grafeas-client 0.1.0

data/lib/grafeas-client.rb

@@ -0,0 +1,16 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+require "grafeas"

data/lib/grafeas.rb

@@ -0,0 +1,150 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+require "google/gax"
+require "pathname"
+
+# rubocop:disable LineLength
+
+##
+# # Ruby Client for Container Analysis API ([Alpha](https://github.com/googleapis/google-cloud-ruby#versioning))
+#
+# [Container Analysis API][Product Documentation]:
+# An implementation of the Grafeas API, which stores, and enables querying and
+# retrieval of critical metadata about all of your software artifacts.
+# - [Product Documentation][]
+#
+# ## Quick Start
+# In order to use this library, you first need to go through the following
+# steps:
+#
+# 1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
+# 2. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
+# 3. [Enable the Container Analysis API.](https://console.cloud.google.com/apis/library/grafeas.googleapis.com)
+# 4. [Setup Authentication.](https://googleapis.github.io/google-cloud-ruby/#/docs/google-cloud/master/guides/authentication)
+#
+# ### Installation
+# ```
+# $ gem install grafeas-client
+# ```
+#
+# ### Next Steps
+# - Read the [Container Analysis API Product documentation][Product Documentation]
+#   to learn more about the product and see How-to Guides.
+# - View this [repository's main README](https://github.com/googleapis/google-cloud-ruby/blob/master/README.md)
+#   to see the full list of Cloud APIs that we cover.
+#
+# [Product Documentation]: https://grafeas.io/
+#
+# ## Enabling Logging
+#
+# To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
+# The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/stdlib-2.5.0/libdoc/logger/rdoc/Logger.html) as shown below,
+# or a [`Google::Cloud::Logging::Logger`](https://googleapis.github.io/google-cloud-ruby/#/docs/google-cloud-logging/latest/google/cloud/logging/logger)
+# that will write logs to [Stackdriver Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
+# and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
+#
+# Configuring a Ruby stdlib logger:
+#
+# ```ruby
+# require "logger"
+#
+# module MyLogger
+#   LOGGER = Logger.new $stderr, level: Logger::WARN
+#   def logger
+#     LOGGER
+#   end
+# end
+#
+# # Define a gRPC module-level logger method before grpc/logconfig.rb loads.
+# module GRPC
+#   extend MyLogger
+# end
+# ```
+#
+module Grafeas
+  # rubocop:enable LineLength
+
+  FILE_DIR = File.realdirpath(Pathname.new(__FILE__).join("..").join("grafeas"))
+
+  AVAILABLE_VERSIONS = Dir["#{FILE_DIR}/*"]
+    .select { |file| File.directory?(file) }
+    .select { |dir| Google::Gax::VERSION_MATCHER.match(File.basename(dir)) }
+    .select { |dir| File.exist?(dir + ".rb") }
+    .map { |dir| File.basename(dir) }
+
+  ##
+  # [Grafeas](https://grafeas.io) API.
+  #
+  # Retrieves analysis results of Cloud components such as Docker container
+  # images.
+  #
+  # Analysis results are stored as a series of occurrences. An `Occurrence`
+  # contains information about a specific analysis instance on a resource. An
+  # occurrence refers to a `Note`. A note contains details describing the
+  # analysis and is generally stored in a separate project, called a `Provider`.
+  # Multiple occurrences can refer to the same note.
+  #
+  # For example, an SSL vulnerability could affect multiple images. In this case,
+  # there would be one note for the vulnerability and an occurrence for each
+  # image with the vulnerability referring to that note.
+  #
+  # @param version [Symbol, String]
+  #   The major version of the service to be used. By default :v1
+  #   is used.
+  # @overload new(version:, credentials:, scopes:, client_config:, timeout:)
+  #   @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
+  #     Provides the means for authenticating requests made by the client. This parameter can
+  #     be many types.
+  #     A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
+  #     authenticating requests made by this client.
+  #     A `String` will be treated as the path to the keyfile to be used for the construction of
+  #     credentials for this client.
+  #     A `Hash` will be treated as the contents of a keyfile to be used for the construction of
+  #     credentials for this client.
+  #     A `GRPC::Core::Channel` will be used to make calls through.
+  #     A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
+  #     should already be composed with a `GRPC::Core::CallCredentials` object.
+  #     A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
+  #     metadata for requests, generally, to give OAuth credentials.
+  #   @param scopes [Array<String>]
+  #     The OAuth scopes for this service. This parameter is ignored if
+  #     an updater_proc is supplied.
+  #   @param client_config [Hash]
+  #     A Hash for call options for each method. See
+  #     Google::Gax#construct_settings for the structure of
+  #     this data. Falls back to the default config if not specified
+  #     or the specified config is missing data points.
+  #   @param timeout [Numeric]
+  #     The default timeout, in seconds, for calls made through this client.
+  #   @param metadata [Hash]
+  #     Default metadata to be sent with each request. This can be overridden on a per call basis.
+  #   @param exception_transformer [Proc]
+  #     An optional proc that intercepts any exceptions raised during an API call to inject
+  #     custom error handling.
+  def self.new(*args, version: :v1, **kwargs)
+    unless AVAILABLE_VERSIONS.include?(version.to_s.downcase)
+      raise "The version: #{version} is not available. The available versions " \
+        "are: [#{AVAILABLE_VERSIONS.join(", ")}]"
+    end
+
+    require "#{FILE_DIR}/#{version.to_s.downcase}"
+    version_module = Grafeas
+      .constants
+      .select {|sym| sym.to_s.downcase == version.to_s.downcase}
+      .first
+    Grafeas.const_get(version_module).new(*args, **kwargs)
+  end
+end

