grafeas-v1 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (44) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +11 -0
  3. data/LICENSE.md +203 -0
  4. data/README.md +63 -0
  5. data/lib/grafeas-v1.rb +21 -0
  6. data/lib/grafeas/v1.rb +31 -0
  7. data/lib/grafeas/v1/attestation_pb.rb +28 -0
  8. data/lib/grafeas/v1/build_pb.rb +24 -0
  9. data/lib/grafeas/v1/common_pb.rb +36 -0
  10. data/lib/grafeas/v1/cvss_pb.rb +68 -0
  11. data/lib/grafeas/v1/deployment_pb.rb +36 -0
  12. data/lib/grafeas/v1/discovery_pb.rb +44 -0
  13. data/lib/grafeas/v1/grafeas.rb +57 -0
  14. data/lib/grafeas/v1/grafeas/client.rb +1459 -0
  15. data/lib/grafeas/v1/grafeas/paths.rb +77 -0
  16. data/lib/grafeas/v1/grafeas_pb.rb +169 -0
  17. data/lib/grafeas/v1/grafeas_services_pb.rb +85 -0
  18. data/lib/grafeas/v1/image_pb.rb +37 -0
  19. data/lib/grafeas/v1/package_pb.rb +60 -0
  20. data/lib/grafeas/v1/provenance_pb.rb +117 -0
  21. data/lib/grafeas/v1/upgrade_pb.rb +57 -0
  22. data/lib/grafeas/v1/version.rb +24 -0
  23. data/lib/grafeas/v1/vulnerability_pb.rb +85 -0
  24. data/proto_docs/README.md +4 -0
  25. data/proto_docs/google/api/field_behavior.rb +59 -0
  26. data/proto_docs/google/api/resource.rb +247 -0
  27. data/proto_docs/google/protobuf/any.rb +138 -0
  28. data/proto_docs/google/protobuf/empty.rb +36 -0
  29. data/proto_docs/google/protobuf/field_mask.rb +229 -0
  30. data/proto_docs/google/protobuf/timestamp.rb +120 -0
  31. data/proto_docs/google/rpc/status.rb +46 -0
  32. data/proto_docs/grafeas/v1/attestation.rb +77 -0
  33. data/proto_docs/grafeas/v1/build.rb +54 -0
  34. data/proto_docs/grafeas/v1/common.rb +118 -0
  35. data/proto_docs/grafeas/v1/cvss.rb +111 -0
  36. data/proto_docs/grafeas/v1/deployment.rb +74 -0
  37. data/proto_docs/grafeas/v1/discovery.rb +92 -0
  38. data/proto_docs/grafeas/v1/grafeas.rb +404 -0
  39. data/proto_docs/grafeas/v1/image.rb +95 -0
  40. data/proto_docs/grafeas/v1/package.rb +144 -0
  41. data/proto_docs/grafeas/v1/provenance.rb +318 -0
  42. data/proto_docs/grafeas/v1/upgrade.rb +148 -0
  43. data/proto_docs/grafeas/v1/vulnerability.rb +245 -0
  44. metadata +225 -0
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Rpc
22
+ # The `Status` type defines a logical error model that is suitable for
23
+ # different programming environments, including REST APIs and RPC APIs. It is
24
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
25
+ # three pieces of data: error code, error message, and error details.
26
+ #
27
+ # You can find out more about this error model and how to work with it in the
28
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
29
+ # @!attribute [rw] code
30
+ # @return [::Integer]
31
+ # The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
32
+ # @!attribute [rw] message
33
+ # @return [::String]
34
+ # A developer-facing error message, which should be in English. Any
35
+ # user-facing error message should be localized and sent in the
36
+ # {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
37
+ # @!attribute [rw] details
38
+ # @return [::Array<::Google::Protobuf::Any>]
39
+ # A list of messages that carry the error details. There is a common set of
40
+ # message types for APIs to use.
41
+ class Status
42
+ include ::Google::Protobuf::MessageExts
43
+ extend ::Google::Protobuf::MessageExts::ClassMethods
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,77 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Note kind that represents a logical attestation "role" or "authority". For
23
+ # example, an organization might have one `Authority` for "QA" and one for
24
+ # "build". This note is intended to act strictly as a grouping mechanism for
25
+ # the attached occurrences (Attestations). This grouping mechanism also
26
+ # provides a security boundary, since IAM ACLs gate the ability for a principle
27
+ # to attach an occurrence to a given note. It also provides a single point of
28
+ # lookup to find all attached attestation occurrences, even if they don't all
29
+ # live in the same project.
