Documentation ¶
Index ¶
- Variables
- func CacheExpires(r *http.Response) time.Time
- type APIClient
- type APIKey
- type APIResponse
- type ApiAliasContext
- type ApiAliasContextKind
- type ApiArtifact
- type ApiBuildDetails
- type ApiBuildProvenance
- type ApiBuildSignature
- type ApiBuildType
- type ApiCloudRepoSourceContext
- type ApiCommand
- type ApiCreateOperationRequest
- type ApiDeployable
- type ApiDiscovery
- type ApiFileHashes
- type ApiGerritSourceContext
- type ApiGitSourceContext
- type ApiHash
- type ApiListNoteOccurrencesResponse
- type ApiListNotesResponse
- type ApiListOccurrencesResponse
- type ApiListProjectsResponse
- type ApiNote
- type ApiNoteKind
- type ApiOccurrence
- type ApiPackageManagerLocation
- type ApiPgpSignedAttestation
- type ApiProject
- type ApiProjectRepoId
- type ApiRepoId
- type ApiRepoSource
- type ApiSource
- type ApiSourceContext
- type ApiStorageSource
- type ApiUpdateOperationRequest
- type ApiVulnerabilityType
- type AttestationAuthorityAttestationDetails
- type BasicAuth
- type BuildSignatureKeyType
- type Configuration
- type DeployableDeploymentDetails
- type DeploymentDetailsPlatform
- type DiscoveryDiscoveredDetails
- type DockerImageBasis
- type DockerImageDerivedDetails
- type DockerImageFingerprint
- type DockerImageLayer
- type GenericSwaggerError
- type GrafeasApiService
- func (a *GrafeasApiService) CreateNote(ctx context.Context, parent string, body ApiNote) (ApiNote, *http.Response, error)
- func (a *GrafeasApiService) CreateOccurrence(ctx context.Context, parent string, body ApiOccurrence) (ApiOccurrence, *http.Response, error)
- func (a *GrafeasApiService) CreateOperation(ctx context.Context, parent string, body ApiCreateOperationRequest) (LongrunningOperation, *http.Response, error)
- func (a *GrafeasApiService) GetOccurrenceNote(ctx context.Context, name string) (ApiNote, *http.Response, error)
- func (a *GrafeasApiService) ListNoteOccurrences(ctx context.Context, name string, localVarOptionals *ListNoteOccurrencesOpts) (ApiListNoteOccurrencesResponse, *http.Response, error)
- func (a *GrafeasApiService) ListNotes(ctx context.Context, parent string, localVarOptionals *ListNotesOpts) (ApiListNotesResponse, *http.Response, error)
- func (a *GrafeasApiService) ListOccurrences(ctx context.Context, parent string, localVarOptionals *ListOccurrencesOpts) (ApiListOccurrencesResponse, *http.Response, error)
- func (a *GrafeasApiService) UpdateNote(ctx context.Context, name string, body ApiNote) (ApiNote, *http.Response, error)
- type GrafeasProjectsApiService
- func (a *GrafeasProjectsApiService) CreateProject(ctx context.Context, body ApiProject) (ProtobufEmpty, *http.Response, error)
- func (a *GrafeasProjectsApiService) DeleteProject(ctx context.Context, name string) (ProtobufEmpty, *http.Response, error)
- func (a *GrafeasProjectsApiService) GetProject(ctx context.Context, name string) (ApiProject, *http.Response, error)
- func (a *GrafeasProjectsApiService) ListProjects(ctx context.Context, localVarOptionals *ListProjectsOpts) (ApiListProjectsResponse, *http.Response, error)
- type HashHashType
- type LayerDirective
- type ListNoteOccurrencesOpts
- type ListNotesOpts
- type ListOccurrencesOpts
- type ListProjectsOpts
- type LongrunningOperation
- type NoteRelatedUrl
- type PackageManagerArchitecture
- type PackageManagerDistribution
- type PackageManagerInstallationDetails
- type PackageManagerPackage
- type PgpSignedAttestationContentType
- type ProtobufAny
- type ProtobufEmpty
- type ProtobufFieldMask
- type RpcStatus
- type VersionVersionKind
- type VulnerabilityTypeDetail
- type VulnerabilityTypePackageIssue
- type VulnerabilityTypeSeverity
- type VulnerabilityTypeVersion
- type VulnerabilityTypeVulnerabilityDetails
- type VulnerabilityTypeVulnerabilityLocation
Constants ¶
This section is empty.
Variables ¶
var ( // ContextOAuth2 takes a oauth2.TokenSource as authentication for the request. ContextOAuth2 = contextKey("token") // ContextBasicAuth takes BasicAuth as authentication for the request. ContextBasicAuth = contextKey("basic") // ContextAccessToken takes a string oauth2 access token as authentication for the request. ContextAccessToken = contextKey("accesstoken") // ContextAPIKey takes an APIKey as authentication for the request ContextAPIKey = contextKey("apikey") )
Functions ¶
Types ¶
type APIClient ¶
type APIClient struct { GrafeasApi *GrafeasApiService GrafeasProjectsApi *GrafeasProjectsApiService // contains filtered or unexported fields }
APIClient manages communication with the Grafeas API API vv1alpha1 In most cases there should be only one, shared, APIClient.
func NewAPIClient ¶
func NewAPIClient(cfg *Configuration) *APIClient
NewAPIClient creates a new API client. Requires a userAgent string describing your application. optionally a custom http.Client to allow for advanced features such as caching.
func (*APIClient) ChangeBasePath ¶
Change base path to allow switching to mocks
type APIKey ¶
APIKey provides API key based authentication to a request passed via context using ContextAPIKey
type APIResponse ¶
type APIResponse struct { *http.Response `json:"-"` Message string `json:"message,omitempty"` // Operation is the name of the swagger operation. Operation string `json:"operation,omitempty"` // RequestURL is the request URL. This value is always available, even if the // embedded *http.Response is nil. RequestURL string `json:"url,omitempty"` // Method is the HTTP method used for the request. This value is always // available, even if the embedded *http.Response is nil. Method string `json:"method,omitempty"` // Payload holds the contents of the response body (which may be nil or empty). // This is provided here as the raw response.Body() reader will have already // been drained. Payload []byte `json:"-"` }
func NewAPIResponse ¶
func NewAPIResponse(r *http.Response) *APIResponse
func NewAPIResponseWithError ¶
func NewAPIResponseWithError(errorMessage string) *APIResponse
type ApiAliasContext ¶
type ApiAliasContext struct { // The alias kind. Kind *ApiAliasContextKind `json:"kind,omitempty"` // The alias name. Name string `json:"name,omitempty"` }
An alias to a repo revision.
