Home Explore Help
Register Sign In
xuyiping
/
kpt-grpc-demo
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
kpt-grpc-demo
/
google
/
devtools
/
containeranalysis
/
v1
/
containeranalysis.proto

containeranalysis.proto 6.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 
  1. // Copyright 2021 Google LLC
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. syntax = "proto3";
    16. 

  16. 

  17. package google.devtools.containeranalysis.v1;
    18. 

  18. 

  19. import "google/api/annotations.proto";
    20. 

  20. import "google/api/client.proto";
    21. 

  21. import "google/api/field_behavior.proto";
    22. 

  22. import "google/api/resource.proto";
    23. 

  23. import "google/iam/v1/iam_policy.proto";
    24. 

  24. import "google/iam/v1/policy.proto";
    25. 

  25. import "grafeas/v1/severity.proto";
    26. 

  26. 

  27. option csharp_namespace = "Google.Cloud.DevTools.ContainerAnalysis.V1";
    28. 

  28. option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1;containeranalysis";
    29. 

  29. option java_multiple_files = true;
    30. 

  30. option java_package = "com.google.containeranalysis.v1";
    31. 

  31. option objc_class_prefix = "GCA";
    32. 

  32. option ruby_package = "Google::Cloud::ContainerAnalysis::V1";
    33. 

  33. option php_namespace = "Google\\Cloud\\ContainerAnalysis\\V1";
    34. 

  34. 

  35. // Retrieves analysis results of Cloud components such as Docker container
    36. 

  36. // images. The Container Analysis API is an implementation of the
    37. 

  37. // [Grafeas](https://grafeas.io) API.
    38. 

  38. //
    39. 

  39. // Analysis results are stored as a series of occurrences. An `Occurrence`
    40. 

  40. // contains information about a specific analysis instance on a resource. An
    41. 

  41. // occurrence refers to a `Note`. A note contains details describing the
    42. 

  42. // analysis and is generally stored in a separate project, called a `Provider`.
    43. 

  43. // Multiple occurrences can refer to the same note.
    44. 

  44. //
    45. 

  45. // For example, an SSL vulnerability could affect multiple images. In this case,
    46. 

  46. // there would be one note for the vulnerability and an occurrence for each
    47. 

  47. // image with the vulnerability referring to that note.
    48. 

  48. service ContainerAnalysis {
    49. 

  49.   option (google.api.default_host) = "containeranalysis.googleapis.com";
    50. 

  50.   option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
    51. 

  51. 

  52.   // Sets the access control policy on the specified note or occurrence.
    53. 

  53.   // Requires `containeranalysis.notes.setIamPolicy` or
    54. 

  54.   // `containeranalysis.occurrences.setIamPolicy` permission if the resource is
    55. 

  55.   // a note or an occurrence, respectively.
    56. 

  56.   //
    57. 

  57.   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    58. 

  58.   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    59. 

  59.   // occurrences.
    60. 

  60.   rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) {
    61. 

  61.     option (google.api.http) = {
    62. 

  62.       post: "/v1/{resource=projects/*/notes/*}:setIamPolicy"
    63. 

  63.       body: "*"
    64. 

  64.       additional_bindings {
    65. 

  65.         post: "/v1/{resource=projects/*/occurrences/*}:setIamPolicy"
    66. 

  66.         body: "*"
    67. 

  67.       }
    68. 

  68.     };
    69. 

  69.     option (google.api.method_signature) = "resource,policy";
    70. 

  70.   }
    71. 

  71. 

  72.   // Gets the access control policy for a note or an occurrence resource.
    73. 

  73.   // Requires `containeranalysis.notes.setIamPolicy` or
    74. 

  74.   // `containeranalysis.occurrences.setIamPolicy` permission if the resource is
    75. 

  75.   // a note or occurrence, respectively.
    76. 

  76.   //
    77. 

  77.   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    78. 

  78.   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    79. 