data/lib/grafeas/v1.rb

@@ -0,0 +1,147 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+require "grafeas/v1/grafeas_client"
+
+module Grafeas
+  # rubocop:disable LineLength
+
+  ##
+  # # Ruby Client for Container Analysis API ([Alpha](https://github.com/googleapis/google-cloud-ruby#versioning))
+  #
+  # [Container Analysis API][Product Documentation]:
+  # An implementation of the Grafeas API, which stores, and enables querying and
+  # retrieval of critical metadata about all of your software artifacts.
+  # - [Product Documentation][]
+  #
+  # ## Quick Start
+  # In order to use this library, you first need to go through the following
+  # steps:
+  #
+  # 1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
+  # 2. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
+  # 3. [Enable the Container Analysis API.](https://console.cloud.google.com/apis/library/grafeas.googleapis.com)
+  # 4. [Setup Authentication.](https://googleapis.github.io/google-cloud-ruby/#/docs/google-cloud/master/guides/authentication)
+  #
+  # ### Installation
+  # ```
+  # $ gem install grafeas-client
+  # ```
+  #
+  # ### Next Steps
+  # - Read the [Container Analysis API Product documentation][Product Documentation]
+  #   to learn more about the product and see How-to Guides.
+  # - View this [repository's main README](https://github.com/googleapis/google-cloud-ruby/blob/master/README.md)
+  #   to see the full list of Cloud APIs that we cover.
+  #
+  # [Product Documentation]: https://grafeas.io/
+  #
+  # ## Enabling Logging
+  #
+  # To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
+  # The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/stdlib-2.5.0/libdoc/logger/rdoc/Logger.html) as shown below,
+  # or a [`Google::Cloud::Logging::Logger`](https://googleapis.github.io/google-cloud-ruby/#/docs/google-cloud-logging/latest/google/cloud/logging/logger)
+  # that will write logs to [Stackdriver Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
+  # and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
+  #
+  # Configuring a Ruby stdlib logger:
+  #
+  # ```ruby
+  # require "logger"
+  #
+  # module MyLogger
+  #   LOGGER = Logger.new $stderr, level: Logger::WARN
+  #   def logger
+  #     LOGGER
+  #   end
+  # end
+  #
+  # # Define a gRPC module-level logger method before grpc/logconfig.rb loads.
+  # module GRPC
+  #   extend MyLogger
+  # end
+  # ```
+  #
+  module V1
+    # rubocop:enable LineLength
+
+    ##
+    # [Grafeas](https://grafeas.io) API.
+    #
+    # Retrieves analysis results of Cloud components such as Docker container
+    # images.
+    #
+    # Analysis results are stored as a series of occurrences. An `Occurrence`
+    # contains information about a specific analysis instance on a resource. An
+    # occurrence refers to a `Note`. A note contains details describing the
+    # analysis and is generally stored in a separate project, called a `Provider`.
+    # Multiple occurrences can refer to the same note.
+    #
+    # For example, an SSL vulnerability could affect multiple images. In this case,
+    # there would be one note for the vulnerability and an occurrence for each
+    # image with the vulnerability referring to that note.
+    #
+    # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
+    #   Provides the means for authenticating requests made by the client. This parameter can
+    #   be many types.
+    #   A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
+    #   authenticating requests made by this client.
+    #   A `String` will be treated as the path to the keyfile to be used for the construction of
+    #   credentials for this client.
+    #   A `Hash` will be treated as the contents of a keyfile to be used for the construction of
+    #   credentials for this client.
+    #   A `GRPC::Core::Channel` will be used to make calls through.
+    #   A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
+    #   should already be composed with a `GRPC::Core::CallCredentials` object.
+    #   A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
+    #   metadata for requests, generally, to give OAuth credentials.
+    # @param scopes [Array<String>]
+    #   The OAuth scopes for this service. This parameter is ignored if
+    #   an updater_proc is supplied.
+    # @param client_config [Hash]
+    #   A Hash for call options for each method. See
+    #   Google::Gax#construct_settings for the structure of
+    #   this data. Falls back to the default config if not specified
+    #   or the specified config is missing data points.
+    # @param timeout [Numeric]
+    #   The default timeout, in seconds, for calls made through this client.
+    # @param metadata [Hash]
+    #   Default metadata to be sent with each request. This can be overridden on a per call basis.
+    # @param exception_transformer [Proc]
+    #   An optional proc that intercepts any exceptions raised during an API call to inject
+    #   custom error handling.
+    def self.new \
+        credentials: nil,
+        scopes: nil,
+        client_config: nil,
+        timeout: nil,
+        metadata: nil,
+        exception_transformer: nil,
+        lib_name: nil,
+        lib_version: nil
+      kwargs = {
+        credentials: credentials,
+        scopes: scopes,
+        client_config: client_config,
+        timeout: timeout,
+        metadata: metadata,
+        exception_transformer: exception_transformer,
+        lib_name: lib_name,
+        lib_version: lib_version
+      }.select { |_, v| v != nil }
+      Grafeas::V1::GrafeasClient.new(**kwargs)
+    end
+  end
+end

