From 0f8c98770ced64959551c6e1ff4310d69e682a7f Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Thu, 16 Jun 2022 15:48:46 +0000 Subject: [PATCH 1/2] feat: Adds a pod_namespace field to pod events created by Continuous Validation, to distinguish pods with the same name that run in different namespaces Committer: @tswift242 PiperOrigin-RevId: 455380856 Source-Link: https://github.com/googleapis/googleapis/commit/1cbacff2f2fe932f91a39d7c1538cb1afc50bd89 Source-Link: https://github.com/googleapis/googleapis-gen/commit/cb47adfa214e798ee1cb736b52ad386101b096e0 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiY2I0N2FkZmEyMTRlNzk4ZWUxY2I3MzZiNTJhZDM4NjEwMWIwOTZlMCJ9 --- owl-bot-staging/v1/.eslintignore | 7 + owl-bot-staging/v1/.eslintrc.json | 3 + owl-bot-staging/v1/.gitignore | 14 + owl-bot-staging/v1/.jsdoc.js | 55 + owl-bot-staging/v1/.mocharc.js | 33 + owl-bot-staging/v1/.prettierrc.js | 22 + owl-bot-staging/v1/README.md | 1 + owl-bot-staging/v1/linkinator.config.json | 16 + owl-bot-staging/v1/package.json | 66 + .../binaryauthorization/v1/resources.proto | 334 +++++ .../binaryauthorization/v1/service.proto | 312 +++++ .../v1/protos/grafeas/v1/attestation.proto | 90 ++ .../v1/protos/grafeas/v1/build.proto | 62 + .../v1/protos/grafeas/v1/common.proto | 150 +++ .../v1/protos/grafeas/v1/compliance.proto | 82 ++ .../v1/protos/grafeas/v1/cvss.proto | 159 +++ .../v1/protos/grafeas/v1/deployment.proto | 66 + .../v1/protos/grafeas/v1/discovery.proto | 88 ++ .../protos/grafeas/v1/dsse_attestation.proto | 52 + .../v1/protos/grafeas/v1/grafeas.proto | 544 ++++++++ .../v1/protos/grafeas/v1/image.proto | 83 ++ .../protos/grafeas/v1/intoto_provenance.proto | 113 ++ .../protos/grafeas/v1/intoto_statement.proto | 52 + .../v1/protos/grafeas/v1/package.proto | 192 +++ .../v1/protos/grafeas/v1/provenance.proto | 265 ++++ .../v1/protos/grafeas/v1/severity.proto | 38 + .../protos/grafeas/v1/slsa_provenance.proto | 115 ++ .../grafeas/v1/slsa_provenance_zero_two.proto | 82 ++ .../v1/protos/grafeas/v1/upgrade.proto | 114 ++ .../v1/protos/grafeas/v1/vulnerability.proto | 241 ++++ ...z_management_service_v1.create_attestor.js | 70 + ...z_management_service_v1.delete_attestor.js | 59 + ...uthz_management_service_v1.get_attestor.js | 59 + ...nauthz_management_service_v1.get_policy.js | 59 + ...hz_management_service_v1.list_attestors.js | 72 ++ ...z_management_service_v1.update_attestor.js | 60 + ...thz_management_service_v1.update_policy.js | 60 + ...a.google.cloud.binaryauthorization.v1.json | 403 ++++++ .../v1/system_policy_v1.get_system_policy.js | 59 + ...lper_v1.validate_attestation_occurrence.js | 80 ++ owl-bot-staging/v1/src/index.ts | 29 + .../binauthz_management_service_v1_client.ts | 1078 ++++++++++++++++ ...z_management_service_v1_client_config.json | 61 + ...uthz_management_service_v1_proto_list.json | 6 + owl-bot-staging/v1/src/v1/gapic_metadata.json | 145 +++ owl-bot-staging/v1/src/v1/index.ts | 21 + .../v1/src/v1/system_policy_v1_client.ts | 492 +++++++ .../v1/system_policy_v1_client_config.json | 30 + .../src/v1/system_policy_v1_proto_list.json | 6 + .../v1/src/v1/validation_helper_v1_client.ts | 505 ++++++++ .../validation_helper_v1_client_config.json | 30 + .../v1/validation_helper_v1_proto_list.json | 6 + .../system-test/fixtures/sample/src/index.js | 29 + .../system-test/fixtures/sample/src/index.ts | 44 + owl-bot-staging/v1/system-test/install.ts | 49 + ...gapic_binauthz_management_service_v1_v1.ts | 1126 +++++++++++++++++ .../v1/test/gapic_system_policy_v1_v1.ts | 363 ++++++ .../v1/test/gapic_validation_helper_v1_v1.ts | 363 ++++++ owl-bot-staging/v1/tsconfig.json | 19 + owl-bot-staging/v1/webpack.config.js | 64 + owl-bot-staging/v1beta1/.eslintignore | 7 + owl-bot-staging/v1beta1/.eslintrc.json | 3 + owl-bot-staging/v1beta1/.gitignore | 14 + owl-bot-staging/v1beta1/.jsdoc.js | 55 + owl-bot-staging/v1beta1/.mocharc.js | 33 + owl-bot-staging/v1beta1/.prettierrc.js | 22 + owl-bot-staging/v1beta1/README.md | 1 + .../v1beta1/linkinator.config.json | 16 + owl-bot-staging/v1beta1/package.json | 65 + .../continuous_validation_logging.proto | 100 ++ .../v1beta1/resources.proto | 344 +++++ .../binaryauthorization/v1beta1/service.proto | 252 ++++ ...gement_service_v1_beta1.create_attestor.js | 70 + ...gement_service_v1_beta1.delete_attestor.js | 59 + ...anagement_service_v1_beta1.get_attestor.js | 59 + ..._management_service_v1_beta1.get_policy.js | 59 + ...agement_service_v1_beta1.list_attestors.js | 72 ++ ...gement_service_v1_beta1.update_attestor.js | 60 + ...nagement_service_v1_beta1.update_policy.js | 60 + ...gle.cloud.binaryauthorization.v1beta1.json | 351 +++++ ...ystem_policy_v1_beta1.get_system_policy.js | 59 + owl-bot-staging/v1beta1/src/index.ts | 27 + ...uthz_management_service_v1_beta1_client.ts | 1078 ++++++++++++++++ ...gement_service_v1_beta1_client_config.json | 61 + ...anagement_service_v1_beta1_proto_list.json | 5 + .../v1beta1/src/v1beta1/gapic_metadata.json | 121 ++ owl-bot-staging/v1beta1/src/v1beta1/index.ts | 20 + .../v1beta1/system_policy_v1_beta1_client.ts | 492 +++++++ .../system_policy_v1_beta1_client_config.json | 30 + .../system_policy_v1_beta1_proto_list.json | 5 + .../system-test/fixtures/sample/src/index.js | 28 + .../system-test/fixtures/sample/src/index.ts | 38 + .../v1beta1/system-test/install.ts | 49 + ...thz_management_service_v1_beta1_v1beta1.ts | 1126 +++++++++++++++++ .../gapic_system_policy_v1_beta1_v1beta1.ts | 363 ++++++ owl-bot-staging/v1beta1/tsconfig.json | 19 + owl-bot-staging/v1beta1/webpack.config.js | 64 + 97 files changed, 14185 insertions(+) create mode 100644 owl-bot-staging/v1/.eslintignore create mode 100644 owl-bot-staging/v1/.eslintrc.json create mode 100644 owl-bot-staging/v1/.gitignore create mode 100644 owl-bot-staging/v1/.jsdoc.js create mode 100644 owl-bot-staging/v1/.mocharc.js create mode 100644 owl-bot-staging/v1/.prettierrc.js create mode 100644 owl-bot-staging/v1/README.md create mode 100644 owl-bot-staging/v1/linkinator.config.json create mode 100644 owl-bot-staging/v1/package.json create mode 100644 owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto create mode 100644 owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/attestation.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/build.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/common.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/compliance.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/cvss.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/deployment.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/discovery.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/image.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/package.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/provenance.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/severity.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto create mode 100644 owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json create mode 100644 owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js create mode 100644 owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js create mode 100644 owl-bot-staging/v1/src/index.ts create mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts create mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json create mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json create mode 100644 owl-bot-staging/v1/src/v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/src/v1/index.ts create mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_client.ts create mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json create mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json create mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts create mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json create mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json create mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.js create mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts create mode 100644 owl-bot-staging/v1/system-test/install.ts create mode 100644 owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts create mode 100644 owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts create mode 100644 owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts create mode 100644 owl-bot-staging/v1/tsconfig.json create mode 100644 owl-bot-staging/v1/webpack.config.js create mode 100644 owl-bot-staging/v1beta1/.eslintignore create mode 100644 owl-bot-staging/v1beta1/.eslintrc.json create mode 100644 owl-bot-staging/v1beta1/.gitignore create mode 100644 owl-bot-staging/v1beta1/.jsdoc.js create mode 100644 owl-bot-staging/v1beta1/.mocharc.js create mode 100644 owl-bot-staging/v1beta1/.prettierrc.js create mode 100644 owl-bot-staging/v1beta1/README.md create mode 100644 owl-bot-staging/v1beta1/linkinator.config.json create mode 100644 owl-bot-staging/v1beta1/package.json create mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto create mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto create mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json create mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js create mode 100644 owl-bot-staging/v1beta1/src/index.ts create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/index.ts create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json create mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json create mode 100644 owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js create mode 100644 owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts create mode 100644 owl-bot-staging/v1beta1/system-test/install.ts create mode 100644 owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts create mode 100644 owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts create mode 100644 owl-bot-staging/v1beta1/tsconfig.json create mode 100644 owl-bot-staging/v1beta1/webpack.config.js diff --git a/owl-bot-staging/v1/.eslintignore b/owl-bot-staging/v1/.eslintignore new file mode 100644 index 0000000..cfc348e --- /dev/null +++ b/owl-bot-staging/v1/.eslintignore @@ -0,0 +1,7 @@ +**/node_modules +**/.coverage +build/ +docs/ +protos/ +system-test/ +samples/generated/ diff --git a/owl-bot-staging/v1/.eslintrc.json b/owl-bot-staging/v1/.eslintrc.json new file mode 100644 index 0000000..7821534 --- /dev/null +++ b/owl-bot-staging/v1/.eslintrc.json @@ -0,0 +1,3 @@ +{ + "extends": "./node_modules/gts" +} diff --git a/owl-bot-staging/v1/.gitignore b/owl-bot-staging/v1/.gitignore new file mode 100644 index 0000000..5d32b23 --- /dev/null +++ b/owl-bot-staging/v1/.gitignore @@ -0,0 +1,14 @@ +**/*.log +**/node_modules +.coverage +coverage +.nyc_output +docs/ +out/ +build/ +system-test/secrets.js +system-test/*key.json +*.lock +.DS_Store +package-lock.json +__pycache__ diff --git a/owl-bot-staging/v1/.jsdoc.js b/owl-bot-staging/v1/.jsdoc.js new file mode 100644 index 0000000..28b3ad6 --- /dev/null +++ b/owl-bot-staging/v1/.jsdoc.js @@ -0,0 +1,55 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +'use strict'; + +module.exports = { + opts: { + readme: './README.md', + package: './package.json', + template: './node_modules/jsdoc-fresh', + recurse: true, + verbose: true, + destination: './docs/' + }, + plugins: [ + 'plugins/markdown', + 'jsdoc-region-tag' + ], + source: { + excludePattern: '(^|\\/|\\\\)[._]', + include: [ + 'build/src', + 'protos' + ], + includePattern: '\\.js$' + }, + templates: { + copyright: 'Copyright 2022 Google LLC', + includeDate: false, + sourceFiles: false, + systemName: '@google-cloud/binary-authorization', + theme: 'lumen', + default: { + outputSourceFiles: false + } + }, + markdown: { + idInHeadings: true + } +}; diff --git a/owl-bot-staging/v1/.mocharc.js b/owl-bot-staging/v1/.mocharc.js new file mode 100644 index 0000000..481c522 --- /dev/null +++ b/owl-bot-staging/v1/.mocharc.js @@ -0,0 +1,33 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +const config = { + "enable-source-maps": true, + "throw-deprecation": true, + "timeout": 10000 +} +if (process.env.MOCHA_THROW_DEPRECATION === 'false') { + delete config['throw-deprecation']; +} +if (process.env.MOCHA_REPORTER) { + config.reporter = process.env.MOCHA_REPORTER; +} +if (process.env.MOCHA_REPORTER_OUTPUT) { + config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; +} +module.exports = config diff --git a/owl-bot-staging/v1/.prettierrc.js b/owl-bot-staging/v1/.prettierrc.js new file mode 100644 index 0000000..494e147 --- /dev/null +++ b/owl-bot-staging/v1/.prettierrc.js @@ -0,0 +1,22 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +module.exports = { + ...require('gts/.prettierrc.json') +} diff --git a/owl-bot-staging/v1/README.md b/owl-bot-staging/v1/README.md new file mode 100644 index 0000000..438dbbe --- /dev/null +++ b/owl-bot-staging/v1/README.md @@ -0,0 +1 @@ +Binaryauthorization: Nodejs Client diff --git a/owl-bot-staging/v1/linkinator.config.json b/owl-bot-staging/v1/linkinator.config.json new file mode 100644 index 0000000..befd23c --- /dev/null +++ b/owl-bot-staging/v1/linkinator.config.json @@ -0,0 +1,16 @@ +{ + "recurse": true, + "skip": [ + "https://codecov.io/gh/googleapis/", + "www.googleapis.com", + "img.shields.io", + "https://console.cloud.google.com/cloudshell", + "https://support.google.com" + ], + "silent": true, + "concurrency": 5, + "retry": true, + "retryErrors": true, + "retryErrorsCount": 5, + "retryErrorsJitter": 3000 +} diff --git a/owl-bot-staging/v1/package.json b/owl-bot-staging/v1/package.json new file mode 100644 index 0000000..63875c0 --- /dev/null +++ b/owl-bot-staging/v1/package.json @@ -0,0 +1,66 @@ +{ + "name": "@google-cloud/binary-authorization", + "version": "0.1.0", + "description": "Binaryauthorization client for Node.js", + "repository": "googleapis/nodejs-binaryauthorization", + "license": "Apache-2.0", + "author": "Google LLC", + "main": "build/src/index.js", + "files": [ + "build/src", + "build/protos" + ], + "keywords": [ + "google apis client", + "google api client", + "google apis", + "google api", + "google", + "google cloud platform", + "google cloud", + "cloud", + "google binaryauthorization", + "binaryauthorization", + "binauthz management service v1", + "system policy v1", + "validation helper v1" + ], + "scripts": { + "clean": "gts clean", + "compile": "tsc -p . && cp -r protos build/", + "compile-protos": "compileProtos src", + "docs": "jsdoc -c .jsdoc.js", + "predocs-test": "npm run docs", + "docs-test": "linkinator docs", + "fix": "gts fix", + "lint": "gts check", + "prepare": "npm run compile-protos && npm run compile", + "system-test": "c8 mocha build/system-test", + "test": "c8 mocha build/test" + }, + "dependencies": { + "google-gax": "^2.29.4" + }, + "devDependencies": { + "@types/mocha": "^9.1.0", + "@types/node": "^16.0.0", + "@types/sinon": "^10.0.8", + "c8": "^7.11.0", + "gts": "^3.1.0", + "jsdoc": "^3.6.7", + "jsdoc-fresh": "^1.1.1", + "jsdoc-region-tag": "^1.3.1", + "linkinator": "^3.0.0", + "mocha": "^9.1.4", + "null-loader": "^4.0.1", + "pack-n-play": "^1.0.0-2", + "sinon": "^13.0.0", + "ts-loader": "^9.2.6", + "typescript": "^4.5.5", + "webpack": "^5.67.0", + "webpack-cli": "^4.9.1" + }, + "engines": { + "node": ">=v10.24.0" + } +} diff --git a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto new file mode 100644 index 0000000..9d72a9f --- /dev/null +++ b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto @@ -0,0 +1,334 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.binaryauthorization.v1; + +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1;binaryauthorization"; +option java_multiple_files = false; +option java_package = "com.google.protos.google.cloud.binaryauthorization.v1"; +option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1"; +option ruby_package = "Google::Cloud::BinaryAuthorization::V1"; + +// A [policy][google.cloud.binaryauthorization.v1.Policy] for container image binary authorization. +message Policy { + option (google.api.resource) = { + type: "binaryauthorization.googleapis.com/Policy" + pattern: "projects/{project}/policy" + pattern: "locations/{location}/policy" + }; + + enum GlobalPolicyEvaluationMode { + // Not specified: DISABLE is assumed. + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0; + + // Enables system policy evaluation. + ENABLE = 1; + + // Disables system policy evaluation. + DISABLE = 2; + } + + // Output only. The resource name, in the format `projects/*/policy`. There is + // at most one policy per project. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. A descriptive comment. + string description = 6 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Controls the evaluation of a Google-maintained global admission + // policy for common system-level images. Images not covered by the global + // policy will be subject to the project admission policy. This setting + // has no effect when specified inside a global admission policy. + GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Admission policy allowlisting. A matching admission request will + // always be permitted. This feature is typically used to exclude Google or + // third-party infrastructure images from Binary Authorization policies. + repeated AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-cluster admission rules. Cluster spec format: + // `location.clusterId`. There can be at most one admission rule per cluster + // spec. + // A `location` is either a compute zone (e.g. us-central1-a) or a region + // (e.g. us-central1). + // For `clusterId` syntax restrictions see + // https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + map cluster_admission_rules = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: + // [a-z.-]+, e.g. 'some-namespace' + map kubernetes_namespace_admission_rules = 10 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-kubernetes-service-account admission rules. Service account + // spec format: `namespace:serviceaccount`. e.g. 'test-ns:default' + map kubernetes_service_account_admission_rules = 8 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-istio-service-identity admission rules. Istio service + // identity spec format: + // spiffe:///ns//sa/ or + // /ns//sa/ + // e.g. spiffe://example.com/ns/test-ns/sa/default + map istio_service_identity_admission_rules = 9 [(google.api.field_behavior) = OPTIONAL]; + + // Required. Default admission rule for a cluster without a per-cluster, per- + // kubernetes-service-account, or per-istio-service-identity admission rule. + AdmissionRule default_admission_rule = 4 [(google.api.field_behavior) = REQUIRED]; + + // Output only. Time when the policy was last updated. + google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// An [admission allowlist pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] exempts images +// from checks by [admission rules][google.cloud.binaryauthorization.v1.AdmissionRule]. +message AdmissionWhitelistPattern { + // An image name pattern to allowlist, in the form `registry/path/to/image`. + // This supports a trailing `*` wildcard, but this is allowed only in + // text after the `registry/` part. This also supports a trailing `**` + // wildcard which matches subdirectories of a given entry. + string name_pattern = 1; +} + +// An [admission rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies either that all container images +// used in a pod creation request must be attested to by one or more +// [attestors][google.cloud.binaryauthorization.v1.Attestor], that all pod creations will be allowed, or that all +// pod creations will be denied. +// +// Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] +// are exempted from admission rules and will never block a pod creation. +message AdmissionRule { + enum EvaluationMode { + // Do not use. + EVALUATION_MODE_UNSPECIFIED = 0; + + // This rule allows all all pod creations. + ALWAYS_ALLOW = 1; + + // This rule allows a pod creation if all the attestors listed in + // 'require_attestations_by' have valid attestations for all of the + // images in the pod spec. + REQUIRE_ATTESTATION = 2; + + // This rule denies all pod creations. + ALWAYS_DENY = 3; + } + + // Defines the possible actions when a pod creation is denied by an admission + // rule. + enum EnforcementMode { + // Do not use. + ENFORCEMENT_MODE_UNSPECIFIED = 0; + + // Enforce the admission rule by blocking the pod creation. + ENFORCED_BLOCK_AND_AUDIT_LOG = 1; + + // Dryrun mode: Audit logging only. This will allow the pod creation as if + // the admission request had specified break-glass. + DRYRUN_AUDIT_LOG_ONLY = 2; + } + + // Required. How this admission rule will be evaluated. + EvaluationMode evaluation_mode = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. The resource names of the attestors that must attest to + // a container image, in the format `projects/*/attestors/*`. Each + // attestor must exist before a policy can reference it. To add an attestor + // to a policy the principal issuing the policy change request must be able + // to read the attestor resource. + // + // Note: this field must be non-empty when the evaluation_mode field specifies + // REQUIRE_ATTESTATION, otherwise it must be empty. + repeated string require_attestations_by = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Required. The action when a pod creation is denied by the admission rule. + EnforcementMode enforcement_mode = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image +// artifacts. An existing attestor cannot be modified except where +// indicated. +message Attestor { + option (google.api.resource) = { + type: "binaryauthorization.googleapis.com/Attestor" + pattern: "projects/{project}/attestors/{attestor}" + }; + + // Required. The resource name, in the format: + // `projects/*/attestors/*`. This field may not be updated. + string name = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. A descriptive comment. This field may be updated. + // The field may be displayed in chooser dialogs. + string description = 6 [(google.api.field_behavior) = OPTIONAL]; + + oneof attestor_type { + // This specifies how an attestation will be read, and how it will be used + // during policy enforcement. + UserOwnedGrafeasNote user_owned_grafeas_note = 3; + } + + // Output only. Time when the attestor was last updated. + google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// An [user owned Grafeas note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] references a Grafeas +// Attestation.Authority Note created by the user. +message UserOwnedGrafeasNote { + // Required. The Grafeas resource name of a Attestation.Authority Note, + // created by the user, in the format: `projects/*/notes/*`. This field may + // not be updated. + // + // An attestation by this attestor is stored as a Grafeas + // Attestation.Authority Occurrence that names a container image and that + // links to this Note. Grafeas is an external dependency. + string note_reference = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Public keys that verify attestations signed by this + // attestor. This field may be updated. + // + // If this field is non-empty, one of the specified public keys must + // verify that an attestation was signed by this attestor for the + // image specified in the admission request. + // + // If this field is empty, this attestor always returns that no + // valid attestations exist. + repeated AttestorPublicKey public_keys = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Output only. This field will contain the service account email address + // that this Attestor will use as the principal when querying Container + // Analysis. Attestor administrators must grant this service account the + // IAM role needed to read attestations from the [note_reference][Note] in + // Container Analysis (`containeranalysis.notes.occurrences.viewer`). + // + // This email address is fixed for the lifetime of the Attestor, but callers + // should not make any other assumptions about the service account email; + // future versions may use an email based on a different naming pattern. + string delegation_service_account_email = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// A public key in the PkixPublicKey format (see +// https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). +// Public keys of this type are typically textually encoded using the PEM +// format. +message PkixPublicKey { + // Represents a signature algorithm and other information necessary to verify + // signatures with a given public key. + // This is based primarily on the public key types supported by Tink's + // PemKeyType, which is in turn based on KMS's supported signing algorithms. + // See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz + // might support additional public key types independently of Tink and/or KMS. + enum SignatureAlgorithm { + option allow_alias = true; + + // Not specified. + SIGNATURE_ALGORITHM_UNSPECIFIED = 0; + + // RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_PSS_2048_SHA256 = 1; + + // RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_PSS_3072_SHA256 = 2; + + // RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_PSS_4096_SHA256 = 3; + + // RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_PSS_4096_SHA512 = 4; + + // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_2048_SHA256 = 5; + + // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 = 6; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 = 7; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + RSA_SIGN_PKCS1_4096_SHA512 = 8; + + // ECDSA on the NIST P-256 curve with a SHA256 digest. + ECDSA_P256_SHA256 = 9; + + // ECDSA on the NIST P-256 curve with a SHA256 digest. + EC_SIGN_P256_SHA256 = 9; + + // ECDSA on the NIST P-384 curve with a SHA384 digest. + ECDSA_P384_SHA384 = 10; + + // ECDSA on the NIST P-384 curve with a SHA384 digest. + EC_SIGN_P384_SHA384 = 10; + + // ECDSA on the NIST P-521 curve with a SHA512 digest. + ECDSA_P521_SHA512 = 11; + + // ECDSA on the NIST P-521 curve with a SHA512 digest. + EC_SIGN_P521_SHA512 = 11; + } + + // A PEM-encoded public key, as described in + // https://tools.ietf.org/html/rfc7468#section-13 + string public_key_pem = 1; + + // The signature algorithm used to verify a message against a signature using + // this key. + // These signature algorithm must match the structure and any object + // identifiers encoded in `public_key_pem` (i.e. this algorithm must match + // that of the public key). + SignatureAlgorithm signature_algorithm = 2; +} + +// An [attestor public key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that will be used to verify +// attestations signed by this attestor. +message AttestorPublicKey { + // Optional. A descriptive comment. This field may be updated. + string comment = 1 [(google.api.field_behavior) = OPTIONAL]; + + // The ID of this public key. + // Signatures verified by BinAuthz must include the ID of the public key that + // can be used to verify them, and that ID must match the contents of this + // field exactly. + // Additional restrictions on this field can be imposed based on which public + // key type is encapsulated. See the documentation on `public_key` cases below + // for details. + string id = 2; + + oneof public_key { + // ASCII-armored representation of a PGP public key, as the entire output by + // the command `gpg --export --armor foo@example.com` (either LF or CRLF + // line endings). + // When using this field, `id` should be left blank. The BinAuthz API + // handlers will calculate the ID and fill it in automatically. BinAuthz + // computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as + // upper-case hex. If `id` is provided by the caller, it will be + // overwritten by the API-calculated ID. + string ascii_armored_pgp_public_key = 3; + + // A raw PKIX SubjectPublicKeyInfo format public key. + // + // NOTE: `id` may be explicitly provided by the caller when using this + // type of public key, but it MUST be a valid RFC3986 URI. If `id` is left + // blank, a default one will be computed based on the digest of the DER + // encoding of the public key. + PkixPublicKey pkix_public_key = 5; + } +} diff --git a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto new file mode 100644 index 0000000..e063aac --- /dev/null +++ b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto @@ -0,0 +1,312 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.binaryauthorization.v1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/binaryauthorization/v1/resources.proto"; +import "google/protobuf/empty.proto"; +import "grafeas/v1/attestation.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1;binaryauthorization"; +option java_multiple_files = false; +option java_package = "com.google.protos.google.cloud.binaryauthorization.v1"; +option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1"; +option ruby_package = "Google::Cloud::BinaryAuthorization::V1"; + +// Customer-facing API for Cloud Binary Authorization. + +// Google Cloud Management Service for Binary Authorization admission policies +// and attestation authorities. +// +// This API implements a REST model with the following objects: +// +// * [Policy][google.cloud.binaryauthorization.v1.Policy] +// * [Attestor][google.cloud.binaryauthorization.v1.Attestor] +service BinauthzManagementServiceV1 { + option (google.api.default_host) = "binaryauthorization.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to + // a container image, before the project is allowed to deploy that + // image. There is at most one policy per project. All image admission + // requests are permitted if a project has no policy. + // + // Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default + // [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one. + rpc GetPolicy(GetPolicyRequest) returns (Policy) { + option (google.api.http) = { + get: "/v1/{name=projects/*/policy}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the + // new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race + // conditions with concurrent policy enforcement (or management!) + // requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + // if the request is malformed. + rpc UpdatePolicy(UpdatePolicyRequest) returns (Policy) { + option (google.api.http) = { + put: "/v1/{policy.name=projects/*/policy}" + body: "policy" + }; + option (google.api.method_signature) = "policy"; + } + + // Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new + // [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, + // INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + // [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists. + rpc CreateAttestor(CreateAttestorRequest) returns (Attestor) { + option (google.api.http) = { + post: "/v1/{parent=projects/*}/attestors" + body: "attestor" + }; + option (google.api.method_signature) = "parent,attestor_id,attestor"; + } + + // Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. + // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc GetAttestor(GetAttestorRequest) returns (Attestor) { + option (google.api.http) = { + get: "/v1/{name=projects/*/attestors/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. + // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc UpdateAttestor(UpdateAttestorRequest) returns (Attestor) { + option (google.api.http) = { + put: "/v1/{attestor.name=projects/*/attestors/*}" + body: "attestor" + }; + option (google.api.method_signature) = "attestor"; + } + + // Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + // Returns INVALID_ARGUMENT if the project does not exist. + rpc ListAttestors(ListAttestorsRequest) returns (ListAttestorsResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*}/attestors" + }; + option (google.api.method_signature) = "parent"; + } + + // Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the + // [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc DeleteAttestor(DeleteAttestorRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/attestors/*}" + }; + option (google.api.method_signature) = "name"; + } +} + +// API for working with the system policy. +service SystemPolicyV1 { + option (google.api.default_host) = "binaryauthorization.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Gets the current system policy in the specified location. + rpc GetSystemPolicy(GetSystemPolicyRequest) returns (Policy) { + option (google.api.http) = { + get: "/v1/{name=locations/*/policy}" + }; + option (google.api.method_signature) = "name"; + } +} + +// BinAuthz Attestor verification +service ValidationHelperV1 { + option (google.api.default_host) = "binaryauthorization.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Returns whether the given Attestation for the given image URI + // was signed by the given Attestor + rpc ValidateAttestationOccurrence(ValidateAttestationOccurrenceRequest) returns (ValidateAttestationOccurrenceResponse) { + option (google.api.http) = { + post: "/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence" + body: "*" + }; + } +} + +// Request message for [BinauthzManagementService.GetPolicy][]. +message GetPolicyRequest { + // Required. The resource name of the [policy][google.cloud.binaryauthorization.v1.Policy] to retrieve, + // in the format `projects/*/policy`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Policy" + } + ]; +} + +// Request message for [BinauthzManagementService.UpdatePolicy][]. +message UpdatePolicyRequest { + // Required. A new or updated [policy][google.cloud.binaryauthorization.v1.Policy] value. The service will + // overwrite the [policy name][google.cloud.binaryauthorization.v1.Policy.name] field with the resource name in + // the request URL, in the format `projects/*/policy`. + Policy policy = 1 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.CreateAttestor][]. +message CreateAttestorRequest { + // Required. The parent of this [attestor][google.cloud.binaryauthorization.v1.Attestor]. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Required. The [attestors][google.cloud.binaryauthorization.v1.Attestor] ID. + string attestor_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The initial [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service will + // overwrite the [attestor name][google.cloud.binaryauthorization.v1.Attestor.name] field with the resource name, + // in the format `projects/*/attestors/*`. + Attestor attestor = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.GetAttestor][]. +message GetAttestorRequest { + // Required. The name of the [attestor][google.cloud.binaryauthorization.v1.Attestor] to retrieve, in the format + // `projects/*/attestors/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Attestor" + } + ]; +} + +// Request message for [BinauthzManagementService.UpdateAttestor][]. +message UpdateAttestorRequest { + // Required. The updated [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service will + // overwrite the [attestor name][google.cloud.binaryauthorization.v1.Attestor.name] field with the resource name + // in the request URL, in the format `projects/*/attestors/*`. + Attestor attestor = 1 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.ListAttestors][]. +message ListAttestorsRequest { + // Required. The resource name of the project associated with the + // [attestors][google.cloud.binaryauthorization.v1.Attestor], in the format `projects/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Requested page size. The server may return fewer results than requested. If + // unspecified, the server will pick an appropriate default. + int32 page_size = 2; + + // A token identifying a page of results the server should return. Typically, + // this is the value of [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] returned + // from the previous call to the `ListAttestors` method. + string page_token = 3; +} + +// Response message for [BinauthzManagementService.ListAttestors][]. +message ListAttestorsResponse { + // The list of [attestors][google.cloud.binaryauthorization.v1.Attestor]. + repeated Attestor attestors = 1; + + // A token to retrieve the next page of results. Pass this value in the + // [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] field in the subsequent call to the + // `ListAttestors` method to retrieve the next page of results. + string next_page_token = 2; +} + +// Request message for [BinauthzManagementService.DeleteAttestor][]. +message DeleteAttestorRequest { + // Required. The name of the [attestors][google.cloud.binaryauthorization.v1.Attestor] to delete, in the format + // `projects/*/attestors/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Attestor" + } + ]; +} + +// Request to read the current system policy. +message GetSystemPolicyRequest { + // Required. The resource name, in the format `locations/*/policy`. + // Note that the system policy is not associated with a project. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Policy" + } + ]; +} + +// Request message for +// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. +message ValidateAttestationOccurrenceRequest { + // Required. The resource name of the [Attestor][google.cloud.binaryauthorization.v1.Attestor] of the + // [occurrence][grafeas.v1.Occurrence], in the format + // `projects/*/attestors/*`. + string attestor = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. An [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to + // be checked that it can be verified by the Attestor. It does not have to be + // an existing entity in Container Analysis. It must otherwise be a valid + // AttestationOccurrence. + grafeas.v1.AttestationOccurrence attestation = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The resource name of the [Note][grafeas.v1.Note] to which the + // containing [Occurrence][grafeas.v1.Occurrence] is associated. + string occurrence_note = 3 [(google.api.field_behavior) = REQUIRED]; + + // Required. The URI of the artifact (e.g. container image) that is the + // subject of the containing [Occurrence][grafeas.v1.Occurrence]. + string occurrence_resource_uri = 4 [(google.api.field_behavior) = REQUIRED]; +} + +// Response message for +// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. +message ValidateAttestationOccurrenceResponse { + // The enum returned in the "result" field. + enum Result { + // Unspecified. + RESULT_UNSPECIFIED = 0; + + // The Attestation was able to verified by the Attestor. + VERIFIED = 1; + + // The Attestation was not able to verified by the Attestor. + ATTESTATION_NOT_VERIFIABLE = 2; + } + + // The result of the Attestation validation. + Result result = 1; + + // The reason for denial if the Attestation couldn't be validated. + string denial_reason = 2; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto b/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto new file mode 100644 index 0000000..f2854fe --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto @@ -0,0 +1,90 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/common.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// An attestation wrapper with a PGP-compatible signature. This message only +// supports `ATTACHED` signatures, where the payload that is signed is included +// alongside the signature itself in the same file. + +// Note kind that represents a logical attestation "role" or "authority". For +// example, an organization might have one `Authority` for "QA" and one for +// "build". This note is intended to act strictly as a grouping mechanism for +// the attached occurrences (Attestations). This grouping mechanism also +// provides a security boundary, since IAM ACLs gate the ability for a principle +// to attach an occurrence to a given note. It also provides a single point of +// lookup to find all attached attestation occurrences, even if they don't all +// live in the same project. +message AttestationNote { + // This submessage provides human-readable hints about the purpose of the + // authority. Because the name of a note acts as its resource reference, it is + // important to disambiguate the canonical name of the Note (which might be a + // UUID for security purposes) from "readable" names more suitable for debug + // output. Note that these hints should not be used to look up authorities in + // security sensitive contexts, such as when looking up attestations to + // verify. + message Hint { + // Required. The human readable name of this attestation authority, for + // example "qa". + string human_readable_name = 1; + } + + // Hint hints at the purpose of the attestation authority. + Hint hint = 1; +} + +message Jwt { + // The compact encoding of a JWS, which is always three base64 encoded strings + // joined by periods. For details, see: + // https://tools.ietf.org/html/rfc7515.html#section-3.1 + string compact_jwt = 1; +} + +// Occurrence that represents a single "attestation". The authenticity of an +// attestation can be verified using the attached signature. If the verifier +// trusts the public key of the signer, then verifying the signature is +// sufficient to establish trust. In this circumstance, the authority to which +// this attestation is attached is primarily useful for lookup (how to find +// this attestation if you already know the authority and artifact to be +// verified) and intent (for which authority this attestation was intended to +// sign. +message AttestationOccurrence { + // Required. The serialized payload that is verified by one or more + // `signatures`. + bytes serialized_payload = 1; + // One or more signatures over `serialized_payload`. Verifier implementations + // should consider this attestation message verified if at least one + // `signature` verifies `serialized_payload`. See `Signature` in common.proto + // for more details on signature structure and verification. + repeated Signature signatures = 2; + // One or more JWTs encoding a self-contained attestation. + // Each JWT encodes the payload that it verifies within the JWT itself. + // Verifier implementation SHOULD ignore the `serialized_payload` field + // when verifying these JWTs. + // If only JWTs are present on this AttestationOccurrence, then the + // `serialized_payload` SHOULD be left empty. + // Each JWT SHOULD encode a claim specific to the `resource_uri` of this + // Occurrence, but this is not validated by Grafeas metadata API + // implementations. The JWT itself is opaque to Grafeas. + repeated Jwt jwts = 3; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/build.proto b/owl-bot-staging/v1/protos/grafeas/v1/build.proto new file mode 100644 index 0000000..172637f --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/build.proto @@ -0,0 +1,62 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/intoto_provenance.proto"; +import "grafeas/v1/intoto_statement.proto"; +import "grafeas/v1/provenance.