com.pulumi.gcp.containeranalysis.kotlin.Occurence.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.containeranalysis.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.containeranalysis.kotlin.outputs.OccurenceAttestation
import com.pulumi.gcp.containeranalysis.kotlin.outputs.OccurenceAttestation.Companion.toKotlin
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [Occurence].
*/
@PulumiTagMarker
public class OccurenceResourceBuilder internal constructor() {
public var name: String? = null
public var args: OccurenceArgs = OccurenceArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend OccurenceArgsBuilder.() -> Unit) {
val builder = OccurenceArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): Occurence {
val builtJavaResource = com.pulumi.gcp.containeranalysis.Occurence(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return Occurence(builtJavaResource)
}
}
/**
* An occurrence is an instance of a Note, or type of analysis that
* can be done for a resource.
* To get more information about Occurrence, see:
* * [API documentation](https://cloud.google.com/container-analysis/api/reference/rest/)
* * How-to Guides
* * [Official Documentation](https://cloud.google.com/container-analysis/)
* ## Example Usage
* ### Container Analysis Occurrence Kms
*
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.kms.KmsFunctions;
* import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
* import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
* import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import com.pulumi.gcp.containeranalysis.Occurence;
* import com.pulumi.gcp.containeranalysis.OccurenceArgs;
* import com.pulumi.gcp.containeranalysis.inputs.OccurenceAttestationArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var note = new Note("note", NoteArgs.builder()
* .name("attestation-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("Attestor Note")
* .build())
* .build())
* .build());
* final var keyring = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
* .name("my-key-ring")
* .location("global")
* .build());
* final var crypto-key = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
* .name("my-key")
* .keyRing(keyring.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
* .build());
* final var version = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
* .cryptoKey(crypto_key.id())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
* .id(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
* .pkixPublicKey(AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs.builder()
* .publicKeyPem(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].pem()))
* .signatureAlgorithm(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].algorithm()))
* .build())
* .build())
* .build())
* .build());
* var occurrence = new Occurence("occurrence", OccurenceArgs.builder()
* .resourceUri("gcr.io/my-project/my-image")
* .noteName(note.id())
* .attestation(OccurenceAttestationArgs.builder()
* .serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
* .input("path/to/my/payload.json")
* .build()).result())
* .signatures(OccurenceAttestationSignatureArgs.builder()
* .publicKeyId(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
* .serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
* .input("path/to/my/payload.json.sig")
* .build()).result())
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* publicKeys:
* - id: ${version.id}
* pkixPublicKey:
* publicKeyPem: ${version.publicKeys[0].pem}
* signatureAlgorithm: ${version.publicKeys[0].algorithm}
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: attestation-note
* attestationAuthority:
* hint:
* humanReadableName: Attestor Note
* occurrence:
* type: gcp:containeranalysis:Occurence
* properties:
* resourceUri: gcr.io/my-project/my-image
* noteName: ${note.id}
* attestation:
* serializedPayload:
* fn::invoke:
* Function: std:filebase64
* Arguments:
* input: path/to/my/payload.json
* Return: result
* signatures:
* - publicKeyId: ${version.id}
* serializedPayload:
* fn::invoke:
* Function: std:filebase64
* Arguments:
* input: path/to/my/payload.json.sig
* Return: result
* variables:
* keyring:
* fn::invoke:
* Function: gcp:kms:getKMSKeyRing
* Arguments:
* name: my-key-ring
* location: global
* crypto-key:
* fn::invoke:
* Function: gcp:kms:getKMSCryptoKey
* Arguments:
* name: my-key
* keyRing: ${keyring.id}
* version:
* fn::invoke:
* Function: gcp:kms:getKMSCryptoKeyVersion
* Arguments:
* cryptoKey: ${["crypto-key"].id}
* ```
*
* ## Import
* Occurrence can be imported using any of these accepted formats:
* * `projects/{{project}}/occurrences/{{name}}`
* * `{{project}}/{{name}}`
* * `{{name}}`
* When using the `pulumi import` command, Occurrence can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:containeranalysis/occurence:Occurence default projects/{{project}}/occurrences/{{name}}
* ```
* ```sh
* $ pulumi import gcp:containeranalysis/occurence:Occurence default {{project}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:containeranalysis/occurence:Occurence default {{name}}
* ```
*/
public class Occurence internal constructor(
override val javaResource: com.pulumi.gcp.containeranalysis.Occurence,
) : KotlinCustomResource(javaResource, OccurenceMapper) {
/**
* Occurrence that represents a single "attestation". The authenticity
* of an attestation can be verified using the attached signature.
* If the verifier trusts the public key of the signer, then verifying
* the signature is sufficient to establish trust. In this circumstance,
* the authority to which this attestation is attached is primarily
* useful for lookup (how to find this attestation if you already
* know the authority and artifact to be verified) and intent (for
* which authority this attestation was intended to sign.
* Structure is documented below.
*/
public val attestation: Output
get() = javaResource.attestation().applyValue({ args0 -> args0.let({ args0 -> toKotlin(args0) }) })
/**
* The time when the repository was created.
*/
public val createTime: Output
get() = javaResource.createTime().applyValue({ args0 -> args0 })
/**
* The note kind which explicitly denotes which of the occurrence
* details are specified. This field can be used as a filter in list
* requests.
*/
public val kind: Output
get() = javaResource.kind().applyValue({ args0 -> args0 })
/**
* The name of the occurrence.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* The analysis note associated with this occurrence, in the form of
* projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a
* filter in list requests.
*/
public val noteName: Output
get() = javaResource.noteName().applyValue({ args0 -> args0 })
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
/**
* A description of actions that can be taken to remedy the note.
*/
public val remediation: Output?
get() = javaResource.remediation().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Required. Immutable. A URI that represents the resource for which
* the occurrence applies. For example,
* https://gcr.io/project/image@sha256:123abc for a Docker image.
*/
public val resourceUri: Output
get() = javaResource.resourceUri().applyValue({ args0 -> args0 })
/**
* The time when the repository was last updated.
*/
public val updateTime: Output
get() = javaResource.updateTime().applyValue({ args0 -> args0 })
}
public object OccurenceMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.containeranalysis.Occurence::class == javaResource::class
override fun map(javaResource: Resource): Occurence = Occurence(
javaResource as
com.pulumi.gcp.containeranalysis.Occurence,
)
}
/**
* @see [Occurence].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [Occurence].
*/
public suspend fun occurence(name: String, block: suspend OccurenceResourceBuilder.() -> Unit): Occurence {
val builder = OccurenceResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [Occurence].
* @param name The _unique_ name of the resulting resource.
*/
public fun occurence(name: String): Occurence {
val builder = OccurenceResourceBuilder()
builder.name(name)
return builder.build()
}