type ApiAliasContextKind ¶
type ApiAliasContextKind string
ApiAliasContextKind : The type of an alias. - KIND_UNSPECIFIED: Unknown. - FIXED: Git tag. - MOVABLE: Git branch. - OTHER: Used to specify non-standard aliases. For example, if a Git repo has a ref named \"refs/foo/bar\".
const ( KIND_UNSPECIFIED ApiAliasContextKind = "KIND_UNSPECIFIED" FIXED ApiAliasContextKind = "FIXED" MOVABLE ApiAliasContextKind = "MOVABLE" OTHER ApiAliasContextKind = "OTHER" )
List of apiAliasContextKind
type ApiArtifact ¶
type ApiArtifact struct { // Name of the artifact. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. This field is deprecated in favor of the plural `names` field; it continues to exist here to allow existing BuildProvenance serialized to json in google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to deserialize back into proto. Name string `json:"name,omitempty"` // Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container. Checksum string `json:"checksum,omitempty"` Id string `json:"id,omitempty"` // Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image. Names []string `json:"names,omitempty"` }
Artifact describes a build product.
type ApiBuildDetails ¶
type ApiBuildDetails struct { Provenance *ApiBuildProvenance `json:"provenance,omitempty"` // Serialized JSON representation of the provenance, used in generating the `BuildSignature` in the corresponding Result. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes. ProvenanceBytes string `json:"provenance_bytes,omitempty"` }
Message encapsulating build provenance details.
type ApiBuildProvenance ¶
type ApiBuildProvenance struct { // Unique identifier of the build. Id string `json:"id,omitempty"` // ID of the project. ProjectId string `json:"project_id,omitempty"` // Commands requested by the build. Commands []ApiCommand `json:"commands,omitempty"` // Output of the build. BuiltArtifacts []ApiArtifact `json:"built_artifacts,omitempty"` // Time at which the build was created. CreateTime time.Time `json:"create_time,omitempty"` // Time at which execution of the build was started. StartTime time.Time `json:"start_time,omitempty"` // Time at which execution of the build was finished. FinishTime time.Time `json:"finish_time,omitempty"` // E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time. Creator string `json:"creator,omitempty"` // Google Cloud Storage bucket where logs were written. LogsBucket string `json:"logs_bucket,omitempty"` // Details of the Source input to the build. SourceProvenance *ApiSource `json:"source_provenance,omitempty"` // Trigger identifier if the build was triggered automatically; empty if not. TriggerId string `json:"trigger_id,omitempty"` // Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details. BuildOptions map[string]string `json:"build_options,omitempty"` // Version string of the builder at the time this build was executed. BuilderVersion string `json:"builder_version,omitempty"` }
Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.
type ApiBuildSignature ¶
type ApiBuildSignature struct { // Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Container Builder based signatures, this is a PEM encoded public key. To verify the Cloud Container Builder signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from `BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem -signature signature.bin signed.bin` PublicKey string `json:"public_key,omitempty"` // Signature of the related `BuildProvenance`, encoded in a base64 string. Signature string `json:"signature,omitempty"` // An Id for the key used to sign. This could be either an Id for the key stored in `public_key` (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). KeyId string `json:"key_id,omitempty"` KeyType *BuildSignatureKeyType `json:"key_type,omitempty"` }
Message encapsulating the signature of the verified build.
type ApiBuildType ¶
type ApiBuildType struct { // Version of the builder which produced this Note. BuilderVersion string `json:"builder_version,omitempty"` // Signature of the build in Occurrences pointing to the Note containing this `BuilderDetails`. Signature *ApiBuildSignature `json:"signature,omitempty"` }
Note holding the version of the provider's builder and the signature of the provenance message in linked BuildDetails.
type ApiCloudRepoSourceContext ¶
type ApiCloudRepoSourceContext struct { // The ID of the repo. RepoId *ApiRepoId `json:"repo_id,omitempty"` // A revision ID. RevisionId string `json:"revision_id,omitempty"` // An alias, which may be a branch or tag. AliasContext *ApiAliasContext `json:"alias_context,omitempty"` }
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
type ApiCommand ¶
type ApiCommand struct { // Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`. Name string `json:"name,omitempty"` // Environment variables set before running this Command. Env []string `json:"env,omitempty"` // Command-line arguments used when executing this Command. Args []string `json:"args,omitempty"` // Working directory (relative to project source root) used when running this Command. Dir string `json:"dir,omitempty"` // Optional unique identifier for this Command, used in wait_for to reference this Command as a dependency. Id string `json:"id,omitempty"` // The ID(s) of the Command(s) that this Command depends on. WaitFor []string `json:"wait_for,omitempty"` }
Command describes a step performed as part of the build pipeline.
type ApiCreateOperationRequest ¶
type ApiCreateOperationRequest struct { // The projectId that this operation should be created under. Parent string `json:"parent,omitempty"` // The ID to use for this operation. OperationId string `json:"operation_id,omitempty"` // The operation to create. Operation *LongrunningOperation `json:"operation,omitempty"` }
type ApiDeployable ¶
type ApiDeployable struct { // Resource URI for the artifact being deployed. ResourceUri []string `json:"resource_uri,omitempty"` }
An artifact that can be deployed in some runtime.
type ApiDiscovery ¶
type ApiDiscovery struct { // The kind of analysis that is handled by this discovery. AnalysisKind *ApiNoteKind `json:"analysis_kind,omitempty"` }
A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis. The occurrence's operation will indicate the status of the analysis. Absence of an occurrence linked to this note for a resource indicates that analysis hasn't started.
type ApiFileHashes ¶
type ApiFileHashes struct { // Collection of file hashes. FileHash []ApiHash `json:"file_hash,omitempty"` }
Container message for hashes of byte content of files, used in Source messages to verify integrity of source input to the build.
type ApiGerritSourceContext ¶
type ApiGerritSourceContext struct { // The URI of a running Gerrit instance. HostUri string `json:"host_uri,omitempty"` // The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project. GerritProject string `json:"gerrit_project,omitempty"` // A revision (commit) ID. RevisionId string `json:"revision_id,omitempty"` // An alias, which may be a branch or tag. AliasContext *ApiAliasContext `json:"alias_context,omitempty"` }
A SourceContext referring to a Gerrit project.
type ApiGitSourceContext ¶
type ApiGitSourceContext struct { // Git repository URL. Url string `json:"url,omitempty"` // Required. Git commit hash. RevisionId string `json:"revision_id,omitempty"` }
A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).
type ApiHash ¶
type ApiHash struct { // The type of hash that was performed. Type_ *HashHashType `json:"type,omitempty"` // The hash value. Value string `json:"value,omitempty"` }
Container message for hash values.