30
+ # @!attribute [rw] hint
31
+ # @return [::Grafeas::V1::AttestationNote::Hint]
32
+ # Hint hints at the purpose of the attestation authority.
33
+ class AttestationNote
34
+ include ::Google::Protobuf::MessageExts
35
+ extend ::Google::Protobuf::MessageExts::ClassMethods
36
+
37
+ # This submessage provides human-readable hints about the purpose of the
38
+ # authority. Because the name of a note acts as its resource reference, it is
39
+ # important to disambiguate the canonical name of the Note (which might be a
40
+ # UUID for security purposes) from "readable" names more suitable for debug
41
+ # output. Note that these hints should not be used to look up authorities in
42
+ # security sensitive contexts, such as when looking up attestations to
43
+ # verify.
44
+ # @!attribute [rw] human_readable_name
45
+ # @return [::String]
46
+ # Required. The human readable name of this attestation authority, for
47
+ # example "qa".
48
+ class Hint
49
+ include ::Google::Protobuf::MessageExts
50
+ extend ::Google::Protobuf::MessageExts::ClassMethods
51
+ end
52
+ end
53
+
54
+ # Occurrence that represents a single "attestation". The authenticity of an
55
+ # attestation can be verified using the attached signature. If the verifier
56
+ # trusts the public key of the signer, then verifying the signature is
57
+ # sufficient to establish trust. In this circumstance, the authority to which
58
+ # this attestation is attached is primarily useful for lookup (how to find
59
+ # this attestation if you already know the authority and artifact to be
60
+ # verified) and intent (for which authority this attestation was intended to
61
+ # sign.
62
+ # @!attribute [rw] serialized_payload
63
+ # @return [::String]
64
+ # Required. The serialized payload that is verified by one or more
65
+ # `signatures`.
66
+ # @!attribute [rw] signatures
67
+ # @return [::Array<::Grafeas::V1::Signature>]
68
+ # One or more signatures over `serialized_payload`. Verifier implementations
69
+ # should consider this attestation message verified if at least one
70
+ # `signature` verifies `serialized_payload`. See `Signature` in common.proto
71
+ # for more details on signature structure and verification.
72
+ class AttestationOccurrence
73
+ include ::Google::Protobuf::MessageExts
74
+ extend ::Google::Protobuf::MessageExts::ClassMethods
75
+ end
76
+ end
77
+ end
@@ -0,0 +1,54 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Note holding the version of the provider's builder and the signature of the
23
+ # provenance message in the build details occurrence.
24
+ # @!attribute [rw] builder_version
25
+ # @return [::String]
26
+ # Required. Immutable. Version of the builder which produced this build.
27
+ class BuildNote
28
+ include ::Google::Protobuf::MessageExts
29
+ extend ::Google::Protobuf::MessageExts::ClassMethods
30
+ end
31
+
32
+ # Details of a build occurrence.
33
+ # @!attribute [rw] provenance
34
+ # @return [::Grafeas::V1::BuildProvenance]
35
+ # Required. The actual provenance for the build.
36
+ # @!attribute [rw] provenance_bytes
37
+ # @return [::String]
38
+ # Serialized JSON representation of the provenance, used in generating the
39
+ # build signature in the corresponding build note. After verifying the
40
+ # signature, `provenance_bytes` can be unmarshalled and compared to the
41
+ # provenance to confirm that it is unchanged. A base64-encoded string
42
+ # representation of the provenance bytes is used for the signature in order
43
+ # to interoperate with openssl which expects this format for signature
44
+ # verification.
45
+ #
46
+ # The serialized form is captured both to avoid ambiguity in how the
47
+ # provenance is marshalled to json as well to prevent incompatibilities with
48
+ # future changes.
49
+ class BuildOccurrence
50
+ include ::Google::Protobuf::MessageExts
51
+ extend ::Google::Protobuf::MessageExts::ClassMethods
52
+ end
53
+ end
54
+ end
@@ -0,0 +1,118 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Metadata for any related URL information.
23
+ # @!attribute [rw] url
24
+ # @return [::String]
25
+ # Specific URL associated with the resource.
26
+ # @!attribute [rw] label
27
+ # @return [::String]
28
+ # Label to describe usage of the URL.
29
+ class RelatedUrl
30
+ include ::Google::Protobuf::MessageExts
31
+ extend ::Google::Protobuf::MessageExts::ClassMethods
32
+ end
33
+
34
+ # Verifiers (e.g. Kritis implementations) MUST verify signatures
35
+ # with respect to the trust anchors defined in policy (e.g. a Kritis policy).
36
+ # Typically this means that the verifier has been configured with a map from
37
+ # `public_key_id` to public key material (and any required parameters, e.g.