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Note holding the version of the provider's builder and the signature of the +// provenance message in the build details occurrence. +message BuildNote { + // Required. Immutable. Version of the builder which produced this build. + string builder_version = 1; +} + +// Details of a build occurrence. +message BuildOccurrence { + // The actual provenance for the build. + grafeas.v1.BuildProvenance provenance = 1; + + // Serialized JSON representation of the provenance, used in generating the + // build signature in the corresponding build note. After verifying the + // signature, `provenance_bytes` can be unmarshalled and compared to the + // provenance to confirm that it is unchanged. A base64-encoded string + // representation of the provenance bytes is used for the signature in order + // to interoperate with openssl which expects this format for signature + // verification. + // + // The serialized form is captured both to avoid ambiguity in how the + // provenance is marshalled to json as well to prevent incompatibilities with + // future changes. + string provenance_bytes = 2; + + // Deprecated. See InTotoStatement for the replacement. + // In-toto Provenance representation as defined in spec. + InTotoProvenance intoto_provenance = 3; + + // In-toto Statement representation as defined in spec. + // The intoto_statement can contain any type of provenance. The serialized + // payload of the statement can be stored and signed in the Occurrence's + // envelope. + InTotoStatement intoto_statement = 4; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/common.proto b/owl-bot-staging/v1/protos/grafeas/v1/common.proto new file mode 100644 index 0000000..80bd786 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/common.proto @@ -0,0 +1,150 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Kind represents the kinds of notes supported. +enum NoteKind { + // Default value. This value is unused. + NOTE_KIND_UNSPECIFIED = 0; + // The note and occurrence represent a package vulnerability. + VULNERABILITY = 1; + // The note and occurrence assert build provenance. + BUILD = 2; + // This represents an image basis relationship. + IMAGE = 3; + // This represents a package installed via a package manager. + PACKAGE = 4; + // The note and occurrence track deployment events. + DEPLOYMENT = 5; + // The note and occurrence track the initial discovery status of a resource. + DISCOVERY = 6; + // This represents a logical "role" that can attest to artifacts. + ATTESTATION = 7; + // This represents an available package upgrade. + UPGRADE = 8; + // This represents a Compliance Note + COMPLIANCE = 9; + // This represents a DSSE attestation Note + DSSE_ATTESTATION = 10; +} + +// Metadata for any related URL information. +message RelatedUrl { + // Specific URL associated with the resource. + string url = 1; + // Label to describe usage of the URL. + string label = 2; +} + +// Verifiers (e.g. Kritis implementations) MUST verify signatures +// with respect to the trust anchors defined in policy (e.g. a Kritis policy). +// Typically this means that the verifier has been configured with a map from +// `public_key_id` to public key material (and any required parameters, e.g. +// signing algorithm). +// +// In particular, verification implementations MUST NOT treat the signature +// `public_key_id` as anything more than a key lookup hint. The `public_key_id` +// DOES NOT validate or authenticate a public key; it only provides a mechanism +// for quickly selecting a public key ALREADY CONFIGURED on the verifier through +// a trusted channel. Verification implementations MUST reject signatures in any +// of the following circumstances: +// * The `public_key_id` is not recognized by the verifier. +// * The public key that `public_key_id` refers to does not verify the +// signature with respect to the payload. +// +// The `signature` contents SHOULD NOT be "attached" (where the payload is +// included with the serialized `signature` bytes). Verifiers MUST ignore any +// "attached" payload and only verify signatures with respect to explicitly +// provided payload (e.g. a `payload` field on the proto message that holds +// this Signature, or the canonical serialization of the proto message that +// holds this signature). +message Signature { + // The content of the signature, an opaque bytestring. + // The payload that this signature verifies MUST be unambiguously provided + // with the Signature during verification. A wrapper message might provide + // the payload explicitly. Alternatively, a message might have a canonical + // serialization that can always be unambiguously computed to derive the + // payload. + bytes signature = 1; + + // The identifier for the public key that verifies this signature. + // * The `public_key_id` is required. + // * The `public_key_id` SHOULD be an RFC3986 conformant URI. + // * When possible, the `public_key_id` SHOULD be an immutable reference, + // such as a cryptographic digest. + // + // Examples of valid `public_key_id`s: + // + // OpenPGP V4 public key fingerprint: + // * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" + // See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more + // details on this scheme. + // + // RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER + // serialization): + // * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" + // * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" + string public_key_id = 2; +} + +// MUST match +// https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An +// authenticated message of arbitrary type. +message Envelope { + bytes payload = 1; + string payload_type = 2; + repeated EnvelopeSignature signatures = 3; +} + +message EnvelopeSignature { + bytes sig = 1; + string keyid = 2; +} + +// Indicates the location at which a package was found. +message FileLocation { + // For jars that are contained inside .war files, this filepath + // can indicate the path to war file combined with the path to jar file. + string file_path = 1; +} + +// License information. +message License { + // Often a single license can be used to represent the licensing terms. + // Sometimes it is necessary to include a choice of one or more licenses + // or some combination of license identifiers. + // Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", + // "GPL-2.0-or-later WITH Bison-exception-2.2". + string expression = 1; + + // Comments + string comments = 2; +} + +// Digest information. +message Digest { + // `SHA1`, `SHA512` etc. + string algo = 1; + + // Value of the digest. + bytes digest_bytes = 2; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto b/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto new file mode 100644 index 0000000..688fa82 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto @@ -0,0 +1,82 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/severity.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +message ComplianceNote { + // The title that identifies this compliance check. + string title = 1; + // A description about this compliance check. + string description = 2; + // The OS and config versions the benchmark applies to. + repeated grafeas.v1.ComplianceVersion version = 3; + // A rationale for the existence of this compliance check. + string rationale = 4; + // A description of remediation steps if the compliance check fails. + string remediation = 5; + // A compliance check that is a CIS benchmark. + message CisBenchmark { + int32 profile_level = 1; + grafeas.v1.Severity severity = 2; + } + oneof compliance_type { + CisBenchmark cis_benchmark = 6; + } + // Serialized scan instructions with a predefined format. + bytes scan_instructions = 7; +} + +// Describes the CIS benchmark version that is applicable to a given OS and +// os version. +message ComplianceVersion { + // The CPE URI (https://cpe.mitre.org/specification/) this benchmark is + // applicable to. + string cpe_uri = 1; + // The name of the document that defines this benchmark, e.g. "CIS + // Container-Optimized OS". + string benchmark_document = 3; + // The version of the benchmark. This is set to the version of the OS-specific + // CIS document the benchmark is defined in. + string version = 2; +} + +// An indication that the compliance checks in the associated ComplianceNote +// were not satisfied for particular resources or a specified reason. +message ComplianceOccurrence { + repeated NonCompliantFile non_compliant_files = 2; + string non_compliance_reason = 3; +} + +// Details about files that caused a compliance check to fail. +message NonCompliantFile { + // display_command is a single command that can be used to display a list of + // non compliant files. When there is no such command, we can also iterate a + // list of non compliant file using 'path'. + + // Empty if `display_command` is set. + string path = 1; + // Command to display the non-compliant files. + string display_command = 2; + // Explains why a file is non compliant for a CIS check. + string reason = 3; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto b/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto new file mode 100644 index 0000000..ab7e2b8 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto @@ -0,0 +1,159 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option java_outer_classname = "CVSSProto"; + +// Common Vulnerability Scoring System version 3. +// For details, see https://www.first.org/cvss/specification-document +message CVSSv3 { + // The base score is a function of the base metric scores. + float base_score = 1; + + float exploitability_score = 2; + + float impact_score = 3; + + // Base Metrics + // Represents the intrinsic characteristics of a vulnerability that are + // constant over time and across user environments. + AttackVector attack_vector = 5; + AttackComplexity attack_complexity = 6; + PrivilegesRequired privileges_required = 7; + UserInteraction user_interaction = 8; + Scope scope = 9; + Impact confidentiality_impact = 10; + Impact integrity_impact = 11; + Impact availability_impact = 12; + + enum AttackVector { + ATTACK_VECTOR_UNSPECIFIED = 0; + ATTACK_VECTOR_NETWORK = 1; + ATTACK_VECTOR_ADJACENT = 2; + ATTACK_VECTOR_LOCAL = 3; + ATTACK_VECTOR_PHYSICAL = 4; + } + + enum AttackComplexity { + ATTACK_COMPLEXITY_UNSPECIFIED = 0; + ATTACK_COMPLEXITY_LOW = 1; + ATTACK_COMPLEXITY_HIGH = 2; + } + + enum PrivilegesRequired { + PRIVILEGES_REQUIRED_UNSPECIFIED = 0; + PRIVILEGES_REQUIRED_NONE = 1; + PRIVILEGES_REQUIRED_LOW = 2; + PRIVILEGES_REQUIRED_HIGH = 3; + } + + enum UserInteraction { + USER_INTERACTION_UNSPECIFIED = 0; + USER_INTERACTION_NONE = 1; + USER_INTERACTION_REQUIRED = 2; + } + + enum Scope { + SCOPE_UNSPECIFIED = 0; + SCOPE_UNCHANGED = 1; + SCOPE_CHANGED = 2; + } + + enum Impact { + IMPACT_UNSPECIFIED = 0; + IMPACT_HIGH = 1; + IMPACT_LOW = 2; + IMPACT_NONE = 3; + } +} + +// Common Vulnerability Scoring System. +// For details, see https://www.first.org/cvss/specification-document +// This is a message we will try to use for storing various versions of CVSS +// rather than making a separate proto for storing a specific version. +message CVSS { + // The base score is a function of the base metric scores. + float base_score = 1; + + float exploitability_score = 2; + + float impact_score = 3; + + // Base Metrics + // Represents the intrinsic characteristics of a vulnerability that are + // constant over time and across user environments. + AttackVector attack_vector = 4; + AttackComplexity attack_complexity = 5; + Authentication authentication = 6; + PrivilegesRequired privileges_required = 7; + UserInteraction user_interaction = 8; + Scope scope = 9; + Impact confidentiality_impact = 10; + Impact integrity_impact = 11; + Impact availability_impact = 12; + + enum AttackVector { + ATTACK_VECTOR_UNSPECIFIED = 0; + ATTACK_VECTOR_NETWORK = 1; + ATTACK_VECTOR_ADJACENT = 2; + ATTACK_VECTOR_LOCAL = 3; + ATTACK_VECTOR_PHYSICAL = 4; + } + + enum AttackComplexity { + ATTACK_COMPLEXITY_UNSPECIFIED = 0; + ATTACK_COMPLEXITY_LOW = 1; + ATTACK_COMPLEXITY_HIGH = 2; + } + + enum Authentication { + AUTHENTICATION_UNSPECIFIED = 0; + AUTHENTICATION_MULTIPLE = 1; + AUTHENTICATION_SINGLE = 2; + AUTHENTICATION_NONE = 3; + } + + enum PrivilegesRequired { + PRIVILEGES_REQUIRED_UNSPECIFIED = 0; + PRIVILEGES_REQUIRED_NONE = 1; + PRIVILEGES_REQUIRED_LOW = 2; + PRIVILEGES_REQUIRED_HIGH = 3; + } + + enum UserInteraction { + USER_INTERACTION_UNSPECIFIED = 0; + USER_INTERACTION_NONE = 1; + USER_INTERACTION_REQUIRED = 2; + } + + enum Scope { + SCOPE_UNSPECIFIED = 0; + SCOPE_UNCHANGED = 1; + SCOPE_CHANGED = 2; + } + + enum Impact { + IMPACT_UNSPECIFIED = 0; + IMPACT_HIGH = 1; + IMPACT_LOW = 2; + IMPACT_NONE = 3; + } +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto b/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto new file mode 100644 index 0000000..5204004 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto @@ -0,0 +1,66 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// An artifact that can be deployed in some runtime. +message DeploymentNote { + // Required. Resource URI for the artifact being deployed. + repeated string resource_uri = 1; +} + +// The period during which some deployable was active in a runtime. +message DeploymentOccurrence { + // Identity of the user that triggered this deployment. + string user_email = 1; + + // Required. Beginning of the lifetime of this deployment. + google.protobuf.Timestamp deploy_time = 2; + + // End of the lifetime of this deployment. + google.protobuf.Timestamp undeploy_time = 3; + + // Configuration used to create this deployment. + string config = 4; + + // Address of the runtime element hosting this deployment. + string address = 5; + + // Output only. Resource URI for the artifact being deployed taken from + // the deployable field with the same name. + repeated string resource_uri = 6; + + // Types of platforms. + enum Platform { + // Unknown. + PLATFORM_UNSPECIFIED = 0; + // Google Container Engine. + GKE = 1; + // Google App Engine: Flexible Environment. + FLEX = 2; + // Custom user-defined platform. + CUSTOM = 3; + } + // Platform hosting this deployment. + Platform platform = 7; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto b/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto new file mode 100644 index 0000000..13939b2 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto @@ -0,0 +1,88 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/api/field_behavior.proto"; +import "google/protobuf/timestamp.proto"; +import "google/rpc/status.proto"; +import "grafeas/v1/common.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// A note that indicates a type of analysis a provider would perform. This note +// exists in a provider's project. A `Discovery` occurrence is created in a +// consumer's project at the start of analysis. +message DiscoveryNote { + // Required. Immutable. The kind of analysis that is handled by this + // discovery. + grafeas.v1.NoteKind analysis_kind = 1; +} + +// Provides information about the analysis status of a discovered resource. +message DiscoveryOccurrence { + // Whether the resource is continuously analyzed. + enum ContinuousAnalysis { + // Unknown. + CONTINUOUS_ANALYSIS_UNSPECIFIED = 0; + // The resource is continuously analyzed. + ACTIVE = 1; + // The resource is ignored for continuous analysis. + INACTIVE = 2; + } + + // Whether the resource is continuously analyzed. + ContinuousAnalysis continuous_analysis = 1; + + // Analysis status for a resource. Currently for initial analysis only (not + // updated in continuous analysis). + enum AnalysisStatus { + // Unknown. + ANALYSIS_STATUS_UNSPECIFIED = 0; + // Resource is known but no action has been taken yet. + PENDING = 1; + // Resource is being analyzed. + SCANNING = 2; + // Analysis has finished successfully. + FINISHED_SUCCESS = 3; + // Analysis has finished unsuccessfully, the analysis itself is in a bad + // state. + FINISHED_FAILED = 4; + // The resource is known not to be supported + FINISHED_UNSUPPORTED = 5; + } + + // The status of discovery for the resource. + AnalysisStatus analysis_status = 2; + + // When an error is encountered this will contain a LocalizedMessage under + // details to show to the user. The LocalizedMessage is output only and + // populated by the API. + google.rpc.Status analysis_status_error = 3; + + // The CPE of the resource being scanned. + string cpe = 4; + + // The last time this resource was scanned. + google.protobuf.Timestamp last_scan_time = 5; + + // The time occurrences related to this discovery occurrence were archived. + google.protobuf.Timestamp archive_time = 6 + [(google.api.field_behavior) = OUTPUT_ONLY]; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto b/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto new file mode 100644 index 0000000..34ba3df --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto @@ -0,0 +1,52 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/common.proto"; +import "grafeas/v1/intoto_statement.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +message DSSEAttestationNote { + // This submessage provides human-readable hints about the purpose of the + // authority. Because the name of a note acts as its resource reference, it is + // important to disambiguate the canonical name of the Note (which might be a + // UUID for security purposes) from "readable" names more suitable for debug + // output. Note that these hints should not be used to look up authorities in + // security sensitive contexts, such as when looking up attestations to + // verify. + message DSSEHint { + // Required. The human readable name of this attestation authority, for + // example "cloudbuild-prod". + string human_readable_name = 1; + } + // DSSEHint hints at the purpose of the attestation authority. + DSSEHint hint = 1; +} + +// Deprecated. Prefer to use a regular Occurrence, and populate the +// Envelope at the top level of the Occurrence. +message DSSEAttestationOccurrence { + // If doing something security critical, make sure to verify the signatures in + // this metadata. + Envelope envelope = 1; + oneof decoded_payload { + InTotoStatement statement = 2; + } +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto b/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto new file mode 100644 index 0000000..5665fe3 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto @@ -0,0 +1,544 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; +import "grafeas/v1/attestation.proto"; +import "grafeas/v1/build.proto"; +import "grafeas/v1/common.proto"; +import "grafeas/v1/compliance.proto"; +import "grafeas/v1/deployment.proto"; +import "grafeas/v1/discovery.proto"; +import "grafeas/v1/dsse_attestation.proto"; +import "grafeas/v1/image.proto"; +import "grafeas/v1/package.proto"; +import "grafeas/v1/upgrade.proto"; +import "grafeas/v1/vulnerability.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option (google.api.resource_definition) = { + type: "grafeas.io/Project" + pattern: "projects/{project}" +}; + +// [Grafeas](https://grafeas.io) API. +// +// Retrieves analysis results of Cloud components such as Docker container +// images. +// +// Analysis results are stored as a series of occurrences. An `Occurrence` +// contains information about a specific analysis instance on a resource. An +// occurrence refers to a `Note`. A note contains details describing the +// analysis and is generally stored in a separate project, called a `Provider`. +// Multiple occurrences can refer to the same note. +// +// For example, an SSL vulnerability could affect multiple images. In this case, +// there would be one note for the vulnerability and an occurrence for each +// image with the vulnerability referring to that note. +service Grafeas { + option (google.api.default_host) = "containeranalysis.googleapis.com"; + + // Gets the specified occurrence. + rpc GetOccurrence(GetOccurrenceRequest) returns (Occurrence) { + option (google.api.http) = { + get: "/v1/{name=projects/*/occurrences/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Lists occurrences for the specified project. + rpc ListOccurrences(ListOccurrencesRequest) + returns (ListOccurrencesResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*}/occurrences" + }; + option (google.api.method_signature) = "parent,filter"; + } + + // Deletes the specified occurrence. For example, use this method to delete an + // occurrence when the occurrence is no longer applicable for the given + // resource. + rpc DeleteOccurrence(DeleteOccurrenceRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/occurrences/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates a new occurrence. + rpc CreateOccurrence(CreateOccurrenceRequest) returns (Occurrence) { + option (google.api.http) = { + post: "/v1/{parent=projects/*}/occurrences" + body: "occurrence" + }; + option (google.api.method_signature) = "parent,occurrence"; + } + + // Creates new occurrences in batch. + rpc BatchCreateOccurrences(BatchCreateOccurrencesRequest) + returns (BatchCreateOccurrencesResponse) { + option (google.api.http) = { + post: "/v1/{parent=projects/*}/occurrences:batchCreate" + body: "*" + }; + option (google.api.method_signature) = "parent,occurrences"; + } + + // Updates the specified occurrence. + rpc UpdateOccurrence(UpdateOccurrenceRequest) returns (Occurrence) { + option (google.api.http) = { + patch: "/v1/{name=projects/*/occurrences/*}" + body: "occurrence" + }; + option (google.api.method_signature) = "name,occurrence,update_mask"; + } + + // Gets the note attached to the specified occurrence. Consumer projects can + // use this method to get a note that belongs to a provider project. + rpc GetOccurrenceNote(GetOccurrenceNoteRequest) returns (Note) { + option (google.api.http) = { + get: "/v1/{name=projects/*/occurrences/*}/notes" + }; + option (google.api.method_signature) = "name"; + } + + // Gets the specified note. + rpc GetNote(GetNoteRequest) returns (Note) { + option (google.api.http) = { + get: "/v1/{name=projects/*/notes/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Lists notes for the specified project. + rpc ListNotes(ListNotesRequest) returns (ListNotesResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*}/notes" + }; + option (google.api.method_signature) = "parent,filter"; + } + + // Deletes the specified note. + rpc DeleteNote(DeleteNoteRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/notes/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates a new note. + rpc CreateNote(CreateNoteRequest) returns (Note) { + option (google.api.http) = { + post: "/v1/{parent=projects/*}/notes" + body: "note" + }; + option (google.api.method_signature) = "parent,note_id,note"; + } + + // Creates new notes in batch. + rpc BatchCreateNotes(BatchCreateNotesRequest) + returns (BatchCreateNotesResponse) { + option (google.api.http) = { + post: "/v1/{parent=projects/*}/notes:batchCreate" + body: "*" + }; + option (google.api.method_signature) = "parent,notes"; + } + + // Updates the specified note. + rpc UpdateNote(UpdateNoteRequest) returns (Note) { + option (google.api.http) = { + patch: "/v1/{name=projects/*/notes/*}" + body: "note" + }; + option (google.api.method_signature) = "name,note,update_mask"; + } + + // Lists occurrences referencing the specified note. Provider projects can use + // this method to get all occurrences across consumer projects referencing the + // specified note. + rpc ListNoteOccurrences(ListNoteOccurrencesRequest) + returns (ListNoteOccurrencesResponse) { + option (google.api.http) = { + get: "/v1/{name=projects/*/notes/*}/occurrences" + }; + option (google.api.method_signature) = "name,filter"; + } +} + +// An instance of an analysis type that has been found on a resource. +message Occurrence { + option (google.api.resource) = { + type: "grafeas.io/Occurrence" + pattern: "projects/{project}/occurrences/{occurrence}" + }; + + // Output only. The name of the occurrence in the form of + // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + string name = 1; + + // Required. Immutable. A URI that represents the resource for which the + // occurrence applies. For example, + // `https://gcr.io/project/image@sha256:123abc` for a Docker image. + string resource_uri = 2; + + // Required. Immutable. The analysis note associated with this occurrence, in + // the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. This field can be + // used as a filter in list requests. + string note_name = 3; + + // Output only. This explicitly denotes which of the occurrence details are + // specified. This field can be used as a filter in list requests. + grafeas.v1.NoteKind kind = 4; + + // A description of actions that can be taken to remedy the note. + string remediation = 5; + + // Output only. The time this occurrence was created. + google.protobuf.Timestamp create_time = 6; + + // Output only. The time this occurrence was last updated. + google.protobuf.Timestamp update_time = 7; + + // Required. Immutable. Describes the details of the note kind found on this + // resource. + oneof details { + // Describes a security vulnerability. + grafeas.v1.VulnerabilityOccurrence vulnerability = 8; + // Describes a verifiable build. + grafeas.v1.BuildOccurrence build = 9; + // Describes how this resource derives from the basis in the associated + // note. + grafeas.v1.ImageOccurrence image = 10; + // Describes the installation of a package on the linked resource. + grafeas.v1.PackageOccurrence package = 11; + // Describes the deployment of an artifact on a runtime. + grafeas.v1.DeploymentOccurrence deployment = 12; + // Describes when a resource was discovered. + grafeas.v1.DiscoveryOccurrence discovery = 13; + // Describes an attestation of an artifact. + grafeas.v1.AttestationOccurrence attestation = 14; + // Describes an available package upgrade on the linked resource. + grafeas.v1.UpgradeOccurrence upgrade = 15; + // Describes a compliance violation on a linked resource. + grafeas.v1.ComplianceOccurrence compliance = 16; + // Describes an attestation of an artifact using dsse. + grafeas.v1.DSSEAttestationOccurrence dsse_attestation = 17; + } + + // https://github.com/secure-systems-lab/dsse + grafeas.v1.Envelope envelope = 18; +} + +// A type of analysis that can be done for a resource. +message Note { + option (google.api.resource) = { + type: "grafeas.io/Note" + pattern: "projects/{project}/notes/{note}" + }; + + // Output only. The name of the note in the form of + // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + string name = 1; + + // A one sentence description of this note. + string short_description = 2; + + // A detailed description of this note. + string long_description = 3; + + // Output only. The type of analysis. This field can be used as a filter in + // list requests. + grafeas.v1.NoteKind kind = 4; + + // URLs associated with this note. + repeated grafeas.v1.RelatedUrl related_url = 5; + + // Time of expiration for this note. Empty if note does not expire. + google.protobuf.Timestamp expiration_time = 6; + + // Output only. The time this note was created. This field can be used as a + // filter in list requests. + google.protobuf.Timestamp create_time = 7; + + // Output only. The time this note was last updated. This field can be used as + // a filter in list requests. + google.protobuf.Timestamp update_time = 8; + + // Other notes related to this note. + repeated string related_note_names = 9; + + // Required. Immutable. The type of analysis this note represents. + oneof type { + // A note describing a package vulnerability. + grafeas.v1.VulnerabilityNote vulnerability = 10; + // A note describing build provenance for a verifiable build. + grafeas.v1.BuildNote build = 11; + // A note describing a base image. + grafeas.v1.ImageNote image = 12; + // A note describing a package hosted by various package managers. + grafeas.v1.PackageNote package = 13; + // A note describing something that can be deployed. + grafeas.v1.DeploymentNote deployment = 14; + // A note describing the initial analysis of a resource. + grafeas.v1.DiscoveryNote discovery = 15; + // A note describing an attestation role. + grafeas.v1.AttestationNote attestation = 16; + // A note describing available package upgrades. + grafeas.v1.UpgradeNote upgrade = 17; + // A note describing a compliance check. + grafeas.v1.ComplianceNote compliance = 18; + // A note describing a dsse attestation note. + grafeas.v1.DSSEAttestationNote dsse_attestation = 19; + } +} + +// Request to get an occurrence. +message GetOccurrenceRequest { + // The name of the occurrence in the form of + // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Occurrence" + ]; +} + +// Request to list occurrences. +message ListOccurrencesRequest { + // The name of the project to list occurrences for in the form of + // `projects/[PROJECT_ID]`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + + // The filter expression. + string filter = 2; + + // Number of occurrences to return in the list. Must be positive. Max allowed + // page size is 1000. If not specified, page size defaults to 20. + int32 page_size = 3; + + // Token to provide to skip to a particular spot in the list. + string page_token = 4; +} + +// Response for listing occurrences. +message ListOccurrencesResponse { + // The occurrences requested. + repeated Occurrence occurrences = 1; + // The next pagination token in the list response. It should be used as + // `page_token` for the following request. An empty value means no more + // results. + string next_page_token = 2; +} + +// Request to delete an occurrence. +message DeleteOccurrenceRequest { + // The name of the occurrence in the form of + // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Occurrence" + ]; +} + +// Request to create a new occurrence. +message CreateOccurrenceRequest { + // The name of the project in the form of `projects/[PROJECT_ID]`, under which + // the occurrence is to be created. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + // The occurrence to create. + Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request to update an occurrence. +message UpdateOccurrenceRequest { + // The name of the occurrence in the form of + // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Occurrence" + ]; + // The updated occurrence. + Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED]; + // The fields to update. + google.protobuf.FieldMask update_mask = 3; +} + +// Request to get a note. +message GetNoteRequest { + // The name of the note in the form of + // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Note" + ]; +} + +// Request to get the note to which the specified occurrence is attached. +message GetOccurrenceNoteRequest { + // The name of the occurrence in the form of + // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Occurrence" + ]; +} + +// Request to list notes. +message ListNotesRequest { + // The name of the project to list notes for in the form of + // `projects/[PROJECT_ID]`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + + // The filter expression. + string filter = 2; + + // Number of notes to return in the list. Must be positive. Max allowed page + // size is 1000. If not specified, page size defaults to 20. + int32 page_size = 3; + + // Token to provide to skip to a particular spot in the list. + string page_token = 4; +} + +// Response for listing notes. +message ListNotesResponse { + // The notes requested. + repeated Note notes = 1; + // The next pagination token in the list response. It should be used as + // `page_token` for the following request. An empty value means no more + // results. + string next_page_token = 2; +} + +// Request to delete a note. +message DeleteNoteRequest { + // The name of the note in the form of + // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Note" + ]; +} + +// Request to create a new note. +message CreateNoteRequest { + // The name of the project in the form of `projects/[PROJECT_ID]`, under which + // the note is to be created. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + // The ID to use for this note. + string note_id = 2 [(google.api.field_behavior) = REQUIRED]; + // The note to create. + Note note = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request to update a note. +message UpdateNoteRequest { + // The name of the note in the form of + // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Note" + ]; + // The updated note. + Note note = 2 [(google.api.field_behavior) = REQUIRED]; + // The fields to update. + google.protobuf.FieldMask update_mask = 3; +} + +// Request to list occurrences for a note. +message ListNoteOccurrencesRequest { + // The name of the note to list occurrences for in the form of + // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Note" + ]; + // The filter expression. + string filter = 2; + // Number of occurrences to return in the list. + int32 page_size = 3; + // Token to provide to skip to a particular spot in the list. + string page_token = 4; +} + +// Response for listing occurrences for a note. +message ListNoteOccurrencesResponse { + // The occurrences attached to the specified note. + repeated Occurrence occurrences = 1; + // Token to provide to skip to a particular spot in the list. + string next_page_token = 2; +} + +// Request to create notes in batch. +message BatchCreateNotesRequest { + // The name of the project in the form of `projects/[PROJECT_ID]`, under which + // the notes are to be created. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + + // The notes to create. Max allowed length is 1000. + map notes = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Response for creating notes in batch. +message BatchCreateNotesResponse { + // The notes that were created. + repeated Note notes = 1; +} + +// Request to create occurrences in batch. +message BatchCreateOccurrencesRequest { + // The name of the project in the form of `projects/[PROJECT_ID]`, under which + // the occurrences are to be created. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "grafeas.io/Project" + ]; + + // The occurrences to create. Max allowed length is 1000. + repeated Occurrence occurrences = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Response for creating occurrences in batch. +message BatchCreateOccurrencesResponse { + // The occurrences that were created. + repeated Occurrence occurrences = 1; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/image.proto b/owl-bot-staging/v1/protos/grafeas/v1/image.proto new file mode 100644 index 0000000..9ac162c --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/image.proto @@ -0,0 +1,83 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Layer holds metadata specific to a layer of a Docker image. +message Layer { + // Required. The recovered Dockerfile directive used to construct this layer. + // See https://docs.docker.com/engine/reference/builder/ for more information. + string directive = 1; + + // The recovered arguments to the Dockerfile directive. + string arguments = 2; +} + +// A set of properties that uniquely identify a given Docker image. +message Fingerprint { + // Required. The layer ID of the final layer in the Docker image's v1 + // representation. + string v1_name = 1; + + // Required. The ordered list of v2 blobs that represent a given image. + repeated string v2_blob = 2; + + // Output only. The name of the image's v2 blobs computed via: + // [bottom] := v2_blob[bottom] + // [N] := sha256(v2_blob[N] + " " + v2_name[N+1]) + // Only the name of the final blob is kept. + string v2_name = 3; +} + +// Basis describes the base image portion (Note) of the DockerImage +// relationship. Linked occurrences are derived from this or an equivalent image +// via: +// FROM +// Or an equivalent reference, e.g., a tag of the resource_url. +message ImageNote { + // Required. Immutable. The resource_url for the resource representing the + // basis of associated occurrence images. + string resource_url = 1; + + // Required. Immutable. The fingerprint of the base image. + Fingerprint fingerprint = 2; +} + +// Details of the derived image portion of the DockerImage relationship. This +// image would be produced from a Dockerfile with FROM . +message ImageOccurrence { + // Required. The fingerprint of the derived image. + Fingerprint fingerprint = 1; + + // Output only. The number of layers by which this image differs from the + // associated image basis. + int32 distance = 2; + + // This contains layer-specific metadata, if populated it has length + // "distance" and is ordered with [distance] being the layer immediately + // following the base image and [1] being the final layer. + repeated Layer layer_info = 3; + + // Output only. This contains the base image URL for the derived image + // occurrence. + string base_resource_url = 4; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto new file mode 100644 index 0000000..78886b6 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto @@ -0,0 +1,113 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option java_outer_classname = "InTotoProvenanceProto"; + +// Spec defined at +// https://github.com/in-toto/attestation/blob/main/spec/predicates/provenance.md + +// Steps taken to build the artifact. +// For a TaskRun, typically each container corresponds to one step in the +// recipe. +message Recipe { + // URI indicating what type of recipe was performed. It determines the meaning + // of recipe.entryPoint, recipe.arguments, recipe.environment, and materials. + string type = 1; + // Index in materials containing the recipe steps that are not implied by + // recipe.type. For example, if the recipe type were "make", then this would + // point to the source containing the Makefile, not the make program itself. + // Set to -1 if the recipe doesn't come from a material, as zero is default + // unset value for int64. + int64 defined_in_material = 2; + // String identifying the entry point into the build. + // This is often a path to a configuration file and/or a target label within + // that file. The syntax and meaning are defined by recipe.type. For example, + // if the recipe type were "make", then this would reference the directory in + // which to run make as well as which target to use. + string entry_point = 3; + // Collection of all external inputs that influenced the build on top of + // recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe + // type were "make", then this might be the flags passed to make aside from + // the target, which is captured in recipe.entryPoint. Since the arguments + // field can greatly vary in structure, depending on the builder and recipe + // type, this is of form "Any". + repeated google.protobuf.Any arguments = 4; + // Any other builder-controlled inputs necessary for correctly evaluating the + // recipe. Usually only needed for reproducing the build but not evaluated as + // part of policy. Since the environment field can greatly vary in structure, + // depending on the builder and recipe type, this is of form "Any". + repeated google.protobuf.Any environment = 5; +} + +// Indicates that the builder claims certain fields in this message to be +// complete. +message Completeness { + // If true, the builder claims that recipe.arguments is complete, meaning that + // all external inputs are properly captured in the recipe. + bool arguments = 1; + // If true, the builder claims that recipe.environment is claimed to be + // complete. + bool environment = 2; + // If true, the builder claims that materials are complete, usually through + // some controls to prevent network access. Sometimes called "hermetic". + bool materials = 3; +} + +// Other properties of the build. +message Metadata { + // Identifies the particular build invocation, which can be useful for finding + // associated logs or other ad-hoc analysis. The value SHOULD be globally + // unique, per in-toto Provenance spec. + string build_invocation_id = 1; + // The timestamp of when the build started. + google.protobuf.Timestamp build_started_on = 2; + // The timestamp of when the build completed. + google.protobuf.Timestamp build_finished_on = 3; + // Indicates that the builder claims certain fields in this message to be + // complete. + Completeness completeness = 4; + // If true, the builder claims that running the recipe on materials will + // produce bit-for-bit identical output. + bool reproducible = 5; +} + +message BuilderConfig { + string id = 1; +} + +message InTotoProvenance { + BuilderConfig builder_config = 1; // required + // Identifies the configuration used for the build. + // When combined with materials, this SHOULD fully describe the build, + // such that re-running this recipe results in bit-for-bit identical output + // (if the build is reproducible). + Recipe recipe = 2; // required + Metadata metadata = 3; + // The collection of artifacts that influenced the build including sources, + // dependencies, build tools, base images, and so on. This is considered to be + // incomplete unless metadata.completeness.materials is true. Unset or null is + // equivalent to empty. + repeated string materials = 4; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto b/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto new file mode 100644 index 0000000..1f798d0 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto @@ -0,0 +1,52 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/intoto_provenance.proto"; +import "grafeas/v1/slsa_provenance.proto"; +import "grafeas/v1/slsa_provenance_zero_two.