type ApiListNoteOccurrencesResponse ¶
type ApiListNoteOccurrencesResponse struct { // The occurrences attached to the specified note. Occurrences []ApiOccurrence `json:"occurrences,omitempty"` // Token to receive the next page of notes. NextPageToken string `json:"next_page_token,omitempty"` }
Response including listed occurrences for a note.
type ApiListNotesResponse ¶
type ApiListNotesResponse struct { Notes []ApiNote `json:"notes,omitempty"` // The next pagination token in the list response. It should be used as page_token for the following request. An empty value means no more result. NextPageToken string `json:"next_page_token,omitempty"` }
Response including listed notes.
type ApiListOccurrencesResponse ¶
type ApiListOccurrencesResponse struct { // The occurrences requested. Occurrences []ApiOccurrence `json:"occurrences,omitempty"` // The next pagination token in the list response. It should be used as `page_token` for the following request. An empty value means no more results. NextPageToken string `json:"next_page_token,omitempty"` }
Response including listed active occurrences.
type ApiListProjectsResponse ¶
type ApiListProjectsResponse struct { // The projects requested. Projects []ApiProject `json:"projects,omitempty"` // The next pagination token in the list response. It should be used as `page_token` for the following request. An empty value means no more results. NextPageToken string `json:"next_page_token,omitempty"` }
type ApiNote ¶
type ApiNote struct { Name string `json:"name,omitempty"` // A one sentence description of this `Note`. ShortDescription string `json:"short_description,omitempty"` // A detailed description of this `Note`. LongDescription string `json:"long_description,omitempty"` // Output only. This explicitly denotes which kind of note is specified. This field can be used as a filter in list requests. Kind *ApiNoteKind `json:"kind,omitempty"` // A package vulnerability type of note. VulnerabilityType *ApiVulnerabilityType `json:"vulnerability_type,omitempty"` // Build provenance type for a verifiable build. BuildType *ApiBuildType `json:"build_type,omitempty"` // A note describing a base image. BaseImage *DockerImageBasis `json:"base_image,omitempty"` // A note describing a package hosted by various package managers. Package_ *PackageManagerPackage `json:"package,omitempty"` // A note describing something that can be deployed. Deployable *ApiDeployable `json:"deployable,omitempty"` // A note describing a provider/analysis type. Discovery *ApiDiscovery `json:"discovery,omitempty"` RelatedUrl []NoteRelatedUrl `json:"related_url,omitempty"` // Time of expiration for this note, null if note does not expire. ExpirationTime time.Time `json:"expiration_time,omitempty"` // Output only. The time this note was created. This field can be used as a filter in list requests. CreateTime time.Time `json:"create_time,omitempty"` // Output only. The time this note was last updated. This field can be used as a filter in list requests. UpdateTime time.Time `json:"update_time,omitempty"` OperationName string `json:"operation_name,omitempty"` }
Provides a detailed description of a `Note`.
type ApiNoteKind ¶
type ApiNoteKind string
ApiNoteKind : This must be 1:1 with members of our oneofs, it can be used for filtering Note and Occurrence on their kind. - NOTE_KIND_UNSPECIFIED: Unknown - PACKAGE_VULNERABILITY: The note and occurrence represent a package vulnerability. - BUILD_DETAILS: The note and occurrence assert build provenance. - IMAGE_BASIS: This represents an image basis relationship. - PACKAGE_MANAGER: This represents a package installed via a package manager. - DEPLOYABLE: The note and occurrence track deployment events. - DISCOVERY: The note and occurrence track the initial discovery status of a resource. - ATTESTATION_AUTHORITY: This represents a logical \"role\" that can attest to artifacts.
const ( NOTE_KIND_UNSPECIFIED ApiNoteKind = "KIND_UNSPECIFIED" PACKAGE_VULNERABILITY ApiNoteKind = "PACKAGE_VULNERABILITY" BUILD_DETAILS ApiNoteKind = "BUILD_DETAILS" IMAGE_BASIS ApiNoteKind = "IMAGE_BASIS" PACKAGE_MANAGER ApiNoteKind = "PACKAGE_MANAGER" DEPLOYABLE ApiNoteKind = "DEPLOYABLE" DISCOVERY ApiNoteKind = "DISCOVERY" ATTESTATION_AUTHORITY ApiNoteKind = "ATTESTATION_AUTHORITY" )
List of apiNoteKind
type ApiOccurrence ¶
type ApiOccurrence struct { Name string `json:"name,omitempty"` // The unique URL of the image or the container for which the `Occurrence` applies. For example, https://gcr.io/project/image@sha256:foo This field can be used as a filter in list requests. ResourceUrl string `json:"resource_url,omitempty"` // An analysis note associated with this image, in the form \"providers/{provider_id}/notes/{NOTE_ID}\" This field can be used as a filter in list requests. NoteName string `json:"note_name,omitempty"` // Output only. This explicitly denotes which of the `Occurrence` details are specified. This field can be used as a filter in list requests. Kind *ApiNoteKind `json:"kind,omitempty"` // Details of a security vulnerability note. VulnerabilityDetails *VulnerabilityTypeVulnerabilityDetails `json:"vulnerability_details,omitempty"` // Build details for a verifiable build. BuildDetails *ApiBuildDetails `json:"build_details,omitempty"` // Describes how this resource derives from the basis in the associated note. DerivedImageDetails *DockerImageDerivedDetails `json:"derived_image_details,omitempty"` // Describes the installation of a package on the linked resource. InstallationDetails *PackageManagerInstallationDetails `json:"installation_details,omitempty"` // Describes the deployment of an artifact on a runtime. DeploymentDetails *DeployableDeploymentDetails `json:"deployment_details,omitempty"` // Describes the initial scan status for this resource. DiscoveredDetails *DiscoveryDiscoveredDetails `json:"discovered_details,omitempty"` // Describes an attestation of an artifact. AttestationDetails *AttestationAuthorityAttestationDetails `json:"attestation_details,omitempty"` Remediation string `json:"remediation,omitempty"` // Output only. The time this `Occurrence` was created. CreateTime time.Time `json:"create_time,omitempty"` // Output only. The time this `Occurrence` was last updated. UpdateTime time.Time `json:"update_time,omitempty"` OperationName string `json:"operation_name,omitempty"` }
`Occurrence` includes information about analysis occurrences for an image.
