Class ContainerAnalysisClient (2.53.0)

Service Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   Policy policy = Policy.newBuilder().build();
   Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
 }
 

Note: close() needs to be called on the ContainerAnalysisClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of ContainerAnalysisSettings to create(). For example:

To customize credentials:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

To customize the endpoint:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newBuilder().setEndpoint(myEndpoint).build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ContainerAnalysisSettings containerAnalysisSettings =
     ContainerAnalysisSettings.newHttpJsonBuilder().build();
 ContainerAnalysisClient containerAnalysisClient =
     ContainerAnalysisClient.create(containerAnalysisSettings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

Constructs an instance of ContainerAnalysisClient with default settings.

Constructs an instance of ContainerAnalysisClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.

Constructs an instance of ContainerAnalysisClient, using the given stub for making calls. This is for advanced usage - prefer using create(ContainerAnalysisSettings).

Constructs an instance of ContainerAnalysisClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.

Returns a new GrafeasClient with the same configured settings.

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   Policy response = containerAnalysisClient.getIamPolicy(resource);
 }
 

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource("GetIamPolicyRequest-1527610370".toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   Policy response = containerAnalysisClient.getIamPolicy(request);
 }
 

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   String resource = ProjectName.of("[PROJECT]").toString();
   Policy response = containerAnalysisClient.getIamPolicy(resource);
 }
 

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource("GetIamPolicyRequest-1527610370".toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   ApiFuture<Policy> future = containerAnalysisClient.getIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 

Gets a summary of the number and severity of occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   GetVulnerabilityOccurrencesSummaryRequest request =
       GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
           .setParent(ProjectName.of("[PROJECT]").toString())
           .setFilter("filter-1274492040")
           .build();
   VulnerabilityOccurrencesSummary response =
       containerAnalysisClient.getVulnerabilityOccurrencesSummary(request);
 }
 

Gets a summary of the number and severity of occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ProjectName parent = ProjectName.of("[PROJECT]");
   String filter = "filter-1274492040";
   VulnerabilityOccurrencesSummary response =
       containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent, filter);
 }
 

Gets a summary of the number and severity of occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   String parent = ProjectName.of("[PROJECT]").toString();
   String filter = "filter-1274492040";
   VulnerabilityOccurrencesSummary response =
       containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent, filter);
 }
 

Gets a summary of the number and severity of occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   GetVulnerabilityOccurrencesSummaryRequest request =
       GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
           .setParent(ProjectName.of("[PROJECT]").toString())
           .setFilter("filter-1274492040")
           .build();
   ApiFuture<VulnerabilityOccurrencesSummary> future =
       containerAnalysisClient.getVulnerabilityOccurrencesSummaryCallable().futureCall(request);
   // Do something.
   VulnerabilityOccurrencesSummary response = future.get();
 }
 

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   Policy policy = Policy.newBuilder().build();
   Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
 }
 

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource("SetIamPolicyRequest1223629066".toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   Policy response = containerAnalysisClient.setIamPolicy(request);
 }
 

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   String resource = ProjectName.of("[PROJECT]").toString();
   Policy policy = Policy.newBuilder().build();
   Policy response = containerAnalysisClient.setIamPolicy(resource, policy);
 }
 

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource("SetIamPolicyRequest1223629066".toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   ApiFuture<Policy> future = containerAnalysisClient.setIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   ResourceName resource =
       new ResourceName() {
         {@literal @}Override
         public Map<String, String> getFieldValuesMap() {
           Map<String, String> fieldValuesMap = new HashMap<>();
           fieldValuesMap.put("resource", "projects/project-8432/notes/note-8432");
           return fieldValuesMap;
         }

         {@literal @}Override
         public String getFieldValue(String fieldName) {
           return getFieldValuesMap().get(fieldName);
         }

         {@literal @}Override
         public String toString() {
           return "projects/project-8432/notes/note-8432";
         }
       };
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response =
       containerAnalysisClient.testIamPermissions(resource, permissions);
 }
 

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   TestIamPermissionsRequest request =
       TestIamPermissionsRequest.newBuilder()
           .setResource("TestIamPermissionsRequest942398222".toString())
           .addAllPermissions(new ArrayList<String>())
           .build();
   TestIamPermissionsResponse response = containerAnalysisClient.testIamPermissions(request);
 }
 

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   String resource = ProjectName.of("[PROJECT]").toString();
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response =
       containerAnalysisClient.testIamPermissions(resource, permissions);
 }
 

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ContainerAnalysisClient containerAnalysisClient = ContainerAnalysisClient.create()) {
   TestIamPermissionsRequest request =
       TestIamPermissionsRequest.newBuilder()
           .setResource("TestIamPermissionsRequest942398222".toString())
           .addAllPermissions(new ArrayList<String>())
           .build();
   ApiFuture<TestIamPermissionsResponse> future =
       containerAnalysisClient.testIamPermissionsCallable().futureCall(request);
   // Do something.
   TestIamPermissionsResponse response = future.get();
 }