Reference documentation and code samples for the Google Cloud Container Analysis V1 Client class ContainerAnalysisClient.
Service Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.
Analysis results are stored as a series of occurrences. An Occurrence
contains information about a specific analysis instance on a resource. An
occurrence refers to a Note
. A note contains details describing the
analysis and is generally stored in a separate project, called a Provider
.
Multiple occurrences can refer to the same note.
For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.
This class provides the ability to make remote calls to the backing service through method calls that map to API methods.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parseName method to extract the individual identifiers contained within formatted names that are returned by the API.
Namespace
Google \ Cloud \ ContainerAnalysis \ V1 \ ClientMethods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
options |
array
Optional. Options for configuring the service API wrapper. |
↳ apiEndpoint |
string
The address of the API remote host. May optionally include the port, formatted as "
|
↳ credentials |
string|array|FetchAuthTokenInterface|CredentialsWrapper
The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored. |
↳ credentialsConfig |
array
Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() . |
↳ disableRetries |
bool
Determines whether or not retries defined by the client configuration should be disabled. Defaults to |
↳ clientConfig |
string|array
Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder. |
↳ transport |
string|TransportInterface
The transport used for executing network requests. May be either the string |
↳ transportConfig |
array
Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options. |
↳ clientCertSource |
callable
A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS. |
↳ logger |
false|LoggerInterface
A PSR-3 compliant logger. If set to false, logging is disabled, ignoring the 'GOOGLE_SDK_PHP_LOGGING' environment flag |
getIamPolicy
Gets the access control policy for a note or an occurrence resource.
Requires containeranalysis.notes.setIamPolicy
or
containeranalysis.occurrences.setIamPolicy
permission if the resource is
a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for
notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for
occurrences.
The async variant is ContainerAnalysisClient::getIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
use Google\ApiCore\ApiException;
use Google\Cloud\ContainerAnalysis\V1\Client\ContainerAnalysisClient;
use Google\Cloud\Iam\V1\GetIamPolicyRequest;
use Google\Cloud\Iam\V1\Policy;
/**
* @param string $resource REQUIRED: The resource for which the policy is being requested.
* See the operation documentation for the appropriate value for this field.
*/
function get_iam_policy_sample(string $resource): void
{
// Create a client.
$containerAnalysisClient = new ContainerAnalysisClient();
// Prepare the request message.
$request = (new GetIamPolicyRequest())
->setResource($resource);
// Call the API and handle any network failures.
try {
/** @var Policy $response */
$response = $containerAnalysisClient->getIamPolicy($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
get_iam_policy_sample($resource);
}
getVulnerabilityOccurrencesSummary
Gets a summary of the number and severity of occurrences.
The async variant is ContainerAnalysisClient::getVulnerabilityOccurrencesSummaryAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\ContainerAnalysis\V1\GetVulnerabilityOccurrencesSummaryRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\ContainerAnalysis\V1\VulnerabilityOccurrencesSummary |
use Google\ApiCore\ApiException;
use Google\Cloud\ContainerAnalysis\V1\Client\ContainerAnalysisClient;
use Google\Cloud\ContainerAnalysis\V1\GetVulnerabilityOccurrencesSummaryRequest;
use Google\Cloud\ContainerAnalysis\V1\VulnerabilityOccurrencesSummary;
/**
* @param string $formattedParent The name of the project to get a vulnerability summary for in the form of
* `projects/[PROJECT_ID]`. Please see
* {@see ContainerAnalysisClient::projectName()} for help formatting this field.
*/
function get_vulnerability_occurrences_summary_sample(string $formattedParent): void
{
// Create a client.
$containerAnalysisClient = new ContainerAnalysisClient();
// Prepare the request message.
$request = (new GetVulnerabilityOccurrencesSummaryRequest())
->setParent($formattedParent);
// Call the API and handle any network failures.
try {
/** @var VulnerabilityOccurrencesSummary $response */
$response = $containerAnalysisClient->getVulnerabilityOccurrencesSummary($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$formattedParent = ContainerAnalysisClient::projectName('[PROJECT]');
get_vulnerability_occurrences_summary_sample($formattedParent);
}
setIamPolicy
Sets the access control policy on the specified note or occurrence.
