google-cloud-containeranalysis overview (2.31.0)
Key Reference Links
is a service that provides vulnerability scanning and metadata storage for software artifacts. The service performs vulnerability scans on built software artifacts, such as the images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. The metadata may come from several sources, including vulnerability scanning, other Cloud services, and third-party providers.
| Cloud Container Analysis Product Reference | GitHub Repository (includes samples) | Maven artifact |
Getting Started
In order to use this library, you first need to go through the following steps:
- Install a JDK (Java Development Kit)
- Select or create a Cloud Platform project
- Enable billing for your project
- Enable the API
- Set up authentication
Use the Cloud Container Analysis for Java
To ensure that your project uses compatible versions of the libraries
and their component artifacts, import com.google.cloud:libraries-bom and use
the BOM to specify dependency versions. Be sure to remove any versions that you
set previously. For more information about
BOMs, see Google Cloud Platform Libraries BOM.
Which version should I use?
For this library, we recommend using API version v1 for new applications.
Each Cloud Java client library may contain multiple packages. Each package containing a version number in its name corresponds to a published version of the service.
We recommend using the latest stable version for new production applications, which can be identified by the largest numeric version that does not contain a suffix.
For example, if a client library has two packages: v1 and v2alpha, then the latest stable version is v1.
If you use an unstable release, breaking changes may be introduced when upgrading.
You can read more about Cloud API versioning strategy here.