google-cloud-container_analysis-v1 0.4.6 → 0.4.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a72605fbe4fd98aef12cc8010b41c3e5b42c55ec6623a4c68850ef2626a6c440
-  data.tar.gz: '083bc8ff52fdde9bff8bbc96a99dfc3a259ea9e7d3bdb38430334ae881927d57'
+  metadata.gz: c43a62e17050d537cff4b2c65944b2b1923099f6c06a0ae8dd3d2ecf782daacc
+  data.tar.gz: 8b637b5e0210af995d7edcd781b09290e9e74515b327ad48f2344e77e7795a4c
 SHA512:
-  metadata.gz: 6e4122d84677ad5f18805609379c60fa7723e39eaedab1ebb5f66acb7ad28f22cd91511863b0dda5e52f39c6be8d83d52e6856399ba0ad5193e8769eb304cd73
-  data.tar.gz: 6ef5d1e31db42c0682454d9dca10b0532fb037276c5688de5570f2f961b9e340992997973119b10d64d9b29a4a9fd641332e442740b6708d1ff5db0ac363b4df
+  metadata.gz: 7ee8eea2784b9b8900dfbb34a7071e6b17388a5036960488fb09136bd1a43a224f476b82586c1c707ca1778dffa73c3d572c8ab5222998965dc0827031faa79d
+  data.tar.gz: 5ae886224b1a0ce679044b2838887219655eac14f1131328dfc4d6fee584bbdfe76172006ff21f215b4e8095820b34ffd6be04e9ab860f4faa53be652974b689

data/README.md

@@ -37,7 +37,7 @@ request = ::Google::Iam::V1::SetIamPolicyRequest.new # (request fields as keywor
 response = client.set_iam_policy request
 ```
 
-View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-container_analysis-v1/latest)
+View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-container_analysis-v1/latest)
 for class and method documentation.
 
 See also the [Product Documentation](https://cloud.google.com/container-registry/docs/container-analysis)

data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb

@@ -472,7 +472,7 @@ module Google
             #   the default parameter values, pass an empty Hash as a request object (see above).
             #
             #   @param parent [::String]
-            #     The name of the project to get a vulnerability summary for in the form of
+            #     Required. The name of the project to get a vulnerability summary for in the form of
             #     `projects/[PROJECT_ID]`.
             #   @param filter [::String]
             #     The filter expression.

data/lib/google/cloud/container_analysis/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module ContainerAnalysis
       module V1
-        VERSION = "0.4.6"
+        VERSION = "0.4.7"
       end
     end
   end

data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb

@@ -8,7 +8,9 @@ require 'google/api/resource_pb'
 require 'google/iam/v1/iam_policy_pb'
 require 'google/iam/v1/policy_pb'
 require 'google/protobuf/timestamp_pb'
-require 'grafeas/v1/vulnerability_pb'
+require 'grafeas/v1/common_pb'
+require 'grafeas/v1/grafeas_pb'
+require 'grafeas/v1/severity_pb'
 require 'google/protobuf'
 
 Google::Protobuf::DescriptorPool.generated_pool.build do

data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb

@@ -24,7 +24,7 @@ module Google
         # Request to get a vulnerability summary for some set of occurrences.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     The name of the project to get a vulnerability summary for in the form of
+        #     Required. The name of the project to get a vulnerability summary for in the form of
         #     `projects/[PROJECT_ID]`.
         # @!attribute [rw] filter
         #   @return [::String]

data/proto_docs/google/protobuf/any.rb

@@ -0,0 +1,141 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `Any` contains an arbitrary serialized protocol buffer message along with a
+    # URL that describes the type of the serialized message.
+    #
+    # Protobuf library provides support to pack/unpack Any values in the form
+    # of utility functions or additional generated methods of the Any type.
+    #
+    # Example 1: Pack and unpack a message in C++.
+    #
+    #     Foo foo = ...;
+    #     Any any;
+    #     any.PackFrom(foo);
+    #     ...
