Retrieves analysis results of Cloud components such as Docker container images.
The Container Analysis API is an implementation of the Grafeas API.
Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.
For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.
Equality
Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.
Performance
Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.
Thread Safety
Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.
Constructors
ContainerAnalysisClient(ContainerAnalysisClient const &)
Copy and move support
| Parameter | |
|---|---|
| Name | Description |
|
ContainerAnalysisClient const &
|
ContainerAnalysisClient(ContainerAnalysisClient &&)
Copy and move support
| Parameter | |
|---|---|
| Name | Description |
|
ContainerAnalysisClient &&
|
ContainerAnalysisClient(std::shared_ptr< ContainerAnalysisConnection >, Options)
| Parameters | |
|---|---|
| Name | Description |
connection |
std::shared_ptr< ContainerAnalysisConnection >
|
opts |
Options
|
Operators
operator=(ContainerAnalysisClient const &)
Copy and move support
| Parameter | |
|---|---|
| Name | Description |
|
ContainerAnalysisClient const &
|
| Returns | |
|---|---|
| Type | Description |
ContainerAnalysisClient & | |
operator=(ContainerAnalysisClient &&)
Copy and move support
| Parameter | |
|---|---|
| Name | Description |
|
ContainerAnalysisClient &&
|
| Returns | |
|---|---|
| Type | Description |
ContainerAnalysisClient & | |
Functions
SetIamPolicy(std::string const &, google::iam::v1::Policy const &, Options)
Sets the access control policy on the specified note or occurrence.
Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. |
policy |
google::iam::v1::Policy const &
REQUIRED: The complete policy to be applied to the |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::Policy > | the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
SetIamPolicy(std::string const &, IamUpdater const &, Options)
Updates the IAM policy for resource using an optimistic concurrency control loop.
The loop fetches the current policy for resource, and passes it to updater, which should return the new policy. This new policy should use the current etag so that the read-modify-write cycle can detect races and rerun the update when there is a mismatch. If the new policy does not have an etag, the existing policy will be blindly overwritten. If updater does not yield a policy, the control loop is terminated and kCancelled is returned.
| Parameters | |
|---|---|
| Name | Description |
resource |
std::string const &
Required. The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. |
updater |
IamUpdater const &
Required. Functor to map the current policy to a new one. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::Policy > | google::iam::v1::Policy |
SetIamPolicy(google::iam::v1::SetIamPolicyRequest const &, Options)
Sets the access control policy on the specified note or occurrence.
Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
request |
google::iam::v1::SetIamPolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::Policy > | the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetIamPolicy(std::string const &, Options)
Gets the access control policy for a note or an occurrence resource.
Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::Policy > | the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetIamPolicy(google::iam::v1::GetIamPolicyRequest const &, Options)
Gets the access control policy for a note or an occurrence resource.
Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
request |
google::iam::v1::GetIamPolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::Policy > | the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
TestIamPermissions(std::string const &, std::vector< std::string > const &, Options)
Returns the permissions that a caller has on the specified note or occurrence.
Requires list permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. |
permissions |
std::vector< std::string > const &
The set of permissions to check for the |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::TestIamPermissionsResponse > | the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
TestIamPermissions(google::iam::v1::TestIamPermissionsRequest const &, Options)
Returns the permissions that a caller has on the specified note or occurrence.
Requires list permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
| Parameters | |
|---|---|
| Name | Description |
request |
google::iam::v1::TestIamPermissionsRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::iam::v1::TestIamPermissionsResponse > | the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetVulnerabilityOccurrencesSummary(std::string const &, std::string const &, Options)
Gets a summary of the number and severity of occurrences.
| Parameters | |
|---|---|
| Name | Description |
parent |
std::string const &
Required. The name of the project to get a vulnerability summary for in the form of |
filter |
std::string const &
The filter expression. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::devtools::containeranalysis::v1::VulnerabilityOccurrencesSummary > | the result of the RPC. The response message type (google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetVulnerabilityOccurrencesSummary(google::devtools::containeranalysis::v1::GetVulnerabilityOccurrencesSummaryRequest const &, Options)
Gets a summary of the number and severity of occurrences.
| Parameters | |
|---|---|
| Name | Description |
request |
google::devtools::containeranalysis::v1::GetVulnerabilityOccurrencesSummaryRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
| Returns | |
|---|---|
| Type | Description |
StatusOr< google::devtools::containeranalysis::v1::VulnerabilityOccurrencesSummary > | the result of the RPC. The response message type (google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |