a given OS and
|
58
|
-
# os version.
|
59
|
-
# @!attribute [rw] cpe_uri
|
60
|
-
# @return [::String]
|
61
|
-
# The CPE URI (https://cpe.mitre.org/specification/) this benchmark is
|
62
|
-
# applicable to.
|
63
|
-
# @!attribute [rw] version
|
64
|
-
# @return [::String]
|
65
|
-
# The version of the benchmark. This is set to the version of the OS-specific
|
66
|
-
# CIS document the benchmark is defined in.
|
67
|
-
class ComplianceVersion
|
68
|
-
include ::Google::Protobuf::MessageExts
|
69
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
70
|
-
end
|
71
|
-
|
72
|
-
# An indication that the compliance checks in the associated ComplianceNote
|
73
|
-
# were not satisfied for particular resources or a specified reason.
|
74
|
-
# @!attribute [rw] non_compliant_files
|
75
|
-
# @return [::Array<::Grafeas::V1::NonCompliantFile>]
|
76
|
-
# @!attribute [rw] non_compliance_reason
|
77
|
-
# @return [::String]
|
78
|
-
class ComplianceOccurrence
|
79
|
-
include ::Google::Protobuf::MessageExts
|
80
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
81
|
-
end
|
82
|
-
|
83
|
-
# Details about files that caused a compliance check to fail.
|
84
|
-
# @!attribute [rw] path
|
85
|
-
# @return [::String]
|
86
|
-
# Empty if `display_command` is set.
|
87
|
-
# @!attribute [rw] display_command
|
88
|
-
# @return [::String]
|
89
|
-
# Command to display the non-compliant files.
|
90
|
-
# @!attribute [rw] reason
|
91
|
-
# @return [::String]
|
92
|
-
# Explains why a file is non compliant for a CIS check.
|
93
|
-
class NonCompliantFile
|
94
|
-
include ::Google::Protobuf::MessageExts
|
95
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|