type ApiPackageManagerLocation ¶
type ApiPackageManagerLocation struct { // The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. CpeUri string `json:"cpe_uri,omitempty"` // The version installed at this location. Version *VulnerabilityTypeVersion `json:"version,omitempty"` // The path from which we gathered that this package/version is installed. Path string `json:"path,omitempty"` }
type ApiPgpSignedAttestation ¶
type ApiPgpSignedAttestation struct { // The raw content of the signature, as output by gpg or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (`--armor` to gpg), non-clearsigned (`--sign` rather than `--clearsign` to gpg) are supported. Concretely, `gpg --sign --armor --output=signature.gpg payload.json` will create the signature content expected in this field in `signature.gpg` for the `payload.json` attestation payload. Signature string `json:"signature,omitempty"` // Type (e.g. schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (e.g. by validating a JSON schema). ContentType *PgpSignedAttestationContentType `json:"content_type,omitempty"` // The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. `gpg --list-keys`. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexidecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge \"LONG\", \"SHORT\", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the `fpr` field returned when calling --list-keys with --with-colons. For example: “` gpg --with-colons --with-fingerprint --force-v4-certs \\ --list-keys attester@example.com tru::1:1513631572:0:3:1:5 pub:...<SNIP>... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: “` Above, the fingerprint is `24FF6481B76AC91E66A00AC657A93A81EF3AE6FB`. PgpKeyId string `json:"pgp_key_id,omitempty"` }
An attestation wrapper with a PGP-compatible signature. This message only supports ATTACHED signatures, where the payload that is signed is included alongside the signature itself in the same file.
type ApiProject ¶
type ApiProject struct {
Name string `json:"name,omitempty"`
}
Provides detailed description of a `Project`.
type ApiProjectRepoId ¶
type ApiProjectRepoId struct { // The ID of the project. ProjectId string `json:"project_id,omitempty"` // The name of the repo. Leave empty for the default repo. RepoName string `json:"repo_name,omitempty"` }
Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.
type ApiRepoId ¶
type ApiRepoId struct { // A combination of a project ID and a repo name. ProjectRepoId *ApiProjectRepoId `json:"project_repo_id,omitempty"` // A server-assigned, globally unique identifier. Uid string `json:"uid,omitempty"` }
A unique identifier for a Cloud Repo.
type ApiRepoSource ¶
type ApiRepoSource struct { // ID of the project that owns the repo. ProjectId string `json:"project_id,omitempty"` // Name of the repo. RepoName string `json:"repo_name,omitempty"` // Name of the branch to build. BranchName string `json:"branch_name,omitempty"` // Name of the tag to build. TagName string `json:"tag_name,omitempty"` // Explicit commit SHA to build. CommitSha string `json:"commit_sha,omitempty"` }
RepoSource describes the location of the source in a Google Cloud Source Repository.
type ApiSource ¶
type ApiSource struct { // If provided, get the source from this location in in Google Cloud Storage. StorageSource *ApiStorageSource `json:"storage_source,omitempty"` // If provided, get source from this location in a Cloud Repo. RepoSource *ApiRepoSource `json:"repo_source,omitempty"` // If provided, the input binary artifacts for the build came from this location. ArtifactStorageSource *ApiStorageSource `json:"artifact_storage_source,omitempty"` // Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file. FileHashes map[string]ApiFileHashes `json:"file_hashes,omitempty"` // If provided, the source code used for the build came from this location. Context *ApiSourceContext `json:"context,omitempty"` // If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field. AdditionalContexts []ApiSourceContext `json:"additional_contexts,omitempty"` }
Source describes the location of the source used for the build.
type ApiSourceContext ¶
type ApiSourceContext struct { // A SourceContext referring to a revision in a Google Cloud Source Repo. CloudRepo *ApiCloudRepoSourceContext `json:"cloud_repo,omitempty"` // A SourceContext referring to a Gerrit project. Gerrit *ApiGerritSourceContext `json:"gerrit,omitempty"` // A SourceContext referring to any third party Git repo (e.g., GitHub). Git *ApiGitSourceContext `json:"git,omitempty"` // Labels with user defined metadata. Labels map[string]string `json:"labels,omitempty"` }
A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.
type ApiStorageSource ¶
type ApiStorageSource struct { // Google Cloud Storage bucket containing source (see [Bucket Name Requirements] (https://cloud.google.com/storage/docs/bucket-naming#requirements)). Bucket string `json:"bucket,omitempty"` // Google Cloud Storage object containing source. Object string `json:"object,omitempty"` // Google Cloud Storage generation for the object. Generation string `json:"generation,omitempty"` }
StorageSource describes the location of the source in an archive file in Google Cloud Storage.
type ApiUpdateOperationRequest ¶
type ApiUpdateOperationRequest struct { // The name of the Operation. Should be of the form \"projects/{provider_id}/operations/{operation_id}\". Name string `json:"name,omitempty"` // The operation to create. Operation *LongrunningOperation `json:"operation,omitempty"` }
type ApiVulnerabilityType ¶
type ApiVulnerabilityType struct { // The CVSS score for this Vulnerability. CvssScore float32 `json:"cvss_score,omitempty"` Severity *VulnerabilityTypeSeverity `json:"severity,omitempty"` // All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in. Details []VulnerabilityTypeDetail `json:"details,omitempty"` }
VulnerabilityType provides metadata about a security vulnerability.
type AttestationAuthorityAttestationDetails ¶
type AttestationAuthorityAttestationDetails struct {
PgpSignedAttestation *ApiPgpSignedAttestation `json:"pgp_signed_attestation,omitempty"`
}
type BasicAuth ¶
type BasicAuth struct { UserName string `json:"userName,omitempty"` Password string `json:"password,omitempty"` }
BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth
type BuildSignatureKeyType ¶
type BuildSignatureKeyType string
BuildSignatureKeyType : - KEY_TYPE_UNSPECIFIED: `KeyType` is not set. - PGP_ASCII_ARMORED: `PGP ASCII Armored` public key. - PKIX_PEM: `PKIX PEM` public key.
const ( KEY_TYPE_UNSPECIFIED BuildSignatureKeyType = "KEY_TYPE_UNSPECIFIED" PGP_ASCII_ARMORED BuildSignatureKeyType = "PGP_ASCII_ARMORED" PKIX_PEM BuildSignatureKeyType = "PKIX_PEM" )
List of BuildSignatureKeyType
type Configuration ¶
type Configuration struct { BasePath string `json:"basePath,omitempty"` Host string `json:"host,omitempty"` Scheme string `json:"scheme,omitempty"` DefaultHeader map[string]string `json:"defaultHeader,omitempty"` UserAgent string `json:"userAgent,omitempty"` HTTPClient *http.Client }
func NewConfiguration ¶
func NewConfiguration() *Configuration
func (*Configuration) AddDefaultHeader ¶
func (c *Configuration) AddDefaultHeader(key string, value string)
type DeployableDeploymentDetails ¶
type DeployableDeploymentDetails struct { // Identity of the user that triggered this deployment. UserEmail string `json:"user_email,omitempty"` // Beginning of the lifetime of this deployment. DeployTime time.Time `json:"deploy_time,omitempty"` // End of the lifetime of this deployment. UndeployTime time.Time `json:"undeploy_time,omitempty"` // Configuration used to create this deployment. Config string `json:"config,omitempty"` // Address of the runtime element hosting this deployment. Address string `json:"address,omitempty"` // Output only. Resource URI for the artifact being deployed taken from the deployable field with the same name. ResourceUri []string `json:"resource_uri,omitempty"` // Platform hosting this deployment. Platform *DeploymentDetailsPlatform `json:"platform,omitempty"` }
The period during which some deployable was active in a runtime.