+    #     if (any.UnpackTo(&foo)) {
+    #       ...
+    #     }
+    #
+    # Example 2: Pack and unpack a message in Java.
+    #
+    #     Foo foo = ...;
+    #     Any any = Any.pack(foo);
+    #     ...
+    #     if (any.is(Foo.class)) {
+    #       foo = any.unpack(Foo.class);
+    #     }
+    #
+    #  Example 3: Pack and unpack a message in Python.
+    #
+    #     foo = Foo(...)
+    #     any = Any()
+    #     any.Pack(foo)
+    #     ...
+    #     if any.Is(Foo.DESCRIPTOR):
+    #       any.Unpack(foo)
+    #       ...
+    #
+    #  Example 4: Pack and unpack a message in Go
+    #
+    #      foo := &pb.Foo{...}
+    #      any, err := anypb.New(foo)
+    #      if err != nil {
+    #        ...
+    #      }
+    #      ...
+    #      foo := &pb.Foo{}
+    #      if err := any.UnmarshalTo(foo); err != nil {
+    #        ...
+    #      }
+    #
+    # The pack methods provided by protobuf library will by default use
+    # 'type.googleapis.com/full.type.name' as the type URL and the unpack
+    # methods only use the fully qualified type name after the last '/'
+    # in the type URL, for example "foo.bar.com/x/y.z" will yield type
+    # name "y.z".
+    #
+    #
+    # JSON
+    # ====
+    # The JSON representation of an `Any` value uses the regular
+    # representation of the deserialized, embedded message, with an
+    # additional field `@type` which contains the type URL. Example:
+    #
+    #     package google.profile;
+    #     message Person {
+    #       string first_name = 1;
+    #       string last_name = 2;
+    #     }
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.profile.Person",
+    #       "firstName": <string>,
+    #       "lastName": <string>
+    #     }
+    #
+    # If the embedded message type is well-known and has a custom JSON
+    # representation, that representation will be embedded adding a field
+    # `value` which holds the custom JSON in addition to the `@type`
+    # field. Example (for message [google.protobuf.Duration][]):
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.protobuf.Duration",
+    #       "value": "1.212s"
+    #     }
+    # @!attribute [rw] type_url
+    #   @return [::String]
+    #     A URL/resource name that uniquely identifies the type of the serialized
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
+    #     the fully qualified name of the type (as in
+    #     `path/google.protobuf.Duration`). The name should be in a canonical form
+    #     (e.g., leading "." is not accepted).
+    #
+    #     In practice, teams usually precompile into the binary all types that they
+    #     expect it to use in the context of Any. However, for URLs which use the
+    #     scheme `http`, `https`, or no scheme, one can optionally set up a type
+    #     server that maps type URLs to message definitions as follows:
+    #
+    #     * If no scheme is provided, `https` is assumed.
+    #     * An HTTP GET on the URL must yield a [google.protobuf.Type][]
+    #       value in binary format, or produce an error.
+    #     * Applications are allowed to cache lookup results based on the
+    #       URL, or have them precompiled into a binary to avoid any
+    #       lookup. Therefore, binary compatibility needs to be preserved
+    #       on changes to types. (Use versioned type names to manage
+    #       breaking changes.)
+    #
+    #     Note: this functionality is not currently available in the official
+    #     protobuf release, and it is not used for type URLs beginning with
+    #     type.googleapis.com.
+    #
+    #     Schemes other than `http`, `https` (or the empty scheme) might be
+    #     used with implementation specific semantics.
+    # @!attribute [rw] value
+    #   @return [::String]
+    #     Must be a valid serialized protocol buffer of the above specified type.
+    class Any
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/empty.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # A generic empty message that you can re-use to avoid defining duplicated
+    # empty messages in your APIs. A typical example is to use it as the request
+    # or the response type of an API method. For instance:
+    #
+    #     service Foo {
+    #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
+    #     }
+    #
+    # The JSON representation for `Empty` is empty JSON object `{}`.
