public class ContainerAnalysisClient implements BackgroundResourceService Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.
Analysis results are stored as a series of occurrences. An Occurrence contains information
about a specific analysis instance on a resource. An occurrence refers to a Note. A note
contains details describing the analysis and is generally stored in a separate project, called a
Provider. Multiple occurrences can refer to the same note.
For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.
This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
ResourceName resource = ProjectName.of("[PROJECT]");
Policy policy = Policy.newBuilder().build();
Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
}
Note: close() needs to be called on the ContainerAnalysisClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().
The surface of this class includes several types of Java methods for each of the API's methods:
- A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
- A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
- A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.
See the individual methods for example code.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.
This class can be customized by passing in a custom instance of ContainerAnalysisSettings to create(). For example:
To customize credentials:
ContainerAnalysisSettings containerAnalysisSettings =
ContainerAnalysisSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
ContainerAnalysisClient containerAnalysisClient =
ContainerAnalysisClient.create(containerAnalysisSettings);
To customize the endpoint:
ContainerAnalysisSettings containerAnalysisSettings =
ContainerAnalysisSettings.newBuilder().setEndpoint(myEndpoint).build();
ContainerAnalysisClient containerAnalysisClient =
ContainerAnalysisClient.create(containerAnalysisSettings);
Please refer to the GitHub repository's samples for more quickstart code snippets.
Implements
BackgroundResourceStatic Methods
create()
public static final ContainerAnalysisClient create()Constructs an instance of ContainerAnalysisClient with default settings.
| Type | Description |
| ContainerAnalysisClient |
| Type | Description |
| IOException |
create(ContainerAnalysisSettings settings)
public static final ContainerAnalysisClient create(ContainerAnalysisSettings settings)Constructs an instance of ContainerAnalysisClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.
| Name | Description |
| settings | ContainerAnalysisSettings |
| Type | Description |
| ContainerAnalysisClient |
| Type | Description |
| IOException |
create(ContainerAnalysisStub stub)
public static final ContainerAnalysisClient create(ContainerAnalysisStub stub)Constructs an instance of ContainerAnalysisClient, using the given stub for making calls. This is for advanced usage - prefer using create(ContainerAnalysisSettings).
| Name | Description |
| stub | ContainerAnalysisStub |
| Type | Description |
| ContainerAnalysisClient |
Constructors
ContainerAnalysisClient(ContainerAnalysisSettings settings)
protected ContainerAnalysisClient(ContainerAnalysisSettings settings)Constructs an instance of ContainerAnalysisClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.
| Name | Description |
| settings | ContainerAnalysisSettings |
ContainerAnalysisClient(ContainerAnalysisStub stub)
protected ContainerAnalysisClient(ContainerAnalysisStub stub)| Name | Description |
| stub | ContainerAnalysisStub |
Methods
awaitTermination(long duration, TimeUnit unit)
public boolean awaitTermination(long duration, TimeUnit unit)| Name | Description |
| duration | long |
| unit | TimeUnit |
| Type | Description |
| boolean |
| Type | Description |
| InterruptedException |
close()
public final void close()getGrafeasClient()
public GrafeasClient getGrafeasClient()Returns a new GrafeasClient with the same configured settings.
| Type | Description |
| io.grafeas.v1.GrafeasClient |
| Type | Description |
| IOException |
getIamPolicy(ResourceName resource)
public final Policy getIamPolicy(ResourceName resource)Gets the access control policy for a note or an occurrence resource. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
ResourceName resource = ProjectName.of("[PROJECT]");
Policy response = containerAnalysisClient.getIamPolicy(resource);
}
| Name | Description |
| resource | com.google.api.resourcenames.ResourceNameREQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. |
| Type | Description |
| com.google.iam.v1.Policy |
getIamPolicy(GetIamPolicyRequest request)
public final Policy getIamPolicy(GetIamPolicyRequest request)Gets the access control policy for a note or an occurrence resource. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
GetIamPolicyRequest request =
GetIamPolicyRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.setOptions(GetPolicyOptions.newBuilder().build())
.build();
Policy response = containerAnalysisClient.getIamPolicy(request);
}
| Name | Description |
| request | com.google.iam.v1.GetIamPolicyRequestThe request object containing all of the parameters for the API call. |
| Type | Description |
| com.google.iam.v1.Policy |
getIamPolicy(String resource)
public final Policy getIamPolicy(String resource)Gets the access control policy for a note or an occurrence resource. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
String resource = ProjectName.of("[PROJECT]").toString();
Policy response = containerAnalysisClient.getIamPolicy(resource);
}
| Name | Description |
| resource | StringREQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. |
| Type | Description |
| com.google.iam.v1.Policy |
getIamPolicyCallable()
public final UnaryCallable<GetIamPolicyRequest,Policy> getIamPolicyCallable()Gets the access control policy for a note or an occurrence resource. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
GetIamPolicyRequest request =
GetIamPolicyRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.setOptions(GetPolicyOptions.newBuilder().build())
.build();
ApiFuture<Policy> future = containerAnalysisClient.getIamPolicyCallable().futureCall(request);
// Do something.