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option java_outer_classname = "InTotoStatementProto"; + +// Spec defined at +// https://github.com/in-toto/attestation/tree/main/spec#statement The +// serialized InTotoStatement will be stored as Envelope.payload. +// Envelope.payloadType is always "application/vnd.in-toto+json". +message InTotoStatement { + // Always `https://in-toto.io/Statement/v0.1`. + string type = 1 [json_name = "_type"]; + repeated Subject subject = 2; + // `https://slsa.dev/provenance/v0.1` for SlsaProvenance. + string predicate_type = 3; + oneof predicate { + InTotoProvenance provenance = 4; + SlsaProvenance slsa_provenance = 5; + SlsaProvenanceZeroTwo slsa_provenance_zero_two = 6; + } +} +message Subject { + string name = 1; + // `"": ""` + // Algorithms can be e.g. sha256, sha512 + // See + // https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet + map digest = 2; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/package.proto b/owl-bot-staging/v1/protos/grafeas/v1/package.proto new file mode 100644 index 0000000..61b21db --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/package.proto @@ -0,0 +1,192 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/api/field_behavior.proto"; +import "grafeas/v1/common.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Instruction set architectures supported by various package managers. +enum Architecture { + // Unknown architecture. + ARCHITECTURE_UNSPECIFIED = 0; + // X86 architecture. + X86 = 1; + // X64 architecture. + X64 = 2; +} + +// This represents a particular channel of distribution for a given package. +// E.g., Debian's jessie-backports dpkg mirror. +message Distribution { + // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) + // denoting the package manager version distributing a package. + string cpe_uri = 1 [(google.api.field_behavior) = REQUIRED]; + + // The CPU architecture for which packages in this distribution channel were + // built. + Architecture architecture = 2; + + // The latest available version of this package in this distribution channel. + Version latest_version = 3; + + // A freeform string denoting the maintainer of this package. + string maintainer = 4; + + // The distribution channel-specific homepage for this package. + string url = 5; + + // The distribution channel-specific description of this package. + string description = 6; +} + +// An occurrence of a particular package installation found within a system's +// filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. +message Location { + // Deprecated. + // The CPE URI in [CPE format](https://cpe.mitre.org/specification/) + string cpe_uri = 1; + + // Deprecated. + // The version installed at this location. + Version version = 2; + + // The path from which we gathered that this package/version is installed. + string path = 3; +} + +// PackageNote represents a particular package version. +message PackageNote { + // The name of the package. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = IMMUTABLE + ]; + + // Deprecated. + // The various channels by which a package is distributed. + repeated Distribution distribution = 10; + + // The type of package; whether native or non native (e.g., ruby gems, + // node.js packages, etc.). + string package_type = 11; + + // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) + // denoting the package manager version distributing a package. + // The cpe_uri will be blank for language packages. + string cpe_uri = 12; + + // The CPU architecture for which packages in this distribution channel were + // built. Architecture will be blank for language packages. + Architecture architecture = 13; + + // The version of the package. + Version version = 14; + + // A freeform text denoting the maintainer of this package. + string maintainer = 15; + + // The homepage for this package. + string url = 16; + + // The description of this package. + string description = 17; + + // Licenses that have been declared by the authors of the package. + License license = 18; + + // Hash value, typically a file digest, that allows unique + // identification a specific package. + repeated Digest digest = 19; +} + +// Details on how a particular software package was installed on a system. +message PackageOccurrence { + // The name of the installed package. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = OUTPUT_ONLY + ]; + + // All of the places within the filesystem versions of this package + // have been found. + repeated Location location = 2; + + // The type of package; whether native or non native (e.g., ruby gems, + // node.js packages, etc.). + string package_type = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) + // denoting the package manager version distributing a package. + // The cpe_uri will be blank for language packages. + string cpe_uri = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The CPU architecture for which packages in this distribution channel were + // built. Architecture will be blank for language packages. + Architecture architecture = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Licenses that have been declared by the authors of the package. + License license = 6; + + // The version of the package. + Version version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// Version contains structured information about the version of a package. +message Version { + // Used to correct mistakes in the version numbering scheme. + int32 epoch = 1; + + // Required only when version kind is NORMAL. The main part of the version + // name. + string name = 2; + + // The iteration of the package build from the above version. + string revision = 3; + + // Whether this version is specifying part of an inclusive range. Grafeas + // does not have the capability to specify version ranges; instead we have + // fields that specify start version and end versions. At times this is + // insufficient - we also need to specify whether the version is included in + // the range or is excluded from the range. This boolean is expected to be set + // to true when the version is included in a range. + bool inclusive = 6; + + // Whether this is an ordinary package version or a sentinel MIN/MAX version. + enum VersionKind { + // Unknown. + VERSION_KIND_UNSPECIFIED = 0; + // A standard package version. + NORMAL = 1; + // A special version representing negative infinity. + MINIMUM = 2; + // A special version representing positive infinity. + MAXIMUM = 3; + } + + // Required. Distinguishes between sentinel MIN/MAX versions and normal + // versions. + VersionKind kind = 4; + + // Human readable version string. This string is of the form + // :- and is only set when kind is NORMAL. + string full_name = 5; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto new file mode 100644 index 0000000..06b1097 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto @@ -0,0 +1,265 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Provenance of a build. Contains all information needed to verify the full +// details about the build from source to completion. +message BuildProvenance { + // Required. Unique identifier of the build. + string id = 1; + + // ID of the project. + string project_id = 2; + + // Commands requested by the build. + repeated Command commands = 3; + + // Output of the build. + repeated Artifact built_artifacts = 4; + + // Time at which the build was created. + google.protobuf.Timestamp create_time = 5; + + // Time at which execution of the build was started. + google.protobuf.Timestamp start_time = 6; + + // Time at which execution of the build was finished. + google.protobuf.Timestamp end_time = 7; + + // E-mail address of the user who initiated this build. Note that this was the + // user's e-mail address at the time the build was initiated; this address may + // not represent the same end-user for all time. + string creator = 8; + + // URI where any logs for this provenance were written. + string logs_uri = 9; + + // Details of the Source input to the build. + Source source_provenance = 10; + + // Trigger identifier if the build was triggered automatically; empty if not. + string trigger_id = 11; + + // Special options applied to this build. This is a catch-all field where + // build providers can enter any desired additional details. + map build_options = 12; + + // Version string of the builder at the time this build was executed. + string builder_version = 13; +} + +// Source describes the location of the source used for the build. +message Source { + // If provided, the input binary artifacts for the build came from this + // location. + string artifact_storage_source_uri = 1; + + // Hash(es) of the build source, which can be used to verify that the original + // source integrity was maintained in the build. + // + // The keys to this map are file paths used as build source and the values + // contain the hash values for those files. + // + // If the build source came in a single package such as a gzipped tarfile + // (.tar.gz), the FileHash will be for the single path to that file. + map file_hashes = 2; + + // If provided, the source code used for the build came from this location. + SourceContext context = 3; + + // If provided, some of the source code used for the build may be found in + // these locations, in the case where the source repository had multiple + // remotes or submodules. This list will not include the context specified in + // the context field. + repeated SourceContext additional_contexts = 4; +} + +// Container message for hashes of byte content of files, used in source +// messages to verify integrity of source input to the build. +message FileHashes { + // Required. Collection of file hashes. + repeated Hash file_hash = 1; +} + +// Container message for hash values. +message Hash { + // Required. The type of hash that was performed, e.g. "SHA-256". + string type = 1; + // Required. The hash value. + bytes value = 2; +} + +// Command describes a step performed as part of the build pipeline. +message Command { + // Required. Name of the command, as presented on the command line, or if the + // command is packaged as a Docker container, as presented to `docker pull`. + string name = 1; + + // Environment variables set before running this command. + repeated string env = 2; + + // Command-line arguments used when executing this command. + repeated string args = 3; + + // Working directory (relative to project source root) used when running this + // command. + string dir = 4; + + // Optional unique identifier for this command, used in wait_for to reference + // this command as a dependency. + string id = 5; + + // The ID(s) of the command(s) that this command depends on. + repeated string wait_for = 6; +} + +// Artifact describes a build product. +message Artifact { + // Hash or checksum value of a binary, or Docker Registry 2.0 digest of a + // container. + string checksum = 1; + + // Artifact ID, if any; for container images, this will be a URL by digest + // like `gcr.io/projectID/imagename@sha256:123456`. + string id = 2; + + // Related artifact names. This may be the path to a binary or jar file, or in + // the case of a container build, the name used to push the container image to + // Google Container Registry, as presented to `docker push`. Note that a + // single Artifact ID can have multiple names, for example if two tags are + // applied to one image. + repeated string names = 3; +} + +// A SourceContext is a reference to a tree of files. A SourceContext together +// with a path point to a unique revision of a single file or directory. +message SourceContext { + // A SourceContext can refer any one of the following types of repositories. + oneof context { + // A SourceContext referring to a revision in a Google Cloud Source Repo. + CloudRepoSourceContext cloud_repo = 1; + + // A SourceContext referring to a Gerrit project. + GerritSourceContext gerrit = 2; + + // A SourceContext referring to any third party Git repo (e.g., GitHub). + GitSourceContext git = 3; + } + + // Labels with user defined metadata. + map labels = 4; +} + +// An alias to a repo revision. +message AliasContext { + // The type of an alias. + enum Kind { + // Unknown. + KIND_UNSPECIFIED = 0; + // Git tag. + FIXED = 1; + // Git branch. + MOVABLE = 2; + // Used to specify non-standard aliases. For example, if a Git repo has a + // ref named "refs/foo/bar". + OTHER = 4; + } + + // The alias kind. + Kind kind = 1; + + // The alias name. + string name = 2; +} + +// A CloudRepoSourceContext denotes a particular revision in a Google Cloud +// Source Repo. +message CloudRepoSourceContext { + // The ID of the repo. + RepoId repo_id = 1; + + // A revision in a Cloud Repo can be identified by either its revision ID or + // its alias. + oneof revision { + // A revision ID. + string revision_id = 2; + + // An alias, which may be a branch or tag. + AliasContext alias_context = 3; + } +} + +// A SourceContext referring to a Gerrit project. +message GerritSourceContext { + // The URI of a running Gerrit instance. + string host_uri = 1; + + // The full project name within the host. Projects may be nested, so + // "project/subproject" is a valid project name. The "repo name" is the + // hostURI/project. + string gerrit_project = 2; + + // A revision in a Gerrit project can be identified by either its revision ID + // or its alias. + oneof revision { + // A revision (commit) ID. + string revision_id = 3; + + // An alias, which may be a branch or tag. + AliasContext alias_context = 4; + } +} + +// A GitSourceContext denotes a particular revision in a third party Git +// repository (e.g., GitHub). +message GitSourceContext { + // Git repository URL. + string url = 1; + + // Git commit hash. + string revision_id = 2; +} + +// A unique identifier for a Cloud Repo. +message RepoId { + // A cloud repo can be identified by either its project ID and repository name + // combination, or its globally unique identifier. + oneof id { + // A combination of a project ID and a repo name. + ProjectRepoId project_repo_id = 1; + + // A server-assigned, globally unique identifier. + string uid = 2; + } +} + +// Selects a repo using a Google Cloud Platform project ID (e.g., +// winged-cargo-31) and a repo name within that project. +message ProjectRepoId { + // The ID of the project. + string project_id = 1; + + // The name of the repo. Leave empty for the default repo. + string repo_name = 2; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/severity.proto b/owl-bot-staging/v1/protos/grafeas/v1/severity.proto new file mode 100644 index 0000000..cc9cc38 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/severity.proto @@ -0,0 +1,38 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// Note provider assigned severity/impact ranking. +enum Severity { + // Unknown. + SEVERITY_UNSPECIFIED = 0; + // Minimal severity. + MINIMAL = 1; + // Low severity. + LOW = 2; + // Medium severity. + MEDIUM = 3; + // High severity. + HIGH = 4; + // Critical severity. + CRITICAL = 5; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto new file mode 100644 index 0000000..c038af0 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto @@ -0,0 +1,115 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option java_outer_classname = "SlsaProvenanceProto"; + +message SlsaProvenance { + // Steps taken to build the artifact. + // For a TaskRun, typically each container corresponds to one step in the + // recipe. + message SlsaRecipe { + // URI indicating what type of recipe was performed. It determines the + // meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and + // materials. + string type = 1; + // Index in materials containing the recipe steps that are not implied by + // recipe.type. For example, if the recipe type were "make", then this would + // point to the source containing the Makefile, not the make program itself. + // Set to -1 if the recipe doesn't come from a material, as zero is default + // unset value for int64. + int64 defined_in_material = 2; + // String identifying the entry point into the build. + // This is often a path to a configuration file and/or a target label within + // that file. The syntax and meaning are defined by recipe.type. For + // example, if the recipe type were "make", then this would reference the + // directory in which to run make as well as which target to use. + string entry_point = 3; + // Collection of all external inputs that influenced the build on top of + // recipe.definedInMaterial and recipe.entryPoint. For example, if the + // recipe type were "make", then this might be the flags passed to make + // aside from the target, which is captured in recipe.entryPoint. Depending + // on the recipe Type, the structure may be different. + google.protobuf.Any arguments = 4; + // Any other builder-controlled inputs necessary for correctly evaluating + // the recipe. Usually only needed for reproducing the build but not + // evaluated as part of policy. Depending on the recipe Type, the structure + // may be different. + google.protobuf.Any environment = 5; + } + + // Indicates that the builder claims certain fields in this message to be + // complete. + message SlsaCompleteness { + // If true, the builder claims that recipe.arguments is complete, meaning + // that all external inputs are properly captured in the recipe. + bool arguments = 1; + // If true, the builder claims that recipe.environment is claimed to be + // complete. + bool environment = 2; + // If true, the builder claims that materials are complete, usually through + // some controls to prevent network access. Sometimes called "hermetic". + bool materials = 3; + } + + // Other properties of the build. + message SlsaMetadata { + // Identifies the particular build invocation, which can be useful for + // finding associated logs or other ad-hoc analysis. The value SHOULD be + // globally unique, per in-toto Provenance spec. + string build_invocation_id = 1; + // The timestamp of when the build started. + google.protobuf.Timestamp build_started_on = 2; + // The timestamp of when the build completed. + google.protobuf.Timestamp build_finished_on = 3; + // Indicates that the builder claims certain fields in this message to be + // complete. + SlsaCompleteness completeness = 4; + // If true, the builder claims that running the recipe on materials will + // produce bit-for-bit identical output. + bool reproducible = 5; + } + + message SlsaBuilder { + string id = 1; + } + + message Material { + string uri = 1; + map digest = 2; + } + + SlsaBuilder builder = 1; // required + // Identifies the configuration used for the build. + // When combined with materials, this SHOULD fully describe the build, + // such that re-running this recipe results in bit-for-bit identical output + // (if the build is reproducible). + SlsaRecipe recipe = 2; // required + SlsaMetadata metadata = 3; + // The collection of artifacts that influenced the build including sources, + // dependencies, build tools, base images, and so on. This is considered to be + // incomplete unless metadata.completeness.materials is true. Unset or null is + // equivalent to empty. + repeated Material materials = 4; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto new file mode 100644 index 0000000..11cdd1c --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto @@ -0,0 +1,82 @@ +// Copyright 2021 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; +option java_outer_classname = "SlsaProvenanceZeroTwoProto"; + +message SlsaProvenanceZeroTwo { + // See full explanation of fields at slsa.dev/provenance/v0.2. + + // Identifies the entity that executed the recipe, which is trusted to have + // correctly performed the operation and populated this provenance. + message SlsaBuilder { + string id = 1; + } + + // The collection of artifacts that influenced the build including sources, + // dependencies, build tools, base images, and so on. + message SlsaMaterial { + string uri = 1; + map digest = 2; + } + + // Identifies the event that kicked off the build. + message SlsaInvocation { + SlsaConfigSource config_source = 1; + google.protobuf.Struct parameters = 2; + google.protobuf.Struct environment = 3; + } + + // Describes where the config file that kicked off the build came from. + // This is effectively a pointer to the source where buildConfig came from. + message SlsaConfigSource { + string uri = 1; + map digest = 2; + string entry_point = 3; + } + + // Other properties of the build. + message SlsaMetadata { + string build_invocation_id = 1; + google.protobuf.Timestamp build_started_on = 2; + google.protobuf.Timestamp build_finished_on = 3; + SlsaCompleteness completeness = 4; + bool reproducible = 5; + } + + // Indicates that the builder claims certain fields in this message to be + // complete. + message SlsaCompleteness { + bool parameters = 1; + bool environment = 2; + bool materials = 3; + } + + SlsaBuilder builder = 1; + string build_type = 2; + SlsaInvocation invocation = 3; + google.protobuf.Struct build_config = 4; + SlsaMetadata metadata = 5; + repeated SlsaMaterial materials = 6; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto b/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto new file mode 100644 index 0000000..89d3892 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto @@ -0,0 +1,114 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/protobuf/timestamp.proto"; +import "grafeas/v1/package.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// An Upgrade Note represents a potential upgrade of a package to a given +// version. For each package version combination (i.e. bash 4.0, bash 4.1, +// bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field +// represents the information related to the update. +message UpgradeNote { + // Required for non-Windows OS. The package this Upgrade is for. + string package = 1; + // Required for non-Windows OS. The version of the package in machine + human + // readable form. + grafeas.v1.Version version = 2; + // Metadata about the upgrade for each specific operating system. + repeated UpgradeDistribution distributions = 3; + // Required for Windows OS. Represents the metadata about the Windows update. + WindowsUpdate windows_update = 4; +} + +// The Upgrade Distribution represents metadata about the Upgrade for each +// operating system (CPE). Some distributions have additional metadata around +// updates, classifying them into various categories and severities. +message UpgradeDistribution { + // Required - The specific operating system this metadata applies to. See + // https://cpe.mitre.org/specification/. + string cpe_uri = 1; + // The operating system classification of this Upgrade, as specified by the + // upstream operating system upgrade feed. For Windows the classification is + // one of the category_ids listed at + // https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) + string classification = 2; + // The severity as specified by the upstream operating system. + string severity = 3; + // The cve tied to this Upgrade. + repeated string cve = 4; +} + +// Windows Update represents the metadata about the update for the Windows +// operating system. The fields in this message come from the Windows Update API +// documented at +// https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. +message WindowsUpdate { + // The unique identifier of the update. + message Identity { + // The revision independent identifier of the update. + string update_id = 1; + // The revision number of the update. + int32 revision = 2; + } + // Required - The unique identifier for the update. + Identity identity = 1; + // The localized title of the update. + string title = 2; + // The localized description of the update. + string description = 3; + // The category to which the update belongs. + message Category { + // The identifier of the category. + string category_id = 1; + // The localized name of the category. + string name = 2; + } + // The list of categories to which the update belongs. + repeated Category categories = 4; + // The Microsoft Knowledge Base article IDs that are associated with the + // update. + repeated string kb_article_ids = 5; + // The hyperlink to the support information for the update. + string support_url = 6; + // The last published timestamp of the update. + google.protobuf.Timestamp last_published_timestamp = 7; +} + +// An Upgrade Occurrence represents that a specific resource_url could install a +// specific upgrade. This presence is supplied via local sources (i.e. it is +// present in the mirror and the running system has noticed its availability). +// For Windows, both distribution and windows_update contain information for the +// Windows update. +message UpgradeOccurrence { + // Required for non-Windows OS. The package this Upgrade is for. + string package = 1; + // Required for non-Windows OS. The version of the package in a machine + + // human readable form. + grafeas.v1.Version parsed_version = 3; + // Metadata about the upgrade for available for the specific operating system + // for the resource_url. This allows efficient filtering, as well as + // making it easier to use the occurrence. + UpgradeDistribution distribution = 4; + // Required for Windows OS. Represents the metadata about the Windows update. + WindowsUpdate windows_update = 5; +} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto b/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto new file mode 100644 index 0000000..70ab550 --- /dev/null +++ b/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto @@ -0,0 +1,241 @@ +// Copyright 2019 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "google/api/field_behavior.proto"; +import "google/protobuf/timestamp.proto"; +import "grafeas/v1/common.proto"; +import "grafeas/v1/cvss.proto"; +import "grafeas/v1/package.proto"; +import "grafeas/v1/severity.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// A security vulnerability that can be found in resources. +message VulnerabilityNote { + // The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 + // where 0 indicates low severity and 10 indicates high severity. + float cvss_score = 1; + + // The note provider assigned severity of this vulnerability. + grafeas.v1.Severity severity = 2; + + // Details of all known distros and packages affected by this vulnerability. + repeated Detail details = 3; + + // A detail for a distro and package affected by this vulnerability and its + // associated fix (if one is available). + message Detail { + // The distro assigned severity of this vulnerability. + string severity_name = 1; + + // A vendor-specific description of this vulnerability. + string description = 2; + + // The type of package; whether native or non native (e.g., ruby gems, + // node.js packages, etc.). + string package_type = 3; + + // Required. The [CPE URI](https://cpe.mitre.org/specification/) this + // vulnerability affects. + string affected_cpe_uri = 4; + + // Required. The package this vulnerability affects. + string affected_package = 5; + + // The version number at the start of an interval in which this + // vulnerability exists. A vulnerability can affect a package between + // version numbers that are disjoint sets of intervals (example: + // [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be + // represented in its own Detail. If a specific affected version is provided + // by a vulnerability database, affected_version_start and + // affected_version_end will be the same in that Detail. + grafeas.v1.Version affected_version_start = 6; + + // The version number at the end of an interval in which this vulnerability + // exists. A vulnerability can affect a package between version numbers + // that are disjoint sets of intervals (example: [1.0.0-1.1.0], + // [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its + // own Detail. If a specific affected version is provided by a vulnerability + // database, affected_version_start and affected_version_end will be the + // same in that Detail. + grafeas.v1.Version affected_version_end = 7; + + // The distro recommended [CPE URI](https://cpe.mitre.org/specification/) + // to update to that contains a fix for this vulnerability. It is possible + // for this to be different from the affected_cpe_uri. + string fixed_cpe_uri = 8; + + // The distro recommended package to update to that contains a fix for this + // vulnerability. It is possible for this to be different from the + // affected_package. + string fixed_package = 9; + + // The distro recommended version to update to that contains a + // fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no + // such version is yet available. + grafeas.v1.Version fixed_version = 10; + + // Whether this detail is obsolete. Occurrences are expected not to point to + // obsolete details. + bool is_obsolete = 11; + + // The time this information was last changed at the source. This is an + // upstream timestamp from the underlying information source - e.g. Ubuntu + // security tracker. + google.protobuf.Timestamp source_update_time = 12; + + // The source from which the information in this Detail was obtained. + string source = 13; + + // The name of the vendor of the product. + string vendor = 14; + } + + // The full description of the CVSSv3 for this vulnerability. + CVSSv3 cvss_v3 = 4; + + // Windows details get their own format because the information format and + // model don't match a normal detail. Specifically Windows updates are done as + // patches, thus Windows vulnerabilities really are a missing package, rather + // than a package being at an incorrect version. + repeated WindowsDetail windows_details = 5; + + message WindowsDetail { + // Required. The [CPE URI](https://cpe.mitre.org/specification/) this + // vulnerability affects. + string cpe_uri = 1; + + // Required. The name of this vulnerability. + string name = 2; + + // The description of this vulnerability. + string description = 3; + + // Required. The names of the KBs which have hotfixes to mitigate this + // vulnerability. Note that there may be multiple hotfixes (and thus + // multiple KBs) that mitigate a given vulnerability. Currently any listed + // KBs presence is considered a fix. + repeated KnowledgeBase fixing_kbs = 4; + + message KnowledgeBase { + // The KB name (generally of the form KB[0-9]+ (e.g., KB123456)). + string name = 1; + // A link to the KB in the [Windows update catalog] + // (https://www.catalog.update.microsoft.com/). + string url = 2; + } + } + + // The time this information was last changed at the source. This is an + // upstream timestamp from the underlying information source - e.g. Ubuntu + // security tracker. + google.protobuf.Timestamp source_update_time = 6; +} + +// An occurrence of a severity vulnerability on a resource. +message VulnerabilityOccurrence { + // The type of package; whether native or non native (e.g., ruby gems, node.js + // packages, etc.). + string type = 1; + + // Output only. The note provider assigned severity of this vulnerability. + grafeas.v1.Severity severity = 2; + + // Output only. The CVSS score of this vulnerability. CVSS score is on a + // scale of 0 - 10 where 0 indicates low severity and 10 indicates high + // severity. + float cvss_score = 3; + + // The cvss v3 score for the vulnerability. + CVSS cvssv3 = 10; + + // Required. The set of affected locations and their fixes (if available) + // within the associated resource. + repeated PackageIssue package_issue = 4; + + // A detail for a distro and package this vulnerability occurrence was found + // in and its associated fix (if one is available). + message PackageIssue { + // Required. The [CPE URI](https://cpe.mitre.org/specification/) this + // vulnerability was found in. + string affected_cpe_uri = 1; + + // Required. The package this vulnerability was found in. + string affected_package = 2; + + // Required. The version of the package that is installed on the resource + // affected by this vulnerability. + grafeas.v1.Version affected_version = 3; + + // The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability + // was fixed in. It is possible for this to be different from the + // affected_cpe_uri. + string fixed_cpe_uri = 4; + + // The package this vulnerability was fixed in. It is possible for this to + // be different from the affected_package. + string fixed_package = 5; + + // Required. The version of the package this vulnerability was fixed in. + // Setting this to VersionKind.MAXIMUM means no fix is yet available. + grafeas.v1.Version fixed_version = 6; + + // Output only. Whether a fix is available for this package. + bool fix_available = 7; + + // The type of package (e.g. OS, MAVEN, GO). + string package_type = 8; + + // The distro or language system assigned severity for this vulnerability + // when that is available and note provider assigned severity when it is not + // available. + grafeas.v1.Severity effective_severity = 9 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The location at which this package was found. + repeated FileLocation file_location = 10; + } + + // Output only. A one sentence description of this vulnerability. + string short_description = 5; + + // Output only. A detailed description of this vulnerability. + string long_description = 6; + + // Output only. URLs related to this vulnerability. + repeated grafeas.v1.RelatedUrl related_urls = 7; + + // The distro assigned severity for this vulnerability when it is available, + // otherwise this is the note provider assigned severity. + // + // When there are multiple PackageIssues for this vulnerability, they can have + // different effective severities because some might be provided by the distro + // while others are provided by the language ecosystem for a language pack. + // For this reason, it is advised to use the effective severity on the + // PackageIssue level. In the case where multiple PackageIssues have differing + // effective severities, this field should be the highest severity for any of + // the PackageIssues. + grafeas.v1.Severity effective_severity = 8; + + // Output only. Whether at least one of the affected packages has a fix + // available. + bool fix_available = 9; +} diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js new file mode 100644 index 0000000..1499dc5 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js @@ -0,0 +1,70 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(parent, attestorId, attestor) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The parent of this attestor google.cloud.binaryauthorization.v1.Attestor. + */ + // const parent = 'abc123' + /** + * Required. The attestors google.cloud.binaryauthorization.v1.Attestor ID. + */ + // const attestorId = 'abc123' + /** + * Required. The initial attestor google.cloud.binaryauthorization.v1.Attestor value. The service will + * overwrite the attestor name google.cloud.binaryauthorization.v1.Attestor.name field with the resource name, + * in the format `projects/* /attestors/*`. + */ + // const attestor = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callCreateAttestor() { + // Construct request + const request = { + parent, + attestorId, + attestor, + }; + + // Run request + const response = await binaryauthorizationClient.createAttestor(request); + console.log(response); + } + + callCreateAttestor(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js new file mode 100644 index 0000000..e25decb --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The name of the attestors google.cloud.binaryauthorization.v1.Attestor to delete, in the format + * `projects/* /attestors/*`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callDeleteAttestor() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.deleteAttestor(request); + console.log(response); + } + + callDeleteAttestor(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js new file mode 100644 index 0000000..98295e2 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The name of the attestor google.cloud.binaryauthorization.v1.Attestor to retrieve, in the format + * `projects/* /attestors/*`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callGetAttestor() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getAttestor(request); + console.log(response); + } + + callGetAttestor(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js new file mode 100644 index 0000000..bc8f4f6 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name of the policy google.cloud.binaryauthorization.v1.Policy to retrieve, + * in the format `projects/* /policy`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callGetPolicy() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getPolicy(request); + console.log(response); + } + + callGetPolicy(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js new file mode 100644 index 0000000..aebdf8c --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js @@ -0,0 +1,72 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(parent) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name of the project associated with the + * attestors google.cloud.binaryauthorization.v1.Attestor, in the format `projects/*`. + */ + // const parent = 'abc123' + /** + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + */ + // const pageSize = 1234 + /** + * A token identifying a page of results the server should return. Typically, + * this is the value of ListAttestorsResponse.next_page_token google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token returned + * from the previous call to the `ListAttestors` method. + */ + // const pageToken = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callListAttestors() { + // Construct request + const request = { + parent, + }; + + // Run request + const iterable = await binaryauthorizationClient.listAttestorsAsync(request); + for await (const response of iterable) { + console.log(response); + } + } + + callListAttestors(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js new file mode 100644 index 0000000..6c5acdc --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js @@ -0,0 +1,60 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(attestor) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The updated attestor google.cloud.binaryauthorization.v1.Attestor value. The service will + * overwrite the attestor name google.cloud.binaryauthorization.v1.Attestor.name field with the resource name + * in the request URL, in the format `projects/* /attestors/*`. + */ + // const attestor = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callUpdateAttestor() { + // Construct request + const request = { + attestor, + }; + + // Run request + const response = await binaryauthorizationClient.updateAttestor(request); + console.log(response); + } + + callUpdateAttestor(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js new file mode 100644 index 0000000..c70c3a6 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js @@ -0,0 +1,60 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(policy) { + // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. A new or updated policy google.cloud.binaryauthorization.v1.Policy value. The service will + * overwrite the policy name google.cloud.binaryauthorization.v1.Policy.name field with the resource name in + * the request URL, in the format `projects/* /policy`. + */ + // const policy = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); + + async function callUpdatePolicy() { + // Construct request + const request = { + policy, + }; + + // Run request + const response = await binaryauthorizationClient.updatePolicy(request); + console.log(response); + } + + callUpdatePolicy(); + // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json new file mode 100644 index 0000000..f605144 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json @@ -0,0 +1,403 @@ +{ + "clientLibrary": { + "name": "nodejs-binaryauthorization", + "version": "0.1.0", + "language": "TYPESCRIPT", + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ] + }, + "snippets": [ + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "title": "BinauthzManagementServiceV1 getPolicy Sample", + "origin": "API_DEFINITION", + "description": " A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy. Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.", + "canonical": true, + "file": "binauthz_management_service_v1.get_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetPolicy", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Policy", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "GetPolicy", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "title": "BinauthzManagementServiceV1 updatePolicy Sample", + "origin": "API_DEFINITION", + "description": " Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.", + "canonical": true, + "file": "binauthz_management_service_v1.update_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 52, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "UpdatePolicy", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "async": true, + "parameters": [ + { + "name": "policy", + "type": ".google.cloud.binaryauthorization.v1.Policy" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Policy", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "UpdatePolicy", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "title": "BinauthzManagementServiceV1 createAttestor Sample", + "origin": "API_DEFINITION", + "description": " Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.", + "canonical": true, + "file": "binauthz_management_service_v1.create_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 62, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "CreateAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "async": true, + "parameters": [ + { + "name": "parent", + "type": "TYPE_STRING" + }, + { + "name": "attestor_id", + "type": "TYPE_STRING" + }, + { + "name": "attestor", + "type": ".google.cloud.binaryauthorization.v1.Attestor" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "CreateAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "title": "BinauthzManagementServiceV1 getAttestor Sample", + "origin": "API_DEFINITION", + "description": " Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1.get_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "GetAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "title": "BinauthzManagementServiceV1 updateAttestor Sample", + "origin": "API_DEFINITION", + "description": " Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1.update_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 52, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "UpdateAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "async": true, + "parameters": [ + { + "name": "attestor", + "type": ".google.cloud.binaryauthorization.v1.Attestor" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "UpdateAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "title": "BinauthzManagementServiceV1 listAttestors Sample", + "origin": "API_DEFINITION", + "description": " Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. Returns INVALID_ARGUMENT if the project does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1.list_attestors.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 64, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "ListAttestors", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "async": true, + "parameters": [ + { + "name": "parent", + "type": "TYPE_STRING" + }, + { + "name": "page_size", + "type": "TYPE_INT32" + }, + { + "name": "page_token", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.ListAttestorsResponse", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "ListAttestors", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "title": "BinauthzManagementServiceV1 deleteAttestor Sample", + "origin": "API_DEFINITION", + "description": " Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1.delete_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "DeleteAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.protobuf.Empty", + "client": { + "shortName": "BinauthzManagementServiceV1Client", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" + }, + "method": { + "shortName": "DeleteAttestor", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1", + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "title": "BinauthzManagementServiceV1 getSystemPolicy Sample", + "origin": "API_DEFINITION", + "description": " Gets the current system policy in the specified location.", + "canonical": true, + "file": "system_policy_v1.get_system_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetSystemPolicy", + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.Policy", + "client": { + "shortName": "SystemPolicyV1Client", + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1Client" + }, + "method": { + "shortName": "GetSystemPolicy", + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "shortName": "SystemPolicyV1", + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "title": "BinauthzManagementServiceV1 validateAttestationOccurrence Sample", + "origin": "API_DEFINITION", + "description": " Returns whether the given Attestation for the given image URI was signed by the given Attestor", + "canonical": true, + "file": "validation_helper_v1.validate_attestation_occurrence.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 72, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "ValidateAttestationOccurrence", + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "async": true, + "parameters": [ + { + "name": "attestor", + "type": "TYPE_STRING" + }, + { + "name": "attestation", + "type": ".grafeas.v1.AttestationOccurrence" + }, + { + "name": "occurrence_note", + "type": "TYPE_STRING" + }, + { + "name": "occurrence_resource_uri", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse", + "client": { + "shortName": "ValidationHelperV1Client", + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1Client" + }, + "method": { + "shortName": "ValidateAttestationOccurrence", + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "shortName": "ValidationHelperV1", + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1" + } + } + } + } + ] +} diff --git a/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js b/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js new file mode 100644 index 0000000..d749cd7 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name, in the format `locations/* /policy`. + * Note that the system policy is not associated with a project. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {SystemPolicyV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new SystemPolicyV1Client(); + + async function callGetSystemPolicy() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getSystemPolicy(request); + console.log(response); + } + + callGetSystemPolicy(); + // [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js b/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js new file mode 100644 index 0000000..ff236be --- /dev/null +++ b/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js @@ -0,0 +1,80 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(attestor, attestation, occurrenceNote, occurrenceResourceUri) { + // [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name of the Attestor google.cloud.binaryauthorization.v1.Attestor of the + * occurrence grafeas.v1.Occurrence, in the format + * `projects/* /attestors/*`. + */ + // const attestor = 'abc123' + /** + * Required. An AttestationOccurrence grafeas.v1.AttestationOccurrence to + * be checked that it can be verified by the Attestor. It does not have to be + * an existing entity in Container Analysis. It must otherwise be a valid + * AttestationOccurrence. + */ + // const attestation = {} + /** + * Required. The resource name of the Note grafeas.v1.Note to which the + * containing Occurrence grafeas.v1.Occurrence is associated. + */ + // const occurrenceNote = 'abc123' + /** + * Required. The URI of the artifact (e.g. container image) that is the + * subject of the containing Occurrence grafeas.v1.Occurrence. + */ + // const occurrenceResourceUri = 'abc123' + + // Imports the Binaryauthorization library + const {ValidationHelperV1Client} = require('@google-cloud/binary-authorization').v1; + + // Instantiates a client + const binaryauthorizationClient = new ValidationHelperV1Client(); + + async function callValidateAttestationOccurrence() { + // Construct request + const request = { + attestor, + attestation, + occurrenceNote, + occurrenceResourceUri, + }; + + // Run request + const response = await binaryauthorizationClient.validateAttestationOccurrence(request); + console.log(response); + } + + callValidateAttestationOccurrence(); + // [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/src/index.ts b/owl-bot-staging/v1/src/index.ts new file mode 100644 index 0000000..1b0b77a --- /dev/null +++ b/owl-bot-staging/v1/src/index.ts @@ -0,0 +1,29 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as v1 from './v1'; +const BinauthzManagementServiceV1Client = v1.BinauthzManagementServiceV1Client; +type BinauthzManagementServiceV1Client = v1.BinauthzManagementServiceV1Client; +const SystemPolicyV1Client = v1.SystemPolicyV1Client; +type SystemPolicyV1Client = v1.SystemPolicyV1Client; +const ValidationHelperV1Client = v1.ValidationHelperV1Client; +type ValidationHelperV1Client = v1.ValidationHelperV1Client; +export {v1, BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client}; +export default {v1, BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client}; +import * as protos from '../protos/protos'; +export {protos} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts new file mode 100644 index 0000000..1150353 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts @@ -0,0 +1,1078 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall} from 'google-gax'; + +import { Transform } from 'stream'; +import { RequestType } from 'google-gax/build/src/apitypes'; +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1/binauthz_management_service_v1_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './binauthz_management_service_v1_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * Google Cloud Management Service for Binary Authorization admission policies + * and attestation authorities. + * + * This API implements a REST model with the following objects: + * + * * {@link google.cloud.binaryauthorization.v1.Policy|Policy} + * * {@link google.cloud.binaryauthorization.v1.Attestor|Attestor} + * @class + * @memberof v1 + */ +export class BinauthzManagementServiceV1Client { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + pathTemplates: {[name: string]: gax.PathTemplate}; + binauthzManagementServiceV1Stub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of BinauthzManagementServiceV1Client. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof BinauthzManagementServiceV1Client; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + attestorPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/attestors/{attestor}' + ), + locationPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'locations/{location}/policy' + ), + projectPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}' + ), + projectPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/policy' + ), + }; + + // Some of the methods on this service return "paged" results, + // (e.g. 50 results at a time, with tokens to get subsequent + // pages). Denote the keys used for pagination and results. + this.descriptors.page = { + listAttestors: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'attestors') + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.binauthzManagementServiceV1Stub) { + return this.binauthzManagementServiceV1Stub; + } + + // Put together the "service stub" for + // google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1. + this.binauthzManagementServiceV1Stub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const binauthzManagementServiceV1StubMethods = + ['getPolicy', 'updatePolicy', 'createAttestor', 'getAttestor', 'updateAttestor', 'listAttestors', 'deleteAttestor']; + for (const methodName of binauthzManagementServiceV1StubMethods) { + const callPromise = this.binauthzManagementServiceV1Stub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + this.descriptors.page[methodName] || + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.binauthzManagementServiceV1Stub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- +/** + * A {@link google.cloud.binaryauthorization.v1.Policy|policy} specifies the {@link google.cloud.binaryauthorization.v1.Attestor|attestors} that must attest to + * a container image, before the project is allowed to deploy that + * image. There is at most one policy per project. All image admission + * requests are permitted if a project has no policy. + * + * Gets the {@link google.cloud.binaryauthorization.v1.Policy|policy} for this project. Returns a default + * {@link google.cloud.binaryauthorization.v1.Policy|policy} if the project does not have one. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.binaryauthorization.v1.Policy|policy} to retrieve, + * in the format `projects/* /policy`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.get_policy.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async + */ + getPolicy( + request?: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|undefined, {}|undefined + ]>; + getPolicy( + request: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): void; + getPolicy( + request: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): void; + getPolicy( + request?: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getPolicy(request, options, callback); + } +/** + * Creates or updates a project's {@link google.cloud.binaryauthorization.v1.Policy|policy}, and returns a copy of the + * new {@link google.cloud.binaryauthorization.v1.Policy|policy}. A policy is always updated as a whole, to avoid race + * conditions with concurrent policy enforcement (or management!) + * requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + * if the request is malformed. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.binaryauthorization.v1.Policy} request.policy + * Required. A new or updated {@link google.cloud.binaryauthorization.v1.Policy|policy} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1.Policy.name|policy name} field with the resource name in + * the request URL, in the format `projects/* /policy`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.update_policy.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async + */ + updatePolicy( + request?: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|undefined, {}|undefined + ]>; + updatePolicy( + request: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): void; + updatePolicy( + request: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): void; + updatePolicy( + request?: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'policy.name': request.policy!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updatePolicy(request, options, callback); + } +/** + * Creates an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}, and returns a copy of the new + * {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. Returns NOT_FOUND if the project does not exist, + * INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + * {@link google.cloud.binaryauthorization.v1.Attestor|attestor} already exists. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The parent of this {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. + * @param {string} request.attestorId + * Required. The {@link google.cloud.binaryauthorization.v1.Attestor|attestors} ID. + * @param {google.cloud.binaryauthorization.v1.Attestor} request.attestor + * Required. The initial {@link google.cloud.binaryauthorization.v1.Attestor|attestor} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1.Attestor.name|attestor name} field with the resource name, + * in the format `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.create_attestor.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async + */ + createAttestor( + request?: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|undefined, {}|undefined + ]>; + createAttestor( + request: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): void; + createAttestor( + request: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): void; + createAttestor( + request?: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createAttestor(request, options, callback); + } +/** + * Gets an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. + * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The name of the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} to retrieve, in the format + * `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.get_attestor.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async + */ + getAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|undefined, {}|undefined + ]>; + getAttestor( + request: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): void; + getAttestor( + request: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): void; + getAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getAttestor(request, options, callback); + } +/** + * Updates an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. + * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.binaryauthorization.v1.Attestor} request.attestor + * Required. The updated {@link google.cloud.binaryauthorization.v1.Attestor|attestor} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1.Attestor.name|attestor name} field with the resource name + * in the request URL, in the format `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.update_attestor.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async + */ + updateAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|undefined, {}|undefined + ]>; + updateAttestor( + request: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): void; + updateAttestor( + request: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): void; + updateAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor, + protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'attestor.name': request.attestor!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updateAttestor(request, options, callback); + } +/** + * Deletes an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. Returns NOT_FOUND if the + * {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The name of the {@link google.cloud.binaryauthorization.v1.Attestor|attestors} to delete, in the format + * `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Empty]{@link google.protobuf.Empty}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.delete_attestor.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async + */ + deleteAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|undefined, {}|undefined + ]>; + deleteAttestor( + request: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): void; + deleteAttestor( + request: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, + callback: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): void; + deleteAttestor( + request?: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.deleteAttestor(request, options, callback); + } + + /** + * Lists {@link google.cloud.binaryauthorization.v1.Attestor|attestors}. + * Returns INVALID_ARGUMENT if the project does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listAttestorsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listAttestors( + request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor[], + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest|null, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse + ]>; + listAttestors( + request: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1.IAttestor>): void; + listAttestors( + request: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + callback: PaginationCallback< + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1.IAttestor>): void; + listAttestors( + request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1.IAttestor>, + callback?: PaginationCallback< + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1.IAttestor>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IAttestor[], + protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest|null, + protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listAttestors(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listAttestorsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listAttestorsStream( + request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const defaultCallSettings = this._defaults['listAttestors']; + const callSettings = defaultCallSettings.merge(options); + this.initialize(); + return this.descriptors.page.listAttestors.createStream( + this.innerApiCalls.listAttestors as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listAttestors`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example include:samples/generated/v1/binauthz_management_service_v1.list_attestors.js + * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async + */ + listAttestorsAsync( + request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const defaultCallSettings = this._defaults['listAttestors']; + const callSettings = defaultCallSettings.merge(options); + this.initialize(); + return this.descriptors.page.listAttestors.asyncIterate( + this.innerApiCalls['listAttestors'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified attestor resource name string. + * + * @param {string} project + * @param {string} attestor + * @returns {string} Resource name string. + */ + attestorPath(project:string,attestor:string) { + return this.pathTemplates.attestorPathTemplate.render({ + project: project, + attestor: attestor, + }); + } + + /** + * Parse the project from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the project. + */ + matchProjectFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).project; + } + + /** + * Parse the attestor from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the attestor. + */ + matchAttestorFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; + } + + /** + * Return a fully-qualified locationPolicy resource name string. + * + * @param {string} location + * @returns {string} Resource name string. + */ + locationPolicyPath(location:string) { + return this.pathTemplates.locationPolicyPathTemplate.render({ + location: location, + }); + } + + /** + * Parse the location from LocationPolicy resource. + * + * @param {string} locationPolicyName + * A fully-qualified path representing location_policy resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationPolicyName(locationPolicyName: string) { + return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; + } + + /** + * Return a fully-qualified project resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPath(project:string) { + return this.pathTemplates.projectPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from Project resource. + * + * @param {string} projectName + * A fully-qualified path representing Project resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectName(projectName: string) { + return this.pathTemplates.projectPathTemplate.match(projectName).project; + } + + /** + * Return a fully-qualified projectPolicy resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPolicyPath(project:string) { + return this.pathTemplates.projectPolicyPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from ProjectPolicy resource. + * + * @param {string} projectPolicyName + * A fully-qualified path representing project_policy resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectPolicyName(projectPolicyName: string) { + return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + if (this.binauthzManagementServiceV1Stub && !this._terminated) { + return this.binauthzManagementServiceV1Stub.then(stub => { + this._terminated = true; + stub.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json new file mode 100644 index 0000000..d8357fd --- /dev/null +++ b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json @@ -0,0 +1,61 @@ +{ + "interfaces": { + "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "GetPolicy": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdatePolicy": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "CreateAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "GetAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdateAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "ListAttestors": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "DeleteAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json new file mode 100644 index 0000000..2e7010a --- /dev/null +++ b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json @@ -0,0 +1,6 @@ +[ + "../../protos/google/cloud/binaryauthorization/v1/resources.proto", + "../../protos/google/cloud/binaryauthorization/v1/service.proto", + "../../protos/grafeas/v1/attestation.proto", + "../../protos/grafeas/v1/common.proto" +] diff --git a/owl-bot-staging/v1/src/v1/gapic_metadata.json b/owl-bot-staging/v1/src/v1/gapic_metadata.json new file mode 100644 index 0000000..b28d368 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/gapic_metadata.json @@ -0,0 +1,145 @@ +{ + "schema": "1.0", + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "typescript", + "protoPackage": "google.cloud.binaryauthorization.v1", + "libraryPackage": "@google-cloud/binary-authorization", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "GetPolicy": { + "methods": [ + "getPolicy" + ] + }, + "UpdatePolicy": { + "methods": [ + "updatePolicy" + ] + }, + "CreateAttestor": { + "methods": [ + "createAttestor" + ] + }, + "GetAttestor": { + "methods": [ + "getAttestor" + ] + }, + "UpdateAttestor": { + "methods": [ + "updateAttestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "deleteAttestor" + ] + }, + "ListAttestors": { + "methods": [ + "listAttestors", + "listAttestorsStream", + "listAttestorsAsync" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "GetPolicy": { + "methods": [ + "getPolicy" + ] + }, + "UpdatePolicy": { + "methods": [ + "updatePolicy" + ] + }, + "CreateAttestor": { + "methods": [ + "createAttestor" + ] + }, + "GetAttestor": { + "methods": [ + "getAttestor" + ] + }, + "UpdateAttestor": { + "methods": [ + "updateAttestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "deleteAttestor" + ] + }, + "ListAttestors": { + "methods": [ + "listAttestors", + "listAttestorsStream", + "listAttestorsAsync" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "getSystemPolicy" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "getSystemPolicy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validateAttestationOccurrence" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validateAttestationOccurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/index.ts b/owl-bot-staging/v1/src/v1/index.ts new file mode 100644 index 0000000..90f5dd2 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/index.ts @@ -0,0 +1,21 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +export {BinauthzManagementServiceV1Client} from './binauthz_management_service_v1_client'; +export {SystemPolicyV1Client} from './system_policy_v1_client'; +export {ValidationHelperV1Client} from './validation_helper_v1_client'; diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts b/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts new file mode 100644 index 0000000..8bcd71e --- /dev/null +++ b/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts @@ -0,0 +1,492 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; + +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1/system_policy_v1_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './system_policy_v1_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * API for working with the system policy. + * @class + * @memberof v1 + */ +export class SystemPolicyV1Client { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + pathTemplates: {[name: string]: gax.PathTemplate}; + systemPolicyV1Stub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of SystemPolicyV1Client. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof SystemPolicyV1Client; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + attestorPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/attestors/{attestor}' + ), + locationPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'locations/{location}/policy' + ), + projectPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}' + ), + projectPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/policy' + ), + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.binaryauthorization.v1.SystemPolicyV1', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.systemPolicyV1Stub) { + return this.systemPolicyV1Stub; + } + + // Put together the "service stub" for + // google.cloud.binaryauthorization.v1.SystemPolicyV1. + this.systemPolicyV1Stub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.SystemPolicyV1') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.binaryauthorization.v1.SystemPolicyV1, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const systemPolicyV1StubMethods = + ['getSystemPolicy']; + for (const methodName of systemPolicyV1StubMethods) { + const callPromise = this.systemPolicyV1Stub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.systemPolicyV1Stub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- +/** + * Gets the current system policy in the specified location. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name, in the format `locations/* /policy`. + * Note that the system policy is not associated with a project. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/system_policy_v1.get_system_policy.js + * region_tag:binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async + */ + getSystemPolicy( + request?: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|undefined, {}|undefined + ]>; + getSystemPolicy( + request: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): void; + getSystemPolicy( + request: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): void; + getSystemPolicy( + request?: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IPolicy, + protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getSystemPolicy(request, options, callback); + } + + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified attestor resource name string. + * + * @param {string} project + * @param {string} attestor + * @returns {string} Resource name string. + */ + attestorPath(project:string,attestor:string) { + return this.pathTemplates.attestorPathTemplate.render({ + project: project, + attestor: attestor, + }); + } + + /** + * Parse the project from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the project. + */ + matchProjectFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).project; + } + + /** + * Parse the attestor from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the attestor. + */ + matchAttestorFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; + } + + /** + * Return a fully-qualified locationPolicy resource name string. + * + * @param {string} location + * @returns {string} Resource name string. + */ + locationPolicyPath(location:string) { + return this.pathTemplates.locationPolicyPathTemplate.render({ + location: location, + }); + } + + /** + * Parse the location from LocationPolicy resource. + * + * @param {string} locationPolicyName + * A fully-qualified path representing location_policy resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationPolicyName(locationPolicyName: string) { + return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; + } + + /** + * Return a fully-qualified project resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPath(project:string) { + return this.pathTemplates.projectPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from Project resource. + * + * @param {string} projectName + * A fully-qualified path representing Project resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectName(projectName: string) { + return this.pathTemplates.projectPathTemplate.match(projectName).project; + } + + /** + * Return a fully-qualified projectPolicy resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPolicyPath(project:string) { + return this.pathTemplates.projectPolicyPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from ProjectPolicy resource. + * + * @param {string} projectPolicyName + * A fully-qualified path representing project_policy resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectPolicyName(projectPolicyName: string) { + return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + if (this.systemPolicyV1Stub && !this._terminated) { + return this.systemPolicyV1Stub.then(stub => { + this._terminated = true; + stub.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json b/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json new file mode 100644 index 0000000..1d25944 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json @@ -0,0 +1,30 @@ +{ + "interfaces": { + "google.cloud.binaryauthorization.v1.SystemPolicyV1": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "GetSystemPolicy": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json b/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json new file mode 100644 index 0000000..2e7010a --- /dev/null +++ b/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json @@ -0,0 +1,6 @@ +[ + "../../protos/google/cloud/binaryauthorization/v1/resources.proto", + "../../protos/google/cloud/binaryauthorization/v1/service.proto", + "../../protos/grafeas/v1/attestation.proto", + "../../protos/grafeas/v1/common.proto" +] diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts b/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts new file mode 100644 index 0000000..32af240 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts @@ -0,0 +1,505 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; + +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1/validation_helper_v1_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './validation_helper_v1_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * BinAuthz Attestor verification + * @class + * @memberof v1 + */ +export class ValidationHelperV1Client { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + pathTemplates: {[name: string]: gax.PathTemplate}; + validationHelperV1Stub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of ValidationHelperV1Client. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof ValidationHelperV1Client; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + attestorPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/attestors/{attestor}' + ), + locationPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'locations/{location}/policy' + ), + projectPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}' + ), + projectPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/policy' + ), + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.binaryauthorization.v1.ValidationHelperV1', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.validationHelperV1Stub) { + return this.validationHelperV1Stub; + } + + // Put together the "service stub" for + // google.cloud.binaryauthorization.v1.ValidationHelperV1. + this.validationHelperV1Stub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.ValidationHelperV1') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.binaryauthorization.v1.ValidationHelperV1, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const validationHelperV1StubMethods = + ['validateAttestationOccurrence']; + for (const methodName of validationHelperV1StubMethods) { + const callPromise = this.validationHelperV1Stub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.validationHelperV1Stub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- +/** + * Returns whether the given Attestation for the given image URI + * was signed by the given Attestor + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.attestor + * Required. The resource name of the {@link google.cloud.binaryauthorization.v1.Attestor|Attestor} of the + * {@link grafeas.v1.Occurrence|occurrence}, in the format + * `projects/* /attestors/*`. + * @param {grafeas.v1.AttestationOccurrence} request.attestation + * Required. An {@link grafeas.v1.AttestationOccurrence|AttestationOccurrence} to + * be checked that it can be verified by the Attestor. It does not have to be + * an existing entity in Container Analysis. It must otherwise be a valid + * AttestationOccurrence. + * @param {string} request.occurrenceNote + * Required. The resource name of the {@link grafeas.v1.Note|Note} to which the + * containing {@link grafeas.v1.Occurrence|Occurrence} is associated. + * @param {string} request.occurrenceResourceUri + * Required. The URI of the artifact (e.g. container image) that is the + * subject of the containing {@link grafeas.v1.Occurrence|Occurrence}. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [ValidateAttestationOccurrenceResponse]{@link google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js + * region_tag:binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async + */ + validateAttestationOccurrence( + request?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|undefined, {}|undefined + ]>; + validateAttestationOccurrence( + request: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, + {}|null|undefined>): void; + validateAttestationOccurrence( + request: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, + {}|null|undefined>): void; + validateAttestationOccurrence( + request?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, + protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'attestor': request.attestor || '', + }); + this.initialize(); + return this.innerApiCalls.validateAttestationOccurrence(request, options, callback); + } + + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified attestor resource name string. + * + * @param {string} project + * @param {string} attestor + * @returns {string} Resource name string. + */ + attestorPath(project:string,attestor:string) { + return this.pathTemplates.attestorPathTemplate.render({ + project: project, + attestor: attestor, + }); + } + + /** + * Parse the project from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the project. + */ + matchProjectFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).project; + } + + /** + * Parse the attestor from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the attestor. + */ + matchAttestorFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; + } + + /** + * Return a fully-qualified locationPolicy resource name string. + * + * @param {string} location + * @returns {string} Resource name string. + */ + locationPolicyPath(location:string) { + return this.pathTemplates.locationPolicyPathTemplate.render({ + location: location, + }); + } + + /** + * Parse the location from LocationPolicy resource. + * + * @param {string} locationPolicyName + * A fully-qualified path representing location_policy resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationPolicyName(locationPolicyName: string) { + return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; + } + + /** + * Return a fully-qualified project resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPath(project:string) { + return this.pathTemplates.projectPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from Project resource. + * + * @param {string} projectName + * A fully-qualified path representing Project resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectName(projectName: string) { + return this.pathTemplates.projectPathTemplate.match(projectName).project; + } + + /** + * Return a fully-qualified projectPolicy resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPolicyPath(project:string) { + return this.pathTemplates.projectPolicyPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from ProjectPolicy resource. + * + * @param {string} projectPolicyName + * A fully-qualified path representing project_policy resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectPolicyName(projectPolicyName: string) { + return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + if (this.validationHelperV1Stub && !this._terminated) { + return this.validationHelperV1Stub.then(stub => { + this._terminated = true; + stub.