+    class Empty
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/field_mask.rb

@@ -0,0 +1,229 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `FieldMask` represents a set of symbolic field paths, for example:
+    #
+    #     paths: "f.a"
+    #     paths: "f.b.d"
+    #
+    # Here `f` represents a field in some root message, `a` and `b`
+    # fields in the message found in `f`, and `d` a field found in the
+    # message in `f.b`.
+    #
+    # Field masks are used to specify a subset of fields that should be
+    # returned by a get operation or modified by an update operation.
+    # Field masks also have a custom JSON encoding (see below).
+    #
+    # # Field Masks in Projections
+    #
+    # When used in the context of a projection, a response message or
+    # sub-message is filtered by the API to only contain those fields as
+    # specified in the mask. For example, if the mask in the previous
+    # example is applied to a response message as follows:
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       y : 13
+    #     }
+    #     z: 8
+    #
+    # The result will not contain specific values for fields x,y and z
+    # (their value will be set to the default, and omitted in proto text
+    # output):
+    #
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #       }
+    #     }
+    #
+    # A repeated field is not allowed except at the last position of a
+    # paths string.
+    #
+    # If a FieldMask object is not present in a get operation, the
+    # operation applies to all fields (as if a FieldMask of all fields
+    # had been specified).
+    #
+    # Note that a field mask does not necessarily apply to the
+    # top-level response message. In case of a REST get operation, the
+    # field mask applies directly to the response, but in case of a REST
+    # list operation, the mask instead applies to each individual message
+    # in the returned resource list. In case of a REST custom method,
+    # other definitions may be used. Where the mask applies will be
+    # clearly documented together with its declaration in the API.  In
+    # any case, the effect on the returned resource/resources is required
+    # behavior for APIs.
+    #
+    # # Field Masks in Update Operations
+    #
+    # A field mask in update operations specifies which fields of the
+    # targeted resource are going to be updated. The API is required
+    # to only change the values of the fields as specified in the mask
+    # and leave the others untouched. If a resource is passed in to
+    # describe the updated values, the API ignores the values of all
+    # fields not covered by the mask.
+    #
+    # If a repeated field is specified for an update operation, new values will
+    # be appended to the existing repeated field in the target resource. Note that
+    # a repeated field is only allowed in the last position of a `paths` string.
+    #
+    # If a sub-message is specified in the last position of the field mask for an
+    # update operation, then new value will be merged into the existing sub-message
+    # in the target resource.
+    #
+    # For example, given the target message:
+    #
+    #     f {
+    #       b {
+    #         d: 1
+    #         x: 2
+    #       }
+    #       c: [1]
+    #     }
+    #
+    # And an update message:
+    #
+    #     f {
+    #       b {
+    #         d: 10
+    #       }
+    #       c: [2]
+    #     }
+    #
+    # then if the field mask is:
+    #
+    #  paths: ["f.b", "f.c"]
+    #
+    # then the result will be:
+    #
+    #     f {
+    #       b {
+    #         d: 10
+    #         x: 2
+    #       }
+    #       c: [1, 2]
+    #     }
+    #
+    # An implementation may provide options to override this default behavior for
+    # repeated and message fields.
+    #
+    # In order to reset a field's value to the default, the field must
+    # be in the mask and set to the default value in the provided resource.
+    # Hence, in order to reset all fields of a resource, provide a default
+    # instance of the resource and set all fields in the mask, or do
+    # not provide a mask as described below.
+    #
+    # If a field mask is not present on update, the operation applies to
+    # all fields (as if a field mask of all fields has been specified).
+    # Note that in the presence of schema evolution, this may mean that
+    # fields the client does not know and has therefore not filled into
+    # the request will be reset to their default. If this is unwanted
+    # behavior, a specific service may require a client to always specify
+    # a field mask, producing an error if not.