type DeploymentDetailsPlatform ¶
type DeploymentDetailsPlatform string
DeploymentDetailsPlatform : Types of platforms. - PLATFORM_UNSPECIFIED: Unknown - GKE: Google Container Engine - FLEX: Google App Engine: Flexible Environment - CUSTOM: Custom user-defined platform
const ( PLATFORM_UNSPECIFIED DeploymentDetailsPlatform = "PLATFORM_UNSPECIFIED" GKE DeploymentDetailsPlatform = "GKE" FLEX DeploymentDetailsPlatform = "FLEX" CUSTOM DeploymentDetailsPlatform = "CUSTOM" )
List of DeploymentDetailsPlatform
type DiscoveryDiscoveredDetails ¶
type DiscoveryDiscoveredDetails struct { // Output only. An operation that indicates the status of the current scan. Operation *LongrunningOperation `json:"operation,omitempty"` }
Provides information about the scan status of a discovered resource.
type DockerImageBasis ¶
type DockerImageBasis struct { // The resource_url for the resource representing the basis of associated occurrence images. ResourceUrl string `json:"resource_url,omitempty"` Fingerprint *DockerImageFingerprint `json:"fingerprint,omitempty"` }
Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM <Basis.resource_url> Or an equivalent reference, e.g. a tag of the resource_url.
type DockerImageDerivedDetails ¶
type DockerImageDerivedDetails struct { Fingerprint *DockerImageFingerprint `json:"fingerprint,omitempty"` // Output only. The number of layers by which this image differs from the associated image basis. Distance int64 `json:"distance,omitempty"` // This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer. LayerInfo []DockerImageLayer `json:"layer_info,omitempty"` BaseResourceUrl string `json:"base_resource_url,omitempty"` }
Derived describes the derived image portion (Occurrence) of the DockerImage relationship. This image would be produced from a Dockerfile with FROM <DockerImage.Basis in attached Note>.
type DockerImageFingerprint ¶
type DockerImageFingerprint struct { // The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests. V1Name string `json:"v1_name,omitempty"` // The ordered list of v2 blobs that represent a given image. V2Blob []string `json:"v2_blob,omitempty"` // Output only. The name of the image's v2 blobs computed via: [bottom] := v2_blob[bottom] [N] := sha256(v2_blob[N] + \" \" + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests. V2Name string `json:"v2_name,omitempty"` }
A set of properties that uniquely identify a given Docker image.
type DockerImageLayer ¶
type DockerImageLayer struct { // The recovered Dockerfile directive used to construct this layer. Directive *LayerDirective `json:"directive,omitempty"` // The recovered arguments to the Dockerfile directive. Arguments string `json:"arguments,omitempty"` }
Layer holds metadata specific to a layer of a Docker image.
type GenericSwaggerError ¶
type GenericSwaggerError struct {
// contains filtered or unexported fields
}
GenericSwaggerError Provides access to the body, error and model on returned errors.
func (GenericSwaggerError) Body ¶
func (e GenericSwaggerError) Body() []byte
Body returns the raw bytes of the response
func (GenericSwaggerError) Error ¶
func (e GenericSwaggerError) Error() string
Error returns non-empty string if there was an error.
func (GenericSwaggerError) Model ¶
func (e GenericSwaggerError) Model() interface{}
Model returns the unpacked model of the error
type GrafeasApiService ¶
type GrafeasApiService service
func (*GrafeasApiService) CreateNote ¶
func (a *GrafeasApiService) CreateNote(ctx context.Context, parent string, body ApiNote) (ApiNote, *http.Response, error)
GrafeasApiService Creates a new `Note`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param parent
- @param body
@return ApiNote
func (*GrafeasApiService) CreateOccurrence ¶
func (a *GrafeasApiService) CreateOccurrence(ctx context.Context, parent string, body ApiOccurrence) (ApiOccurrence, *http.Response, error)
GrafeasApiService Creates a new `Occurrence`. Use this method to create `Occurrences` for a resource.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param parent
- @param body
@return ApiOccurrence
func (*GrafeasApiService) CreateOperation ¶
func (a *GrafeasApiService) CreateOperation(ctx context.Context, parent string, body ApiCreateOperationRequest) (LongrunningOperation, *http.Response, error)
GrafeasApiService Creates a new `Operation`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param parent
- @param body
@return LongrunningOperation
func (*GrafeasApiService) GetOccurrenceNote ¶
func (a *GrafeasApiService) GetOccurrenceNote(ctx context.Context, name string) (ApiNote, *http.Response, error)
GrafeasApiService Gets the `Note` attached to the given `Occurrence`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param name
@return ApiNote
func (*GrafeasApiService) ListNoteOccurrences ¶
func (a *GrafeasApiService) ListNoteOccurrences(ctx context.Context, name string, localVarOptionals *ListNoteOccurrencesOpts) (ApiListNoteOccurrencesResponse, *http.Response, error)
func (*GrafeasApiService) ListNotes ¶
func (a *GrafeasApiService) ListNotes(ctx context.Context, parent string, localVarOptionals *ListNotesOpts) (ApiListNotesResponse, *http.Response, error)
func (*GrafeasApiService) ListOccurrences ¶
func (a *GrafeasApiService) ListOccurrences(ctx context.Context, parent string, localVarOptionals *ListOccurrencesOpts) (ApiListOccurrencesResponse, *http.Response, error)
func (*GrafeasApiService) UpdateNote ¶
func (a *GrafeasApiService) UpdateNote(ctx context.Context, name string, body ApiNote) (ApiNote, *http.Response, error)
GrafeasApiService Updates an existing `Note`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param name
- @param body
@return ApiNote
type GrafeasProjectsApiService ¶
type GrafeasProjectsApiService service
func (*GrafeasProjectsApiService) CreateProject ¶
func (a *GrafeasProjectsApiService) CreateProject(ctx context.Context, body ApiProject) (ProtobufEmpty, *http.Response, error)
GrafeasProjectsApiService Creates a new `Project`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param body
@return ProtobufEmpty
func (*GrafeasProjectsApiService) DeleteProject ¶
func (a *GrafeasProjectsApiService) DeleteProject(ctx context.Context, name string) (ProtobufEmpty, *http.Response, error)
GrafeasProjectsApiService Deletes the given `Project` from the system.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param name
@return ProtobufEmpty
func (*GrafeasProjectsApiService) GetProject ¶
func (a *GrafeasProjectsApiService) GetProject(ctx context.Context, name string) (ApiProject, *http.Response, error)
GrafeasProjectsApiService Returns the requested `Project`.
