ondemandscanning.v1 library Null safety

On-Demand Scanning API - v1

A service to scan container images for vulnerabilities.

For more information, see cloud.google.com/container-analysis/docs/on-demand-scanning/

Create an instance of OnDemandScanningApi to access these resources:

Classes

AliasContext
An alias to a repo revision.
AnalyzePackagesRequestV1
AnalyzePackagesRequest is the request to analyze a list of packages and create Vulnerability Occurrences for it.
Artifact
Artifact describes a build product.
AttestationOccurrence
Occurrence that represents a single "attestation". [...]
BuildOccurrence
Details of a build occurrence.
BuildProvenance
Provenance of a build. [...]
Category
The category to which the update belongs.
CloudRepoSourceContext
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
Command
Command describes a step performed as part of the build pipeline.
Completeness
Indicates that the builder claims certain fields in this message to be complete.
ComplianceOccurrence
An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.
DeploymentOccurrence
The period during which some deployable was active in a runtime.
DiscoveryOccurrence
Provides information about the analysis status of a discovered resource.
DSSEAttestationOccurrence
Envelope
MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. [...]
EnvelopeSignature
FileHashes
Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.
Fingerprint
A set of properties that uniquely identify a given Docker image.
GerritSourceContext
A SourceContext referring to a Gerrit project.
GitSourceContext
A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).
Hash
Container message for hash values.
Identity
The unique identifier of the update.
ImageOccurrence
Details of the derived image portion of the DockerImage relationship. [...]
InTotoProvenance
InTotoStatement
Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. [...]
Layer
Layer holds metadata specific to a layer of a Docker image.
ListOperationsResponse
The response message for Operations.ListOperations.
ListVulnerabilitiesResponseV1
ListVulnerabilitiesResponse contains a single page of vulnerabilities resulting from a scan.
Location
An occurrence of a particular package installation found within a system's filesystem. [...]
Metadata
Other properties of the build.
NonCompliantFile
Details about files that caused a compliance check to fail.
Occurrence
An instance of an analysis type that has been found on a resource.
OnDemandScanningApi
A service to scan container images for vulnerabilities.
Operation
This resource represents a long-running operation that is the result of a network API call.
PackageData
PackageIssue
A detail for a distro and package this vulnerability occurrence was found in and its associated fix (if one is available).
PackageOccurrence
Details on how a particular software package was installed on a system.
ProjectsLocationsOperationsResource
ProjectsLocationsResource
ProjectsLocationsScansResource
ProjectsLocationsScansVulnerabilitiesResource
ProjectsResource
Recipe
Steps taken to build the artifact. [...]
RelatedUrl
Metadata for any related URL information.
RepoId
A unique identifier for a Cloud Repo.
Source
Source describes the location of the source used for the build.
SourceContext
A SourceContext is a reference to a tree of files. [...]
Subject
UpgradeDistribution
The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). [...]
UpgradeOccurrence
An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. [...]
Version
Version contains structured information about the version of a package.
VulnerabilityOccurrence
An occurrence of a severity vulnerability on a resource.
WindowsUpdate
Windows Update represents the metadata about the update for the Windows operating system. [...]

Typedefs

AnalyzePackagesMetadata = $Shared07
AnalyzePackagesMetadata contains metadata for an active scan of a container image.
AnalyzePackagesMetadataV1 = $Shared07
AnalyzePackagesMetadata contains metadata for an active scan of a container image.
AnalyzePackagesResponse = $Shared08
AnalyzePackagesResponse contains the information necessary to find results for the given scan.
AnalyzePackagesResponseV1 = $Shared08
AnalyzePackagesResponse contains the information necessary to find results for the given scan.
BuilderConfig = $Shared09
Empty = $Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. [...]
Jwt = $Jwt
ProjectRepoId = $ProjectRepoId
Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.
Signature = $Signature
Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). [...]
Status = $Status
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. [...]

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.