A client to Container Analysis API
The interfaces provided are listed below, along with usage samples.
GrafeasClient
Service Description: Grafeas API.
Retrieves analysis results of Cloud components such as Docker container images.
Analysis results are stored as a series of occurrences. An Occurrence
contains information
about a specific analysis instance on a resource. An occurrence refers to a Note
. A note
contains details describing the analysis and is generally stored in a separate project, called a
Provider
. Multiple occurrences can refer to the same note.
For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.
Sample for GrafeasClient:
// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try (GrafeasClient grafeasClient = GrafeasClient.create()) {
OccurrenceName name = OccurrenceName.of("[PROJECT]", "[OCCURRENCE]");
Occurrence response = grafeasClient.getOccurrence(name);
}
Classes
AliasContext
An alias to a repo revision.
Protobuf type grafeas.v1.AliasContext
AliasContext.Builder
An alias to a repo revision.
Protobuf type grafeas.v1.AliasContext
Artifact
Artifact describes a build product.
Protobuf type grafeas.v1.Artifact
Artifact.Builder
Artifact describes a build product.
Protobuf type grafeas.v1.Artifact
Attestation
AttestationNote
Note kind that represents a logical attestation "role" or "authority". For
example, an organization might have one Authority
for "QA" and one for
"build". This note is intended to act strictly as a grouping mechanism for
the attached occurrences (Attestations). This grouping mechanism also
provides a security boundary, since IAM ACLs gate the ability for a principle
to attach an occurrence to a given note. It also provides a single point of
lookup to find all attached attestation occurrences, even if they don't all
live in the same project.
Protobuf type grafeas.v1.AttestationNote
AttestationNote.Builder
Note kind that represents a logical attestation "role" or "authority". For
example, an organization might have one Authority
for "QA" and one for
"build". This note is intended to act strictly as a grouping mechanism for
the attached occurrences (Attestations). This grouping mechanism also
provides a security boundary, since IAM ACLs gate the ability for a principle
to attach an occurrence to a given note. It also provides a single point of
lookup to find all attached attestation occurrences, even if they don't all
live in the same project.
Protobuf type grafeas.v1.AttestationNote
AttestationNote.Hint
This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.
Protobuf type grafeas.v1.AttestationNote.Hint
AttestationNote.Hint.Builder
This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.
Protobuf type grafeas.v1.AttestationNote.Hint
AttestationOccurrence
Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.
Protobuf type grafeas.v1.AttestationOccurrence
AttestationOccurrence.Builder
Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.
Protobuf type grafeas.v1.AttestationOccurrence
BatchCreateNotesRequest
Request to create notes in batch.
Protobuf type grafeas.v1.BatchCreateNotesRequest
BatchCreateNotesRequest.Builder
Request to create notes in batch.
Protobuf type grafeas.v1.BatchCreateNotesRequest
BatchCreateNotesResponse
Response for creating notes in batch.
Protobuf type grafeas.v1.BatchCreateNotesResponse
BatchCreateNotesResponse.Builder
Response for creating notes in batch.
Protobuf type grafeas.v1.BatchCreateNotesResponse
BatchCreateOccurrencesRequest
Request to create occurrences in batch.
Protobuf type grafeas.v1.BatchCreateOccurrencesRequest
BatchCreateOccurrencesRequest.Builder
Request to create occurrences in batch.
Protobuf type grafeas.v1.BatchCreateOccurrencesRequest
BatchCreateOccurrencesResponse
Response for creating occurrences in batch.
Protobuf type grafeas.v1.BatchCreateOccurrencesResponse
BatchCreateOccurrencesResponse.Builder
Response for creating occurrences in batch.
Protobuf type grafeas.v1.BatchCreateOccurrencesResponse
Build
BuildNote
Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.
Protobuf type grafeas.v1.BuildNote
BuildNote.Builder
Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.
Protobuf type grafeas.v1.BuildNote
BuildOccurrence
Details of a build occurrence.
Protobuf type grafeas.v1.BuildOccurrence
BuildOccurrence.Builder
Details of a build occurrence.
Protobuf type grafeas.v1.BuildOccurrence
BuildProvenance
Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.
Protobuf type grafeas.v1.BuildProvenance
BuildProvenance.Builder
Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.
Protobuf type grafeas.v1.BuildProvenance
BuilderConfig
Protobuf type grafeas.v1.BuilderConfig
BuilderConfig.Builder
Protobuf type grafeas.v1.BuilderConfig
CVSS
Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.
Protobuf type grafeas.v1.CVSS
CVSS.Builder
Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.
Protobuf type grafeas.v1.CVSS
CVSSProto
CVSSv3
Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document
Protobuf type grafeas.v1.CVSSv3
CVSSv3.Builder
Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document
Protobuf type grafeas.v1.CVSSv3
CloudRepoSourceContext
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
Protobuf type grafeas.v1.CloudRepoSourceContext
CloudRepoSourceContext.Builder
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
Protobuf type grafeas.v1.CloudRepoSourceContext
Command
Command describes a step performed as part of the build pipeline.
Protobuf type grafeas.v1.Command
Command.Builder
Command describes a step performed as part of the build pipeline.
Protobuf type grafeas.v1.Command
Common
Completeness
Indicates that the builder claims certain fields in this message to be complete.
Protobuf type grafeas.v1.Completeness
Completeness.Builder
Indicates that the builder claims certain fields in this message to be complete.
Protobuf type grafeas.v1.Completeness
Compliance
ComplianceNote
Protobuf type grafeas.v1.ComplianceNote
ComplianceNote.Builder
Protobuf type grafeas.v1.ComplianceNote
ComplianceNote.CisBenchmark
A compliance check that is a CIS benchmark.
Protobuf type grafeas.v1.ComplianceNote.CisBenchmark
ComplianceNote.CisBenchmark.Builder
A compliance check that is a CIS benchmark.
Protobuf type grafeas.v1.ComplianceNote.CisBenchmark
ComplianceOccurrence
An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.
Protobuf type grafeas.v1.ComplianceOccurrence
ComplianceOccurrence.Builder
An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.
Protobuf type grafeas.v1.ComplianceOccurrence
ComplianceVersion
Describes the CIS benchmark version that is applicable to a given OS and os version.
Protobuf type grafeas.v1.ComplianceVersion
ComplianceVersion.Builder
Describes the CIS benchmark version that is applicable to a given OS and os version.
Protobuf type grafeas.v1.ComplianceVersion
CreateNoteRequest
Request to create a new note.
Protobuf type grafeas.v1.CreateNoteRequest
CreateNoteRequest.Builder
Request to create a new note.
Protobuf type grafeas.v1.CreateNoteRequest
CreateOccurrenceRequest
Request to create a new occurrence.
Protobuf type grafeas.v1.CreateOccurrenceRequest
CreateOccurrenceRequest.Builder
Request to create a new occurrence.
Protobuf type grafeas.v1.CreateOccurrenceRequest
DSSEAttestationNote
Protobuf type grafeas.v1.DSSEAttestationNote
DSSEAttestationNote.Builder
Protobuf type grafeas.v1.DSSEAttestationNote
DSSEAttestationNote.DSSEHint
This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.
Protobuf type grafeas.v1.DSSEAttestationNote.DSSEHint
DSSEAttestationNote.DSSEHint.Builder
This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.
Protobuf type grafeas.v1.DSSEAttestationNote.DSSEHint
DSSEAttestationOccurrence
Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence.
Protobuf type grafeas.v1.DSSEAttestationOccurrence
DSSEAttestationOccurrence.Builder
Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence.
Protobuf type grafeas.v1.DSSEAttestationOccurrence
DeleteNoteRequest
Request to delete a note.
Protobuf type grafeas.v1.DeleteNoteRequest
DeleteNoteRequest.Builder
Request to delete a note.
Protobuf type grafeas.v1.DeleteNoteRequest
DeleteOccurrenceRequest
Request to delete an occurrence.
Protobuf type grafeas.v1.DeleteOccurrenceRequest
DeleteOccurrenceRequest.Builder
Request to delete an occurrence.
Protobuf type grafeas.v1.DeleteOccurrenceRequest
Deployment
DeploymentNote
An artifact that can be deployed in some runtime.
Protobuf type grafeas.v1.DeploymentNote
DeploymentNote.Builder
An artifact that can be deployed in some runtime.
Protobuf type grafeas.v1.DeploymentNote