Policy response = future.get();
}
| Type | Description |
| UnaryCallable<com.google.iam.v1.GetIamPolicyRequest,com.google.iam.v1.Policy> |
getSettings()
public final ContainerAnalysisSettings getSettings()| Type | Description |
| ContainerAnalysisSettings |
getStub()
public ContainerAnalysisStub getStub()| Type | Description |
| ContainerAnalysisStub |
getVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest request)
public final VulnerabilityOccurrencesSummary getVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest request)Gets a summary of the number and severity of occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
GetVulnerabilityOccurrencesSummaryRequest request =
GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
.setParent(ProjectName.of("[PROJECT]").toString())
.setFilter("filter-1274492040")
.build();
VulnerabilityOccurrencesSummary response =
containerAnalysisClient.getVulnerabilityOccurrencesSummary(request);
}
| Name | Description |
| request | GetVulnerabilityOccurrencesSummaryRequestThe request object containing all of the parameters for the API call. |
| Type | Description |
| VulnerabilityOccurrencesSummary |
getVulnerabilityOccurrencesSummary(ProjectName parent, String filter)
public final VulnerabilityOccurrencesSummary getVulnerabilityOccurrencesSummary(ProjectName parent, String filter)Gets a summary of the number and severity of occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
ProjectName parent = ProjectName.of("[PROJECT]");
String filter = "filter-1274492040";
VulnerabilityOccurrencesSummary response =
containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent, filter);
}
| Name | Description |
| parent | ProjectNameRequired. The name of the project to get a vulnerability summary for in the form
of |
| filter | StringThe filter expression. |
| Type | Description |
| VulnerabilityOccurrencesSummary |
getVulnerabilityOccurrencesSummary(String parent, String filter)
public final VulnerabilityOccurrencesSummary getVulnerabilityOccurrencesSummary(String parent, String filter)Gets a summary of the number and severity of occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
String parent = ProjectName.of("[PROJECT]").toString();
String filter = "filter-1274492040";
VulnerabilityOccurrencesSummary response =
containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent, filter);
}
| Name | Description |
| parent | StringRequired. The name of the project to get a vulnerability summary for in the form
of |
| filter | StringThe filter expression. |
| Type | Description |
| VulnerabilityOccurrencesSummary |
getVulnerabilityOccurrencesSummaryCallable()
public final UnaryCallable<GetVulnerabilityOccurrencesSummaryRequest,VulnerabilityOccurrencesSummary> getVulnerabilityOccurrencesSummaryCallable()Gets a summary of the number and severity of occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
GetVulnerabilityOccurrencesSummaryRequest request =
GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
.setParent(ProjectName.of("[PROJECT]").toString())
.setFilter("filter-1274492040")
.build();
ApiFuture<VulnerabilityOccurrencesSummary> future =
containerAnalysisClient.getVulnerabilityOccurrencesSummaryCallable().futureCall(request);
// Do something.