  79.   // occurrences.
    80. 

  80.   rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) {
    81. 

  81.     option (google.api.http) = {
    82. 

  82.       post: "/v1/{resource=projects/*/notes/*}:getIamPolicy"
    83. 

  83.       body: "*"
    84. 

  84.       additional_bindings {
    85. 

  85.         post: "/v1/{resource=projects/*/occurrences/*}:getIamPolicy"
    86. 

  86.         body: "*"
    87. 

  87.       }
    88. 

  88.     };
    89. 

  89.     option (google.api.method_signature) = "resource";
    90. 

  90.   }
    91. 

  91. 

  92.   // Returns the permissions that a caller has on the specified note or
    93. 

  93.   // occurrence. Requires list permission on the project (for example,
    94. 

  94.   // `containeranalysis.notes.list`).
    95. 

  95.   //
    96. 

  96.   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
    97. 

  97.   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
    98. 

  98.   // occurrences.
    99. 

  99.   rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) {
    100. 

  100.     option (google.api.http) = {
    101. 

  101.       post: "/v1/{resource=projects/*/notes/*}:testIamPermissions"
    102. 

  102.       body: "*"
    103. 

  103.       additional_bindings {
    104. 

  104.         post: "/v1/{resource=projects/*/occurrences/*}:testIamPermissions"
    105. 

  105.         body: "*"
    106. 

  106.       }
    107. 

  107.     };
    108. 

  108.     option (google.api.method_signature) = "resource,permissions";
    109. 

  109.   }
    110. 

  110. 

  111.   // Gets a summary of the number and severity of occurrences.
    112. 

  112.   rpc GetVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest) returns (VulnerabilityOccurrencesSummary) {
    113. 

  113.     option (google.api.http) = {
    114. 

  114.       get: "/v1/{parent=projects/*}/occurrences:vulnerabilitySummary"
    115. 

  115.     };
    116. 

  116.     option (google.api.method_signature) = "parent,filter";
    117. 

  117.   }
    118. 

  118. }
    119. 

  119. 

  120. // Request to get a vulnerability summary for some set of occurrences.
    121. 

  121. message GetVulnerabilityOccurrencesSummaryRequest {
    122. 

  122.   // Required. The name of the project to get a vulnerability summary for in the form of
    123. 

  123.   // `projects/[PROJECT_ID]`.
    124. 

  124.   string parent = 1 [
    125. 

  125.     (google.api.field_behavior) = REQUIRED,
    126. 

  126.     (google.api.resource_reference) = {
    127. 

  127.       type: "cloudresourcemanager.googleapis.com/Project"
    128. 

  128.     }
    129. 

  129.   ];
    130. 

  130. 

  131.   // The filter expression.
    132. 

  132.   string filter = 2;
    133. 

  133. }
    134. 

  134. 

  135. // A summary of how many vulnerability occurrences there are per resource and
    136. 

  136. // severity type.
    137. 

  137. message VulnerabilityOccurrencesSummary {
    138. 

  138.   // Per resource and severity counts of fixable and total vulnerabilities.
    139. 

  139.   message FixableTotalByDigest {
    140. 

  140.     // The affected resource.
    141. 

  141.     string resource_uri = 1;
    142. 

  142. 

  143.     // The severity for this count. SEVERITY_UNSPECIFIED indicates total across
    144. 

  144.     // all severities.
    145. 

  145.     grafeas.v1.Severity severity = 2;
    146. 

  146. 

  147.     // The number of fixable vulnerabilities associated with this resource.
    148. 

  148.     int64 fixable_count = 3;
    149. 

  149. 

  150.     // The total number of vulnerabilities associated with this resource.
    151. 

  151.     int64 total_count = 4;
    152. 

  152.   }
    153. 

  153. 

  154.   // A listing by resource of the number of fixable and total vulnerabilities.
    155. 

  155.   repeated FixableTotalByDigest counts = 1;
    156. 

  156. }
    157.