+    #
+    # As with get operations, the location of the resource which
+    # describes the updated values in the request message depends on the
+    # operation kind. In any case, the effect of the field mask is
+    # required to be honored by the API.
+    #
+    # ## Considerations for HTTP REST
+    #
+    # The HTTP kind of an update operation which uses a field mask must
+    # be set to PATCH instead of PUT in order to satisfy HTTP semantics
+    # (PUT must only be used for full updates).
+    #
+    # # JSON Encoding of Field Masks
+    #
+    # In JSON, a field mask is encoded as a single string where paths are
+    # separated by a comma. Fields name in each path are converted
+    # to/from lower-camel naming conventions.
+    #
+    # As an example, consider the following message declarations:
+    #
+    #     message Profile {
+    #       User user = 1;
+    #       Photo photo = 2;
+    #     }
+    #     message User {
+    #       string display_name = 1;
+    #       string address = 2;
+    #     }
+    #
+    # In proto a field mask for `Profile` may look as such:
+    #
+    #     mask {
+    #       paths: "user.display_name"
+    #       paths: "photo"
+    #     }
+    #
+    # In JSON, the same mask is represented as below:
+    #
+    #     {
+    #       mask: "user.displayName,photo"
+    #     }
+    #
+    # # Field Masks and Oneof Fields
+    #
+    # Field masks treat fields in oneofs just as regular fields. Consider the
+    # following message:
+    #
+    #     message SampleMessage {
+    #       oneof test_oneof {
+    #         string name = 4;
+    #         SubMessage sub_message = 9;
+    #       }
+    #     }
+    #
+    # The field mask can be:
+    #
+    #     mask {
+    #       paths: "name"
+    #     }
+    #
+    # Or:
+    #
+    #     mask {
+    #       paths: "sub_message"
+    #     }
+    #
+    # Note that oneof type names ("test_oneof" in this case) cannot be used in
+    # paths.
+    #
+    # ## Field Mask Verification
+    #
+    # The implementation of any API method which has a FieldMask type field in the
+    # request should verify the included field paths, and return an
+    # `INVALID_ARGUMENT` error if any path is unmappable.
+    # @!attribute [rw] paths
+    #   @return [::Array<::String>]
+    #     The set of field mask paths.
+    class FieldMask
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/rpc/status.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Rpc
+    # The `Status` type defines a logical error model that is suitable for
+    # different programming environments, including REST APIs and RPC APIs. It is
+    # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+    # three pieces of data: error code, error message, and error details.
+    #
+    # You can find out more about this error model and how to work with it in the
+    # [API Design Guide](https://cloud.google.com/apis/design/errors).
+    # @!attribute [rw] code
+    #   @return [::Integer]
+    #     The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
+    # @!attribute [rw] message
+    #   @return [::String]
+    #     A developer-facing error message, which should be in English. Any
+    #     user-facing error message should be localized and sent in the
+    #     {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
+    # @!attribute [rw] details
+    #   @return [::Array<::Google::Protobuf::Any>]
+    #     A list of messages that carry the error details.  There is a common set of
+    #     message types for APIs to use.
+    class Status
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/attestation.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Note kind that represents a logical attestation "role" or "authority". For
+    # example, an organization might have one `Authority` for "QA" and one for
+    # "build". This note is intended to act strictly as a grouping mechanism for
+    # the attached occurrences (Attestations). This grouping mechanism also
+    # provides a security boundary, since IAM ACLs gate the ability for a principle
+    # to attach an occurrence to a given note. It also provides a single point of
+    # lookup to find all attached attestation occurrences, even if they don't all
+    # live in the same project.
+    # @!attribute [rw] hint
+    #   @return [::Grafeas::V1::AttestationNote::Hint]
+    #     Hint hints at the purpose of the attestation authority.
+    class AttestationNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # This submessage provides human-readable hints about the purpose of the
+      # authority. Because the name of a note acts as its resource reference, it is
+      # important to disambiguate the canonical name of the Note (which might be a
+      # UUID for security purposes) from "readable" names more suitable for debug
+      # output. Note that these hints should not be used to look up authorities in
+      # security sensitive contexts, such as when looking up attestations to
+      # verify.
