grafeas-v1 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/grafeas/v1/attestation_pb.rb +6 -1
- data/lib/grafeas/v1/build_pb.rb +5 -1
- data/lib/grafeas/v1/common_pb.rb +13 -0
- data/lib/grafeas/v1/compliance_pb.rb +48 -0
- data/lib/grafeas/v1/deployment_pb.rb +1 -1
- data/lib/grafeas/v1/discovery_pb.rb +2 -2
- data/lib/grafeas/v1/dsse_attestation_pb.rb +31 -0
- data/lib/grafeas/v1/grafeas/client.rb +298 -42
- data/lib/grafeas/v1/grafeas_pb.rb +9 -2
- data/lib/grafeas/v1/grafeas_services_pb.rb +1 -1
- data/lib/grafeas/v1/intoto_provenance_pb.rb +49 -0
- data/lib/grafeas/v1/intoto_statement_pb.rb +31 -0
- data/lib/grafeas/v1/package_pb.rb +1 -0
- data/lib/grafeas/v1/provenance_pb.rb +1 -1
- data/lib/grafeas/v1/slsa_provenance_pb.rb +54 -0
- data/lib/grafeas/v1/upgrade_pb.rb +2 -2
- data/lib/grafeas/v1/version.rb +1 -1
- data/lib/grafeas/v1/vulnerability_pb.rb +13 -2
- data/proto_docs/grafeas/v1/attestation.rb +21 -0
- data/proto_docs/grafeas/v1/build.rb +11 -1
- data/proto_docs/grafeas/v1/common.rb +31 -2
- data/proto_docs/grafeas/v1/compliance.rb +98 -0
- data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
- data/proto_docs/grafeas/v1/grafeas.rb +15 -0
- data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
- data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
- data/proto_docs/grafeas/v1/package.rb +8 -0
- data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +38 -0
- metadata +12 -2
@@ -0,0 +1,152 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# @!attribute [rw] builder
|
23
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaBuilder]
|
24
|
+
# @!attribute [rw] recipe
|
25
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaRecipe]
|
26
|
+
# Identifies the configuration used for the build.
|
27
|
+
# When combined with materials, this SHOULD fully describe the build,
|
28
|
+
# such that re-running this recipe results in bit-for-bit identical output
|
29
|
+
# (if the build is reproducible).
|
30
|
+
# @!attribute [rw] metadata
|
31
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaMetadata]
