Package com.google.cloud.devtools.containeranalysis.v1 (2.10.0)

A client to Container Analysis API

The interfaces provided are listed below, along with usage samples.

ContainerAnalysisClient

Service Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

Sample for ContainerAnalysisClient:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   Policy policy = Policy.newBuilder().build();
   Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
 }
 

Classes

ContainerAnalysisClient

Service Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   Policy policy = Policy.newBuilder().build();
   Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
 }
 

Note: close() needs to be called on the ContainerAnalysisClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

  1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
  2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
  3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of ContainerAnalysisSettings to create(). For example:

To customize credentials:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

To customize the endpoint:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newBuilder().setEndpoint(myEndpoint).build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newHttpJsonBuilder().build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

ContainerAnalysisSettings

Settings class to configure an instance of ContainerAnalysisClient.

The default instance has everything set to sensible defaults:

  • The default service address (containeranalysis.googleapis.com) and default port (443) are used.
  • Credentials are acquired automatically through Application Default Credentials.
  • Retries are configured for idempotent methods but not for non-idempotent methods.

The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.

For example, to set the total timeout of setIamPolicy to 30 seconds:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings.Builder containerAnalysisSettingsBuilder =
     ContainerAnalysisSettings.newBuilder();
 containerAnalysisSettingsBuilder
     .setIamPolicySettings()
     .setRetrySettings(
         containerAnalysisSettingsBuilder
             .setIamPolicySettings()
             .getRetrySettings()
             .toBuilder()
             .setTotalTimeout(Duration.ofSeconds(30))
             .build());
 ContainerAnalysisSettings containerAnalysisSettings = containerAnalysisSettingsBuilder.build();
 

ContainerAnalysisSettings.Builder

Builder for ContainerAnalysisSettings.