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json b/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json new file mode 100644 index 0000000..7c2d8e6 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json @@ -0,0 +1,30 @@ +{ + "interfaces": { + "google.cloud.binaryauthorization.v1.ValidationHelperV1": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "ValidateAttestationOccurrence": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json b/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json new file mode 100644 index 0000000..2e7010a --- /dev/null +++ b/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json @@ -0,0 +1,6 @@ +[ + "../../protos/google/cloud/binaryauthorization/v1/resources.proto", + "../../protos/google/cloud/binaryauthorization/v1/service.proto", + "../../protos/grafeas/v1/attestation.proto", + "../../protos/grafeas/v1/common.proto" +] diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js new file mode 100644 index 0000000..7a9db4e --- /dev/null +++ b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js @@ -0,0 +1,29 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +/* eslint-disable node/no-missing-require, no-unused-vars */ +const binaryauthorization = require('@google-cloud/binary-authorization'); + +function main() { + const binauthzManagementServiceV1Client = new binaryauthorization.BinauthzManagementServiceV1Client(); + const systemPolicyV1Client = new binaryauthorization.SystemPolicyV1Client(); + const validationHelperV1Client = new binaryauthorization.ValidationHelperV1Client(); +} + +main(); diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts new file mode 100644 index 0000000..4257ebc --- /dev/null +++ b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts @@ -0,0 +1,44 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import {BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client} from '@google-cloud/binary-authorization'; + +// check that the client class type name can be used +function doStuffWithBinauthzManagementServiceV1Client(client: BinauthzManagementServiceV1Client) { + client.close(); +} +function doStuffWithSystemPolicyV1Client(client: SystemPolicyV1Client) { + client.close(); +} +function doStuffWithValidationHelperV1Client(client: ValidationHelperV1Client) { + client.close(); +} + +function main() { + // check that the client instance can be created + const binauthzManagementServiceV1Client = new BinauthzManagementServiceV1Client(); + doStuffWithBinauthzManagementServiceV1Client(binauthzManagementServiceV1Client); + // check that the client instance can be created + const systemPolicyV1Client = new SystemPolicyV1Client(); + doStuffWithSystemPolicyV1Client(systemPolicyV1Client); + // check that the client instance can be created + const validationHelperV1Client = new ValidationHelperV1Client(); + doStuffWithValidationHelperV1Client(validationHelperV1Client); +} + +main(); diff --git a/owl-bot-staging/v1/system-test/install.ts b/owl-bot-staging/v1/system-test/install.ts new file mode 100644 index 0000000..8ec4522 --- /dev/null +++ b/owl-bot-staging/v1/system-test/install.ts @@ -0,0 +1,49 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import { packNTest } from 'pack-n-play'; +import { readFileSync } from 'fs'; +import { describe, it } from 'mocha'; + +describe('📦 pack-n-play test', () => { + + it('TypeScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'TypeScript user can use the type definitions', + ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() + } + }; + await packNTest(options); + }); + + it('JavaScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'JavaScript user can use the library', + ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() + } + }; + await packNTest(options); + }); + +}); diff --git a/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts b/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts new file mode 100644 index 0000000..3a47576 --- /dev/null +++ b/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts @@ -0,0 +1,1126 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as binauthzmanagementservicev1Module from '../src'; + +import {PassThrough} from 'stream'; + +import {protobuf} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { + const pagingStub = sinon.stub(); + if (responses) { + for (let i = 0; i < responses.length; ++i) { + pagingStub.onCall(i).callsArgWith(2, null, responses[i]); + } + } + const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; + const mockStream = new PassThrough({ + objectMode: true, + transform: transformStub, + }); + // trigger as many responses as needed + if (responses) { + for (let i = 0; i < responses.length; ++i) { + setImmediate(() => { mockStream.write({}); }); + } + setImmediate(() => { mockStream.end(); }); + } else { + setImmediate(() => { mockStream.write({}); }); + setImmediate(() => { mockStream.end(); }); + } + return sinon.stub().returns(mockStream); +} + +function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { + let counter = 0; + const asyncIterable = { + [Symbol.asyncIterator]() { + return { + async next() { + if (error) { + return Promise.reject(error); + } + if (counter >= responses!.length) { + return Promise.resolve({done: true, value: undefined}); + } + return Promise.resolve({done: false, value: responses![counter++]}); + } + }; + } + }; + return sinon.stub().returns(asyncIterable); +} + +describe('v1.BinauthzManagementServiceV1Client', () => { + it('has servicePath', () => { + const servicePath = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.binauthzManagementServiceV1Stub, undefined); + await client.initialize(); + assert(client.binauthzManagementServiceV1Stub); + }); + + it('has close method for the initialized client', done => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + assert(client.binauthzManagementServiceV1Stub); + client.close().then(() => { + done(); + }); + }); + + it('has close method for the non-initialized client', done => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.binauthzManagementServiceV1Stub, undefined); + client.close().then(() => { + done(); + }); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('getPolicy', () => { + it('invokes getPolicy without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.getPolicy = stubSimpleCall(expectedResponse); + const [response] = await client.getPolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getPolicy without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.getPolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getPolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getPolicy with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getPolicy(request), expectedError); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getPolicy with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getPolicy(request), expectedError); + }); + }); + + describe('updatePolicy', () => { + it('invokes updatePolicy without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.updatePolicy = stubSimpleCall(expectedResponse); + const [response] = await client.updatePolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updatePolicy without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.updatePolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updatePolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updatePolicy with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updatePolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updatePolicy(request), expectedError); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updatePolicy with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.updatePolicy(request), expectedError); + }); + }); + + describe('createAttestor', () => { + it('invokes createAttestor without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.createAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.createAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.createAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createAttestor with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createAttestor(request), expectedError); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); + request.parent = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.createAttestor(request), expectedError); + }); + }); + + describe('getAttestor', () => { + it('invokes getAttestor without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.getAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.getAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.getAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getAttestor with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getAttestor(request), expectedError); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getAttestor(request), expectedError); + }); + }); + + describe('updateAttestor', () => { + it('invokes updateAttestor without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.updateAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.updateAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); + client.innerApiCalls.updateAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updateAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updateAttestor with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updateAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updateAttestor(request), expectedError); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.updateAttestor(request), expectedError); + }); + }); + + describe('deleteAttestor', () => { + it('invokes deleteAttestor without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); + client.innerApiCalls.deleteAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.deleteAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes deleteAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); + client.innerApiCalls.deleteAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.deleteAttestor( + request, + (err?: Error|null, result?: protos.google.protobuf.IEmpty|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes deleteAttestor with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.deleteAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.deleteAttestor(request), expectedError); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes deleteAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.deleteAttestor(request), expectedError); + }); + }); + + describe('listAttestors', () => { + it('invokes listAttestors without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + ]; + client.innerApiCalls.listAttestors = stubSimpleCall(expectedResponse); + const [response] = await client.listAttestors(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listAttestors without error using callback', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + ]; + client.innerApiCalls.listAttestors = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listAttestors( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listAttestors with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listAttestors = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listAttestors(request), expectedError); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listAttestorsStream without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + ]; + client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listAttestorsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.binaryauthorization.v1.Attestor[] = []; + stream.on('data', (response: protos.google.cloud.binaryauthorization.v1.Attestor) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); + assert.strictEqual( + (client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listAttestorsStream with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listAttestorsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.binaryauthorization.v1.Attestor[] = []; + stream.on('data', (response: protos.google.cloud.binaryauthorization.v1.Attestor) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); + assert.strictEqual( + (client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listAttestors without error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), + ]; + client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.binaryauthorization.v1.IAttestor[] = []; + const iterable = client.listAttestorsAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listAttestors with error', async () => { + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listAttestorsAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.binaryauthorization.v1.IAttestor[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + + describe('Path templates', () => { + + describe('attestor', () => { + const fakePath = "/rendered/path/attestor"; + const expectedParameters = { + project: "projectValue", + attestor: "attestorValue", + }; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.attestorPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.attestorPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('attestorPath', () => { + const result = client.attestorPath("projectValue", "attestorValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromAttestorName', () => { + const result = client.matchProjectFromAttestorName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchAttestorFromAttestorName', () => { + const result = client.matchAttestorFromAttestorName(fakePath); + assert.strictEqual(result, "attestorValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('locationPolicy', () => { + const fakePath = "/rendered/path/locationPolicy"; + const expectedParameters = { + location: "locationValue", + }; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPolicyPath', () => { + const result = client.locationPolicyPath("locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchLocationFromLocationPolicyName', () => { + const result = client.matchLocationFromLocationPolicyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('project', () => { + const fakePath = "/rendered/path/project"; + const expectedParameters = { + project: "projectValue", + }; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPath', () => { + const result = client.projectPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectName', () => { + const result = client.matchProjectFromProjectName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('projectPolicy', () => { + const fakePath = "/rendered/path/projectPolicy"; + const expectedParameters = { + project: "projectValue", + }; + const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPolicyPath', () => { + const result = client.projectPolicyPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectPolicyName', () => { + const result = client.matchProjectFromProjectPolicyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts b/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts new file mode 100644 index 0000000..7388939 --- /dev/null +++ b/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts @@ -0,0 +1,363 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as systempolicyv1Module from '../src'; + +import {protobuf} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +describe('v1.SystemPolicyV1Client', () => { + it('has servicePath', () => { + const servicePath = systempolicyv1Module.v1.SystemPolicyV1Client.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = systempolicyv1Module.v1.SystemPolicyV1Client.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = systempolicyv1Module.v1.SystemPolicyV1Client.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.systemPolicyV1Stub, undefined); + await client.initialize(); + assert(client.systemPolicyV1Stub); + }); + + it('has close method for the initialized client', done => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + assert(client.systemPolicyV1Stub); + client.close().then(() => { + done(); + }); + }); + + it('has close method for the non-initialized client', done => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.systemPolicyV1Stub, undefined); + client.close().then(() => { + done(); + }); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('getSystemPolicy', () => { + it('invokes getSystemPolicy without error', async () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.getSystemPolicy = stubSimpleCall(expectedResponse); + const [response] = await client.getSystemPolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getSystemPolicy without error using callback', async () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); + client.innerApiCalls.getSystemPolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getSystemPolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getSystemPolicy with error', async () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getSystemPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getSystemPolicy(request), expectedError); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getSystemPolicy with closed client', async () => { + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getSystemPolicy(request), expectedError); + }); + }); + + describe('Path templates', () => { + + describe('attestor', () => { + const fakePath = "/rendered/path/attestor"; + const expectedParameters = { + project: "projectValue", + attestor: "attestorValue", + }; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.attestorPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.attestorPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('attestorPath', () => { + const result = client.attestorPath("projectValue", "attestorValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromAttestorName', () => { + const result = client.matchProjectFromAttestorName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchAttestorFromAttestorName', () => { + const result = client.matchAttestorFromAttestorName(fakePath); + assert.strictEqual(result, "attestorValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('locationPolicy', () => { + const fakePath = "/rendered/path/locationPolicy"; + const expectedParameters = { + location: "locationValue", + }; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPolicyPath', () => { + const result = client.locationPolicyPath("locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchLocationFromLocationPolicyName', () => { + const result = client.matchLocationFromLocationPolicyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('project', () => { + const fakePath = "/rendered/path/project"; + const expectedParameters = { + project: "projectValue", + }; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPath', () => { + const result = client.projectPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectName', () => { + const result = client.matchProjectFromProjectName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('projectPolicy', () => { + const fakePath = "/rendered/path/projectPolicy"; + const expectedParameters = { + project: "projectValue", + }; + const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPolicyPath', () => { + const result = client.projectPolicyPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectPolicyName', () => { + const result = client.matchProjectFromProjectPolicyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts b/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts new file mode 100644 index 0000000..dea2f84 --- /dev/null +++ b/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts @@ -0,0 +1,363 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as validationhelperv1Module from '../src'; + +import {protobuf} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +describe('v1.ValidationHelperV1Client', () => { + it('has servicePath', () => { + const servicePath = validationhelperv1Module.v1.ValidationHelperV1Client.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = validationhelperv1Module.v1.ValidationHelperV1Client.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = validationhelperv1Module.v1.ValidationHelperV1Client.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.validationHelperV1Stub, undefined); + await client.initialize(); + assert(client.validationHelperV1Stub); + }); + + it('has close method for the initialized client', done => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + assert(client.validationHelperV1Stub); + client.close().then(() => { + done(); + }); + }); + + it('has close method for the non-initialized client', done => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.validationHelperV1Stub, undefined); + client.close().then(() => { + done(); + }); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('validateAttestationOccurrence', () => { + it('invokes validateAttestationOccurrence without error', async () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); + request.attestor = ''; + const expectedHeaderRequestParams = "attestor="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse()); + client.innerApiCalls.validateAttestationOccurrence = stubSimpleCall(expectedResponse); + const [response] = await client.validateAttestationOccurrence(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes validateAttestationOccurrence without error using callback', async () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); + request.attestor = ''; + const expectedHeaderRequestParams = "attestor="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse()); + client.innerApiCalls.validateAttestationOccurrence = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.validateAttestationOccurrence( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes validateAttestationOccurrence with error', async () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); + request.attestor = ''; + const expectedHeaderRequestParams = "attestor="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.validateAttestationOccurrence = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.validateAttestationOccurrence(request), expectedError); + assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes validateAttestationOccurrence with closed client', async () => { + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); + request.attestor = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.validateAttestationOccurrence(request), expectedError); + }); + }); + + describe('Path templates', () => { + + describe('attestor', () => { + const fakePath = "/rendered/path/attestor"; + const expectedParameters = { + project: "projectValue", + attestor: "attestorValue", + }; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.attestorPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.attestorPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('attestorPath', () => { + const result = client.attestorPath("projectValue", "attestorValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromAttestorName', () => { + const result = client.matchProjectFromAttestorName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchAttestorFromAttestorName', () => { + const result = client.matchAttestorFromAttestorName(fakePath); + assert.strictEqual(result, "attestorValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('locationPolicy', () => { + const fakePath = "/rendered/path/locationPolicy"; + const expectedParameters = { + location: "locationValue", + }; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPolicyPath', () => { + const result = client.locationPolicyPath("locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchLocationFromLocationPolicyName', () => { + const result = client.matchLocationFromLocationPolicyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('project', () => { + const fakePath = "/rendered/path/project"; + const expectedParameters = { + project: "projectValue", + }; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPath', () => { + const result = client.projectPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectName', () => { + const result = client.matchProjectFromProjectName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('projectPolicy', () => { + const fakePath = "/rendered/path/projectPolicy"; + const expectedParameters = { + project: "projectValue", + }; + const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPolicyPath', () => { + const result = client.projectPolicyPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectPolicyName', () => { + const result = client.matchProjectFromProjectPolicyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1/tsconfig.json b/owl-bot-staging/v1/tsconfig.json new file mode 100644 index 0000000..c78f1c8 --- /dev/null +++ b/owl-bot-staging/v1/tsconfig.json @@ -0,0 +1,19 @@ +{ + "extends": "./node_modules/gts/tsconfig-google.json", + "compilerOptions": { + "rootDir": ".", + "outDir": "build", + "resolveJsonModule": true, + "lib": [ + "es2018", + "dom" + ] + }, + "include": [ + "src/*.ts", + "src/**/*.ts", + "test/*.ts", + "test/**/*.ts", + "system-test/*.ts" + ] +} diff --git a/owl-bot-staging/v1/webpack.config.js b/owl-bot-staging/v1/webpack.config.js new file mode 100644 index 0000000..2188a41 --- /dev/null +++ b/owl-bot-staging/v1/webpack.config.js @@ -0,0 +1,64 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +const path = require('path'); + +module.exports = { + entry: './src/index.ts', + output: { + library: 'BinauthzManagementServiceV1', + filename: './binauthz-management-service-v1.js', + }, + node: { + child_process: 'empty', + fs: 'empty', + crypto: 'empty', + }, + resolve: { + alias: { + '../../../package.json': path.resolve(__dirname, 'package.json'), + }, + extensions: ['.js', '.json', '.ts'], + }, + module: { + rules: [ + { + test: /\.tsx?$/, + use: 'ts-loader', + exclude: /node_modules/ + }, + { + test: /node_modules[\\/]@grpc[\\/]grpc-js/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]grpc/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]retry-request/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]https?-proxy-agent/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]gtoken/, + use: 'null-loader' + }, + ], + }, + mode: 'production', +}; diff --git a/owl-bot-staging/v1beta1/.eslintignore b/owl-bot-staging/v1beta1/.eslintignore new file mode 100644 index 0000000..cfc348e --- /dev/null +++ b/owl-bot-staging/v1beta1/.eslintignore @@ -0,0 +1,7 @@ +**/node_modules +**/.coverage +build/ +docs/ +protos/ +system-test/ +samples/generated/ diff --git a/owl-bot-staging/v1beta1/.eslintrc.json b/owl-bot-staging/v1beta1/.eslintrc.json new file mode 100644 index 0000000..7821534 --- /dev/null +++ b/owl-bot-staging/v1beta1/.eslintrc.json @@ -0,0 +1,3 @@ +{ + "extends": "./node_modules/gts" +} diff --git a/owl-bot-staging/v1beta1/.gitignore b/owl-bot-staging/v1beta1/.gitignore new file mode 100644 index 0000000..5d32b23 --- /dev/null +++ b/owl-bot-staging/v1beta1/.gitignore @@ -0,0 +1,14 @@ +**/*.log +**/node_modules +.coverage +coverage +.nyc_output +docs/ +out/ +build/ +system-test/secrets.js +system-test/*key.json +*.lock +.DS_Store +package-lock.json +__pycache__ diff --git a/owl-bot-staging/v1beta1/.jsdoc.js b/owl-bot-staging/v1beta1/.jsdoc.js new file mode 100644 index 0000000..28b3ad6 --- /dev/null +++ b/owl-bot-staging/v1beta1/.jsdoc.js @@ -0,0 +1,55 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +'use strict'; + +module.exports = { + opts: { + readme: './README.md', + package: './package.json', + template: './node_modules/jsdoc-fresh', + recurse: true, + verbose: true, + destination: './docs/' + }, + plugins: [ + 'plugins/markdown', + 'jsdoc-region-tag' + ], + source: { + excludePattern: '(^|\\/|\\\\)[._]', + include: [ + 'build/src', + 'protos' + ], + includePattern: '\\.js$' + }, + templates: { + copyright: 'Copyright 2022 Google LLC', + includeDate: false, + sourceFiles: false, + systemName: '@google-cloud/binary-authorization', + theme: 'lumen', + default: { + outputSourceFiles: false + } + }, + markdown: { + idInHeadings: true + } +}; diff --git a/owl-bot-staging/v1beta1/.mocharc.js b/owl-bot-staging/v1beta1/.mocharc.js new file mode 100644 index 0000000..481c522 --- /dev/null +++ b/owl-bot-staging/v1beta1/.mocharc.js @@ -0,0 +1,33 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +const config = { + "enable-source-maps": true, + "throw-deprecation": true, + "timeout": 10000 +} +if (process.env.MOCHA_THROW_DEPRECATION === 'false') { + delete config['throw-deprecation']; +} +if (process.env.MOCHA_REPORTER) { + config.reporter = process.env.MOCHA_REPORTER; +} +if (process.env.MOCHA_REPORTER_OUTPUT) { + config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; +} +module.exports = config diff --git a/owl-bot-staging/v1beta1/.prettierrc.js b/owl-bot-staging/v1beta1/.prettierrc.js new file mode 100644 index 0000000..494e147 --- /dev/null +++ b/owl-bot-staging/v1beta1/.prettierrc.js @@ -0,0 +1,22 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +module.exports = { + ...require('gts/.prettierrc.json') +} diff --git a/owl-bot-staging/v1beta1/README.md b/owl-bot-staging/v1beta1/README.md new file mode 100644 index 0000000..438dbbe --- /dev/null +++ b/owl-bot-staging/v1beta1/README.md @@ -0,0 +1 @@ +Binaryauthorization: Nodejs Client diff --git a/owl-bot-staging/v1beta1/linkinator.config.json b/owl-bot-staging/v1beta1/linkinator.config.json new file mode 100644 index 0000000..befd23c --- /dev/null +++ b/owl-bot-staging/v1beta1/linkinator.config.json @@ -0,0 +1,16 @@ +{ + "recurse": true, + "skip": [ + "https://codecov.io/gh/googleapis/", + "www.googleapis.com", + "img.shields.io", + "https://console.cloud.google.com/cloudshell", + "https://support.google.com" + ], + "silent": true, + "concurrency": 5, + "retry": true, + "retryErrors": true, + "retryErrorsCount": 5, + "retryErrorsJitter": 3000 +} diff --git a/owl-bot-staging/v1beta1/package.json b/owl-bot-staging/v1beta1/package.json new file mode 100644 index 0000000..9694d94 --- /dev/null +++ b/owl-bot-staging/v1beta1/package.json @@ -0,0 +1,65 @@ +{ + "name": "@google-cloud/binary-authorization", + "version": "0.1.0", + "description": "Binaryauthorization client for Node.js", + "repository": "googleapis/nodejs-binaryauthorization", + "license": "Apache-2.0", + "author": "Google LLC", + "main": "build/src/index.js", + "files": [ + "build/src", + "build/protos" + ], + "keywords": [ + "google apis client", + "google api client", + "google apis", + "google api", + "google", + "google cloud platform", + "google cloud", + "cloud", + "google binaryauthorization", + "binaryauthorization", + "binauthz management service v1 beta1", + "system policy v1 beta1" + ], + "scripts": { + "clean": "gts clean", + "compile": "tsc -p . && cp -r protos build/", + "compile-protos": "compileProtos src", + "docs": "jsdoc -c .jsdoc.js", + "predocs-test": "npm run docs", + "docs-test": "linkinator docs", + "fix": "gts fix", + "lint": "gts check", + "prepare": "npm run compile-protos && npm run compile", + "system-test": "c8 mocha build/system-test", + "test": "c8 mocha build/test" + }, + "dependencies": { + "google-gax": "^2.29.4" + }, + "devDependencies": { + "@types/mocha": "^9.1.0", + "@types/node": "^16.0.0", + "@types/sinon": "^10.0.8", + "c8": "^7.11.0", + "gts": "^3.1.0", + "jsdoc": "^3.6.7", + "jsdoc-fresh": "^1.1.1", + "jsdoc-region-tag": "^1.3.1", + "linkinator": "^3.0.0", + "mocha": "^9.1.4", + "null-loader": "^4.0.1", + "pack-n-play": "^1.0.0-2", + "sinon": "^13.0.0", + "ts-loader": "^9.2.6", + "typescript": "^4.5.5", + "webpack": "^5.67.0", + "webpack-cli": "^4.9.1" + }, + "engines": { + "node": ">=v10.24.0" + } +} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto new file mode 100644 index 0000000..1666b51 --- /dev/null +++ b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto @@ -0,0 +1,100 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.binaryauthorization.v1beta1; + +import "google/protobuf/timestamp.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; +option java_multiple_files = true; +option java_outer_classname = "ContinuousValidationLoggingProto"; +option java_package = "com.google.cloud.binaryauthorization.v1beta1"; +option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; +option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; + +// Represents an auditing event from Continuous Validation. +message ContinuousValidationEvent { + // An auditing event for one Pod. + message ContinuousValidationPodEvent { + // Audit time policy conformance verdict. + enum PolicyConformanceVerdict { + // We should always have a verdict. This is an error. + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0; + + // The pod violates the policy. + VIOLATES_POLICY = 1; + } + + // Container image with auditing details. + message ImageDetails { + // Result of the audit. + enum AuditResult { + // Unspecified result. This is an error. + AUDIT_RESULT_UNSPECIFIED = 0; + + // Image is allowed. + ALLOW = 1; + + // Image is denied. + DENY = 2; + } + + // The name of the image. + string image = 1; + + // The result of the audit for this image. + AuditResult result = 2; + + // Description of the above result. + string description = 3; + } + + // The k8s namespace of the Pod. + string pod_namespace = 7; + + // The name of the Pod. + string pod = 1; + + // Deploy time of the Pod from k8s. + google.protobuf.Timestamp deploy_time = 2; + + // Termination time of the Pod from k8s, or nothing if still running. + google.protobuf.Timestamp end_time = 3; + + // Auditing verdict for this Pod. + PolicyConformanceVerdict verdict = 4; + + // List of images with auditing details. + repeated ImageDetails images = 5; + } + + // An event describing that the project policy is unsupported by CV. + message UnsupportedPolicyEvent { + // A description of the unsupported policy. + string description = 1; + } + + // Type of CV event. + oneof event_type { + // Pod event. + ContinuousValidationPodEvent pod_event = 1; + + // Unsupported policy event. + UnsupportedPolicyEvent unsupported_policy_event = 2; + } +} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto new file mode 100644 index 0000000..3e5b638 --- /dev/null +++ b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto @@ -0,0 +1,344 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.binaryauthorization.v1beta1; + +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; +option java_multiple_files = true; +option java_outer_classname = "BinaryAuthorizationResourcesProto"; +option java_package = "com.google.cloud.binaryauthorization.v1beta1"; +option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; +option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; + +// A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for Binary Authorization. +message Policy { + option (google.api.resource) = { + type: "binaryauthorization.googleapis.com/Policy" + pattern: "projects/{project}/policy" + pattern: "locations/{location}/policy" + }; + + enum GlobalPolicyEvaluationMode { + // Not specified: DISABLE is assumed. + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0; + + // Enables system policy evaluation. + ENABLE = 1; + + // Disables system policy evaluation. + DISABLE = 2; + } + + // Output only. The resource name, in the format `projects/*/policy`. There is + // at most one policy per project. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. A descriptive comment. + string description = 6 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Controls the evaluation of a Google-maintained global admission + // policy for common system-level images. Images not covered by the global + // policy will be subject to the project admission policy. This setting + // has no effect when specified inside a global admission policy. + GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Admission policy allowlisting. A matching admission request will + // always be permitted. This feature is typically used to exclude Google or + // third-party infrastructure images from Binary Authorization policies. + repeated AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-cluster admission rules. Cluster spec format: + // `location.clusterId`. There can be at most one admission rule per cluster + // spec. + // A `location` is either a compute zone (e.g. us-central1-a) or a region + // (e.g. us-central1). + // For `clusterId` syntax restrictions see + // https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + map cluster_admission_rules = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: + // `[a-z.