+      # @!attribute [rw] human_readable_name
+      #   @return [::String]
+      #     Required. The human readable name of this attestation authority, for
+      #     example "qa".
+      class Hint
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # @!attribute [rw] compact_jwt
+    #   @return [::String]
+    #     The compact encoding of a JWS, which is always three base64 encoded strings
+    #     joined by periods. For details, see:
+    #     https://tools.ietf.org/html/rfc7515.html#section-3.1
+    class Jwt
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Occurrence that represents a single "attestation". The authenticity of an
+    # attestation can be verified using the attached signature. If the verifier
+    # trusts the public key of the signer, then verifying the signature is
+    # sufficient to establish trust. In this circumstance, the authority to which
+    # this attestation is attached is primarily useful for lookup (how to find
+    # this attestation if you already know the authority and artifact to be
+    # verified) and intent (for which authority this attestation was intended to
+    # sign.
+    # @!attribute [rw] serialized_payload
+    #   @return [::String]
+    #     Required. The serialized payload that is verified by one or more
+    #     `signatures`.
+    # @!attribute [rw] signatures
+    #   @return [::Array<::Grafeas::V1::Signature>]
+    #     One or more signatures over `serialized_payload`.  Verifier implementations
+    #     should consider this attestation message verified if at least one
+    #     `signature` verifies `serialized_payload`.  See `Signature` in common.proto
+    #     for more details on signature structure and verification.
+    # @!attribute [rw] jwts
+    #   @return [::Array<::Grafeas::V1::Jwt>]
+    #     One or more JWTs encoding a self-contained attestation.
+    #     Each JWT encodes the payload that it verifies within the JWT itself.
+    #     Verifier implementation SHOULD ignore the `serialized_payload` field
+    #     when verifying these JWTs.
+    #     If only JWTs are present on this AttestationOccurrence, then the
+    #     `serialized_payload` SHOULD be left empty.
+    #     Each JWT SHOULD encode a claim specific to the `resource_uri` of this
+    #     Occurrence, but this is not validated by Grafeas metadata API
+    #     implementations.  The JWT itself is opaque to Grafeas.
+    class AttestationOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/build.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Note holding the version of the provider's builder and the signature of the
+    # provenance message in the build details occurrence.
+    # @!attribute [rw] builder_version
+    #   @return [::String]
+    #     Required. Immutable. Version of the builder which produced this build.
+    class BuildNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Details of a build occurrence.
+    # @!attribute [rw] provenance
+    #   @return [::Grafeas::V1::BuildProvenance]
+    #     The actual provenance for the build.
+    # @!attribute [rw] provenance_bytes
+    #   @return [::String]
+    #     Serialized JSON representation of the provenance, used in generating the
+    #     build signature in the corresponding build note. After verifying the
+    #     signature, `provenance_bytes` can be unmarshalled and compared to the
+    #     provenance to confirm that it is unchanged. A base64-encoded string
+    #     representation of the provenance bytes is used for the signature in order
+    #     to interoperate with openssl which expects this format for signature
+    #     verification.
+    #
+    #     The serialized form is captured both to avoid ambiguity in how the
+    #     provenance is marshalled to json as well to prevent incompatibilities with
+    #     future changes.
+    # @!attribute [rw] intoto_provenance
+    #   @return [::Grafeas::V1::InTotoProvenance]
+    #     Deprecated. See InTotoStatement for the replacement.
+    #     In-toto Provenance representation as defined in spec.
+    # @!attribute [rw] intoto_statement
+    #   @return [::Grafeas::V1::InTotoStatement]
+    #     In-toto Statement representation as defined in spec.
+    #     The intoto_statement can contain any type of provenance. The serialized
+    #     payload of the statement can be stored and signed in the Occurrence's
+    #     envelope.
+    class BuildOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end