grafeas-v1 0.2.2 → 0.3.0

data/proto_docs/grafeas/v1/slsa_provenance.rb

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # @!attribute [rw] builder
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaBuilder]
+    # @!attribute [rw] recipe
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaRecipe]
+    #     Identifies the configuration used for the build.
+    #     When combined with materials, this SHOULD fully describe the build,
+    #     such that re-running this recipe results in bit-for-bit identical output
+    #     (if the build is reproducible).
+    # @!attribute [rw] metadata
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaMetadata]
+    # @!attribute [rw] materials
+    #   @return [::Array<::Grafeas::V1::SlsaProvenance::Material>]
+    #     The collection of artifacts that influenced the build including sources,
+    #     dependencies, build tools, base images, and so on. This is considered to be
+    #     incomplete unless metadata.completeness.materials is true. Unset or null is
+    #     equivalent to empty.
+    class SlsaProvenance
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # Steps taken to build the artifact.
+      # For a TaskRun, typically each container corresponds to one step in the
+      # recipe.
+      # @!attribute [rw] type
+      #   @return [::String]
+      #     URI indicating what type of recipe was performed. It determines the
+      #     meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and
+      #     materials.
+      # @!attribute [rw] defined_in_material
+      #   @return [::Integer]
+      #     Index in materials containing the recipe steps that are not implied by
+      #     recipe.type. For example, if the recipe type were "make", then this would
+      #     point to the source containing the Makefile, not the make program itself.
+      #     Set to -1 if the recipe doesn't come from a material, as zero is default
+      #     unset value for int64.
+      # @!attribute [rw] entry_point
+      #   @return [::String]
+      #     String identifying the entry point into the build.
+      #     This is often a path to a configuration file and/or a target label within
+      #     that file. The syntax and meaning are defined by recipe.type. For
+      #     example, if the recipe type were "make", then this would reference the
+      #     directory in which to run make as well as which target to use.
+      # @!attribute [rw] arguments
+      #   @return [::Google::Protobuf::Any]
+      #     Collection of all external inputs that influenced the build on top of
+      #     recipe.definedInMaterial and recipe.entryPoint. For example, if the
+      #     recipe type were "make", then this might be the flags passed to make
+      #     aside from the target, which is captured in recipe.entryPoint. Depending
+      #     on the recipe Type, the structure may be different.
+      # @!attribute [rw] environment
+      #   @return [::Google::Protobuf::Any]
+      #     Any other builder-controlled inputs necessary for correctly evaluating
+      #     the recipe. Usually only needed for reproducing the build but not
+      #     evaluated as part of policy. Depending on the recipe Type, the structure
+      #     may be different.
+      class SlsaRecipe
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Indicates that the builder claims certain fields in this message to be
+      # complete.
+      # @!attribute [rw] arguments
+      #   @return [::Boolean]
+      #     If true, the builder claims that recipe.arguments is complete, meaning
+      #     that all external inputs are properly captured in the recipe.
+      # @!attribute [rw] environment
+      #   @return [::Boolean]
+      #     If true, the builder claims that recipe.environment is claimed to be
+      #     complete.
+      # @!attribute [rw] materials
+      #   @return [::Boolean]
+      #     If true, the builder claims that materials are complete, usually through
+      #     some controls to prevent network access. Sometimes called "hermetic".
+      class SlsaCompleteness
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Other properties of the build.
+      # @!attribute [rw] build_invocation_id
+      #   @return [::String]
+      #     Identifies the particular build invocation, which can be useful for
+      #     finding associated logs or other ad-hoc analysis. The value SHOULD be
+      #     globally unique, per in-toto Provenance spec.
+      # @!attribute [rw] build_started_on
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The timestamp of when the build started.
+      # @!attribute [rw] build_finished_on
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The timestamp of when the build completed.
+      # @!attribute [rw] completeness
+      #   @return [::Grafeas::V1::SlsaProvenance::SlsaCompleteness]
+      #     Indicates that the builder claims certain fields in this message to be
+      #     complete.
+      # @!attribute [rw] reproducible
+      #   @return [::Boolean]
+      #     If true, the builder claims that running the recipe on materials will
+      #     produce bit-for-bit identical output.
+      class SlsaMetadata
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] id
+      #   @return [::String]
+      class SlsaBuilder
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] uri
+      #   @return [::String]
+      # @!attribute [rw] digest
+      #   @return [::Google::Protobuf::Map{::String => ::String}]
+      class Material
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # @!attribute [rw] key
+        #   @return [::String]
+        # @!attribute [rw] value
+        #   @return [::String]
+        class DigestEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/vulnerability.rb

