grafeas.v1.grafeas.proto Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of grafeas Show documentation
Show all versions of grafeas Show documentation
Java idiomatic client for Grafeas.
// Copyright 2019 The Grafeas Authors. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package grafeas.v1;
import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
import "grafeas/v1/attestation.proto";
import "grafeas/v1/build.proto";
import "grafeas/v1/common.proto";
import "grafeas/v1/compliance.proto";
import "grafeas/v1/deployment.proto";
import "grafeas/v1/discovery.proto";
import "grafeas/v1/dsse_attestation.proto";
import "grafeas/v1/image.proto";
import "grafeas/v1/package.proto";
import "grafeas/v1/upgrade.proto";
import "grafeas/v1/vex.proto";
import "grafeas/v1/vulnerability.proto";
option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
option java_multiple_files = true;
option java_package = "io.grafeas.v1";
option objc_class_prefix = "GRA";
option (google.api.resource_definition) = {
type: "grafeas.io/Project"
pattern: "projects/{project}"
};
// [Grafeas](https://grafeas.io) API.
//
// Retrieves analysis results of Cloud components such as Docker container
// images.
//
// Analysis results are stored as a series of occurrences. An `Occurrence`
// contains information about a specific analysis instance on a resource. An
// occurrence refers to a `Note`. A note contains details describing the
// analysis and is generally stored in a separate project, called a `Provider`.
// Multiple occurrences can refer to the same note.
//
// For example, an SSL vulnerability could affect multiple images. In this case,
// there would be one note for the vulnerability and an occurrence for each
// image with the vulnerability referring to that note.
service Grafeas {
option (google.api.default_host) = "containeranalysis.googleapis.com";
// Gets the specified occurrence.
rpc GetOccurrence(GetOccurrenceRequest) returns (Occurrence) {
option (google.api.http) = {
get: "/v1/{name=projects/*/occurrences/*}"
};
option (google.api.method_signature) = "name";
}
// Lists occurrences for the specified project.
rpc ListOccurrences(ListOccurrencesRequest)
returns (ListOccurrencesResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*}/occurrences"
};
option (google.api.method_signature) = "parent,filter";
}
// Deletes the specified occurrence. For example, use this method to delete an
// occurrence when the occurrence is no longer applicable for the given
// resource.
rpc DeleteOccurrence(DeleteOccurrenceRequest)
returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/occurrences/*}"
};
option (google.api.method_signature) = "name";
}
// Creates a new occurrence.
rpc CreateOccurrence(CreateOccurrenceRequest) returns (Occurrence) {
option (google.api.http) = {
post: "/v1/{parent=projects/*}/occurrences"
body: "occurrence"
};
option (google.api.method_signature) = "parent,occurrence";
}
// Creates new occurrences in batch.
rpc BatchCreateOccurrences(BatchCreateOccurrencesRequest)
returns (BatchCreateOccurrencesResponse) {
option (google.api.http) = {
post: "/v1/{parent=projects/*}/occurrences:batchCreate"
body: "*"
};
option (google.api.method_signature) = "parent,occurrences";
}
// Updates the specified occurrence.
rpc UpdateOccurrence(UpdateOccurrenceRequest) returns (Occurrence) {
option (google.api.http) = {
patch: "/v1/{name=projects/*/occurrences/*}"
body: "occurrence"
};
option (google.api.method_signature) = "name,occurrence,update_mask";
}
// Gets the note attached to the specified occurrence. Consumer projects can
// use this method to get a note that belongs to a provider project.
rpc GetOccurrenceNote(GetOccurrenceNoteRequest) returns (Note) {
option (google.api.http) = {
get: "/v1/{name=projects/*/occurrences/*}/notes"
};
option (google.api.method_signature) = "name";
}
// Gets the specified note.
rpc GetNote(GetNoteRequest) returns (Note) {
option (google.api.http) = {
get: "/v1/{name=projects/*/notes/*}"
};
option (google.api.method_signature) = "name";
}
// Lists notes for the specified project.
rpc ListNotes(ListNotesRequest) returns (ListNotesResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*}/notes"
};
option (google.api.method_signature) = "parent,filter";
}
// Deletes the specified note.
rpc DeleteNote(DeleteNoteRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/notes/*}"
};
option (google.api.method_signature) = "name";
}
// Creates a new note.
rpc CreateNote(CreateNoteRequest) returns (Note) {
option (google.api.http) = {
post: "/v1/{parent=projects/*}/notes"
body: "note"
};
option (google.api.method_signature) = "parent,note_id,note";
}
// Creates new notes in batch.
rpc BatchCreateNotes(BatchCreateNotesRequest)
returns (BatchCreateNotesResponse) {
option (google.api.http) = {
post: "/v1/{parent=projects/*}/notes:batchCreate"
body: "*"
};
option (google.api.method_signature) = "parent,notes";
}
// Updates the specified note.