|
32
|
+
# @!attribute [rw] materials
|
33
|
+
# @return [::Array<::Grafeas::V1::SlsaProvenance::Material>]
|
34
|
+
# The collection of artifacts that influenced the build including sources,
|
35
|
+
# dependencies, build tools, base images, and so on. This is considered to be
|
36
|
+
# incomplete unless metadata.completeness.materials is true. Unset or null is
|
37
|
+
# equivalent to empty.
|
38
|
+
class SlsaProvenance
|
39
|
+
include ::Google::Protobuf::MessageExts
|
40
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
41
|
+
|
42
|
+
# Steps taken to build the artifact.
|
43
|
+
# For a TaskRun, typically each container corresponds to one step in the
|
44
|
+
# recipe.
|
45
|
+
# @!attribute [rw] type
|
46
|
+
# @return [::String]
|
47
|
+
# URI indicating what type of recipe was performed. It determines the
|
48
|
+
# meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and
|
49
|
+
# materials.
|
50
|
+
# @!attribute [rw] defined_in_material
|
51
|
+
# @return [::Integer]
|
52
|
+
# Index in materials containing the recipe steps that are not implied by
|
53
|
+
# recipe.type. For example, if the recipe type were "make", then this would
|
54
|
+
# point to the source containing the Makefile, not the make program itself.
|
55
|
+
# Set to -1 if the recipe doesn't come from a material, as zero is default
|
56
|
+
# unset value for int64.
|
57
|
+
# @!attribute [rw] entry_point
|
58
|
+
# @return [::String]
|
59
|
+
# String identifying the entry point into the build.
|
60
|
+
# This is often a path to a configuration file and/or a target label within
|
61
|
+
# that file. The syntax and meaning are defined by recipe.type. For
|
62
|
+
# example, if the recipe type were "make", then this would reference the
|
63
|
+
# directory in which to run make as well as which target to use.
|
64
|
+
# @!attribute [rw] arguments
|
65
|
+
# @return [::Google::Protobuf::Any]
|
66
|
+
# Collection of all external inputs that influenced the build on top of
|
67
|
+
# recipe.definedInMaterial and recipe.entryPoint. For example, if the
|
68
|
+
# recipe type were "make", then this might be the flags passed to make
|
69
|
+
# aside from the target, which is captured in recipe.entryPoint. Depending
|
70
|
+
# on the recipe Type, the structure may be different.
|
71
|
+
# @!attribute [rw] environment
|
72
|
+
# @return [::Google::Protobuf::Any]
|
73
|
+
# Any other builder-controlled inputs necessary for correctly evaluating
|
74
|
+
# the recipe. Usually only needed for reproducing the build but not
|
75
|
+
# evaluated as part of policy. Depending on the recipe Type, the structure
|
76
|
+
# may be different.
|
77
|
+
class SlsaRecipe
|
78
|
+
include ::Google::Protobuf::MessageExts
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
|
82
|
+
# Indicates that the builder claims certain fields in this message to be
|
83
|
+
# complete.
|
84
|
+
# @!attribute [rw] arguments
|
85
|
+
# @return [::Boolean]
|
86
|
+
# If true, the builder claims that recipe.arguments is complete, meaning
|
87
|
+
# that all external inputs are properly captured in the recipe.
|
88
|
+
# @!attribute [rw] environment
|
89
|
+
# @return [::Boolean]
|
90
|
+
# If true, the builder claims that recipe.environment is claimed to be
|