Requires containeranalysis.notes.setIamPolicy
or
containeranalysis.occurrences.setIamPolicy
permission if the resource is
a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for
notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for
occurrences.
The async variant is ContainerAnalysisClient::setIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
use Google\ApiCore\ApiException;
use Google\Cloud\ContainerAnalysis\V1\Client\ContainerAnalysisClient;
use Google\Cloud\Iam\V1\Policy;
use Google\Cloud\Iam\V1\SetIamPolicyRequest;
/**
* @param string $resource REQUIRED: The resource for which the policy is being specified.
* See the operation documentation for the appropriate value for this field.
*/
function set_iam_policy_sample(string $resource): void
{
// Create a client.
$containerAnalysisClient = new ContainerAnalysisClient();
// Prepare the request message.
$policy = new Policy();
$request = (new SetIamPolicyRequest())
->setResource($resource)
->setPolicy($policy);
// Call the API and handle any network failures.
try {
/** @var Policy $response */
$response = $containerAnalysisClient->setIamPolicy($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
set_iam_policy_sample($resource);
}
testIamPermissions
Returns the permissions that a caller has on the specified note or
occurrence. Requires list permission on the project (for example,
containeranalysis.notes.list
).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for
notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for
occurrences.
The async variant is ContainerAnalysisClient::testIamPermissionsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\TestIamPermissionsResponse |
use Google\ApiCore\ApiException;
use Google\Cloud\ContainerAnalysis\V1\Client\ContainerAnalysisClient;
use Google\Cloud\Iam\V1\TestIamPermissionsRequest;
use Google\Cloud\Iam\V1\TestIamPermissionsResponse;
/**
* @param string $resource REQUIRED: The resource for which the policy detail is being requested.
* See the operation documentation for the appropriate value for this field.
* @param string $permissionsElement The set of permissions to check for the `resource`. Permissions with
* wildcards (such as '*' or 'storage.*') are not allowed. For more
* information see
* [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
*/
function test_iam_permissions_sample(string $resource, string $permissionsElement): void
{
// Create a client.
$containerAnalysisClient = new ContainerAnalysisClient();
// Prepare the request message.
$permissions = [$permissionsElement,];
$request = (new TestIamPermissionsRequest())
->setResource($resource)
->setPermissions($permissions);
// Call the API and handle any network failures.
try {
/** @var TestIamPermissionsResponse $response */
$response = $containerAnalysisClient->testIamPermissions($request);
printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
} catch (ApiException $ex) {
printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
}
}
/**
* Helper to execute the sample.
*
* This sample has been automatically generated and should be regarded as a code
* template only. It will require modifications to work:
* - It may require correct/in-range values for request initialization.
* - It may require specifying regional endpoints when creating the service client,
* please see the apiEndpoint client configuration option for more details.
*/
function callSample(): void
{
$resource = '[RESOURCE]';
$permissionsElement = '[PERMISSIONS]';
test_iam_permissions_sample($resource, $permissionsElement);
}
getIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\Policy> |
getVulnerabilityOccurrencesSummaryAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\ContainerAnalysis\V1\GetVulnerabilityOccurrencesSummaryRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\ContainerAnalysis\V1\VulnerabilityOccurrencesSummary> |
setIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\Policy> |
testIamPermissionsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
|
optionalArgs |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface<Google\Cloud\Iam\V1\TestIamPermissionsResponse> |
static::projectName
Formats a string containing the fully-qualified path to represent a project resource.
Parameter | |
---|---|
Name | Description |
project |
string
|
Returns | |
---|---|
Type | Description |
string |
The formatted project resource. |
static::parseName
Parses a formatted name string and returns an associative array of the components in the name.
The following name formats are supported: Template: Pattern
- project: projects/{project}
The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.
Parameters | |
---|---|
Name | Description |
formattedName |
string
The formatted name string |
template |
?string
Optional name of template to match |
Returns | |
---|---|
Type | Description |
array |
An associative array from name component IDs to component values. |