data/lib/grafeas/v1/attestation_pb.rb

@@ -0,0 +1,27 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: grafeas/v1/attestation.proto
+
+
+require 'google/protobuf'
+
+require 'grafeas/v1/common_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_message "grafeas.v1.AttestationNote" do
+    optional :hint, :message, 1, "grafeas.v1.AttestationNote.Hint"
+  end
+  add_message "grafeas.v1.AttestationNote.Hint" do
+    optional :human_readable_name, :string, 1
+  end
+  add_message "grafeas.v1.AttestationOccurrence" do
+    optional :serialized_payload, :bytes, 1
+    repeated :signatures, :message, 2, "grafeas.v1.Signature"
+  end
+end
+
+module Grafeas
+  module V1
+    AttestationNote = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.AttestationNote").msgclass
+    AttestationNote::Hint = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.AttestationNote.Hint").msgclass
+    AttestationOccurrence = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.AttestationOccurrence").msgclass
+  end
+end

data/lib/grafeas/v1/build_pb.rb

@@ -0,0 +1,23 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: grafeas/v1/build.proto
+
+
+require 'google/protobuf'
+
+require 'grafeas/v1/provenance_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_message "grafeas.v1.BuildNote" do
+    optional :builder_version, :string, 1
+  end
+  add_message "grafeas.v1.BuildOccurrence" do
+    optional :provenance, :message, 1, "grafeas.v1.BuildProvenance"
+    optional :provenance_bytes, :string, 2
+  end
+end
+
+module Grafeas
+  module V1
+    BuildNote = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.BuildNote").msgclass
+    BuildOccurrence = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.BuildOccurrence").msgclass
+  end
+end

data/lib/grafeas/v1/common_pb.rb

@@ -0,0 +1,34 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: grafeas/v1/common.proto
+
+
+require 'google/protobuf'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_message "grafeas.v1.RelatedUrl" do
+    optional :url, :string, 1
+    optional :label, :string, 2
+  end
+  add_message "grafeas.v1.Signature" do
+    optional :signature, :bytes, 1
+    optional :public_key_id, :string, 2
+  end
+  add_enum "grafeas.v1.NoteKind" do
+    value :NOTE_KIND_UNSPECIFIED, 0
+    value :VULNERABILITY, 1
+    value :BUILD, 2
+    value :IMAGE, 3
+    value :PACKAGE, 4
+    value :DEPLOYMENT, 5
+    value :DISCOVERY, 6
+    value :ATTESTATION, 7
+  end
+end
+
+module Grafeas
+  module V1
+    RelatedUrl = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.RelatedUrl").msgclass
+    Signature = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.Signature").msgclass
+    NoteKind = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.NoteKind").enummodule
+  end
+end

