containeranalysis/v1beta1 library
Container Analysis API - v1beta1
An implementation of the Grafeas API, which stores, and enables querying and retrieval of critical metadata about all of your software artifacts.
For more information, see cloud.google.com/container-analysis/api/reference/rest/
Create an instance of ContainerAnalysisApi to access these resources:
Classes
- ArtifactHashes
- Defines a hash object for use in Materials and Products.
- ArtifactRule
- Defines an object to declare an in-toto artifact rule
- Attestation
- Occurrence that represents a single "attestation".
- Authority
- Note kind that represents a logical attestation "role" or "authority".
- Basis
- Basis describes the base image portion (Note) of the DockerImage relationship.
- BatchCreateNotesRequest
- Request to create notes in batch.
- BatchCreateNotesResponse
- Response for creating notes in batch.
- BatchCreateOccurrencesRequest
- Request to create occurrences in batch.
- BatchCreateOccurrencesResponse
- Response for creating occurrences in batch.
- Binding
-
Associates
members
, or principals, with arole
. - Build
- Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.
- BuildProvenance
- Provenance of a build.
- BuildSignature
- Message encapsulating the signature of the verified build.
- CloudRepoSourceContext
- A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
- ContainerAnalysisApi
- An implementation of the Grafeas API, which stores, and enables querying and retrieval of critical metadata about all of your software artifacts.
- CVSSv3
- Common Vulnerability Scoring System version 3.
- Deployable
- An artifact that can be deployed in some runtime.
- Derived
- Derived describes the derived image portion (Occurrence) of the DockerImage relationship.
- Detail
- Identifies all appearances of this vulnerability in the package for a specific distro/location.
- Details
- Details of an attestation occurrence.
- Discovered
- Provides information about the analysis status of a discovered resource.
- Discovery
- A note that indicates a type of analysis a provider would perform.
- Distribution
- This represents a particular channel of distribution for a given package.
- DocumentNote
- DocumentNote represents an SPDX Document Creation Infromation section: https://spdx.github.io/spdx-spec/2-document-creation-information/
- DocumentOccurrence
- DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/
- ExternalRef
- An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package
- FileHashes
- Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.
- FileNote
- FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/
- FileOccurrence
- FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/
- FixableTotalByDigest
- Per resource and severity counts of fixable and total vulnerabilities.
- GenericSignedAttestation
-
An attestation wrapper that uses the Grafeas
Signature
message. - GerritSourceContext
- A SourceContext referring to a Gerrit project.
- GetIamPolicyRequest
-
Request message for
GetIamPolicy
method. - GrafeasV1beta1BuildDetails
- Details of a build occurrence.
- GrafeasV1beta1DeploymentDetails
- Details of a deployment occurrence.
- GrafeasV1beta1DiscoveryDetails
- Details of a discovery occurrence.
- GrafeasV1beta1ImageDetails
- Details of an image occurrence.
- GrafeasV1beta1IntotoArtifact
- GrafeasV1beta1IntotoDetails
- This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself.
- GrafeasV1beta1IntotoSignature
- A signature object consists of the KeyID used and the signature itself.
- GrafeasV1beta1PackageDetails
- Details of a package occurrence.
- GrafeasV1beta1VulnerabilityDetails
- Details of a vulnerability Occurrence.
- Hash
- Container message for hash values.
- Hint
- This submessage provides human-readable hints about the purpose of the authority.
- Installation
- This represents how a particular software package may be installed on a system.
- InToto
- This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout.
- KnowledgeBase
- Layer
- Layer holds metadata specific to a layer of a Docker image.
- License
- License information: https://spdx.github.io/spdx-spec/3-package-information/#315-declared-license
- Link
- This corresponds to an in-toto link.
- ListNoteOccurrencesResponse
- Response for listing occurrences for a note.
- ListNotesResponse
- Response for listing notes.
- ListOccurrencesResponse
- Response for listing occurrences.
- ListScanConfigsResponse
- Response for listing scan configurations.
- Location
- An occurrence of a particular package installation found within a system's filesystem.
- Note
- A type of analysis that can be done for a resource.
- Occurrence
- An instance of an analysis type that has been found on a resource.
- Package
- This represents a particular package that is distributed over various channels.
- PackageInfoNote
- PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/
- PackageInfoOccurrence
- PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/
- PackageIssue
- This message wraps a location affected by a vulnerability and its associated fix (if one is available).
- PgpSignedAttestation
- An attestation wrapper with a PGP-compatible signature.
- Policy
- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
- ProjectsNotesOccurrencesResource
- ProjectsNotesResource
- ProjectsOccurrencesResource
- ProjectsResource
- ProjectsScanConfigsResource
- RelationshipNote
- RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/
- RelationshipOccurrence
- RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/
- RepoId
- A unique identifier for a Cloud Repo.
- Resource
- An entity that can have metadata.
- ScanConfig
- A scan configuration specifies whether Cloud components in a project have a particular type of analysis being run.
- SetIamPolicyRequest
-
Request message for
SetIamPolicy
method. - SigningKey
- This defines the format used to record keys used in the software supply chain.
- Source
- Source describes the location of the source used for the build.
- SourceContext
- A SourceContext is a reference to a tree of files.
- Version
- Version contains structured information about the version of a package.
- Vulnerability
- Vulnerability provides metadata about a security vulnerability in a Note.
- VulnerabilityLocation
- The location of the vulnerability.
- VulnerabilityOccurrencesSummary
- A summary of how many vulnerability occurrences there are per resource and severity type.
- WindowsDetail
Typedefs
- AliasContext = $AliasContext
- An alias to a repo revision.
- Artifact = $Artifact
- Artifact describes a build product.
- ByProducts = $Shared01
- Defines an object for the byproducts field in in-toto links.
- Command = $Command
- Command describes a step performed as part of the build pipeline.
- Deployment = $Shared02
- The period during which some deployable was active in a runtime.
- Empty = $Empty
- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
- Environment = $Shared01
- Defines an object for the environment field in in-toto links.
- Expr = $Expr
- Represents a textual expression in the Common Expression Language (CEL) syntax.
- Fingerprint = $Fingerprint
- A set of properties that uniquely identify a given Docker image.
- GetPolicyOptions = $GetPolicyOptions
- Encapsulates settings provided to GetIamPolicy.
- GitSourceContext = $GitSourceContext
- A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).
- ProjectRepoId = $ProjectRepoId
- Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.
- RelatedUrl = $RelatedUrl
- Metadata for any related URL information.
- Signature = $Signature
- Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy).
- Status = $Status
-
The
Status
type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. - TestIamPermissionsRequest = $TestIamPermissionsRequest
-
Request message for
TestIamPermissions
method. - TestIamPermissionsResponse = $TestIamPermissionsResponse
-
Response message for
TestIamPermissions
method.
Exceptions / Errors
- ApiRequestError
- Represents a general error reported by the API endpoint.
- DetailedApiRequestError
- Represents a specific error reported by the API endpoint.