Class ContainerAnalysisClient (2.23.0)

Retrieves analysis results of Cloud components such as Docker container images.

The Container Analysis API is an implementation of the Grafeas API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

Equality

Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.

Performance

Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.

Thread Safety

Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.

Constructors

ContainerAnalysisClient(ContainerAnalysisClient const &)

Copy and move support

Parameter
Name Description
ContainerAnalysisClient const &

ContainerAnalysisClient(ContainerAnalysisClient &&)

Copy and move support

Parameter
Name Description
ContainerAnalysisClient &&

ContainerAnalysisClient(std::shared_ptr< ContainerAnalysisConnection >, Options)

Parameters
Name Description
connection std::shared_ptr< ContainerAnalysisConnection >
opts Options

Operators

operator=(ContainerAnalysisClient const &)

Copy and move support

Parameter
Name Description
ContainerAnalysisClient const &
Returns
Type Description
ContainerAnalysisClient &

operator=(ContainerAnalysisClient &&)

Copy and move support

Parameter
Name Description
ContainerAnalysisClient &&
Returns
Type Description
ContainerAnalysisClient &

Functions

SetIamPolicy(std::string const &, google::iam::v1::Policy const &, Options)

Sets the access control policy on the specified note or occurrence.

Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
resource std::string const &

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

policy google::iam::v1::Policy const &

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

SetIamPolicy(std::string const &, IamUpdater const &, Options)

Updates the IAM policy for resource using an optimistic concurrency control loop.

The loop fetches the current policy for resource, and passes it to updater, which should return the new policy. This new policy should use the current etag so that the read-modify-write cycle can detect races and rerun the update when there is a mismatch. If the new policy does not have an etag, the existing policy will be blindly overwritten. If updater does not yield a policy, the control loop is terminated and kCancelled is returned.

Parameters
Name Description
resource std::string const &

Required. The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

updater IamUpdater const &

Required. Functor to map the current policy to a new one.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

google::iam::v1::Policy

SetIamPolicy(google::iam::v1::SetIamPolicyRequest const &, Options)

Sets the access control policy on the specified note or occurrence.

Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
request google::iam::v1::SetIamPolicyRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.SetIamPolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetIamPolicy(std::string const &, Options)

Gets the access control policy for a note or an occurrence resource.

Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
resource std::string const &

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetIamPolicy(google::iam::v1::GetIamPolicyRequest const &, Options)

Gets the access control policy for a note or an occurrence resource.

Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
request google::iam::v1::GetIamPolicyRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.GetIamPolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

TestIamPermissions(std::string const &, std::vector< std::string > const &, Options)

Returns the permissions that a caller has on the specified note or occurrence.

Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
resource std::string const &

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

permissions std::vector< std::string > const &

The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::TestIamPermissionsResponse >

the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

TestIamPermissions(google::iam::v1::TestIamPermissionsRequest const &, Options)

Returns the permissions that a caller has on the specified note or occurrence.

Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
Name Description
request google::iam::v1::TestIamPermissionsRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.TestIamPermissionsRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::TestIamPermissionsResponse >

the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetVulnerabilityOccurrencesSummary(std::string const &, std::string const &, Options)

Gets a summary of the number and severity of occurrences.

Parameters
Name Description
parent std::string const &

Required. The name of the project to get a vulnerability summary for in the form of projects/[PROJECT_ID].

filter std::string const &

The filter expression.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::devtools::containeranalysis::v1::VulnerabilityOccurrencesSummary >

the result of the RPC. The response message type (google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetVulnerabilityOccurrencesSummary(google::devtools::containeranalysis::v1::GetVulnerabilityOccurrencesSummaryRequest const &, Options)

Gets a summary of the number and severity of occurrences.

Parameters
Name Description
request google::devtools::containeranalysis::v1::GetVulnerabilityOccurrencesSummaryRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.devtools.containeranalysis.v1.GetVulnerabilityOccurrencesSummaryRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::devtools::containeranalysis::v1::VulnerabilityOccurrencesSummary >

the result of the RPC. The response message type (google.devtools.containeranalysis.v1.VulnerabilityOccurrencesSummary) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.