38
+ # signing algorithm).
39
+ #
40
+ # In particular, verification implementations MUST NOT treat the signature
41
+ # `public_key_id` as anything more than a key lookup hint. The `public_key_id`
42
+ # DOES NOT validate or authenticate a public key; it only provides a mechanism
43
+ # for quickly selecting a public key ALREADY CONFIGURED on the verifier through
44
+ # a trusted channel. Verification implementations MUST reject signatures in any
45
+ # of the following circumstances:
46
+ # * The `public_key_id` is not recognized by the verifier.
47
+ # * The public key that `public_key_id` refers to does not verify the
48
+ # signature with respect to the payload.
49
+ #
50
+ # The `signature` contents SHOULD NOT be "attached" (where the payload is
51
+ # included with the serialized `signature` bytes). Verifiers MUST ignore any
52
+ # "attached" payload and only verify signatures with respect to explicitly
53
+ # provided payload (e.g. a `payload` field on the proto message that holds
54
+ # this Signature, or the canonical serialization of the proto message that
55
+ # holds this signature).
56
+ # @!attribute [rw] signature
57
+ # @return [::String]
58
+ # The content of the signature, an opaque bytestring.
59
+ # The payload that this signature verifies MUST be unambiguously provided
60
+ # with the Signature during verification. A wrapper message might provide
61
+ # the payload explicitly. Alternatively, a message might have a canonical
62
+ # serialization that can always be unambiguously computed to derive the
63
+ # payload.
64
+ # @!attribute [rw] public_key_id
65
+ # @return [::String]
66
+ # The identifier for the public key that verifies this signature.
67
+ # * The `public_key_id` is required.
68
+ # * The `public_key_id` MUST be an RFC3986 conformant URI.
69
+ # * When possible, the `public_key_id` SHOULD be an immutable reference,
70
+ # such as a cryptographic digest.
71
+ #
72
+ # Examples of valid `public_key_id`s:
73
+ #
74
+ # OpenPGP V4 public key fingerprint:
75
+ # * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
76
+ # See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
77
+ # details on this scheme.
78
+ #
79
+ # RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
80
+ # serialization):
81
+ # * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
82
+ # * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
83
+ class Signature
84
+ include ::Google::Protobuf::MessageExts
85
+ extend ::Google::Protobuf::MessageExts::ClassMethods
86
+ end
87
+
88
+ # Kind represents the kinds of notes supported.
89
+ module NoteKind
90
+ # Unknown.
91
+ NOTE_KIND_UNSPECIFIED = 0
92
+
93
+ # The note and occurrence represent a package vulnerability.
94
+ VULNERABILITY = 1
95
+
96
+ # The note and occurrence assert build provenance.
97
+ BUILD = 2
98
+
99
+ # This represents an image basis relationship.
100
+ IMAGE = 3
101
+
102
+ # This represents a package installed via a package manager.
103
+ PACKAGE = 4
104
+
105
+ # The note and occurrence track deployment events.
106
+ DEPLOYMENT = 5
107
+
108
+ # The note and occurrence track the initial discovery status of a resource.
109
+ DISCOVERY = 6
110
+
111
+ # This represents a logical "role" that can attest to artifacts.
112
+ ATTESTATION = 7
113
+
114
+ # This represents an available package upgrade.
115
+ UPGRADE = 8
116
+ end
117
+ end
118
+ end
@@ -0,0 +1,111 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # Common Vulnerability Scoring System version 3.
23
+ # For details, see https://www.first.org/cvss/specification-document
24
+ # @!attribute [rw] base_score
25
+ # @return [::Float]
26
+ # The base score is a function of the base metric scores.
27
+ # @!attribute [rw] exploitability_score
28
+ # @return [::Float]
29
+ # @!attribute [rw] impact_score
30
+ # @return [::Float]
31
+ # @!attribute [rw] attack_vector
32
+ # @return [::Grafeas::V1::CVSSv3::AttackVector]
33
+ # Base Metrics
34
+ # Represents the intrinsic characteristics of a vulnerability that are
35
+ # constant over time and across user environments.