rpc UpdateNote(UpdateNoteRequest) returns (Note) {
option (google.api.http) = {
patch: "/v1/{name=projects/*/notes/*}"
body: "note"
};
option (google.api.method_signature) = "name,note,update_mask";
}
// Lists occurrences referencing the specified note. Provider projects can use
// this method to get all occurrences across consumer projects referencing the
// specified note.
rpc ListNoteOccurrences(ListNoteOccurrencesRequest)
returns (ListNoteOccurrencesResponse) {
option (google.api.http) = {
get: "/v1/{name=projects/*/notes/*}/occurrences"
};
option (google.api.method_signature) = "name,filter";
}
}
// An instance of an analysis type that has been found on a resource.
message Occurrence {
option (google.api.resource) = {
type: "grafeas.io/Occurrence"
pattern: "projects/{project}/occurrences/{occurrence}"
};
// Output only. The name of the occurrence in the form of
// `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.
string name = 1;
// Required. Immutable. A URI that represents the resource for which the
// occurrence applies. For example,
// `https://gcr.io/project/image@sha256:123abc` for a Docker image.
string resource_uri = 2;
// Required. Immutable. The analysis note associated with this occurrence, in
// the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. This field can be
// used as a filter in list requests.
string note_name = 3;
// Output only. This explicitly denotes which of the occurrence details are
// specified. This field can be used as a filter in list requests.
grafeas.v1.NoteKind kind = 4;
// A description of actions that can be taken to remedy the note.
string remediation = 5;
// Output only. The time this occurrence was created.
google.protobuf.Timestamp create_time = 6;
// Output only. The time this occurrence was last updated.
google.protobuf.Timestamp update_time = 7;
// Required. Immutable. Describes the details of the note kind found on this
// resource.
oneof details {
// Describes a security vulnerability.
grafeas.v1.VulnerabilityOccurrence vulnerability = 8;
// Describes a verifiable build.
grafeas.v1.BuildOccurrence build = 9;
// Describes how this resource derives from the basis in the associated
// note.
grafeas.v1.ImageOccurrence image = 10;
// Describes the installation of a package on the linked resource.
grafeas.v1.PackageOccurrence package = 11;
// Describes the deployment of an artifact on a runtime.
grafeas.v1.DeploymentOccurrence deployment = 12;
// Describes when a resource was discovered.
grafeas.v1.DiscoveryOccurrence discovery = 13;
// Describes an attestation of an artifact.
grafeas.v1.AttestationOccurrence attestation = 14;
// Describes an available package upgrade on the linked resource.
grafeas.v1.UpgradeOccurrence upgrade = 15;
// Describes a compliance violation on a linked resource.
grafeas.v1.ComplianceOccurrence compliance = 16;
// Describes an attestation of an artifact using dsse.
grafeas.v1.DSSEAttestationOccurrence dsse_attestation = 17;
}
// https://github.com/secure-systems-lab/dsse
grafeas.v1.Envelope envelope = 18;
}
// A type of analysis that can be done for a resource.
message Note {
option (google.api.resource) = {
type: "grafeas.io/Note"
pattern: "projects/{project}/notes/{note}"
};
// Output only. The name of the note in the form of
// `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.
string name = 1;
// A one sentence description of this note.
string short_description = 2;
// A detailed description of this note.
string long_description = 3;
// Output only. The type of analysis. This field can be used as a filter in
// list requests.
grafeas.v1.NoteKind kind = 4;
// URLs associated with this note.
repeated grafeas.v1.RelatedUrl related_url = 5;
// Time of expiration for this note. Empty if note does not expire.
google.protobuf.Timestamp expiration_time = 6;
// Output only. The time this note was created. This field can be used as a
// filter in list requests.
google.protobuf.Timestamp create_time = 7;
// Output only. The time this note was last updated. This field can be used as
// a filter in list requests.
google.protobuf.Timestamp update_time = 8;
// Other notes related to this note.
repeated string related_note_names = 9;
// Required. Immutable. The type of analysis this note represents.
oneof type {
// A note describing a package vulnerability.
grafeas.v1.VulnerabilityNote vulnerability = 10;
// A note describing build provenance for a verifiable build.
grafeas.v1.BuildNote build = 11;
// A note describing a base image.
grafeas.v1.ImageNote image = 12;
// A note describing a package hosted by various package managers.
grafeas.v1.PackageNote package = 13;
// A note describing something that can be deployed.
grafeas.v1.DeploymentNote deployment = 14;
// A note describing the initial analysis of a resource.
grafeas.v1.DiscoveryNote discovery = 15;
// A note describing an attestation role.
grafeas.v1.AttestationNote attestation = 16;
// A note describing available package upgrades.
grafeas.v1.UpgradeNote upgrade = 17;
// A note describing a compliance check.
grafeas.v1.ComplianceNote compliance = 18;
// A note describing a dsse attestation note.