-]+`, e.g. `some-namespace` + map kubernetes_namespace_admission_rules = 10 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-kubernetes-service-account admission rules. Service account + // spec format: `namespace:serviceaccount`. e.g. `test-ns:default` + map kubernetes_service_account_admission_rules = 8 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Per-istio-service-identity admission rules. Istio service + // identity spec format: + // `spiffe:///ns//sa/` or + // `/ns//sa/` + // e.g. `spiffe://example.com/ns/test-ns/sa/default` + map istio_service_identity_admission_rules = 9 [(google.api.field_behavior) = OPTIONAL]; + + // Required. Default admission rule for a cluster without a per-cluster, per- + // kubernetes-service-account, or per-istio-service-identity admission rule. + AdmissionRule default_admission_rule = 4 [(google.api.field_behavior) = REQUIRED]; + + // Output only. Time when the policy was last updated. + google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// An [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] exempts images +// from checks by [admission rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. +message AdmissionWhitelistPattern { + // An image name pattern to allowlist, in the form `registry/path/to/image`. + // This supports a trailing `*` as a wildcard, but this is allowed only in + // text after the `registry/` part. `*` wildcard does not match `/`, i.e., + // `gcr.io/nginx*` matches `gcr.io/nginx@latest`, but it does not match + // `gcr.io/nginx/image`. This also supports a trailing `**` wildcard which + // matches subdirectories, i.e., `gcr.io/nginx**` matches + // `gcr.io/nginx/image`. + string name_pattern = 1; +} + +// An [admission rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] specifies either that all container images +// used in a pod creation request must be attested to by one or more +// [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that all pod creations will be allowed, or that all +// pod creations will be denied. +// +// Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] +// are exempted from admission rules and will never block a pod creation. +message AdmissionRule { + enum EvaluationMode { + // Do not use. + EVALUATION_MODE_UNSPECIFIED = 0; + + // This rule allows all all pod creations. + ALWAYS_ALLOW = 1; + + // This rule allows a pod creation if all the attestors listed in + // `require_attestations_by` have valid attestations for all of the + // images in the pod spec. + REQUIRE_ATTESTATION = 2; + + // This rule denies all pod creations. + ALWAYS_DENY = 3; + } + + // Defines the possible actions when a pod creation is denied by an admission + // rule. + enum EnforcementMode { + // Do not use. + ENFORCEMENT_MODE_UNSPECIFIED = 0; + + // Enforce the admission rule by blocking the pod creation. + ENFORCED_BLOCK_AND_AUDIT_LOG = 1; + + // Dryrun mode: Audit logging only. This will allow the pod creation as if + // the admission request had specified break-glass. + DRYRUN_AUDIT_LOG_ONLY = 2; + } + + // Required. How this admission rule will be evaluated. + EvaluationMode evaluation_mode = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. The resource names of the attestors that must attest to + // a container image, in the format `projects/*/attestors/*`. Each + // attestor must exist before a policy can reference it. To add an attestor + // to a policy the principal issuing the policy change request must be able + // to read the attestor resource. + // + // Note: this field must be non-empty when the evaluation_mode field specifies + // REQUIRE_ATTESTATION, otherwise it must be empty. + repeated string require_attestations_by = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Required. The action when a pod creation is denied by the admission rule. + EnforcementMode enforcement_mode = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image +// artifacts. An existing attestor cannot be modified except where +// indicated. +message Attestor { + option (google.api.resource) = { + type: "binaryauthorization.googleapis.com/Attestor" + pattern: "projects/{project}/attestors/{attestor}" + }; + + // Required. The resource name, in the format: + // `projects/*/attestors/*`. This field may not be updated. + string name = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. A descriptive comment. This field may be updated. + // The field may be displayed in chooser dialogs. + string description = 6 [(google.api.field_behavior) = OPTIONAL]; + + // Required. Identifies an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to a + // container image artifact. This determines how an attestation will + // be stored, and how it will be used during policy + // enforcement. Updates may not change the attestor type, but individual + // attestor fields may be updated. + oneof attestor_type { + // A Drydock ATTESTATION_AUTHORITY Note, created by the user. + UserOwnedDrydockNote user_owned_drydock_note = 3; + } + + // Output only. Time when the attestor was last updated. + google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// An [user owned drydock note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] references a Drydock +// ATTESTATION_AUTHORITY Note created by the user. +message UserOwnedDrydockNote { + // Required. The Drydock resource name of a ATTESTATION_AUTHORITY Note, + // created by the user, in the format: `projects/*/notes/*` (or the legacy + // `providers/*/notes/*`). This field may not be updated. + // + // An attestation by this attestor is stored as a Drydock + // ATTESTATION_AUTHORITY Occurrence that names a container image and that + // links to this Note. Drydock is an external dependency. + string note_reference = 1 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Public keys that verify attestations signed by this + // attestor. This field may be updated. + // + // If this field is non-empty, one of the specified public keys must + // verify that an attestation was signed by this attestor for the + // image specified in the admission request. + // + // If this field is empty, this attestor always returns that no + // valid attestations exist. + repeated AttestorPublicKey public_keys = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Output only. This field will contain the service account email address + // that this Attestor will use as the principal when querying Container + // Analysis. Attestor administrators must grant this service account the + // IAM role needed to read attestations from the [note_reference][Note] in + // Container Analysis (`containeranalysis.notes.occurrences.viewer`). + // + // This email address is fixed for the lifetime of the Attestor, but callers + // should not make any other assumptions about the service account email; + // future versions may use an email based on a different naming pattern. + string delegation_service_account_email = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// A public key in the PkixPublicKey format (see +// https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). +// Public keys of this type are typically textually encoded using the PEM +// format. +message PkixPublicKey { + // Represents a signature algorithm and other information necessary to verify + // signatures with a given public key. + // This is based primarily on the public key types supported by Tink's + // PemKeyType, which is in turn based on KMS's supported signing algorithms. + // See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz + // might support additional public key types independently of Tink and/or KMS. + enum SignatureAlgorithm { + option allow_alias = true; + + // Not specified. + SIGNATURE_ALGORITHM_UNSPECIFIED = 0; + + // RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_PSS_2048_SHA256 = 1; + + // RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_PSS_3072_SHA256 = 2; + + // RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_PSS_4096_SHA256 = 3; + + // RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_PSS_4096_SHA512 = 4; + + // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_2048_SHA256 = 5; + + // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 = 6; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 = 7; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + RSA_SIGN_PKCS1_4096_SHA512 = 8; + + // ECDSA on the NIST P-256 curve with a SHA256 digest. + ECDSA_P256_SHA256 = 9; + + // ECDSA on the NIST P-256 curve with a SHA256 digest. + EC_SIGN_P256_SHA256 = 9; + + // ECDSA on the NIST P-384 curve with a SHA384 digest. + ECDSA_P384_SHA384 = 10; + + // ECDSA on the NIST P-384 curve with a SHA384 digest. + EC_SIGN_P384_SHA384 = 10; + + // ECDSA on the NIST P-521 curve with a SHA512 digest. + ECDSA_P521_SHA512 = 11; + + // ECDSA on the NIST P-521 curve with a SHA512 digest. + EC_SIGN_P521_SHA512 = 11; + } + + // A PEM-encoded public key, as described in + // https://tools.ietf.org/html/rfc7468#section-13 + string public_key_pem = 1; + + // The signature algorithm used to verify a message against a signature using + // this key. + // These signature algorithm must match the structure and any object + // identifiers encoded in `public_key_pem` (i.e. this algorithm must match + // that of the public key). + SignatureAlgorithm signature_algorithm = 2; +} + +// An [attestor public key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be used to verify +// attestations signed by this attestor. +message AttestorPublicKey { + // Optional. A descriptive comment. This field may be updated. + string comment = 1 [(google.api.field_behavior) = OPTIONAL]; + + // The ID of this public key. + // Signatures verified by BinAuthz must include the ID of the public key that + // can be used to verify them, and that ID must match the contents of this + // field exactly. + // Additional restrictions on this field can be imposed based on which public + // key type is encapsulated. See the documentation on `public_key` cases below + // for details. + string id = 2; + + // Required. A public key reference or serialized instance. This field may be + // updated. + oneof public_key { + // ASCII-armored representation of a PGP public key, as the entire output by + // the command `gpg --export --armor foo@example.com` (either LF or CRLF + // line endings). + // When using this field, `id` should be left blank. The BinAuthz API + // handlers will calculate the ID and fill it in automatically. BinAuthz + // computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as + // upper-case hex. If `id` is provided by the caller, it will be + // overwritten by the API-calculated ID. + string ascii_armored_pgp_public_key = 3; + + // A raw PKIX SubjectPublicKeyInfo format public key. + // + // NOTE: `id` may be explicitly provided by the caller when using this + // type of public key, but it MUST be a valid RFC3986 URI. If `id` is left + // blank, a default one will be computed based on the digest of the DER + // encoding of the public key. + PkixPublicKey pkix_public_key = 5; + } +} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto new file mode 100644 index 0000000..90e63b4 --- /dev/null +++ b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto @@ -0,0 +1,252 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.binaryauthorization.v1beta1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/binaryauthorization/v1beta1/resources.proto"; +import "google/protobuf/empty.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; +option java_multiple_files = true; +option java_outer_classname = "BinaryAuthorizationServiceProto"; +option java_package = "com.google.cloud.binaryauthorization.v1beta1"; +option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; +option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; + +// Customer-facing API for Cloud Binary Authorization. + +// Google Cloud Management Service for Binary Authorization admission policies +// and attestation authorities. +// +// This API implements a REST model with the following objects: +// +// * [Policy][google.cloud.binaryauthorization.v1beta1.Policy] +// * [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] +service BinauthzManagementServiceV1Beta1 { + option (google.api.default_host) = "binaryauthorization.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must attest to + // a container image, before the project is allowed to deploy that + // image. There is at most one policy per project. All image admission + // requests are permitted if a project has no policy. + // + // Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this project. Returns a default + // [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project does not have one. + rpc GetPolicy(GetPolicyRequest) returns (Policy) { + option (google.api.http) = { + get: "/v1beta1/{name=projects/*/policy}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates or updates a project's [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a copy of the + // new [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A policy is always updated as a whole, to avoid race + // conditions with concurrent policy enforcement (or management!) + // requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + // if the request is malformed. + rpc UpdatePolicy(UpdatePolicyRequest) returns (Policy) { + option (google.api.http) = { + put: "/v1beta1/{policy.name=projects/*/policy}" + body: "policy" + }; + option (google.api.method_signature) = "policy"; + } + + // Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], and returns a copy of the new + // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the project does not exist, + // INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already exists. + rpc CreateAttestor(CreateAttestorRequest) returns (Attestor) { + option (google.api.http) = { + post: "/v1beta1/{parent=projects/*}/attestors" + body: "attestor" + }; + option (google.api.method_signature) = "parent,attestor_id,attestor"; + } + + // Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. + rpc GetAttestor(GetAttestorRequest) returns (Attestor) { + option (google.api.http) = { + get: "/v1beta1/{name=projects/*/attestors/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. + rpc UpdateAttestor(UpdateAttestorRequest) returns (Attestor) { + option (google.api.http) = { + put: "/v1beta1/{attestor.name=projects/*/attestors/*}" + body: "attestor" + }; + option (google.api.method_signature) = "attestor"; + } + + // Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + // Returns INVALID_ARGUMENT if the project does not exist. + rpc ListAttestors(ListAttestorsRequest) returns (ListAttestorsResponse) { + option (google.api.http) = { + get: "/v1beta1/{parent=projects/*}/attestors" + }; + option (google.api.method_signature) = "parent"; + } + + // Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the + // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. + rpc DeleteAttestor(DeleteAttestorRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1beta1/{name=projects/*/attestors/*}" + }; + option (google.api.method_signature) = "name"; + } +} + +// Request message for [BinauthzManagementService.GetPolicy][]. +message GetPolicyRequest { + // Required. The resource name of the [policy][google.cloud.binaryauthorization.v1beta1.Policy] to retrieve, + // in the format `projects/*/policy`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Policy" + } + ]; +} + +// API for working with the system policy. +service SystemPolicyV1Beta1 { + option (google.api.default_host) = "binaryauthorization.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Gets the current system policy in the specified location. + rpc GetSystemPolicy(GetSystemPolicyRequest) returns (Policy) { + option (google.api.http) = { + get: "/v1beta1/{name=locations/*/policy}" + }; + option (google.api.method_signature) = "name"; + } +} + +// Request message for [BinauthzManagementService.UpdatePolicy][]. +message UpdatePolicyRequest { + // Required. A new or updated [policy][google.cloud.binaryauthorization.v1beta1.Policy] value. The service will + // overwrite the [policy name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the resource name in + // the request URL, in the format `projects/*/policy`. + Policy policy = 1 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.CreateAttestor][]. +message CreateAttestorRequest { + // Required. The parent of this [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Required. The [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] ID. + string attestor_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The initial [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] value. The service will + // overwrite the [attestor name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with the resource name, + // in the format `projects/*/attestors/*`. + Attestor attestor = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.GetAttestor][]. +message GetAttestorRequest { + // Required. The name of the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] to retrieve, in the format + // `projects/*/attestors/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Attestor" + } + ]; +} + +// Request message for [BinauthzManagementService.UpdateAttestor][]. +message UpdateAttestorRequest { + // Required. The updated [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] value. The service will + // overwrite the [attestor name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with the resource name + // in the request URL, in the format `projects/*/attestors/*`. + Attestor attestor = 1 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [BinauthzManagementService.ListAttestors][]. +message ListAttestorsRequest { + // Required. The resource name of the project associated with the + // [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], in the format `projects/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Requested page size. The server may return fewer results than requested. If + // unspecified, the server will pick an appropriate default. + int32 page_size = 2; + + // A token identifying a page of results the server should return. Typically, + // this is the value of [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] returned + // from the previous call to the `ListAttestors` method. + string page_token = 3; +} + +// Response message for [BinauthzManagementService.ListAttestors][]. +message ListAttestorsResponse { + // The list of [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + repeated Attestor attestors = 1; + + // A token to retrieve the next page of results. Pass this value in the + // [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] field in the subsequent call to the + // `ListAttestors` method to retrieve the next page of results. + string next_page_token = 2; +} + +// Request message for [BinauthzManagementService.DeleteAttestor][]. +message DeleteAttestorRequest { + // Required. The name of the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] to delete, in the format + // `projects/*/attestors/*`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Attestor" + } + ]; +} + +// Request to read the current system policy. +message GetSystemPolicyRequest { + // Required. The resource name, in the format `locations/*/policy`. + // Note that the system policy is not associated with a project. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "binaryauthorization.googleapis.com/Policy" + } + ]; +} diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js new file mode 100644 index 0000000..83c48c7 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js @@ -0,0 +1,70 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(parent, attestorId, attestor) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The parent of this attestor google.cloud.binaryauthorization.v1beta1.Attestor. + */ + // const parent = 'abc123' + /** + * Required. The attestors google.cloud.binaryauthorization.v1beta1.Attestor ID. + */ + // const attestorId = 'abc123' + /** + * Required. The initial attestor google.cloud.binaryauthorization.v1beta1.Attestor value. The service will + * overwrite the attestor name google.cloud.binaryauthorization.v1beta1.Attestor.name field with the resource name, + * in the format `projects/* /attestors/*`. + */ + // const attestor = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callCreateAttestor() { + // Construct request + const request = { + parent, + attestorId, + attestor, + }; + + // Run request + const response = await binaryauthorizationClient.createAttestor(request); + console.log(response); + } + + callCreateAttestor(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js new file mode 100644 index 0000000..0f439cf --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The name of the attestors google.cloud.binaryauthorization.v1beta1.Attestor to delete, in the format + * `projects/* /attestors/*`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callDeleteAttestor() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.deleteAttestor(request); + console.log(response); + } + + callDeleteAttestor(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js new file mode 100644 index 0000000..85719a8 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The name of the attestor google.cloud.binaryauthorization.v1beta1.Attestor to retrieve, in the format + * `projects/* /attestors/*`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callGetAttestor() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getAttestor(request); + console.log(response); + } + + callGetAttestor(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js new file mode 100644 index 0000000..ce84d2d --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name of the policy google.cloud.binaryauthorization.v1beta1.Policy to retrieve, + * in the format `projects/* /policy`. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callGetPolicy() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getPolicy(request); + console.log(response); + } + + callGetPolicy(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js new file mode 100644 index 0000000..0023d64 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js @@ -0,0 +1,72 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(parent) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name of the project associated with the + * attestors google.cloud.binaryauthorization.v1beta1.Attestor, in the format `projects/*`. + */ + // const parent = 'abc123' + /** + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + */ + // const pageSize = 1234 + /** + * A token identifying a page of results the server should return. Typically, + * this is the value of ListAttestorsResponse.next_page_token google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token returned + * from the previous call to the `ListAttestors` method. + */ + // const pageToken = 'abc123' + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callListAttestors() { + // Construct request + const request = { + parent, + }; + + // Run request + const iterable = await binaryauthorizationClient.listAttestorsAsync(request); + for await (const response of iterable) { + console.log(response); + } + } + + callListAttestors(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js new file mode 100644 index 0000000..8dbc0d1 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js @@ -0,0 +1,60 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(attestor) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The updated attestor google.cloud.binaryauthorization.v1beta1.Attestor value. The service will + * overwrite the attestor name google.cloud.binaryauthorization.v1beta1.Attestor.name field with the resource name + * in the request URL, in the format `projects/* /attestors/*`. + */ + // const attestor = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callUpdateAttestor() { + // Construct request + const request = { + attestor, + }; + + // Run request + const response = await binaryauthorizationClient.updateAttestor(request); + console.log(response); + } + + callUpdateAttestor(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js new file mode 100644 index 0000000..12aa0a0 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js @@ -0,0 +1,60 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(policy) { + // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. A new or updated policy google.cloud.binaryauthorization.v1beta1.Policy value. The service will + * overwrite the policy name google.cloud.binaryauthorization.v1beta1.Policy.name field with the resource name in + * the request URL, in the format `projects/* /policy`. + */ + // const policy = {} + + // Imports the Binaryauthorization library + const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); + + async function callUpdatePolicy() { + // Construct request + const request = { + policy, + }; + + // Run request + const response = await binaryauthorizationClient.updatePolicy(request); + console.log(response); + } + + callUpdatePolicy(); + // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json new file mode 100644 index 0000000..ef53122 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json @@ -0,0 +1,351 @@ +{ + "clientLibrary": { + "name": "nodejs-binaryauthorization", + "version": "0.1.0", + "language": "TYPESCRIPT", + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ] + }, + "snippets": [ + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "title": "BinauthzManagementServiceV1Beta1 getPolicy Sample", + "origin": "API_DEFINITION", + "description": " A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy. Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this project. Returns a default [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project does not have one.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.get_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetPolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "GetPolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "title": "BinauthzManagementServiceV1Beta1 updatePolicy Sample", + "origin": "API_DEFINITION", + "description": " Creates or updates a project's [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a copy of the new [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.update_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 52, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "UpdatePolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "async": true, + "parameters": [ + { + "name": "policy", + "type": ".google.cloud.binaryauthorization.v1beta1.Policy" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "UpdatePolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "title": "BinauthzManagementServiceV1Beta1 createAttestor Sample", + "origin": "API_DEFINITION", + "description": " Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], and returns a copy of the new [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already exists.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.create_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 62, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "CreateAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "async": true, + "parameters": [ + { + "name": "parent", + "type": "TYPE_STRING" + }, + { + "name": "attestor_id", + "type": "TYPE_STRING" + }, + { + "name": "attestor", + "type": ".google.cloud.binaryauthorization.v1beta1.Attestor" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "CreateAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "title": "BinauthzManagementServiceV1Beta1 getAttestor Sample", + "origin": "API_DEFINITION", + "description": " Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.get_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "GetAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "title": "BinauthzManagementServiceV1Beta1 updateAttestor Sample", + "origin": "API_DEFINITION", + "description": " Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.update_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 52, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "UpdateAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "async": true, + "parameters": [ + { + "name": "attestor", + "type": ".google.cloud.binaryauthorization.v1beta1.Attestor" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "UpdateAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "title": "BinauthzManagementServiceV1Beta1 listAttestors Sample", + "origin": "API_DEFINITION", + "description": " Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns INVALID_ARGUMENT if the project does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.list_attestors.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 64, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "ListAttestors", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "async": true, + "parameters": [ + { + "name": "parent", + "type": "TYPE_STRING" + }, + { + "name": "page_size", + "type": "TYPE_INT32" + }, + { + "name": "page_token", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "ListAttestors", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "title": "BinauthzManagementServiceV1Beta1 deleteAttestor Sample", + "origin": "API_DEFINITION", + "description": " Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", + "canonical": true, + "file": "binauthz_management_service_v1_beta1.delete_attestor.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "DeleteAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.protobuf.Empty", + "client": { + "shortName": "BinauthzManagementServiceV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" + }, + "method": { + "shortName": "DeleteAttestor", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "shortName": "BinauthzManagementServiceV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" + } + } + } + }, + { + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "title": "BinauthzManagementServiceV1Beta1 getSystemPolicy Sample", + "origin": "API_DEFINITION", + "description": " Gets the current system policy in the specified location.", + "canonical": true, + "file": "system_policy_v1_beta1.get_system_policy.js", + "language": "JAVASCRIPT", + "segments": [ + { + "start": 25, + "end": 51, + "type": "FULL" + } + ], + "clientMethod": { + "shortName": "GetSystemPolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "async": true, + "parameters": [ + { + "name": "name", + "type": "TYPE_STRING" + } + ], + "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", + "client": { + "shortName": "SystemPolicyV1Beta1Client", + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1Client" + }, + "method": { + "shortName": "GetSystemPolicy", + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "shortName": "SystemPolicyV1Beta1", + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1" + } + } + } + } + ] +} diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js new file mode 100644 index 0000000..e64583a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js @@ -0,0 +1,59 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + + +'use strict'; + +function main(name) { + // [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + /** + * Required. The resource name, in the format `locations/* /policy`. + * Note that the system policy is not associated with a project. + */ + // const name = 'abc123' + + // Imports the Binaryauthorization library + const {SystemPolicyV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; + + // Instantiates a client + const binaryauthorizationClient = new SystemPolicyV1Beta1Client(); + + async function callGetSystemPolicy() { + // Construct request + const request = { + name, + }; + + // Run request + const response = await binaryauthorizationClient.getSystemPolicy(request); + console.log(response); + } + + callGetSystemPolicy(); + // [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] +} + +process.on('unhandledRejection', err => { + console.error(err.message); + process.exitCode = 1; +}); +main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/src/index.ts b/owl-bot-staging/v1beta1/src/index.ts new file mode 100644 index 0000000..fc03988 --- /dev/null +++ b/owl-bot-staging/v1beta1/src/index.ts @@ -0,0 +1,27 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as v1beta1 from './v1beta1'; +const BinauthzManagementServiceV1Beta1Client = v1beta1.BinauthzManagementServiceV1Beta1Client; +type BinauthzManagementServiceV1Beta1Client = v1beta1.BinauthzManagementServiceV1Beta1Client; +const SystemPolicyV1Beta1Client = v1beta1.SystemPolicyV1Beta1Client; +type SystemPolicyV1Beta1Client = v1beta1.SystemPolicyV1Beta1Client; +export {v1beta1, BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client}; +export default {v1beta1, BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client}; +import * as protos from '../protos/protos'; +export {protos} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts new file mode 100644 index 0000000..32e1e27 --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts @@ -0,0 +1,1078 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall} from 'google-gax'; + +import { Transform } from 'stream'; +import { RequestType } from 'google-gax/build/src/apitypes'; +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1beta1/binauthz_management_service_v1_beta1_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './binauthz_management_service_v1_beta1_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * Google Cloud Management Service for Binary Authorization admission policies + * and attestation authorities. + * + * This API implements a REST model with the following objects: + * + * * {@link google.cloud.binaryauthorization.v1beta1.Policy|Policy} + * * {@link google.cloud.binaryauthorization.v1beta1.Attestor|Attestor} + * @class + * @memberof v1beta1 + */ +export class BinauthzManagementServiceV1Beta1Client { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + pathTemplates: {[name: string]: gax.PathTemplate}; + binauthzManagementServiceV1Beta1Stub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of BinauthzManagementServiceV1Beta1Client. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof BinauthzManagementServiceV1Beta1Client; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + attestorPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/attestors/{attestor}' + ), + locationPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'locations/{location}/policy' + ), + projectPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}' + ), + projectPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/policy' + ), + }; + + // Some of the methods on this service return "paged" results, + // (e.g. 50 results at a time, with tokens to get subsequent + // pages). Denote the keys used for pagination and results. + this.descriptors.page = { + listAttestors: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'attestors') + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.binauthzManagementServiceV1Beta1Stub) { + return this.binauthzManagementServiceV1Beta1Stub; + } + + // Put together the "service stub" for + // google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1. + this.binauthzManagementServiceV1Beta1Stub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const binauthzManagementServiceV1Beta1StubMethods = + ['getPolicy', 'updatePolicy', 'createAttestor', 'getAttestor', 'updateAttestor', 'listAttestors', 'deleteAttestor']; + for (const methodName of binauthzManagementServiceV1Beta1StubMethods) { + const callPromise = this.binauthzManagementServiceV1Beta1Stub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + this.descriptors.page[methodName] || + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.binauthzManagementServiceV1Beta1Stub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- +/** + * A {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} specifies the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} that must attest to + * a container image, before the project is allowed to deploy that + * image. There is at most one policy per project. All image admission + * requests are permitted if a project has no policy. + * + * Gets the {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} for this project. Returns a default + * {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} if the project does not have one. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} to retrieve, + * in the format `projects/* /policy`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async + */ + getPolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|undefined, {}|undefined + ]>; + getPolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): void; + getPolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): void; + getPolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getPolicy(request, options, callback); + } +/** + * Creates or updates a project's {@link google.cloud.binaryauthorization.v1beta1.Policy|policy}, and returns a copy of the + * new {@link google.cloud.binaryauthorization.v1beta1.Policy|policy}. A policy is always updated as a whole, to avoid race + * conditions with concurrent policy enforcement (or management!) + * requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + * if the request is malformed. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.binaryauthorization.v1beta1.Policy} request.policy + * Required. A new or updated {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Policy.name|policy name} field with the resource name in + * the request URL, in the format `projects/* /policy`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async + */ + updatePolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|undefined, {}|undefined + ]>; + updatePolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): void; + updatePolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): void; + updatePolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'policy.name': request.policy!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updatePolicy(request, options, callback); + } +/** + * Creates an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}, and returns a copy of the new + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. Returns NOT_FOUND if the project does not exist, + * INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} already exists. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The parent of this {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. + * @param {string} request.attestorId + * Required. The {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} ID. + * @param {google.cloud.binaryauthorization.v1beta1.Attestor} request.attestor + * Required. The initial {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Attestor.name|attestor name} field with the resource name, + * in the format `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async + */ + createAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|undefined, {}|undefined + ]>; + createAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): void; + createAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): void; + createAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createAttestor(request, options, callback); + } +/** + * Gets an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. + * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The name of the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} to retrieve, in the format + * `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async + */ + getAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|undefined, {}|undefined + ]>; + getAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): void; + getAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): void; + getAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getAttestor(request, options, callback); + } +/** + * Updates an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. + * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.binaryauthorization.v1beta1.Attestor} request.attestor + * Required. The updated {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} value. The service will + * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Attestor.name|attestor name} field with the resource name + * in the request URL, in the format `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async + */ + updateAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|undefined, {}|undefined + ]>; + updateAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): void; + updateAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): void; + updateAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor, + protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'attestor.name': request.attestor!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updateAttestor(request, options, callback); + } +/** + * Deletes an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. Returns NOT_FOUND if the + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The name of the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} to delete, in the format + * `projects/* /attestors/*`. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Empty]{@link google.protobuf.Empty}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async + */ + deleteAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, + options?: CallOptions): + Promise<[ + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|undefined, {}|undefined + ]>; + deleteAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, + options: CallOptions, + callback: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): void; + deleteAttestor( + request: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, + callback: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): void; + deleteAttestor( + request?: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.protobuf.IEmpty, + protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.deleteAttestor(request, options, callback); + } + + /** + * Lists {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}. + * Returns INVALID_ARGUMENT if the project does not exist. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listAttestorsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listAttestors( + request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor[], + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest|null, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse + ]>; + listAttestors( + request: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): void; + listAttestors( + request: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + callback: PaginationCallback< + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): void; + listAttestors( + request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1beta1.IAttestor>, + callback?: PaginationCallback< + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, + protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IAttestor[], + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest|null, + protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listAttestors(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listAttestorsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listAttestorsStream( + request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const defaultCallSettings = this._defaults['listAttestors']; + const callSettings = defaultCallSettings.merge(options); + this.initialize(); + return this.descriptors.page.listAttestors.createStream( + this.innerApiCalls.listAttestors as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listAttestors`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the project associated with the + * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. + * @param {number} request.pageSize + * Requested page size. The server may return fewer results than requested. If + * unspecified, the server will pick an appropriate default. + * @param {string} request.pageToken + * A token identifying a page of results the server should return. Typically, + * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned + * from the previous call to the `ListAttestors` method. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js + * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async + */ + listAttestorsAsync( + request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const defaultCallSettings = this._defaults['listAttestors']; + const callSettings = defaultCallSettings.merge(options); + this.initialize(); + return this.descriptors.page.listAttestors.asyncIterate( + this.innerApiCalls['listAttestors'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified attestor resource name string. + * + * @param {string} project + * @param {string} attestor + * @returns {string} Resource name string. + */ + attestorPath(project:string,attestor:string) { + return this.pathTemplates.attestorPathTemplate.render({ + project: project, + attestor: attestor, + }); + } + + /** + * Parse the project from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the project. + */ + matchProjectFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).project; + } + + /** + * Parse the attestor from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the attestor. + */ + matchAttestorFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; + } + + /** + * Return a fully-qualified locationPolicy resource name string. + * + * @param {string} location + * @returns {string} Resource name string. + */ + locationPolicyPath(location:string) { + return this.pathTemplates.locationPolicyPathTemplate.render({ + location: location, + }); + } + + /** + * Parse the location from LocationPolicy resource. + * + * @param {string} locationPolicyName + * A fully-qualified path representing location_policy resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationPolicyName(locationPolicyName: string) { + return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; + } + + /** + * Return a fully-qualified project resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPath(project:string) { + return this.pathTemplates.projectPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from Project resource. + * + * @param {string} projectName + * A fully-qualified path representing Project resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectName(projectName: string) { + return this.pathTemplates.projectPathTemplate.match(projectName).project; + } + + /** + * Return a fully-qualified projectPolicy resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPolicyPath(project:string) { + return this.pathTemplates.projectPolicyPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from ProjectPolicy resource. + * + * @param {string} projectPolicyName + * A fully-qualified path representing project_policy resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectPolicyName(projectPolicyName: string) { + return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + if (this.binauthzManagementServiceV1Beta1Stub && !this._terminated) { + return this.binauthzManagementServiceV1Beta1Stub.then(stub => { + this._terminated = true; + stub.