36
+ # @!attribute [rw] attack_complexity
37
+ # @return [::Grafeas::V1::CVSSv3::AttackComplexity]
38
+ # @!attribute [rw] privileges_required
39
+ # @return [::Grafeas::V1::CVSSv3::PrivilegesRequired]
40
+ # @!attribute [rw] user_interaction
41
+ # @return [::Grafeas::V1::CVSSv3::UserInteraction]
42
+ # @!attribute [rw] scope
43
+ # @return [::Grafeas::V1::CVSSv3::Scope]
44
+ # @!attribute [rw] confidentiality_impact
45
+ # @return [::Grafeas::V1::CVSSv3::Impact]
46
+ # @!attribute [rw] integrity_impact
47
+ # @return [::Grafeas::V1::CVSSv3::Impact]
48
+ # @!attribute [rw] availability_impact
49
+ # @return [::Grafeas::V1::CVSSv3::Impact]
50
+ class CVSSv3
51
+ include ::Google::Protobuf::MessageExts
52
+ extend ::Google::Protobuf::MessageExts::ClassMethods
53
+
54
+ module AttackVector
55
+ ATTACK_VECTOR_UNSPECIFIED = 0
56
+
57
+ ATTACK_VECTOR_NETWORK = 1
58
+
59
+ ATTACK_VECTOR_ADJACENT = 2
60
+
61
+ ATTACK_VECTOR_LOCAL = 3
62
+
63
+ ATTACK_VECTOR_PHYSICAL = 4
64
+ end
65
+
66
+ module AttackComplexity
67
+ ATTACK_COMPLEXITY_UNSPECIFIED = 0
68
+
69
+ ATTACK_COMPLEXITY_LOW = 1
70
+
71
+ ATTACK_COMPLEXITY_HIGH = 2
72
+ end
73
+
74
+ module PrivilegesRequired
75
+ PRIVILEGES_REQUIRED_UNSPECIFIED = 0
76
+
77
+ PRIVILEGES_REQUIRED_NONE = 1
78
+
79
+ PRIVILEGES_REQUIRED_LOW = 2
80
+
81
+ PRIVILEGES_REQUIRED_HIGH = 3
82
+ end
83
+
84
+ module UserInteraction
85
+ USER_INTERACTION_UNSPECIFIED = 0
86
+
87
+ USER_INTERACTION_NONE = 1
88
+
89
+ USER_INTERACTION_REQUIRED = 2
90
+ end
91
+
92
+ module Scope
93
+ SCOPE_UNSPECIFIED = 0
94
+
95
+ SCOPE_UNCHANGED = 1
96
+
97
+ SCOPE_CHANGED = 2
98
+ end
99
+
100
+ module Impact
101
+ IMPACT_UNSPECIFIED = 0
102
+
103
+ IMPACT_HIGH = 1
104
+
105
+ IMPACT_LOW = 2
106
+
107
+ IMPACT_NONE = 3
108
+ end
109
+ end
110
+ end
111
+ end
@@ -0,0 +1,74 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # An artifact that can be deployed in some runtime.
23
+ # @!attribute [rw] resource_uri
24
+ # @return [::Array<::String>]
25
+ # Required. Resource URI for the artifact being deployed.
26
+ class DeploymentNote
27
+ include ::Google::Protobuf::MessageExts
28
+ extend ::Google::Protobuf::MessageExts::ClassMethods
29
+ end
30
+
31
+ # The period during which some deployable was active in a runtime.
32
+ # @!attribute [rw] user_email
33
+ # @return [::String]
34
+ # Identity of the user that triggered this deployment.
35
+ # @!attribute [rw] deploy_time
36
+ # @return [::Google::Protobuf::Timestamp]
37
+ # Required. Beginning of the lifetime of this deployment.
38
+ # @!attribute [rw] undeploy_time
39
+ # @return [::Google::Protobuf::Timestamp]
40
+ # End of the lifetime of this deployment.
41
+ # @!attribute [rw] config
42
+ # @return [::String]
43
+ # Configuration used to create this deployment.
44
+ # @!attribute [rw] address
45
+ # @return [::String]
46
+ # Address of the runtime element hosting this deployment.
47
+ # @!attribute [rw] resource_uri
48
+ # @return [::Array<::String>]
49
+ # Output only. Resource URI for the artifact being deployed taken from
50
+ # the deployable field with the same name.
51
+ # @!attribute [rw] platform
52
+ # @return [::Grafeas::V1::DeploymentOccurrence::Platform]
53
+ # Platform hosting this deployment.
54
+ class DeploymentOccurrence
55
+ include ::Google::Protobuf::MessageExts
56
+ extend ::Google::Protobuf::MessageExts::ClassMethods
57
+
58
+ # Types of platforms.
59
+ module Platform
60
+ # Unknown.
61
+ PLATFORM_UNSPECIFIED = 0
62
+
63
+ # Google Container Engine.
64
+ GKE = 1
65
+
66
+ # Google App Engine: Flexible Environment.
67
+ FLEX = 2
68
+
69
+ # Custom user-defined platform.
70
+ CUSTOM = 3
71
+ end
72
+ end
73
+ end
74
+ end