data/lib/grafeas/v1/credentials.rb

@@ -0,0 +1,37 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+require "googleauth"
+
+module Grafeas
+  module V1
+    class Credentials < Google::Auth::Credentials
+      SCOPE = [
+        "https://www.googleapis.com/auth/cloud-platform"
+      ].freeze
+      PATH_ENV_VARS = %w(GRAFEAS_CREDENTIALS
+                         GRAFEAS_KEYFILE
+                         GOOGLE_CLOUD_CREDENTIALS
+                         GOOGLE_CLOUD_KEYFILE
+                         GCLOUD_KEYFILE)
+      JSON_ENV_VARS = %w(GRAFEAS_CREDENTIALS_JSON
+                         GRAFEAS_KEYFILE_JSON
+                         GOOGLE_CLOUD_CREDENTIALS_JSON
+                         GOOGLE_CLOUD_KEYFILE_JSON
+                         GCLOUD_KEYFILE_JSON)
+      DEFAULT_PATHS = ["~/.config/gcloud/application_default_credentials.json"]
+    end
+  end
+end

data/lib/grafeas/v1/cvss_pb.rb

@@ -0,0 +1,67 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: grafeas/v1/cvss.proto
+
+
+require 'google/protobuf'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_message "grafeas.v1.CVSSv3" do
+    optional :base_score, :float, 1
+    optional :exploitability_score, :float, 2
+    optional :impact_score, :float, 3
+    optional :attack_vector, :enum, 5, "grafeas.v1.CVSSv3.AttackVector"
+    optional :attack_complexity, :enum, 6, "grafeas.v1.CVSSv3.AttackComplexity"
+    optional :privileges_required, :enum, 7, "grafeas.v1.CVSSv3.PrivilegesRequired"
+    optional :user_interaction, :enum, 8, "grafeas.v1.CVSSv3.UserInteraction"
+    optional :scope, :enum, 9, "grafeas.v1.CVSSv3.Scope"
+    optional :confidentiality_impact, :enum, 10, "grafeas.v1.CVSSv3.Impact"
+    optional :integrity_impact, :enum, 11, "grafeas.v1.CVSSv3.Impact"
+    optional :availability_impact, :enum, 12, "grafeas.v1.CVSSv3.Impact"
+  end
+  add_enum "grafeas.v1.CVSSv3.AttackVector" do
+    value :ATTACK_VECTOR_UNSPECIFIED, 0
+    value :ATTACK_VECTOR_NETWORK, 1
+    value :ATTACK_VECTOR_ADJACENT, 2
+    value :ATTACK_VECTOR_LOCAL, 3
+    value :ATTACK_VECTOR_PHYSICAL, 4
+  end
+  add_enum "grafeas.v1.CVSSv3.AttackComplexity" do
+    value :ATTACK_COMPLEXITY_UNSPECIFIED, 0
+    value :ATTACK_COMPLEXITY_LOW, 1
+    value :ATTACK_COMPLEXITY_HIGH, 2
+  end
+  add_enum "grafeas.v1.CVSSv3.PrivilegesRequired" do
+    value :PRIVILEGES_REQUIRED_UNSPECIFIED, 0
+    value :PRIVILEGES_REQUIRED_NONE, 1
+    value :PRIVILEGES_REQUIRED_LOW, 2
+    value :PRIVILEGES_REQUIRED_HIGH, 3
+  end
+  add_enum "grafeas.v1.CVSSv3.UserInteraction" do
+    value :USER_INTERACTION_UNSPECIFIED, 0
+    value :USER_INTERACTION_NONE, 1
+    value :USER_INTERACTION_REQUIRED, 2
+  end
+  add_enum "grafeas.v1.CVSSv3.Scope" do
+    value :SCOPE_UNSPECIFIED, 0
+    value :SCOPE_UNCHANGED, 1
+    value :SCOPE_CHANGED, 2
+  end
+  add_enum "grafeas.v1.CVSSv3.Impact" do
+    value :IMPACT_UNSPECIFIED, 0
+    value :IMPACT_HIGH, 1
+    value :IMPACT_LOW, 2
+    value :IMPACT_NONE, 3
+  end
+end
+
+module Grafeas
+  module V1
+    CVSSv3 = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3").msgclass
+    CVSSv3::AttackVector = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.AttackVector").enummodule
+    CVSSv3::AttackComplexity = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.AttackComplexity").enummodule
+    CVSSv3::PrivilegesRequired = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.PrivilegesRequired").enummodule
+    CVSSv3::UserInteraction = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.UserInteraction").enummodule
+    CVSSv3::Scope = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.Scope").enummodule
+    CVSSv3::Impact = Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.CVSSv3.Impact").enummodule
+  end
+end