- @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
- @param name
@return ApiProject
func (*GrafeasProjectsApiService) ListProjects ¶
func (a *GrafeasProjectsApiService) ListProjects(ctx context.Context, localVarOptionals *ListProjectsOpts) (ApiListProjectsResponse, *http.Response, error)
type HashHashType ¶
type HashHashType string
HashHashType : Specifies the hash algorithm, if any. - NONE: No hash requested. - SHA256: A sha256 hash.
const ( NONE HashHashType = "NONE" SHA256 HashHashType = "SHA256" )
List of HashHashType
type LayerDirective ¶
type LayerDirective string
LayerDirective : - DIRECTIVE_UNSPECIFIED: Default value for unsupported/missing directive - MAINTAINER: https://docs.docker.com/reference/builder/#maintainer - RUN: https://docs.docker.com/reference/builder/#run - CMD: https://docs.docker.com/reference/builder/#cmd - LABEL: https://docs.docker.com/reference/builder/#label - EXPOSE: https://docs.docker.com/reference/builder/#expose - ENV: https://docs.docker.com/reference/builder/#env - ADD: https://docs.docker.com/reference/builder/#add - COPY: https://docs.docker.com/reference/builder/#copy - ENTRYPOINT: https://docs.docker.com/reference/builder/#entrypoint - VOLUME: https://docs.docker.com/reference/builder/#volume - USER: https://docs.docker.com/reference/builder/#user - WORKDIR: https://docs.docker.com/reference/builder/#workdir - ARG: https://docs.docker.com/reference/builder/#arg - ONBUILD: https://docs.docker.com/reference/builder/#onbuild - STOPSIGNAL: https://docs.docker.com/reference/builder/#stopsignal - HEALTHCHECK: https://docs.docker.com/reference/builder/#healthcheck - SHELL: https://docs.docker.com/reference/builder/#shell
const ( DIRECTIVE_UNSPECIFIED LayerDirective = "DIRECTIVE_UNSPECIFIED" MAINTAINER LayerDirective = "MAINTAINER" RUN LayerDirective = "RUN" CMD LayerDirective = "CMD" LABEL LayerDirective = "LABEL" EXPOSE LayerDirective = "EXPOSE" ENV LayerDirective = "ENV" ADD LayerDirective = "ADD" COPY LayerDirective = "COPY" ENTRYPOINT LayerDirective = "ENTRYPOINT" VOLUME LayerDirective = "VOLUME" USER LayerDirective = "USER" WORKDIR LayerDirective = "WORKDIR" ARG LayerDirective = "ARG" ONBUILD LayerDirective = "ONBUILD" STOPSIGNAL LayerDirective = "STOPSIGNAL" HEALTHCHECK LayerDirective = "HEALTHCHECK" SHELL LayerDirective = "SHELL" )
List of LayerDirective
type ListNoteOccurrencesOpts ¶
type ListNotesOpts ¶
type ListOccurrencesOpts ¶
type ListProjectsOpts ¶
type LongrunningOperation ¶
type LongrunningOperation struct { // The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should have the format of `operations/some/unique/name`. Name string `json:"name,omitempty"` // Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. Metadata *ProtobufAny `json:"metadata,omitempty"` // If the value is `false`, it means the operation is still in progress. If true, the operation is completed, and either `error` or `response` is available. Done bool `json:"done,omitempty"` // The error result of the operation in case of failure or cancellation. Error_ *RpcStatus `json:"error,omitempty"` // The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. Response *ProtobufAny `json:"response,omitempty"` }
This resource represents a long-running operation that is the result of a network API call.
type NoteRelatedUrl ¶
type PackageManagerArchitecture ¶
type PackageManagerArchitecture string
PackageManagerArchitecture : Instruction set architectures supported by various package managers. - ARCHITECTURE_UNSPECIFIED: Unknown architecture - X86: X86 architecture - X64: X64 architecture
const ( ARCHITECTURE_UNSPECIFIED PackageManagerArchitecture = "ARCHITECTURE_UNSPECIFIED" X86 PackageManagerArchitecture = "X86" X64 PackageManagerArchitecture = "X64" )
List of PackageManagerArchitecture
type PackageManagerDistribution ¶
type PackageManagerDistribution struct { // The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. CpeUri string `json:"cpe_uri,omitempty"` Architecture *PackageManagerArchitecture `json:"architecture,omitempty"` // The latest available version of this package in this distribution channel. LatestVersion *VulnerabilityTypeVersion `json:"latest_version,omitempty"` // A freeform string denoting the maintainer of this package. Maintainer string `json:"maintainer,omitempty"` // The distribution channel-specific homepage for this package. Url string `json:"url,omitempty"` // The distribution channel-specific description of this package. Description string `json:"description,omitempty"` }
type PackageManagerInstallationDetails ¶
type PackageManagerInstallationDetails struct { // Output only. The name of the installed package. Name string `json:"name,omitempty"` // All of the places within the filesystem versions of this package have been found. Location []ApiPackageManagerLocation `json:"location,omitempty"` }
This represents how a particular software package may be installed on a system.
type PackageManagerPackage ¶
type PackageManagerPackage struct { // The name of the package. Name string `json:"name,omitempty"` // The various channels by which a package is distributed. Distribution []PackageManagerDistribution `json:"distribution,omitempty"` }
This represents a particular package that is distributed over various channels. e.g. glibc (aka libc6) is distributed by many, at various versions.
type PgpSignedAttestationContentType ¶
type PgpSignedAttestationContentType string
PgpSignedAttestationContentType : Type (e.g. schema) of the attestation payload that was signed. - CONTENT_TYPE_UNSPECIFIED: ContentType is not set. - SIMPLE_SIGNING_JSON: Atomic format attestation signature. See https://github.com/containers/image/blob/8a5d2f82a6e3263290c8e0276c3e0f64e77723e7/docs/atomic-signature.md The payload extracted from `signature` is a JSON blob conforming to the linked schema.