@@ -109,6 +109,12 @@ module Grafeas
       #     The time this information was last changed at the source. This is an
       #     upstream timestamp from the underlying information source - e.g. Ubuntu
       #     security tracker.
+      # @!attribute [rw] source
+      #   @return [::String]
+      #     The source from which the information in this Detail was obtained.
+      # @!attribute [rw] vendor
+      #   @return [::String]
+      #     The name of the vendor of the product.
       class Detail
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -161,6 +167,9 @@ module Grafeas
     #     Output only. The CVSS score of this vulnerability. CVSS score is on a
     #     scale of 0 - 10 where 0 indicates low severity and 10 indicates high
     #     severity.
+    # @!attribute [rw] cvssv3
+    #   @return [::Grafeas::V1::VulnerabilityOccurrence::CVSSV3]
+    #     The cvss v3 score for the vulnerability.
     # @!attribute [rw] package_issue
     #   @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
     #     Required. The set of affected locations and their fixes (if available)
@@ -178,6 +187,14 @@ module Grafeas
     #   @return [::Grafeas::V1::Severity]
     #     The distro assigned severity for this vulnerability when it is available,
     #     otherwise this is the note provider assigned severity.
+    #
+    #     When there are multiple PackageIssues for this vulnerability, they can have
+    #     different effective severities because some might be provided by the distro
+    #     while others are provided by the language ecosystem for a language pack.
+    #     For this reason, it is advised to use the effective severity on the
+    #     PackageIssue level. In the case where multiple PackageIssues have differing
+    #     effective severities, this field should be the highest severity for any of
+    #     the PackageIssues.
     # @!attribute [rw] fix_available
     #   @return [::Boolean]
     #     Output only. Whether at least one of the affected packages has a fix
@@ -186,6 +203,19 @@ module Grafeas
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
 
+      # The CVSS v3 score for this vulnerability.
+      # @!attribute [rw] base_score
+      #   @return [::Float]
+      #     The base score for for this vulnerability according to cvss v3.
+      # @!attribute [rw] severity
+      #   @return [::Grafeas::V1::Severity]
+      #     The severity rating assigned to this vulnerability by vulnerability
+      #     provider.
+      class CVSSV3
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
       # A detail for a distro and package this vulnerability occurrence was found
       # in and its associated fix (if one is available).
       # @!attribute [rw] affected_cpe_uri
@@ -215,6 +245,14 @@ module Grafeas
       # @!attribute [rw] fix_available
       #   @return [::Boolean]
       #     Output only. Whether a fix is available for this package.
+      # @!attribute [rw] package_type
+      #   @return [::String]
+      #     The type of package (e.g. OS, MAVEN, GO).
+      # @!attribute [r] effective_severity
+      #   @return [::Grafeas::V1::Severity]
+      #     The distro or language system assigned severity for this vulnerability
+      #     when that is available and note provider assigned severity when it is not
+      #     available.
       class PackageIssue
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: grafeas-v1
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-11 00:00:00.000000000 Z
+date: 2021-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -173,17 +173,22 @@ files:
 - lib/grafeas/v1/attestation_pb.rb
 - lib/grafeas/v1/build_pb.rb
 - lib/grafeas/v1/common_pb.rb
+- lib/grafeas/v1/compliance_pb.rb
 - lib/grafeas/v1/cvss_pb.rb
 - lib/grafeas/v1/deployment_pb.rb
 - lib/grafeas/v1/discovery_pb.rb
+- lib/grafeas/v1/dsse_attestation_pb.rb
 - lib/grafeas/v1/grafeas.rb
 - lib/grafeas/v1/grafeas/client.rb
 - lib/grafeas/v1/grafeas/paths.rb
 - lib/grafeas/v1/grafeas_pb.rb
 - lib/grafeas/v1/grafeas_services_pb.rb
 - lib/grafeas/v1/image_pb.rb
+- lib/grafeas/v1/intoto_provenance_pb.rb
+- lib/grafeas/v1/intoto_statement_pb.rb
 - lib/grafeas/v1/package_pb.rb
 - lib/grafeas/v1/provenance_pb.rb
+- lib/grafeas/v1/slsa_provenance_pb.rb
 - lib/grafeas/v1/upgrade_pb.rb
 - lib/grafeas/v1/version.rb
 - lib/grafeas/v1/vulnerability_pb.rb
@@ -198,13 +203,18 @@ files:
 - proto_docs/grafeas/v1/attestation.rb
 - proto_docs/grafeas/v1/build.rb
 - proto_docs/grafeas/v1/common.rb
+- proto_docs/grafeas/v1/compliance.rb
 - proto_docs/grafeas/v1/cvss.rb
 - proto_docs/grafeas/v1/deployment.rb
 - proto_docs/grafeas/v1/discovery.rb
+- proto_docs/grafeas/v1/dsse_attestation.rb
 - proto_docs/grafeas/v1/grafeas.rb
 - proto_docs/grafeas/v1/image.rb
+- proto_docs/grafeas/v1/intoto_provenance.rb
+- proto_docs/grafeas/v1/intoto_statement.rb
 - proto_docs/grafeas/v1/package.rb
 - proto_docs/grafeas/v1/provenance.rb
+- proto_docs/grafeas/v1/slsa_provenance.rb
 - proto_docs/grafeas/v1/upgrade.rb
 - proto_docs/grafeas/v1/vulnerability.rb
 homepage: https://github.com/googleapis/google-cloud-ruby