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json new file mode 100644 index 0000000..8a493c0 --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json @@ -0,0 +1,61 @@ +{ + "interfaces": { + "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "GetPolicy": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdatePolicy": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "CreateAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "GetAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdateAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "ListAttestors": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "DeleteAttestor": { + "timeout_millis": 600000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json new file mode 100644 index 0000000..4991b0d --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json @@ -0,0 +1,5 @@ +[ + "../../protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto", + "../../protos/google/cloud/binaryauthorization/v1beta1/resources.proto", + "../../protos/google/cloud/binaryauthorization/v1beta1/service.proto" +] diff --git a/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json new file mode 100644 index 0000000..6425d12 --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json @@ -0,0 +1,121 @@ +{ + "schema": "1.0", + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "typescript", + "protoPackage": "google.cloud.binaryauthorization.v1beta1", + "libraryPackage": "@google-cloud/binary-authorization", + "services": { + "BinauthzManagementServiceV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "GetPolicy": { + "methods": [ + "getPolicy" + ] + }, + "UpdatePolicy": { + "methods": [ + "updatePolicy" + ] + }, + "CreateAttestor": { + "methods": [ + "createAttestor" + ] + }, + "GetAttestor": { + "methods": [ + "getAttestor" + ] + }, + "UpdateAttestor": { + "methods": [ + "updateAttestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "deleteAttestor" + ] + }, + "ListAttestors": { + "methods": [ + "listAttestors", + "listAttestorsStream", + "listAttestorsAsync" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "GetPolicy": { + "methods": [ + "getPolicy" + ] + }, + "UpdatePolicy": { + "methods": [ + "updatePolicy" + ] + }, + "CreateAttestor": { + "methods": [ + "createAttestor" + ] + }, + "GetAttestor": { + "methods": [ + "getAttestor" + ] + }, + "UpdateAttestor": { + "methods": [ + "updateAttestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "deleteAttestor" + ] + }, + "ListAttestors": { + "methods": [ + "listAttestors", + "listAttestorsStream", + "listAttestorsAsync" + ] + } + } + } + } + }, + "SystemPolicyV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "getSystemPolicy" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "getSystemPolicy" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/index.ts b/owl-bot-staging/v1beta1/src/v1beta1/index.ts new file mode 100644 index 0000000..be27de6 --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/index.ts @@ -0,0 +1,20 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +export {BinauthzManagementServiceV1Beta1Client} from './binauthz_management_service_v1_beta1_client'; +export {SystemPolicyV1Beta1Client} from './system_policy_v1_beta1_client'; diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts new file mode 100644 index 0000000..26da57c --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts @@ -0,0 +1,492 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; + +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1beta1/system_policy_v1_beta1_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './system_policy_v1_beta1_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * API for working with the system policy. + * @class + * @memberof v1beta1 + */ +export class SystemPolicyV1Beta1Client { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + pathTemplates: {[name: string]: gax.PathTemplate}; + systemPolicyV1Beta1Stub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of SystemPolicyV1Beta1Client. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof SystemPolicyV1Beta1Client; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + attestorPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/attestors/{attestor}' + ), + locationPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'locations/{location}/policy' + ), + projectPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}' + ), + projectPolicyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/policy' + ), + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.systemPolicyV1Beta1Stub) { + return this.systemPolicyV1Beta1Stub; + } + + // Put together the "service stub" for + // google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1. + this.systemPolicyV1Beta1Stub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const systemPolicyV1Beta1StubMethods = + ['getSystemPolicy']; + for (const methodName of systemPolicyV1Beta1StubMethods) { + const callPromise = this.systemPolicyV1Beta1Stub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.systemPolicyV1Beta1Stub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'binaryauthorization.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- +/** + * Gets the current system policy in the specified location. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name, in the format `locations/* /policy`. + * Note that the system policy is not associated with a project. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example include:samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js + * region_tag:binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async + */ + getSystemPolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|undefined, {}|undefined + ]>; + getSystemPolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): void; + getSystemPolicy( + request: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, + callback: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): void; + getSystemPolicy( + request?: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.binaryauthorization.v1beta1.IPolicy, + protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getSystemPolicy(request, options, callback); + } + + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified attestor resource name string. + * + * @param {string} project + * @param {string} attestor + * @returns {string} Resource name string. + */ + attestorPath(project:string,attestor:string) { + return this.pathTemplates.attestorPathTemplate.render({ + project: project, + attestor: attestor, + }); + } + + /** + * Parse the project from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the project. + */ + matchProjectFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).project; + } + + /** + * Parse the attestor from Attestor resource. + * + * @param {string} attestorName + * A fully-qualified path representing Attestor resource. + * @returns {string} A string representing the attestor. + */ + matchAttestorFromAttestorName(attestorName: string) { + return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; + } + + /** + * Return a fully-qualified locationPolicy resource name string. + * + * @param {string} location + * @returns {string} Resource name string. + */ + locationPolicyPath(location:string) { + return this.pathTemplates.locationPolicyPathTemplate.render({ + location: location, + }); + } + + /** + * Parse the location from LocationPolicy resource. + * + * @param {string} locationPolicyName + * A fully-qualified path representing location_policy resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationPolicyName(locationPolicyName: string) { + return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; + } + + /** + * Return a fully-qualified project resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPath(project:string) { + return this.pathTemplates.projectPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from Project resource. + * + * @param {string} projectName + * A fully-qualified path representing Project resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectName(projectName: string) { + return this.pathTemplates.projectPathTemplate.match(projectName).project; + } + + /** + * Return a fully-qualified projectPolicy resource name string. + * + * @param {string} project + * @returns {string} Resource name string. + */ + projectPolicyPath(project:string) { + return this.pathTemplates.projectPolicyPathTemplate.render({ + project: project, + }); + } + + /** + * Parse the project from ProjectPolicy resource. + * + * @param {string} projectPolicyName + * A fully-qualified path representing project_policy resource. + * @returns {string} A string representing the project. + */ + matchProjectFromProjectPolicyName(projectPolicyName: string) { + return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + if (this.systemPolicyV1Beta1Stub && !this._terminated) { + return this.systemPolicyV1Beta1Stub.then(stub => { + this._terminated = true; + stub.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json new file mode 100644 index 0000000..640f4be --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json @@ -0,0 +1,30 @@ +{ + "interfaces": { + "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "GetSystemPolicy": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json new file mode 100644 index 0000000..4991b0d --- /dev/null +++ b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json @@ -0,0 +1,5 @@ +[ + "../../protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto", + "../../protos/google/cloud/binaryauthorization/v1beta1/resources.proto", + "../../protos/google/cloud/binaryauthorization/v1beta1/service.proto" +] diff --git a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js new file mode 100644 index 0000000..faf5021 --- /dev/null +++ b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js @@ -0,0 +1,28 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +/* eslint-disable node/no-missing-require, no-unused-vars */ +const binaryauthorization = require('@google-cloud/binary-authorization'); + +function main() { + const binauthzManagementServiceV1Beta1Client = new binaryauthorization.BinauthzManagementServiceV1Beta1Client(); + const systemPolicyV1Beta1Client = new binaryauthorization.SystemPolicyV1Beta1Client(); +} + +main(); diff --git a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts new file mode 100644 index 0000000..f8dfeff --- /dev/null +++ b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts @@ -0,0 +1,38 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import {BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client} from '@google-cloud/binary-authorization'; + +// check that the client class type name can be used +function doStuffWithBinauthzManagementServiceV1Beta1Client(client: BinauthzManagementServiceV1Beta1Client) { + client.close(); +} +function doStuffWithSystemPolicyV1Beta1Client(client: SystemPolicyV1Beta1Client) { + client.close(); +} + +function main() { + // check that the client instance can be created + const binauthzManagementServiceV1Beta1Client = new BinauthzManagementServiceV1Beta1Client(); + doStuffWithBinauthzManagementServiceV1Beta1Client(binauthzManagementServiceV1Beta1Client); + // check that the client instance can be created + const systemPolicyV1Beta1Client = new SystemPolicyV1Beta1Client(); + doStuffWithSystemPolicyV1Beta1Client(systemPolicyV1Beta1Client); +} + +main(); diff --git a/owl-bot-staging/v1beta1/system-test/install.ts b/owl-bot-staging/v1beta1/system-test/install.ts new file mode 100644 index 0000000..8ec4522 --- /dev/null +++ b/owl-bot-staging/v1beta1/system-test/install.ts @@ -0,0 +1,49 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import { packNTest } from 'pack-n-play'; +import { readFileSync } from 'fs'; +import { describe, it } from 'mocha'; + +describe('📦 pack-n-play test', () => { + + it('TypeScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'TypeScript user can use the type definitions', + ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() + } + }; + await packNTest(options); + }); + + it('JavaScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'JavaScript user can use the library', + ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() + } + }; + await packNTest(options); + }); + +}); diff --git a/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts b/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts new file mode 100644 index 0000000..8078564 --- /dev/null +++ b/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts @@ -0,0 +1,1126 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as binauthzmanagementservicev1beta1Module from '../src'; + +import {PassThrough} from 'stream'; + +import {protobuf} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { + const pagingStub = sinon.stub(); + if (responses) { + for (let i = 0; i < responses.length; ++i) { + pagingStub.onCall(i).callsArgWith(2, null, responses[i]); + } + } + const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; + const mockStream = new PassThrough({ + objectMode: true, + transform: transformStub, + }); + // trigger as many responses as needed + if (responses) { + for (let i = 0; i < responses.length; ++i) { + setImmediate(() => { mockStream.write({}); }); + } + setImmediate(() => { mockStream.end(); }); + } else { + setImmediate(() => { mockStream.write({}); }); + setImmediate(() => { mockStream.end(); }); + } + return sinon.stub().returns(mockStream); +} + +function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { + let counter = 0; + const asyncIterable = { + [Symbol.asyncIterator]() { + return { + async next() { + if (error) { + return Promise.reject(error); + } + if (counter >= responses!.length) { + return Promise.resolve({done: true, value: undefined}); + } + return Promise.resolve({done: false, value: responses![counter++]}); + } + }; + } + }; + return sinon.stub().returns(asyncIterable); +} + +describe('v1beta1.BinauthzManagementServiceV1Beta1Client', () => { + it('has servicePath', () => { + const servicePath = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.binauthzManagementServiceV1Beta1Stub, undefined); + await client.initialize(); + assert(client.binauthzManagementServiceV1Beta1Stub); + }); + + it('has close method for the initialized client', done => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + assert(client.binauthzManagementServiceV1Beta1Stub); + client.close().then(() => { + done(); + }); + }); + + it('has close method for the non-initialized client', done => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.binauthzManagementServiceV1Beta1Stub, undefined); + client.close().then(() => { + done(); + }); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('getPolicy', () => { + it('invokes getPolicy without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.getPolicy = stubSimpleCall(expectedResponse); + const [response] = await client.getPolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getPolicy without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.getPolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getPolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getPolicy with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getPolicy(request), expectedError); + assert((client.innerApiCalls.getPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getPolicy with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getPolicy(request), expectedError); + }); + }); + + describe('updatePolicy', () => { + it('invokes updatePolicy without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.updatePolicy = stubSimpleCall(expectedResponse); + const [response] = await client.updatePolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updatePolicy without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.updatePolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updatePolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updatePolicy with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedHeaderRequestParams = "policy.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updatePolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updatePolicy(request), expectedError); + assert((client.innerApiCalls.updatePolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updatePolicy with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); + request.policy = {}; + request.policy.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.updatePolicy(request), expectedError); + }); + }); + + describe('createAttestor', () => { + it('invokes createAttestor without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.createAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.createAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.createAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createAttestor with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createAttestor(request), expectedError); + assert((client.innerApiCalls.createAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); + request.parent = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.createAttestor(request), expectedError); + }); + }); + + describe('getAttestor', () => { + it('invokes getAttestor without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.getAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.getAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.getAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getAttestor with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getAttestor(request), expectedError); + assert((client.innerApiCalls.getAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getAttestor(request), expectedError); + }); + }); + + describe('updateAttestor', () => { + it('invokes updateAttestor without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.updateAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.updateAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); + client.innerApiCalls.updateAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updateAttestor( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updateAttestor with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedHeaderRequestParams = "attestor.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updateAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updateAttestor(request), expectedError); + assert((client.innerApiCalls.updateAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); + request.attestor = {}; + request.attestor.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.updateAttestor(request), expectedError); + }); + }); + + describe('deleteAttestor', () => { + it('invokes deleteAttestor without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); + client.innerApiCalls.deleteAttestor = stubSimpleCall(expectedResponse); + const [response] = await client.deleteAttestor(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes deleteAttestor without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); + client.innerApiCalls.deleteAttestor = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.deleteAttestor( + request, + (err?: Error|null, result?: protos.google.protobuf.IEmpty|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes deleteAttestor with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.deleteAttestor = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.deleteAttestor(request), expectedError); + assert((client.innerApiCalls.deleteAttestor as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes deleteAttestor with closed client', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.deleteAttestor(request), expectedError); + }); + }); + + describe('listAttestors', () => { + it('invokes listAttestors without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + ]; + client.innerApiCalls.listAttestors = stubSimpleCall(expectedResponse); + const [response] = await client.listAttestors(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listAttestors without error using callback', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + ]; + client.innerApiCalls.listAttestors = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listAttestors( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listAttestors with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listAttestors = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listAttestors(request), expectedError); + assert((client.innerApiCalls.listAttestors as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listAttestorsStream without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + ]; + client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listAttestorsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.binaryauthorization.v1beta1.Attestor[] = []; + stream.on('data', (response: protos.google.cloud.binaryauthorization.v1beta1.Attestor) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); + assert.strictEqual( + (client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listAttestorsStream with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listAttestorsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.binaryauthorization.v1beta1.Attestor[] = []; + stream.on('data', (response: protos.google.cloud.binaryauthorization.v1beta1.Attestor) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); + assert.strictEqual( + (client.descriptors.page.listAttestors.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listAttestors without error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), + ]; + client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[] = []; + const iterable = client.listAttestorsAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listAttestors with error', async () => { + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listAttestorsAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listAttestors.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + + describe('Path templates', () => { + + describe('attestor', () => { + const fakePath = "/rendered/path/attestor"; + const expectedParameters = { + project: "projectValue", + attestor: "attestorValue", + }; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.attestorPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.attestorPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('attestorPath', () => { + const result = client.attestorPath("projectValue", "attestorValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromAttestorName', () => { + const result = client.matchProjectFromAttestorName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchAttestorFromAttestorName', () => { + const result = client.matchAttestorFromAttestorName(fakePath); + assert.strictEqual(result, "attestorValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('locationPolicy', () => { + const fakePath = "/rendered/path/locationPolicy"; + const expectedParameters = { + location: "locationValue", + }; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPolicyPath', () => { + const result = client.locationPolicyPath("locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchLocationFromLocationPolicyName', () => { + const result = client.matchLocationFromLocationPolicyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('project', () => { + const fakePath = "/rendered/path/project"; + const expectedParameters = { + project: "projectValue", + }; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPath', () => { + const result = client.projectPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectName', () => { + const result = client.matchProjectFromProjectName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('projectPolicy', () => { + const fakePath = "/rendered/path/projectPolicy"; + const expectedParameters = { + project: "projectValue", + }; + const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPolicyPath', () => { + const result = client.projectPolicyPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectPolicyName', () => { + const result = client.matchProjectFromProjectPolicyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts b/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts new file mode 100644 index 0000000..af6aa1d --- /dev/null +++ b/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts @@ -0,0 +1,363 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as systempolicyv1beta1Module from '../src'; + +import {protobuf} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +describe('v1beta1.SystemPolicyV1Beta1Client', () => { + it('has servicePath', () => { + const servicePath = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.systemPolicyV1Beta1Stub, undefined); + await client.initialize(); + assert(client.systemPolicyV1Beta1Stub); + }); + + it('has close method for the initialized client', done => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + assert(client.systemPolicyV1Beta1Stub); + client.close().then(() => { + done(); + }); + }); + + it('has close method for the non-initialized client', done => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.systemPolicyV1Beta1Stub, undefined); + client.close().then(() => { + done(); + }); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('getSystemPolicy', () => { + it('invokes getSystemPolicy without error', async () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.getSystemPolicy = stubSimpleCall(expectedResponse); + const [response] = await client.getSystemPolicy(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getSystemPolicy without error using callback', async () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); + client.innerApiCalls.getSystemPolicy = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getSystemPolicy( + request, + (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getSystemPolicy with error', async () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getSystemPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getSystemPolicy(request), expectedError); + assert((client.innerApiCalls.getSystemPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getSystemPolicy with closed client', async () => { + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); + request.name = ''; + const expectedError = new Error('The client has already been closed.'); + client.close(); + await assert.rejects(client.getSystemPolicy(request), expectedError); + }); + }); + + describe('Path templates', () => { + + describe('attestor', () => { + const fakePath = "/rendered/path/attestor"; + const expectedParameters = { + project: "projectValue", + attestor: "attestorValue", + }; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.attestorPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.attestorPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('attestorPath', () => { + const result = client.attestorPath("projectValue", "attestorValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromAttestorName', () => { + const result = client.matchProjectFromAttestorName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchAttestorFromAttestorName', () => { + const result = client.matchAttestorFromAttestorName(fakePath); + assert.strictEqual(result, "attestorValue"); + assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('locationPolicy', () => { + const fakePath = "/rendered/path/locationPolicy"; + const expectedParameters = { + location: "locationValue", + }; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPolicyPath', () => { + const result = client.locationPolicyPath("locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchLocationFromLocationPolicyName', () => { + const result = client.matchLocationFromLocationPolicyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('project', () => { + const fakePath = "/rendered/path/project"; + const expectedParameters = { + project: "projectValue", + }; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPath', () => { + const result = client.projectPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectName', () => { + const result = client.matchProjectFromProjectName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('projectPolicy', () => { + const fakePath = "/rendered/path/projectPolicy"; + const expectedParameters = { + project: "projectValue", + }; + const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.projectPolicyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.projectPolicyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('projectPolicyPath', () => { + const result = client.projectPolicyPath("projectValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromProjectPolicyName', () => { + const result = client.matchProjectFromProjectPolicyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1beta1/tsconfig.json b/owl-bot-staging/v1beta1/tsconfig.json new file mode 100644 index 0000000..c78f1c8 --- /dev/null +++ b/owl-bot-staging/v1beta1/tsconfig.json @@ -0,0 +1,19 @@ +{ + "extends": "./node_modules/gts/tsconfig-google.json", + "compilerOptions": { + "rootDir": ".", + "outDir": "build", + "resolveJsonModule": true, + "lib": [ + "es2018", + "dom" + ] + }, + "include": [ + "src/*.ts", + "src/**/*.ts", + "test/*.ts", + "test/**/*.ts", + "system-test/*.ts" + ] +} diff --git a/owl-bot-staging/v1beta1/webpack.config.js b/owl-bot-staging/v1beta1/webpack.config.js new file mode 100644 index 0000000..58a92d5 --- /dev/null +++ b/owl-bot-staging/v1beta1/webpack.config.js @@ -0,0 +1,64 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +const path = require('path'); + +module.exports = { + entry: './src/index.ts', + output: { + library: 'BinauthzManagementServiceV1Beta1', + filename: './binauthz-management-service-v1-beta1.js', + }, + node: { + child_process: 'empty', + fs: 'empty', + crypto: 'empty', + }, + resolve: { + alias: { + '../../../package.json': path.resolve(__dirname, 'package.json'), + }, + extensions: ['.js', '.json', '.ts'], + }, + module: { + rules: [ + { + test: /\.tsx?$/, + use: 'ts-loader', + exclude: /node_modules/ + }, + { + test: /node_modules[\\/]@grpc[\\/]grpc-js/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]grpc/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]retry-request/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]https?-proxy-agent/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]gtoken/, + use: 'null-loader' + }, + ], + }, + mode: 'production', +}; From 64dd6cefb3f6dce4c11cfb528e14af6f49178118 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Thu, 16 Jun 2022 15:50:28 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20po?= =?UTF-8?q?st-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- owl-bot-staging/v1/.eslintignore | 7 - owl-bot-staging/v1/.eslintrc.json | 3 - owl-bot-staging/v1/.gitignore | 14 - owl-bot-staging/v1/.jsdoc.js | 55 - owl-bot-staging/v1/.mocharc.js | 33 - owl-bot-staging/v1/.prettierrc.js | 22 - owl-bot-staging/v1/README.md | 1 - owl-bot-staging/v1/linkinator.config.json | 16 - owl-bot-staging/v1/package.json | 66 - .../binaryauthorization/v1/resources.proto | 334 ----- .../binaryauthorization/v1/service.proto | 312 ----- .../v1/protos/grafeas/v1/attestation.proto | 90 -- .../v1/protos/grafeas/v1/build.proto | 62 - .../v1/protos/grafeas/v1/common.proto | 150 --- .../v1/protos/grafeas/v1/compliance.proto | 82 -- .../v1/protos/grafeas/v1/cvss.proto | 159 --- .../v1/protos/grafeas/v1/deployment.proto | 66 - .../v1/protos/grafeas/v1/discovery.proto | 88 -- .../protos/grafeas/v1/dsse_attestation.proto | 52 - .../v1/protos/grafeas/v1/grafeas.proto | 544 -------- .../v1/protos/grafeas/v1/image.proto | 83 -- .../protos/grafeas/v1/intoto_provenance.proto | 113 -- .../protos/grafeas/v1/intoto_statement.proto | 52 - .../v1/protos/grafeas/v1/package.proto | 192 --- .../v1/protos/grafeas/v1/provenance.proto | 265 ---- .../v1/protos/grafeas/v1/severity.proto | 38 - .../protos/grafeas/v1/slsa_provenance.proto | 115 -- .../grafeas/v1/slsa_provenance_zero_two.proto | 82 -- .../v1/protos/grafeas/v1/upgrade.proto | 114 -- .../v1/protos/grafeas/v1/vulnerability.proto | 241 ---- ...z_management_service_v1.create_attestor.js | 70 - ...z_management_service_v1.delete_attestor.js | 59 - ...uthz_management_service_v1.get_attestor.js | 59 - ...nauthz_management_service_v1.get_policy.js | 59 - ...hz_management_service_v1.list_attestors.js | 72 -- ...z_management_service_v1.update_attestor.js | 60 - ...thz_management_service_v1.update_policy.js | 60 - ...a.google.cloud.binaryauthorization.v1.json | 403 ------ .../v1/system_policy_v1.get_system_policy.js | 59 - ...lper_v1.validate_attestation_occurrence.js | 80 -- owl-bot-staging/v1/src/index.ts | 29 - .../binauthz_management_service_v1_client.ts | 1078 ---------------- ...z_management_service_v1_client_config.json | 61 - ...uthz_management_service_v1_proto_list.json | 6 - owl-bot-staging/v1/src/v1/gapic_metadata.json | 145 --- owl-bot-staging/v1/src/v1/index.ts | 21 - .../v1/src/v1/system_policy_v1_client.ts | 492 ------- .../v1/system_policy_v1_client_config.json | 30 - .../src/v1/system_policy_v1_proto_list.json | 6 - .../v1/src/v1/validation_helper_v1_client.ts | 505 -------- .../validation_helper_v1_client_config.json | 30 - .../v1/validation_helper_v1_proto_list.json | 6 - .../system-test/fixtures/sample/src/index.js | 29 - .../system-test/fixtures/sample/src/index.ts | 44 - owl-bot-staging/v1/system-test/install.ts | 49 - ...gapic_binauthz_management_service_v1_v1.ts | 1126 ----------------- .../v1/test/gapic_system_policy_v1_v1.ts | 363 ------ .../v1/test/gapic_validation_helper_v1_v1.ts | 363 ------ owl-bot-staging/v1/tsconfig.json | 19 - owl-bot-staging/v1/webpack.config.js | 64 - owl-bot-staging/v1beta1/.eslintignore | 7 - owl-bot-staging/v1beta1/.eslintrc.json | 3 - owl-bot-staging/v1beta1/.gitignore | 14 - owl-bot-staging/v1beta1/.jsdoc.js | 55 - owl-bot-staging/v1beta1/.mocharc.js | 33 - owl-bot-staging/v1beta1/.prettierrc.js | 22 - owl-bot-staging/v1beta1/README.md | 1 - .../v1beta1/linkinator.config.json | 16 - owl-bot-staging/v1beta1/package.json | 65 - .../continuous_validation_logging.proto | 100 -- .../v1beta1/resources.proto | 344 ----- .../binaryauthorization/v1beta1/service.proto | 252 ---- ...gement_service_v1_beta1.create_attestor.js | 70 - ...gement_service_v1_beta1.delete_attestor.js | 59 - ...anagement_service_v1_beta1.get_attestor.js | 59 - ..._management_service_v1_beta1.get_policy.js | 59 - ...agement_service_v1_beta1.list_attestors.js | 72 -- ...gement_service_v1_beta1.update_attestor.js | 60 - ...nagement_service_v1_beta1.update_policy.js | 60 - ...gle.cloud.binaryauthorization.v1beta1.json | 351 ----- ...ystem_policy_v1_beta1.get_system_policy.js | 59 - owl-bot-staging/v1beta1/src/index.ts | 27 - ...uthz_management_service_v1_beta1_client.ts | 1078 ---------------- ...gement_service_v1_beta1_client_config.json | 61 - ...anagement_service_v1_beta1_proto_list.json | 5 - .../v1beta1/src/v1beta1/gapic_metadata.json | 121 -- owl-bot-staging/v1beta1/src/v1beta1/index.ts | 20 - .../v1beta1/system_policy_v1_beta1_client.ts | 492 ------- .../system_policy_v1_beta1_client_config.json | 30 - .../system_policy_v1_beta1_proto_list.json | 5 - .../system-test/fixtures/sample/src/index.js | 28 - .../system-test/fixtures/sample/src/index.ts | 38 - .../v1beta1/system-test/install.ts | 49 - ...thz_management_service_v1_beta1_v1beta1.ts | 1126 ----------------- .../gapic_system_policy_v1_beta1_v1beta1.ts | 363 ------ owl-bot-staging/v1beta1/tsconfig.json | 19 - owl-bot-staging/v1beta1/webpack.config.js | 64 - .../continuous_validation_logging.proto | 21 +- protos/protos.d.ts | 18 +- protos/protos.js | 50 +- protos/protos.json | 16 +- 101 files changed, 70 insertions(+), 14220 deletions(-) delete mode 100644 owl-bot-staging/v1/.eslintignore delete mode 100644 owl-bot-staging/v1/.eslintrc.json delete mode 100644 owl-bot-staging/v1/.gitignore delete mode 100644 owl-bot-staging/v1/.jsdoc.js delete mode 100644 owl-bot-staging/v1/.mocharc.js delete mode 100644 owl-bot-staging/v1/.prettierrc.js delete mode 100644 owl-bot-staging/v1/README.md delete mode 100644 owl-bot-staging/v1/linkinator.config.json delete mode 100644 owl-bot-staging/v1/package.json delete mode 100644 owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto delete mode 100644 owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/attestation.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/build.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/common.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/compliance.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/cvss.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/deployment.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/discovery.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/image.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/package.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/provenance.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/severity.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto delete mode 100644 owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json delete mode 100644 owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js delete mode 100644 owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js delete mode 100644 owl-bot-staging/v1/src/index.ts delete mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts delete mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json delete mode 100644 owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json delete mode 100644 owl-bot-staging/v1/src/v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/src/v1/index.ts delete mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_client.ts delete mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json delete mode 100644 owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json delete mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts delete mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json delete mode 100644 owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json delete mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.js delete mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts delete mode 100644 owl-bot-staging/v1/system-test/install.ts delete mode 100644 owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts delete mode 100644 owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts delete mode 100644 owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts delete mode 100644 owl-bot-staging/v1/tsconfig.json delete mode 100644 owl-bot-staging/v1/webpack.config.js delete mode 100644 owl-bot-staging/v1beta1/.eslintignore delete mode 100644 owl-bot-staging/v1beta1/.eslintrc.json delete mode 100644 owl-bot-staging/v1beta1/.gitignore delete mode 100644 owl-bot-staging/v1beta1/.jsdoc.js delete mode 100644 owl-bot-staging/v1beta1/.mocharc.js delete mode 100644 owl-bot-staging/v1beta1/.prettierrc.js delete mode 100644 owl-bot-staging/v1beta1/README.md delete mode 100644 owl-bot-staging/v1beta1/linkinator.config.json delete mode 100644 owl-bot-staging/v1beta1/package.json delete mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto delete mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto delete mode 100644 owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json delete mode 100644 owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js delete mode 100644 owl-bot-staging/v1beta1/src/index.ts delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/index.ts delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json delete mode 100644 owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json delete mode 100644 owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js delete mode 100644 owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts delete mode 100644 owl-bot-staging/v1beta1/system-test/install.ts delete mode 100644 owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts delete mode 100644 owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts delete mode 100644 owl-bot-staging/v1beta1/tsconfig.json delete mode 100644 owl-bot-staging/v1beta1/webpack.config.js diff --git a/owl-bot-staging/v1/.eslintignore b/owl-bot-staging/v1/.eslintignore deleted file mode 100644 index cfc348e..0000000 --- a/owl-bot-staging/v1/.eslintignore +++ /dev/null @@ -1,7 +0,0 @@ -**/node_modules -**/.coverage -build/ -docs/ -protos/ -system-test/ -samples/generated/ diff --git a/owl-bot-staging/v1/.eslintrc.json b/owl-bot-staging/v1/.eslintrc.json deleted file mode 100644 index 7821534..0000000 --- a/owl-bot-staging/v1/.eslintrc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "./node_modules/gts" -} diff --git a/owl-bot-staging/v1/.gitignore b/owl-bot-staging/v1/.gitignore deleted file mode 100644 index 5d32b23..0000000 --- a/owl-bot-staging/v1/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -**/*.log -**/node_modules -.coverage -coverage -.nyc_output -docs/ -out/ -build/ -system-test/secrets.js -system-test/*key.json -*.lock -.DS_Store -package-lock.json -__pycache__ diff --git a/owl-bot-staging/v1/.jsdoc.js b/owl-bot-staging/v1/.jsdoc.js deleted file mode 100644 index 28b3ad6..0000000 --- a/owl-bot-staging/v1/.jsdoc.js +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -'use strict'; - -module.exports = { - opts: { - readme: './README.md', - package: './package.json', - template: './node_modules/jsdoc-fresh', - recurse: true, - verbose: true, - destination: './docs/' - }, - plugins: [ - 'plugins/markdown', - 'jsdoc-region-tag' - ], - source: { - excludePattern: '(^|\\/|\\\\)[._]', - include: [ - 'build/src', - 'protos' - ], - includePattern: '\\.js$' - }, - templates: { - copyright: 'Copyright 2022 Google LLC', - includeDate: false, - sourceFiles: false, - systemName: '@google-cloud/binary-authorization', - theme: 'lumen', - default: { - outputSourceFiles: false - } - }, - markdown: { - idInHeadings: true - } -}; diff --git a/owl-bot-staging/v1/.mocharc.js b/owl-bot-staging/v1/.mocharc.js deleted file mode 100644 index 481c522..0000000 --- a/owl-bot-staging/v1/.mocharc.js +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -const config = { - "enable-source-maps": true, - "throw-deprecation": true, - "timeout": 10000 -} -if (process.env.MOCHA_THROW_DEPRECATION === 'false') { - delete config['throw-deprecation']; -} -if (process.env.MOCHA_REPORTER) { - config.reporter = process.env.MOCHA_REPORTER; -} -if (process.env.MOCHA_REPORTER_OUTPUT) { - config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; -} -module.exports = config diff --git a/owl-bot-staging/v1/.prettierrc.js b/owl-bot-staging/v1/.prettierrc.js deleted file mode 100644 index 494e147..0000000 --- a/owl-bot-staging/v1/.prettierrc.js +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -module.exports = { - ...require('gts/.prettierrc.json') -} diff --git a/owl-bot-staging/v1/README.md b/owl-bot-staging/v1/README.md deleted file mode 100644 index 438dbbe..0000000 --- a/owl-bot-staging/v1/README.md +++ /dev/null @@ -1 +0,0 @@ -Binaryauthorization: Nodejs Client diff --git a/owl-bot-staging/v1/linkinator.config.json b/owl-bot-staging/v1/linkinator.config.json deleted file mode 100644 index befd23c..0000000 --- a/owl-bot-staging/v1/linkinator.config.