const ( CONTENT_TYPE_UNSPECIFIED PgpSignedAttestationContentType = "CONTENT_TYPE_UNSPECIFIED" SIMPLE_SIGNING_JSON PgpSignedAttestationContentType = "SIMPLE_SIGNING_JSON" )
List of PgpSignedAttestationContentType
type ProtobufAny ¶
type ProtobufAny struct { // A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics. TypeUrl string `json:"type_url,omitempty"` // Must be a valid serialized protocol buffer of the above specified type. Value string `json:"value,omitempty"` }
`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := &pb.Foo{...} any, err := ptypes.MarshalAny(foo) ... foo := &pb.Foo{} if err := ptypes.UnmarshalAny(any, foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example \"foo.bar.com/x/y.z\" will yield type name \"y.z\". JSON ==== The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { \"@type\": \"type.googleapis.com/google.profile.Person\", \"firstName\": <string>, \"lastName\": <string> } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { \"@type\": \"type.googleapis.com/google.protobuf.Duration\", \"value\": \"1.212s\" }
type ProtobufEmpty ¶
type ProtobufEmpty struct { }
service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
type ProtobufFieldMask ¶
type ProtobufFieldMask struct { // The set of field mask paths. Paths []string `json:"paths,omitempty"` }
paths: \"f.a\" paths: \"f.b.d\" Here `f` represents a field in some root message, `a` and `b` fields in the message found in `f`, and `d` a field found in the message in `f.b`. Field masks are used to specify a subset of fields that should be returned by a get operation or modified by an update operation. Field masks also have a custom JSON encoding (see below). # Field Masks in Projections When used in the context of a projection, a response message or sub-message is filtered by the API to only contain those fields as specified in the mask. For example, if the mask in the previous example is applied to a response message as follows: f { a : 22 b { d : 1 x : 2 } y : 13 } z: 8 The result will not contain specific values for fields x,y and z (their value will be set to the default, and omitted in proto text output): f { a : 22 b { d : 1 } } A repeated field is not allowed except at the last position of a paths string. If a FieldMask object is not present in a get operation, the operation applies to all fields (as if a FieldMask of all fields had been specified). Note that a field mask does not necessarily apply to the top-level response message. In case of a REST get operation, the field mask applies directly to the response, but in case of a REST list operation, the mask instead applies to each individual message in the returned resource list. In case of a REST custom method, other definitions may be used. Where the mask applies will be clearly documented together with its declaration in the API. In any case, the effect on the returned resource/resources is required behavior for APIs. # Field Masks in Update Operations A field mask in update operations specifies which fields of the targeted resource are going to be updated. The API is required to only change the values of the fields as specified in the mask and leave the others untouched. If a resource is passed in to describe the updated values, the API ignores the values of all fields not covered by the mask. If a repeated field is specified for an update operation, the existing repeated values in the target resource will be overwritten by the new values. Note that a repeated field is only allowed in the last position of a `paths` string. If a sub-message is specified in the last position of the field mask for an update operation, then the existing sub-message in the target resource is overwritten. Given the target message: f { b { d : 1 x : 2 } c : 1 } And an update message: f { b { d : 10 } } then if the field mask is: paths: \"f.b\" then the result will be: f { b { d : 10 } c : 1 } However, if the update mask was: paths: \"f.b.d\" then the result would be: f { b { d : 10 x : 2 } c : 1 } In order to reset a field's value to the default, the field must be in the mask and set to the default value in the provided resource. Hence, in order to reset all fields of a resource, provide a default instance of the resource and set all fields in the mask, or do not provide a mask as described below. If a field mask is not present on update, the operation applies to all fields (as if a field mask of all fields has been specified). Note that in the presence of schema evolution, this may mean that fields the client does not know and has therefore not filled into the request will be reset to their default. If this is unwanted behavior, a specific service may require a client to always specify a field mask, producing an error if not. As with get operations, the location of the resource which describes the updated values in the request message depends on the operation kind. In any case, the effect of the field mask is required to be honored by the API. ## Considerations for HTTP REST The HTTP kind of an update operation which uses a field mask must be set to PATCH instead of PUT in order to satisfy HTTP semantics (PUT must only be used for full updates). # JSON Encoding of Field Masks In JSON, a field mask is encoded as a single string where paths are separated by a comma. Fields name in each path are converted to/from lower-camel naming conventions. As an example, consider the following message declarations: message Profile { User user = 1; Photo photo = 2; } message User { string display_name = 1; string address = 2; } In proto a field mask for `Profile` may look as such: mask { paths: \"user.display_name\" paths: \"photo\" } In JSON, the same mask is represented as below: { mask: \"user.displayName,photo\" } # Field Masks and Oneof Fields Field masks treat fields in oneofs just as regular fields. Consider the following message: message SampleMessage { oneof test_oneof { string name = 4; SubMessage sub_message = 9; } } The field mask can be: mask { paths: \"name\" } Or: mask { paths: \"sub_message\" } Note that oneof type names (\"test_oneof\" in this case) cannot be used in paths. ## Field Mask Verification The implementation of any API method which has a FieldMask type field in the request should verify the included field paths, and return an `INVALID_ARGUMENT` error if any path is duplicated or unmappable.
type RpcStatus ¶
type RpcStatus struct { // The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. Code int32 `json:"code,omitempty"` // A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client. Message string `json:"message,omitempty"` // A list of messages that carry the error details. There is a common set of message types for APIs to use. Details []ProtobufAny `json:"details,omitempty"` }
- Simple to use and understand for most users - Flexible enough to meet unexpected needs # Overview The `Status` message contains three pieces of data: error code, error message, and error details. The error code should be an enum value of [google.rpc.Code][google.rpc.Code], but it may accept additional error codes if needed. The error message should be a developer-facing English message that helps developers *understand* and *resolve* the error. If a localized user-facing error message is needed, put the localized message in the error details or localize it in the client. The optional error details may contain arbitrary information about the error. There is a predefined set of error detail types in the package `google.rpc` that can be used for common error conditions. # Language mapping The `Status` message is the logical representation of the error model, but it is not necessarily the actual wire format. When the `Status` message is exposed in different client libraries and different wire protocols, it can be mapped differently. For example, it will likely be mapped to some exceptions in Java, but more likely mapped to some error codes in C. # Other uses The error model and the `Status` message can be used in a variety of environments, either with or without APIs, to provide a consistent developer experience across different environments. Example uses of this error model include: - Partial errors. If a service needs to return partial errors to the client, it may embed the `Status` in the normal response to indicate the partial errors. - Workflow errors. A typical workflow has multiple steps. Each step may have a `Status` message for error reporting. - Batch operations. If a client uses batch request and batch response, the `Status` message should be used directly inside batch response, one for each error sub-response. - Asynchronous operations. If an API call embeds asynchronous operation results in its response, the status of those operations should be represented directly using the `Status` message. - Logging. If some API errors are stored in logs, the message `Status` could be used directly after any stripping needed for security/privacy reasons.