VulnerabilityOccurrencesSummary response = future.get();
}
| Type | Description |
| UnaryCallable<GetVulnerabilityOccurrencesSummaryRequest,VulnerabilityOccurrencesSummary> |
isShutdown()
public boolean isShutdown()| Type | Description |
| boolean |
isTerminated()
public boolean isTerminated()| Type | Description |
| boolean |
setIamPolicy(ResourceName resource, Policy policy)
public final Policy setIamPolicy(ResourceName resource, Policy policy)Sets the access control policy on the specified note or occurrence. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
ResourceName resource = ProjectName.of("[PROJECT]");
Policy policy = Policy.newBuilder().build();
Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
}
| Name | Description |
| resource | com.google.api.resourcenames.ResourceNameREQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. |
| policy | com.google.iam.v1.PolicyREQUIRED: The complete policy to be applied to the |
| Type | Description |
| com.google.iam.v1.Policy |
setIamPolicy(SetIamPolicyRequest request)
public final Policy setIamPolicy(SetIamPolicyRequest request)Sets the access control policy on the specified note or occurrence. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
SetIamPolicyRequest request =
SetIamPolicyRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.setPolicy(Policy.newBuilder().build())
.build();
Policy response = containerAnalysisClient.setIamPolicy(request);
}
| Name | Description |
| request | com.google.iam.v1.SetIamPolicyRequestThe request object containing all of the parameters for the API call. |
| Type | Description |
| com.google.iam.v1.Policy |
setIamPolicy(String resource, Policy policy)
public final Policy setIamPolicy(String resource, Policy policy)Sets the access control policy on the specified note or occurrence. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
String resource = ProjectName.of("[PROJECT]").toString();
Policy policy = Policy.newBuilder().build();
Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
}
| Name | Description |
| resource | StringREQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. |
| policy | com.google.iam.v1.PolicyREQUIRED: The complete policy to be applied to the |
| Type | Description |
| com.google.iam.v1.Policy |
setIamPolicyCallable()
public final UnaryCallable<SetIamPolicyRequest,Policy> setIamPolicyCallable()Sets the access control policy on the specified note or occurrence. Requires
containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
SetIamPolicyRequest request =
SetIamPolicyRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.setPolicy(Policy.newBuilder().build())
.build();
ApiFuture<Policy> future = containerAnalysisClient.setIamPolicyCallable().futureCall(request);
// Do something.
Policy response = future.get();
}
| Type | Description |
| UnaryCallable<com.google.iam.v1.SetIamPolicyRequest,com.google.iam.v1.Policy> |
shutdown()
public void shutdown()shutdownNow()
public void shutdownNow()testIamPermissions(ResourceName resource, List<String> permissions)
public final TestIamPermissionsResponse testIamPermissions(ResourceName resource, List<String> permissions)Returns the permissions that a caller has on the specified note or occurrence. Requires list
permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
ResourceName resource = ProjectName.of("[PROJECT]");
List<String> permissions = new ArrayList<>();
TestIamPermissionsResponse response =
containerAnalysisClient.testIamPermissions(resource, permissions);
}
| Name | Description |
| resource | com.google.api.resourcenames.ResourceNameREQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. |
| permissions | List<String>The set of permissions to check for the |
| Type | Description |
| com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissions(TestIamPermissionsRequest request)
public final TestIamPermissionsResponse testIamPermissions(TestIamPermissionsRequest request)Returns the permissions that a caller has on the specified note or occurrence. Requires list
permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
TestIamPermissionsRequest request =
TestIamPermissionsRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.addAllPermissions(new ArrayList<String>())
.build();
TestIamPermissionsResponse response = containerAnalysisClient.testIamPermissions(request);
}
| Name | Description |
| request | com.google.iam.v1.TestIamPermissionsRequestThe request object containing all of the parameters for the API call. |
| Type | Description |
| com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissions(String resource, List<String> permissions)
public final TestIamPermissionsResponse testIamPermissions(String resource, List<String> permissions)Returns the permissions that a caller has on the specified note or occurrence. Requires list
permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
String resource = ProjectName.of("[PROJECT]").toString();
List<String> permissions = new ArrayList<>();
TestIamPermissionsResponse response =
containerAnalysisClient.testIamPermissions(resource, permissions);
}
| Name | Description |
| resource | StringREQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. |
| permissions | List<String>The set of permissions to check for the |
| Type | Description |
| com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissionsCallable()
public final UnaryCallable<TestIamPermissionsRequest,TestIamPermissionsResponse> testIamPermissionsCallable()Returns the permissions that a caller has on the specified note or occurrence. Requires list
permission on the project (for example, containeranalysis.notes.list).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
Sample code:
try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
TestIamPermissionsRequest request =
TestIamPermissionsRequest.newBuilder()
.setResource(ProjectName.of("[PROJECT]").toString())
.addAllPermissions(new ArrayList<String>())
.build();
ApiFuture<TestIamPermissionsResponse> future =
containerAnalysisClient.testIamPermissionsCallable().futureCall(request);
// Do something.
TestIamPermissionsResponse response = future.get();
}
| Type | Description |
| UnaryCallable<com.google.iam.v1.TestIamPermissionsRequest,com.google.iam.v1.TestIamPermissionsResponse> |