91
|
+
# complete.
|
92
|
+
# @!attribute [rw] materials
|
93
|
+
# @return [::Boolean]
|
94
|
+
# If true, the builder claims that materials are complete, usually through
|
95
|
+
# some controls to prevent network access. Sometimes called "hermetic".
|
96
|
+
class SlsaCompleteness
|
97
|
+
include ::Google::Protobuf::MessageExts
|
98
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
99
|
+
end
|
100
|
+
|
101
|
+
# Other properties of the build.
|
102
|
+
# @!attribute [rw] build_invocation_id
|
103
|
+
# @return [::String]
|
104
|
+
# Identifies the particular build invocation, which can be useful for
|
105
|
+
# finding associated logs or other ad-hoc analysis. The value SHOULD be
|
106
|
+
# globally unique, per in-toto Provenance spec.
|
107
|
+
# @!attribute [rw] build_started_on
|
108
|
+
# @return [::Google::Protobuf::Timestamp]
|
109
|
+
# The timestamp of when the build started.
|
110
|
+
# @!attribute [rw] build_finished_on
|
111
|
+
# @return [::Google::Protobuf::Timestamp]
|
112
|
+
# The timestamp of when the build completed.
|
113
|
+
# @!attribute [rw] completeness
|
114
|
+
# @return [::Grafeas::V1::SlsaProvenance::SlsaCompleteness]
|
115
|
+
# Indicates that the builder claims certain fields in this message to be
|
116
|
+
# complete.
|
117
|
+
# @!attribute [rw] reproducible
|
118
|
+
# @return [::Boolean]
|
119
|
+
# If true, the builder claims that running the recipe on materials will
|
120
|
+
# produce bit-for-bit identical output.
|
121
|
+
class SlsaMetadata
|
122
|
+
include ::Google::Protobuf::MessageExts
|
123
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
124
|
+
end
|
125
|
+
|
126
|
+
# @!attribute [rw] id
|
127
|
+
# @return [::String]
|
128
|
+
class SlsaBuilder
|
129
|
+
include ::Google::Protobuf::MessageExts
|
130
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
131
|
+
end
|
132
|
+
|
133
|
+
# @!attribute [rw] uri
|
134
|
+
# @return [::String]
|
135
|
+
# @!attribute [rw] digest
|
136
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
137
|
+
class Material
|
138
|
+
include ::Google::Protobuf::MessageExts
|
139
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
140
|
+
|
141
|
+
# @!attribute [rw] key
|
142
|
+
# @return [::String]
|
143
|
+
# @!attribute [rw] value
|
144
|
+
# @return [::String]
|
145
|
+
class DigestEntry
|
146
|
+
include ::Google::Protobuf::MessageExts
|
147
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
148
|
+
end
|
149
|
+
end
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
@@ -109,6 +109,12 @@ module Grafeas
|
|
109
109
|
# The time this information was last changed at the source. This is an
|
110
110
|
# upstream timestamp from the underlying information source - e.g. Ubuntu
|
111
111
|
# security tracker.
|
112
|
+
# @!attribute [rw] source
|
113
|
+
# @return [::String]
|
114
|
+
# The source from which the information in this Detail was obtained.
|
115
|
+
# @!attribute [rw] vendor
|
116
|
+
# @return [::String]
|
117
|
+
# The name of the vendor of the product.
|
112
118
|
class Detail
|
113
119
|
include ::Google::Protobuf::MessageExts
|
114
120
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -161,6 +167,9 @@ module Grafeas