type VersionVersionKind ¶
type VersionVersionKind string
VersionVersionKind : Whether this is an ordinary package version or a sentinel MIN/MAX version. - NORMAL: A standard package version, defined by the other fields. - MINIMUM: A special version representing negative infinity, other fields are ignored. - MAXIMUM: A special version representing positive infinity, other fields are ignored.
const ( NORMAL VersionVersionKind = "NORMAL" MINIMUM VersionVersionKind = "MINIMUM" MAXIMUM VersionVersionKind = "MAXIMUM" )
List of VersionVersionKind
type VulnerabilityTypeDetail ¶
type VulnerabilityTypeDetail struct { // The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests. CpeUri string `json:"cpe_uri,omitempty"` // The name of the package where the vulnerability was found. This field can be used as a filter in list requests. Package_ string `json:"package,omitempty"` // The min version of the package in which the vulnerability exists. MinAffectedVersion *VulnerabilityTypeVersion `json:"min_affected_version,omitempty"` // The max version of the package in which the vulnerability exists. This field can be used as a filter in list requests. MaxAffectedVersion *VulnerabilityTypeVersion `json:"max_affected_version,omitempty"` // The severity (eg: distro assigned severity) for this vulnerability. SeverityName string `json:"severity_name,omitempty"` // A vendor-specific description of this note. Description string `json:"description,omitempty"` // The fix for this specific package version. FixedLocation *VulnerabilityTypeVulnerabilityLocation `json:"fixed_location,omitempty"` PackageType string `json:"package_type,omitempty"` }
type VulnerabilityTypePackageIssue ¶
type VulnerabilityTypePackageIssue struct { // The location of the vulnerability. AffectedLocation *VulnerabilityTypeVulnerabilityLocation `json:"affected_location,omitempty"` // The location of the available fix for vulnerability. FixedLocation *VulnerabilityTypeVulnerabilityLocation `json:"fixed_location,omitempty"` // The severity (eg: distro assigned severity) for this vulnerability. SeverityName string `json:"severity_name,omitempty"` }
This message wraps a location affected by a vulnerability and its associated fix (if one is available).
type VulnerabilityTypeSeverity ¶
type VulnerabilityTypeSeverity string
VulnerabilityTypeSeverity : - SEVERITY_UNSPECIFIED: Unknown Impact - MINIMAL: Minimal Impact - LOW: Low Impact - MEDIUM: Medium Impact - HIGH: High Impact - CRITICAL: Critical Impact
const ( SEVERITY_UNSPECIFIED VulnerabilityTypeSeverity = "SEVERITY_UNSPECIFIED" MINIMAL VulnerabilityTypeSeverity = "MINIMAL" LOW VulnerabilityTypeSeverity = "LOW" MEDIUM VulnerabilityTypeSeverity = "MEDIUM" HIGH VulnerabilityTypeSeverity = "HIGH" CRITICAL VulnerabilityTypeSeverity = "CRITICAL" )
List of VulnerabilityTypeSeverity
type VulnerabilityTypeVersion ¶
type VulnerabilityTypeVersion struct { // Used to correct mistakes in the version numbering scheme. Epoch int32 `json:"epoch,omitempty"` // The main part of the version name. Name string `json:"name,omitempty"` // The iteration of the package build from the above version. Revision string `json:"revision,omitempty"` // Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored. Kind *VersionVersionKind `json:"kind,omitempty"` }
type VulnerabilityTypeVulnerabilityDetails ¶
type VulnerabilityTypeVulnerabilityDetails struct { Type_ string `json:"type,omitempty"` // Output only. The note provider assigned Severity of the vulnerability. Severity *VulnerabilityTypeSeverity `json:"severity,omitempty"` // Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0-10 where 0 indicates low severity and 10 indicates high severity. CvssScore float32 `json:"cvss_score,omitempty"` // The set of affected locations and their fixes (if available) within the associated resource. PackageIssue []VulnerabilityTypePackageIssue `json:"package_issue,omitempty"` }
Used by Occurrence to point to where the vulnerability exists and how to fix it.
type VulnerabilityTypeVulnerabilityLocation ¶
type VulnerabilityTypeVulnerabilityLocation struct { // The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests. CpeUri string `json:"cpe_uri,omitempty"` // The package being described. Package_ string `json:"package,omitempty"` // The version of the package being described. This field can be used as a filter in list requests. Version *VulnerabilityTypeVersion `json:"version,omitempty"` }
Source Files ¶
- api_grafeas.go
- api_grafeas_projects.go
- client.go
- configuration.go
- model_api_alias_context.go
- model_api_alias_context_kind.go
- model_api_artifact.go
- model_api_build_details.go
- model_api_build_provenance.go
- model_api_build_signature.go
- model_api_build_type.go
- model_api_cloud_repo_source_context.go
- model_api_command.go
- model_api_create_operation_request.go
- model_api_deployable.go
- model_api_discovery.go
- model_api_file_hashes.go
- model_api_gerrit_source_context.go
- model_api_git_source_context.go
- model_api_hash.go
- model_api_list_note_occurrences_response.go
- model_api_list_notes_response.go
- model_api_list_occurrences_response.go
- model_api_list_projects_response.go
- model_api_note.go
- model_api_note_kind.go
- model_api_occurrence.go
- model_api_package_manager_location.go
- model_api_pgp_signed_attestation.go
- model_api_project.go
- model_api_project_repo_id.go
- model_api_repo_id.go
- model_api_repo_source.go
- model_api_source.go
- model_api_source_context.go
- model_api_storage_source.go
- model_api_update_operation_request.go
- model_api_vulnerability_type.go
- model_attestation_authority_attestation_details.go
- model_build_signature_key_type.go
- model_deployable_deployment_details.go
- model_deployment_details_platform.go
- model_discovery_discovered_details.go
- model_docker_image_basis.go
- model_docker_image_derived_details.go
- model_docker_image_fingerprint.go
- model_docker_image_layer.go
- model_hash_hash_type.go
- model_layer_directive.go
- model_longrunning_operation.go
- model_note_related_url.go
- model_package_manager_architecture.go
- model_package_manager_distribution.go
- model_package_manager_installation_details.go
- model_package_manager_package.go
- model_pgp_signed_attestation_content_type.go
- model_protobuf_any.go
- model_protobuf_empty.go
- model_protobuf_field_mask.go
- model_rpc_status.go
- model_version_version_kind.go
- model_vulnerability_type_detail.go
- model_vulnerability_type_package_issue.go
- model_vulnerability_type_severity.go
- model_vulnerability_type_version.go
- model_vulnerability_type_vulnerability_details.go
- model_vulnerability_type_vulnerability_location.go
- response.go