grafeas.v1.DSSEAttestationNote dsse_attestation = 19;
// A note describing a vulnerability assessment.
grafeas.v1.VulnerabilityAssessmentNote vulnerability_assessment = 20;
}
}
// Request to get an occurrence.
message GetOccurrenceRequest {
// The name of the occurrence in the form of
// `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Occurrence"
];
}
// Request to list occurrences.
message ListOccurrencesRequest {
// The name of the project to list occurrences for in the form of
// `projects/[PROJECT_ID]`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The filter expression.
string filter = 2;
// Number of occurrences to return in the list. Must be positive. Max allowed
// page size is 1000. If not specified, page size defaults to 20.
int32 page_size = 3;
// Token to provide to skip to a particular spot in the list.
string page_token = 4;
}
// Response for listing occurrences.
message ListOccurrencesResponse {
// The occurrences requested.
repeated Occurrence occurrences = 1;
// The next pagination token in the list response. It should be used as
// `page_token` for the following request. An empty value means no more
// results.
string next_page_token = 2;
}
// Request to delete an occurrence.
message DeleteOccurrenceRequest {
// The name of the occurrence in the form of
// `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Occurrence"
];
}
// Request to create a new occurrence.
message CreateOccurrenceRequest {
// The name of the project in the form of `projects/[PROJECT_ID]`, under which
// the occurrence is to be created.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The occurrence to create.
Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED];
}
// Request to update an occurrence.
message UpdateOccurrenceRequest {
// The name of the occurrence in the form of
// `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Occurrence"
];
// The updated occurrence.
Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED];
// The fields to update.
google.protobuf.FieldMask update_mask = 3;
}
// Request to get a note.
message GetNoteRequest {
// The name of the note in the form of
// `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Note"
];
}
// Request to get the note to which the specified occurrence is attached.
message GetOccurrenceNoteRequest {
// The name of the occurrence in the form of
// `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Occurrence"
];
}
// Request to list notes.
message ListNotesRequest {
// The name of the project to list notes for in the form of
// `projects/[PROJECT_ID]`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The filter expression.
string filter = 2;
// Number of notes to return in the list. Must be positive. Max allowed page
// size is 1000. If not specified, page size defaults to 20.
int32 page_size = 3;
// Token to provide to skip to a particular spot in the list.
string page_token = 4;
}
// Response for listing notes.
message ListNotesResponse {
// The notes requested.
repeated Note notes = 1;
// The next pagination token in the list response. It should be used as
// `page_token` for the following request. An empty value means no more
// results.
string next_page_token = 2;
}
// Request to delete a note.
message DeleteNoteRequest {
// The name of the note in the form of
// `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Note"
];
}
// Request to create a new note.
message CreateNoteRequest {
// The name of the project in the form of `projects/[PROJECT_ID]`, under which
// the note is to be created.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The ID to use for this note.
string note_id = 2 [(google.api.field_behavior) = REQUIRED];
// The note to create.
Note note = 3 [(google.api.field_behavior) = REQUIRED];
}
// Request to update a note.
message UpdateNoteRequest {
// The name of the note in the form of
// `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Note"
];
// The updated note.
Note note = 2 [(google.api.field_behavior) = REQUIRED];
// The fields to update.
google.protobuf.FieldMask update_mask = 3;
}
// Request to list occurrences for a note.
message ListNoteOccurrencesRequest {
// The name of the note to list occurrences for in the form of
// `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Note"
];
// The filter expression.
string filter = 2;
// Number of occurrences to return in the list.
int32 page_size = 3;
// Token to provide to skip to a particular spot in the list.
string page_token = 4;
}
// Response for listing occurrences for a note.
message ListNoteOccurrencesResponse {
// The occurrences attached to the specified note.
repeated Occurrence occurrences = 1;
// Token to provide to skip to a particular spot in the list.
string next_page_token = 2;
}
// Request to create notes in batch.
message BatchCreateNotesRequest {
// The name of the project in the form of `projects/[PROJECT_ID]`, under which
// the notes are to be created.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The notes to create. Max allowed length is 1000.
map notes = 2 [(google.api.field_behavior) = REQUIRED];
}
// Response for creating notes in batch.
message BatchCreateNotesResponse {
// The notes that were created.
repeated Note notes = 1;
}
// Request to create occurrences in batch.
message BatchCreateOccurrencesRequest {
// The name of the project in the form of `projects/[PROJECT_ID]`, under which
// the occurrences are to be created.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference).type = "grafeas.io/Project"
];
// The occurrences to create. Max allowed length is 1000.
repeated Occurrence occurrences = 2 [(google.api.field_behavior) = REQUIRED];
}
// Response for creating occurrences in batch.
message BatchCreateOccurrencesResponse {
// The occurrences that were created.
repeated Occurrence occurrences = 1;
}