|
|
161
167
|
# Output only. The CVSS score of this vulnerability. CVSS score is on a
|
162
168
|
# scale of 0 - 10 where 0 indicates low severity and 10 indicates high
|
163
169
|
# severity.
|
170
|
+
# @!attribute [rw] cvssv3
|
171
|
+
# @return [::Grafeas::V1::VulnerabilityOccurrence::CVSSV3]
|
172
|
+
# The cvss v3 score for the vulnerability.
|
164
173
|
# @!attribute [rw] package_issue
|
165
174
|
# @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
|
166
175
|
# Required. The set of affected locations and their fixes (if available)
|
@@ -178,6 +187,14 @@ module Grafeas
|
|
178
187
|
# @return [::Grafeas::V1::Severity]
|
179
188
|
# The distro assigned severity for this vulnerability when it is available,
|
180
189
|
# otherwise this is the note provider assigned severity.
|
190
|
+
#
|
191
|
+
# When there are multiple PackageIssues for this vulnerability, they can have
|
192
|
+
# different effective severities because some might be provided by the distro
|
193
|
+
# while others are provided by the language ecosystem for a language pack.
|
194
|
+
# For this reason, it is advised to use the effective severity on the
|
195
|
+
# PackageIssue level. In the case where multiple PackageIssues have differing
|
196
|
+
# effective severities, this field should be the highest severity for any of
|
197
|
+
# the PackageIssues.
|
181
198
|
# @!attribute [rw] fix_available
|
182
199
|
# @return [::Boolean]
|
183
200
|
# Output only. Whether at least one of the affected packages has a fix
|
@@ -186,6 +203,19 @@ module Grafeas
|
|
186
203
|
include ::Google::Protobuf::MessageExts
|
187
204
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
188
205
|
|
206
|
+
# The CVSS v3 score for this vulnerability.
|
207
|
+
# @!attribute [rw] base_score
|
208
|
+
# @return [::Float]
|
209
|
+
# The base score for for this vulnerability according to cvss v3.
|
210
|
+
# @!attribute [rw] severity
|
211
|
+
# @return [::Grafeas::V1::Severity]
|
212
|
+
# The severity rating assigned to this vulnerability by vulnerability
|
213
|
+
# provider.
|
214
|
+
class CVSSV3
|
215
|
+
include ::Google::Protobuf::MessageExts
|
216
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
217
|
+
end
|
218
|
+
|
189
219
|
# A detail for a distro and package this vulnerability occurrence was found
|
190
220
|
# in and its associated fix (if one is available).
|
191
221
|
# @!attribute [rw] affected_cpe_uri
|
@@ -215,6 +245,14 @@ module Grafeas
|
|
215
245
|
# @!attribute [rw] fix_available
|
216
246
|
# @return [::Boolean]
|
217
247
|
# Output only. Whether a fix is available for this package.
|
248
|
+
# @!attribute [rw] package_type
|
249
|
+
# @return [::String]
|
250
|
+
# The type of package (e.g. OS, MAVEN, GO).
|
251
|
+
# @!attribute [r] effective_severity
|
252
|
+
# @return [::Grafeas::V1::Severity]
|
253
|
+
# The distro or language system assigned severity for this vulnerability
|
254
|
+
# when that is available and note provider assigned severity when it is not
|
255
|
+
# available.
|
218
256
|
class PackageIssue
|
219
257
|
include ::Google::Protobuf::MessageExts
|
220
258
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grafeas-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-08
|
11
|
+
date: 2021-11-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -173,17 +173,22 @@ files:
|
|
173
173
|
- lib/grafeas/v1/attestation_pb.rb
|
174
174
|
- lib/grafeas/v1/build_pb.rb
|
175
175
|
- lib/grafeas/v1/common_pb.rb
|
176
|
+
- lib/grafeas/v1/compliance_pb.rb
|
176
177
|
- lib/grafeas/v1/cvss_pb.rb
|
177
178
|
- lib/grafeas/v1/deployment_pb.rb
|
178
179
|
- lib/grafeas/v1/discovery_pb.rb
|
180
|
+
- lib/grafeas/v1/dsse_attestation_pb.rb
|
179
181
|
- lib/grafeas/v1/grafeas.rb
|
180
182
|
- lib/grafeas/v1/grafeas/client.rb
|
181
183
|
- lib/grafeas/v1/grafeas/paths.rb
|
182
184
|
- lib/grafeas/v1/grafeas_pb.rb
|
183
185
|
- lib/grafeas/v1/grafeas_services_pb.rb
|
184
186
|
- lib/grafeas/v1/image_pb.rb
|
187
|
+
- lib/grafeas/v1/intoto_provenance_pb.rb
|
188
|
+
- lib/grafeas/v1/intoto_statement_pb.rb
|
185
189
|
- lib/grafeas/v1/package_pb.rb
|
186
190
|
- lib/grafeas/v1/provenance_pb.rb
|
191
|
+
- lib/grafeas/v1/slsa_provenance_pb.rb
|
187
192
|
- lib/grafeas/v1/upgrade_pb.rb
|
188
193
|
- lib/grafeas/v1/version.rb
|
189
194
|
- lib/grafeas/v1/vulnerability_pb.rb
|
@@ -198,13 +203,18 @@ files:
|
|
198
203
|
- proto_docs/grafeas/v1/attestation.rb
|
199
204
|
- proto_docs/grafeas/v1/build.rb
|
200
205
|
- proto_docs/grafeas/v1/common.rb
|
206
|
+
- proto_docs/grafeas/v1/compliance.rb
|
201
207
|
- proto_docs/grafeas/v1/cvss.rb
|
202
208
|
- proto_docs/grafeas/v1/deployment.rb
|
203
209
|
- proto_docs/grafeas/v1/discovery.rb
|
210
|
+
- proto_docs/grafeas/v1/dsse_attestation.rb
|
204
211
|
- proto_docs/grafeas/v1/grafeas.rb
|
205
212
|
- proto_docs/grafeas/v1/image.rb
|
213
|
+
- proto_docs/grafeas/v1/intoto_provenance.rb
|
214
|
+
- proto_docs/grafeas/v1/intoto_statement.rb
|
206
215
|
- proto_docs/grafeas/v1/package.rb
|
207
216
|
- proto_docs/grafeas/v1/provenance.rb
|
217
|
+
- proto_docs/grafeas/v1/slsa_provenance.rb
|
208
218
|
- proto_docs/grafeas/v1/upgrade.rb
|
209
219
|
- proto_docs/grafeas/v1/vulnerability.rb
|
210
220
|
homepage: https://github.com/googleapis/google-cloud-ruby
|