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "recurse": true, - "skip": [ - "https://codecov.io/gh/googleapis/", - "www.googleapis.com", - "img.shields.io", - "https://console.cloud.google.com/cloudshell", - "https://support.google.com" - ], - "silent": true, - "concurrency": 5, - "retry": true, - "retryErrors": true, - "retryErrorsCount": 5, - "retryErrorsJitter": 3000 -} diff --git a/owl-bot-staging/v1/package.json b/owl-bot-staging/v1/package.json deleted file mode 100644 index 63875c0..0000000 --- a/owl-bot-staging/v1/package.json +++ /dev/null @@ -1,66 +0,0 @@ -{ - "name": "@google-cloud/binary-authorization", - "version": "0.1.0", - "description": "Binaryauthorization client for Node.js", - "repository": "googleapis/nodejs-binaryauthorization", - "license": "Apache-2.0", - "author": "Google LLC", - "main": "build/src/index.js", - "files": [ - "build/src", - "build/protos" - ], - "keywords": [ - "google apis client", - "google api client", - "google apis", - "google api", - "google", - "google cloud platform", - "google cloud", - "cloud", - "google binaryauthorization", - "binaryauthorization", - "binauthz management service v1", - "system policy v1", - "validation helper v1" - ], - "scripts": { - "clean": "gts clean", - "compile": "tsc -p . && cp -r protos build/", - "compile-protos": "compileProtos src", - "docs": "jsdoc -c .jsdoc.js", - "predocs-test": "npm run docs", - "docs-test": "linkinator docs", - "fix": "gts fix", - "lint": "gts check", - "prepare": "npm run compile-protos && npm run compile", - "system-test": "c8 mocha build/system-test", - "test": "c8 mocha build/test" - }, - "dependencies": { - "google-gax": "^2.29.4" - }, - "devDependencies": { - "@types/mocha": "^9.1.0", - "@types/node": "^16.0.0", - "@types/sinon": "^10.0.8", - "c8": "^7.11.0", - "gts": "^3.1.0", - "jsdoc": "^3.6.7", - "jsdoc-fresh": "^1.1.1", - "jsdoc-region-tag": "^1.3.1", - "linkinator": "^3.0.0", - "mocha": "^9.1.4", - "null-loader": "^4.0.1", - "pack-n-play": "^1.0.0-2", - "sinon": "^13.0.0", - "ts-loader": "^9.2.6", - "typescript": "^4.5.5", - "webpack": "^5.67.0", - "webpack-cli": "^4.9.1" - }, - "engines": { - "node": ">=v10.24.0" - } -} diff --git a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto deleted file mode 100644 index 9d72a9f..0000000 --- a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/resources.proto +++ /dev/null @@ -1,334 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.binaryauthorization.v1; - -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/protobuf/timestamp.proto"; -import "google/api/annotations.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1;binaryauthorization"; -option java_multiple_files = false; -option java_package = "com.google.protos.google.cloud.binaryauthorization.v1"; -option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1"; -option ruby_package = "Google::Cloud::BinaryAuthorization::V1"; - -// A [policy][google.cloud.binaryauthorization.v1.Policy] for container image binary authorization. -message Policy { - option (google.api.resource) = { - type: "binaryauthorization.googleapis.com/Policy" - pattern: "projects/{project}/policy" - pattern: "locations/{location}/policy" - }; - - enum GlobalPolicyEvaluationMode { - // Not specified: DISABLE is assumed. - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0; - - // Enables system policy evaluation. - ENABLE = 1; - - // Disables system policy evaluation. - DISABLE = 2; - } - - // Output only. The resource name, in the format `projects/*/policy`. There is - // at most one policy per project. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Optional. A descriptive comment. - string description = 6 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Controls the evaluation of a Google-maintained global admission - // policy for common system-level images. Images not covered by the global - // policy will be subject to the project admission policy. This setting - // has no effect when specified inside a global admission policy. - GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Admission policy allowlisting. A matching admission request will - // always be permitted. This feature is typically used to exclude Google or - // third-party infrastructure images from Binary Authorization policies. - repeated AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-cluster admission rules. Cluster spec format: - // `location.clusterId`. There can be at most one admission rule per cluster - // spec. - // A `location` is either a compute zone (e.g. us-central1-a) or a region - // (e.g. us-central1). - // For `clusterId` syntax restrictions see - // https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - map cluster_admission_rules = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: - // [a-z.-]+, e.g. 'some-namespace' - map kubernetes_namespace_admission_rules = 10 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-kubernetes-service-account admission rules. Service account - // spec format: `namespace:serviceaccount`. e.g. 'test-ns:default' - map kubernetes_service_account_admission_rules = 8 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-istio-service-identity admission rules. Istio service - // identity spec format: - // spiffe:///ns//sa/ or - // /ns//sa/ - // e.g. spiffe://example.com/ns/test-ns/sa/default - map istio_service_identity_admission_rules = 9 [(google.api.field_behavior) = OPTIONAL]; - - // Required. Default admission rule for a cluster without a per-cluster, per- - // kubernetes-service-account, or per-istio-service-identity admission rule. - AdmissionRule default_admission_rule = 4 [(google.api.field_behavior) = REQUIRED]; - - // Output only. Time when the policy was last updated. - google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// An [admission allowlist pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] exempts images -// from checks by [admission rules][google.cloud.binaryauthorization.v1.AdmissionRule]. -message AdmissionWhitelistPattern { - // An image name pattern to allowlist, in the form `registry/path/to/image`. - // This supports a trailing `*` wildcard, but this is allowed only in - // text after the `registry/` part. This also supports a trailing `**` - // wildcard which matches subdirectories of a given entry. - string name_pattern = 1; -} - -// An [admission rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies either that all container images -// used in a pod creation request must be attested to by one or more -// [attestors][google.cloud.binaryauthorization.v1.Attestor], that all pod creations will be allowed, or that all -// pod creations will be denied. -// -// Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] -// are exempted from admission rules and will never block a pod creation. -message AdmissionRule { - enum EvaluationMode { - // Do not use. - EVALUATION_MODE_UNSPECIFIED = 0; - - // This rule allows all all pod creations. - ALWAYS_ALLOW = 1; - - // This rule allows a pod creation if all the attestors listed in - // 'require_attestations_by' have valid attestations for all of the - // images in the pod spec. - REQUIRE_ATTESTATION = 2; - - // This rule denies all pod creations. - ALWAYS_DENY = 3; - } - - // Defines the possible actions when a pod creation is denied by an admission - // rule. - enum EnforcementMode { - // Do not use. - ENFORCEMENT_MODE_UNSPECIFIED = 0; - - // Enforce the admission rule by blocking the pod creation. - ENFORCED_BLOCK_AND_AUDIT_LOG = 1; - - // Dryrun mode: Audit logging only. This will allow the pod creation as if - // the admission request had specified break-glass. - DRYRUN_AUDIT_LOG_ONLY = 2; - } - - // Required. How this admission rule will be evaluated. - EvaluationMode evaluation_mode = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. The resource names of the attestors that must attest to - // a container image, in the format `projects/*/attestors/*`. Each - // attestor must exist before a policy can reference it. To add an attestor - // to a policy the principal issuing the policy change request must be able - // to read the attestor resource. - // - // Note: this field must be non-empty when the evaluation_mode field specifies - // REQUIRE_ATTESTATION, otherwise it must be empty. - repeated string require_attestations_by = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Required. The action when a pod creation is denied by the admission rule. - EnforcementMode enforcement_mode = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image -// artifacts. An existing attestor cannot be modified except where -// indicated. -message Attestor { - option (google.api.resource) = { - type: "binaryauthorization.googleapis.com/Attestor" - pattern: "projects/{project}/attestors/{attestor}" - }; - - // Required. The resource name, in the format: - // `projects/*/attestors/*`. This field may not be updated. - string name = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. A descriptive comment. This field may be updated. - // The field may be displayed in chooser dialogs. - string description = 6 [(google.api.field_behavior) = OPTIONAL]; - - oneof attestor_type { - // This specifies how an attestation will be read, and how it will be used - // during policy enforcement. - UserOwnedGrafeasNote user_owned_grafeas_note = 3; - } - - // Output only. Time when the attestor was last updated. - google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// An [user owned Grafeas note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] references a Grafeas -// Attestation.Authority Note created by the user. -message UserOwnedGrafeasNote { - // Required. The Grafeas resource name of a Attestation.Authority Note, - // created by the user, in the format: `projects/*/notes/*`. This field may - // not be updated. - // - // An attestation by this attestor is stored as a Grafeas - // Attestation.Authority Occurrence that names a container image and that - // links to this Note. Grafeas is an external dependency. - string note_reference = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. Public keys that verify attestations signed by this - // attestor. This field may be updated. - // - // If this field is non-empty, one of the specified public keys must - // verify that an attestation was signed by this attestor for the - // image specified in the admission request. - // - // If this field is empty, this attestor always returns that no - // valid attestations exist. - repeated AttestorPublicKey public_keys = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Output only. This field will contain the service account email address - // that this Attestor will use as the principal when querying Container - // Analysis. Attestor administrators must grant this service account the - // IAM role needed to read attestations from the [note_reference][Note] in - // Container Analysis (`containeranalysis.notes.occurrences.viewer`). - // - // This email address is fixed for the lifetime of the Attestor, but callers - // should not make any other assumptions about the service account email; - // future versions may use an email based on a different naming pattern. - string delegation_service_account_email = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// A public key in the PkixPublicKey format (see -// https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). -// Public keys of this type are typically textually encoded using the PEM -// format. -message PkixPublicKey { - // Represents a signature algorithm and other information necessary to verify - // signatures with a given public key. - // This is based primarily on the public key types supported by Tink's - // PemKeyType, which is in turn based on KMS's supported signing algorithms. - // See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz - // might support additional public key types independently of Tink and/or KMS. - enum SignatureAlgorithm { - option allow_alias = true; - - // Not specified. - SIGNATURE_ALGORITHM_UNSPECIFIED = 0; - - // RSASSA-PSS 2048 bit key with a SHA256 digest. - RSA_PSS_2048_SHA256 = 1; - - // RSASSA-PSS 3072 bit key with a SHA256 digest. - RSA_PSS_3072_SHA256 = 2; - - // RSASSA-PSS 4096 bit key with a SHA256 digest. - RSA_PSS_4096_SHA256 = 3; - - // RSASSA-PSS 4096 bit key with a SHA512 digest. - RSA_PSS_4096_SHA512 = 4; - - // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_2048_SHA256 = 5; - - // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_3072_SHA256 = 6; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_4096_SHA256 = 7; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - RSA_SIGN_PKCS1_4096_SHA512 = 8; - - // ECDSA on the NIST P-256 curve with a SHA256 digest. - ECDSA_P256_SHA256 = 9; - - // ECDSA on the NIST P-256 curve with a SHA256 digest. - EC_SIGN_P256_SHA256 = 9; - - // ECDSA on the NIST P-384 curve with a SHA384 digest. - ECDSA_P384_SHA384 = 10; - - // ECDSA on the NIST P-384 curve with a SHA384 digest. - EC_SIGN_P384_SHA384 = 10; - - // ECDSA on the NIST P-521 curve with a SHA512 digest. - ECDSA_P521_SHA512 = 11; - - // ECDSA on the NIST P-521 curve with a SHA512 digest. - EC_SIGN_P521_SHA512 = 11; - } - - // A PEM-encoded public key, as described in - // https://tools.ietf.org/html/rfc7468#section-13 - string public_key_pem = 1; - - // The signature algorithm used to verify a message against a signature using - // this key. - // These signature algorithm must match the structure and any object - // identifiers encoded in `public_key_pem` (i.e. this algorithm must match - // that of the public key). - SignatureAlgorithm signature_algorithm = 2; -} - -// An [attestor public key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that will be used to verify -// attestations signed by this attestor. -message AttestorPublicKey { - // Optional. A descriptive comment. This field may be updated. - string comment = 1 [(google.api.field_behavior) = OPTIONAL]; - - // The ID of this public key. - // Signatures verified by BinAuthz must include the ID of the public key that - // can be used to verify them, and that ID must match the contents of this - // field exactly. - // Additional restrictions on this field can be imposed based on which public - // key type is encapsulated. See the documentation on `public_key` cases below - // for details. - string id = 2; - - oneof public_key { - // ASCII-armored representation of a PGP public key, as the entire output by - // the command `gpg --export --armor foo@example.com` (either LF or CRLF - // line endings). - // When using this field, `id` should be left blank. The BinAuthz API - // handlers will calculate the ID and fill it in automatically. BinAuthz - // computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as - // upper-case hex. If `id` is provided by the caller, it will be - // overwritten by the API-calculated ID. - string ascii_armored_pgp_public_key = 3; - - // A raw PKIX SubjectPublicKeyInfo format public key. - // - // NOTE: `id` may be explicitly provided by the caller when using this - // type of public key, but it MUST be a valid RFC3986 URI. If `id` is left - // blank, a default one will be computed based on the digest of the DER - // encoding of the public key. - PkixPublicKey pkix_public_key = 5; - } -} diff --git a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto b/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto deleted file mode 100644 index e063aac..0000000 --- a/owl-bot-staging/v1/protos/google/cloud/binaryauthorization/v1/service.proto +++ /dev/null @@ -1,312 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.binaryauthorization.v1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/cloud/binaryauthorization/v1/resources.proto"; -import "google/protobuf/empty.proto"; -import "grafeas/v1/attestation.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1;binaryauthorization"; -option java_multiple_files = false; -option java_package = "com.google.protos.google.cloud.binaryauthorization.v1"; -option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1"; -option ruby_package = "Google::Cloud::BinaryAuthorization::V1"; - -// Customer-facing API for Cloud Binary Authorization. - -// Google Cloud Management Service for Binary Authorization admission policies -// and attestation authorities. -// -// This API implements a REST model with the following objects: -// -// * [Policy][google.cloud.binaryauthorization.v1.Policy] -// * [Attestor][google.cloud.binaryauthorization.v1.Attestor] -service BinauthzManagementServiceV1 { - option (google.api.default_host) = "binaryauthorization.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to - // a container image, before the project is allowed to deploy that - // image. There is at most one policy per project. All image admission - // requests are permitted if a project has no policy. - // - // Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default - // [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one. - rpc GetPolicy(GetPolicyRequest) returns (Policy) { - option (google.api.http) = { - get: "/v1/{name=projects/*/policy}" - }; - option (google.api.method_signature) = "name"; - } - - // Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the - // new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race - // conditions with concurrent policy enforcement (or management!) - // requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - // if the request is malformed. - rpc UpdatePolicy(UpdatePolicyRequest) returns (Policy) { - option (google.api.http) = { - put: "/v1/{policy.name=projects/*/policy}" - body: "policy" - }; - option (google.api.method_signature) = "policy"; - } - - // Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new - // [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, - // INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - // [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists. - rpc CreateAttestor(CreateAttestorRequest) returns (Attestor) { - option (google.api.http) = { - post: "/v1/{parent=projects/*}/attestors" - body: "attestor" - }; - option (google.api.method_signature) = "parent,attestor_id,attestor"; - } - - // Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. - // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc GetAttestor(GetAttestorRequest) returns (Attestor) { - option (google.api.http) = { - get: "/v1/{name=projects/*/attestors/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. - // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc UpdateAttestor(UpdateAttestorRequest) returns (Attestor) { - option (google.api.http) = { - put: "/v1/{attestor.name=projects/*/attestors/*}" - body: "attestor" - }; - option (google.api.method_signature) = "attestor"; - } - - // Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - // Returns INVALID_ARGUMENT if the project does not exist. - rpc ListAttestors(ListAttestorsRequest) returns (ListAttestorsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*}/attestors" - }; - option (google.api.method_signature) = "parent"; - } - - // Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the - // [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc DeleteAttestor(DeleteAttestorRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - delete: "/v1/{name=projects/*/attestors/*}" - }; - option (google.api.method_signature) = "name"; - } -} - -// API for working with the system policy. -service SystemPolicyV1 { - option (google.api.default_host) = "binaryauthorization.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // Gets the current system policy in the specified location. - rpc GetSystemPolicy(GetSystemPolicyRequest) returns (Policy) { - option (google.api.http) = { - get: "/v1/{name=locations/*/policy}" - }; - option (google.api.method_signature) = "name"; - } -} - -// BinAuthz Attestor verification -service ValidationHelperV1 { - option (google.api.default_host) = "binaryauthorization.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // Returns whether the given Attestation for the given image URI - // was signed by the given Attestor - rpc ValidateAttestationOccurrence(ValidateAttestationOccurrenceRequest) returns (ValidateAttestationOccurrenceResponse) { - option (google.api.http) = { - post: "/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence" - body: "*" - }; - } -} - -// Request message for [BinauthzManagementService.GetPolicy][]. -message GetPolicyRequest { - // Required. The resource name of the [policy][google.cloud.binaryauthorization.v1.Policy] to retrieve, - // in the format `projects/*/policy`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Policy" - } - ]; -} - -// Request message for [BinauthzManagementService.UpdatePolicy][]. -message UpdatePolicyRequest { - // Required. A new or updated [policy][google.cloud.binaryauthorization.v1.Policy] value. The service will - // overwrite the [policy name][google.cloud.binaryauthorization.v1.Policy.name] field with the resource name in - // the request URL, in the format `projects/*/policy`. - Policy policy = 1 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.CreateAttestor][]. -message CreateAttestorRequest { - // Required. The parent of this [attestor][google.cloud.binaryauthorization.v1.Attestor]. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudresourcemanager.googleapis.com/Project" - } - ]; - - // Required. The [attestors][google.cloud.binaryauthorization.v1.Attestor] ID. - string attestor_id = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The initial [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service will - // overwrite the [attestor name][google.cloud.binaryauthorization.v1.Attestor.name] field with the resource name, - // in the format `projects/*/attestors/*`. - Attestor attestor = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.GetAttestor][]. -message GetAttestorRequest { - // Required. The name of the [attestor][google.cloud.binaryauthorization.v1.Attestor] to retrieve, in the format - // `projects/*/attestors/*`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Attestor" - } - ]; -} - -// Request message for [BinauthzManagementService.UpdateAttestor][]. -message UpdateAttestorRequest { - // Required. The updated [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service will - // overwrite the [attestor name][google.cloud.binaryauthorization.v1.Attestor.name] field with the resource name - // in the request URL, in the format `projects/*/attestors/*`. - Attestor attestor = 1 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.ListAttestors][]. -message ListAttestorsRequest { - // Required. The resource name of the project associated with the - // [attestors][google.cloud.binaryauthorization.v1.Attestor], in the format `projects/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudresourcemanager.googleapis.com/Project" - } - ]; - - // Requested page size. The server may return fewer results than requested. If - // unspecified, the server will pick an appropriate default. - int32 page_size = 2; - - // A token identifying a page of results the server should return. Typically, - // this is the value of [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] returned - // from the previous call to the `ListAttestors` method. - string page_token = 3; -} - -// Response message for [BinauthzManagementService.ListAttestors][]. -message ListAttestorsResponse { - // The list of [attestors][google.cloud.binaryauthorization.v1.Attestor]. - repeated Attestor attestors = 1; - - // A token to retrieve the next page of results. Pass this value in the - // [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] field in the subsequent call to the - // `ListAttestors` method to retrieve the next page of results. - string next_page_token = 2; -} - -// Request message for [BinauthzManagementService.DeleteAttestor][]. -message DeleteAttestorRequest { - // Required. The name of the [attestors][google.cloud.binaryauthorization.v1.Attestor] to delete, in the format - // `projects/*/attestors/*`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Attestor" - } - ]; -} - -// Request to read the current system policy. -message GetSystemPolicyRequest { - // Required. The resource name, in the format `locations/*/policy`. - // Note that the system policy is not associated with a project. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Policy" - } - ]; -} - -// Request message for -// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. -message ValidateAttestationOccurrenceRequest { - // Required. The resource name of the [Attestor][google.cloud.binaryauthorization.v1.Attestor] of the - // [occurrence][grafeas.v1.Occurrence], in the format - // `projects/*/attestors/*`. - string attestor = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. An [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to - // be checked that it can be verified by the Attestor. It does not have to be - // an existing entity in Container Analysis. It must otherwise be a valid - // AttestationOccurrence. - grafeas.v1.AttestationOccurrence attestation = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The resource name of the [Note][grafeas.v1.Note] to which the - // containing [Occurrence][grafeas.v1.Occurrence] is associated. - string occurrence_note = 3 [(google.api.field_behavior) = REQUIRED]; - - // Required. The URI of the artifact (e.g. container image) that is the - // subject of the containing [Occurrence][grafeas.v1.Occurrence]. - string occurrence_resource_uri = 4 [(google.api.field_behavior) = REQUIRED]; -} - -// Response message for -// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. -message ValidateAttestationOccurrenceResponse { - // The enum returned in the "result" field. - enum Result { - // Unspecified. - RESULT_UNSPECIFIED = 0; - - // The Attestation was able to verified by the Attestor. - VERIFIED = 1; - - // The Attestation was not able to verified by the Attestor. - ATTESTATION_NOT_VERIFIABLE = 2; - } - - // The result of the Attestation validation. - Result result = 1; - - // The reason for denial if the Attestation couldn't be validated. - string denial_reason = 2; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto b/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto deleted file mode 100644 index f2854fe..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/attestation.proto +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "grafeas/v1/common.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// An attestation wrapper with a PGP-compatible signature. This message only -// supports `ATTACHED` signatures, where the payload that is signed is included -// alongside the signature itself in the same file. - -// Note kind that represents a logical attestation "role" or "authority". For -// example, an organization might have one `Authority` for "QA" and one for -// "build". This note is intended to act strictly as a grouping mechanism for -// the attached occurrences (Attestations). This grouping mechanism also -// provides a security boundary, since IAM ACLs gate the ability for a principle -// to attach an occurrence to a given note. It also provides a single point of -// lookup to find all attached attestation occurrences, even if they don't all -// live in the same project. -message AttestationNote { - // This submessage provides human-readable hints about the purpose of the - // authority. Because the name of a note acts as its resource reference, it is - // important to disambiguate the canonical name of the Note (which might be a - // UUID for security purposes) from "readable" names more suitable for debug - // output. Note that these hints should not be used to look up authorities in - // security sensitive contexts, such as when looking up attestations to - // verify. - message Hint { - // Required. The human readable name of this attestation authority, for - // example "qa". - string human_readable_name = 1; - } - - // Hint hints at the purpose of the attestation authority. - Hint hint = 1; -} - -message Jwt { - // The compact encoding of a JWS, which is always three base64 encoded strings - // joined by periods. For details, see: - // https://tools.ietf.org/html/rfc7515.html#section-3.1 - string compact_jwt = 1; -} - -// Occurrence that represents a single "attestation". The authenticity of an -// attestation can be verified using the attached signature. If the verifier -// trusts the public key of the signer, then verifying the signature is -// sufficient to establish trust. In this circumstance, the authority to which -// this attestation is attached is primarily useful for lookup (how to find -// this attestation if you already know the authority and artifact to be -// verified) and intent (for which authority this attestation was intended to -// sign. -message AttestationOccurrence { - // Required. The serialized payload that is verified by one or more - // `signatures`. - bytes serialized_payload = 1; - // One or more signatures over `serialized_payload`. Verifier implementations - // should consider this attestation message verified if at least one - // `signature` verifies `serialized_payload`. See `Signature` in common.proto - // for more details on signature structure and verification. - repeated Signature signatures = 2; - // One or more JWTs encoding a self-contained attestation. - // Each JWT encodes the payload that it verifies within the JWT itself. - // Verifier implementation SHOULD ignore the `serialized_payload` field - // when verifying these JWTs. - // If only JWTs are present on this AttestationOccurrence, then the - // `serialized_payload` SHOULD be left empty. - // Each JWT SHOULD encode a claim specific to the `resource_uri` of this - // Occurrence, but this is not validated by Grafeas metadata API - // implementations. The JWT itself is opaque to Grafeas. - repeated Jwt jwts = 3; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/build.proto b/owl-bot-staging/v1/protos/grafeas/v1/build.proto deleted file mode 100644 index 172637f..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/build.proto +++ /dev/null @@ -1,62 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "grafeas/v1/intoto_provenance.proto"; -import "grafeas/v1/intoto_statement.proto"; -import "grafeas/v1/provenance.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Note holding the version of the provider's builder and the signature of the -// provenance message in the build details occurrence. -message BuildNote { - // Required. Immutable. Version of the builder which produced this build. - string builder_version = 1; -} - -// Details of a build occurrence. -message BuildOccurrence { - // The actual provenance for the build. - grafeas.v1.BuildProvenance provenance = 1; - - // Serialized JSON representation of the provenance, used in generating the - // build signature in the corresponding build note. After verifying the - // signature, `provenance_bytes` can be unmarshalled and compared to the - // provenance to confirm that it is unchanged. A base64-encoded string - // representation of the provenance bytes is used for the signature in order - // to interoperate with openssl which expects this format for signature - // verification. - // - // The serialized form is captured both to avoid ambiguity in how the - // provenance is marshalled to json as well to prevent incompatibilities with - // future changes. - string provenance_bytes = 2; - - // Deprecated. See InTotoStatement for the replacement. - // In-toto Provenance representation as defined in spec. - InTotoProvenance intoto_provenance = 3; - - // In-toto Statement representation as defined in spec. - // The intoto_statement can contain any type of provenance. The serialized - // payload of the statement can be stored and signed in the Occurrence's - // envelope. - InTotoStatement intoto_statement = 4; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/common.proto b/owl-bot-staging/v1/protos/grafeas/v1/common.proto deleted file mode 100644 index 80bd786..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/common.proto +++ /dev/null @@ -1,150 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Kind represents the kinds of notes supported. -enum NoteKind { - // Default value. This value is unused. - NOTE_KIND_UNSPECIFIED = 0; - // The note and occurrence represent a package vulnerability. - VULNERABILITY = 1; - // The note and occurrence assert build provenance. - BUILD = 2; - // This represents an image basis relationship. - IMAGE = 3; - // This represents a package installed via a package manager. - PACKAGE = 4; - // The note and occurrence track deployment events. - DEPLOYMENT = 5; - // The note and occurrence track the initial discovery status of a resource. - DISCOVERY = 6; - // This represents a logical "role" that can attest to artifacts. - ATTESTATION = 7; - // This represents an available package upgrade. - UPGRADE = 8; - // This represents a Compliance Note - COMPLIANCE = 9; - // This represents a DSSE attestation Note - DSSE_ATTESTATION = 10; -} - -// Metadata for any related URL information. -message RelatedUrl { - // Specific URL associated with the resource. - string url = 1; - // Label to describe usage of the URL. - string label = 2; -} - -// Verifiers (e.g. Kritis implementations) MUST verify signatures -// with respect to the trust anchors defined in policy (e.g. a Kritis policy). -// Typically this means that the verifier has been configured with a map from -// `public_key_id` to public key material (and any required parameters, e.g. -// signing algorithm). -// -// In particular, verification implementations MUST NOT treat the signature -// `public_key_id` as anything more than a key lookup hint. The `public_key_id` -// DOES NOT validate or authenticate a public key; it only provides a mechanism -// for quickly selecting a public key ALREADY CONFIGURED on the verifier through -// a trusted channel. Verification implementations MUST reject signatures in any -// of the following circumstances: -// * The `public_key_id` is not recognized by the verifier. -// * The public key that `public_key_id` refers to does not verify the -// signature with respect to the payload. -// -// The `signature` contents SHOULD NOT be "attached" (where the payload is -// included with the serialized `signature` bytes). Verifiers MUST ignore any -// "attached" payload and only verify signatures with respect to explicitly -// provided payload (e.g. a `payload` field on the proto message that holds -// this Signature, or the canonical serialization of the proto message that -// holds this signature). -message Signature { - // The content of the signature, an opaque bytestring. - // The payload that this signature verifies MUST be unambiguously provided - // with the Signature during verification. A wrapper message might provide - // the payload explicitly. Alternatively, a message might have a canonical - // serialization that can always be unambiguously computed to derive the - // payload. - bytes signature = 1; - - // The identifier for the public key that verifies this signature. - // * The `public_key_id` is required. - // * The `public_key_id` SHOULD be an RFC3986 conformant URI. - // * When possible, the `public_key_id` SHOULD be an immutable reference, - // such as a cryptographic digest. - // - // Examples of valid `public_key_id`s: - // - // OpenPGP V4 public key fingerprint: - // * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" - // See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more - // details on this scheme. - // - // RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER - // serialization): - // * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" - // * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - string public_key_id = 2; -} - -// MUST match -// https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An -// authenticated message of arbitrary type. -message Envelope { - bytes payload = 1; - string payload_type = 2; - repeated EnvelopeSignature signatures = 3; -} - -message EnvelopeSignature { - bytes sig = 1; - string keyid = 2; -} - -// Indicates the location at which a package was found. -message FileLocation { - // For jars that are contained inside .war files, this filepath - // can indicate the path to war file combined with the path to jar file. - string file_path = 1; -} - -// License information. -message License { - // Often a single license can be used to represent the licensing terms. - // Sometimes it is necessary to include a choice of one or more licenses - // or some combination of license identifiers. - // Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", - // "GPL-2.0-or-later WITH Bison-exception-2.2". - string expression = 1; - - // Comments - string comments = 2; -} - -// Digest information. -message Digest { - // `SHA1`, `SHA512` etc. - string algo = 1; - - // Value of the digest. - bytes digest_bytes = 2; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto b/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto deleted file mode 100644 index 688fa82..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/compliance.proto +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "grafeas/v1/severity.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -message ComplianceNote { - // The title that identifies this compliance check. - string title = 1; - // A description about this compliance check. - string description = 2; - // The OS and config versions the benchmark applies to. - repeated grafeas.v1.ComplianceVersion version = 3; - // A rationale for the existence of this compliance check. - string rationale = 4; - // A description of remediation steps if the compliance check fails. - string remediation = 5; - // A compliance check that is a CIS benchmark. - message CisBenchmark { - int32 profile_level = 1; - grafeas.v1.Severity severity = 2; - } - oneof compliance_type { - CisBenchmark cis_benchmark = 6; - } - // Serialized scan instructions with a predefined format. - bytes scan_instructions = 7; -} - -// Describes the CIS benchmark version that is applicable to a given OS and -// os version. -message ComplianceVersion { - // The CPE URI (https://cpe.mitre.org/specification/) this benchmark is - // applicable to. - string cpe_uri = 1; - // The name of the document that defines this benchmark, e.g. "CIS - // Container-Optimized OS". - string benchmark_document = 3; - // The version of the benchmark. This is set to the version of the OS-specific - // CIS document the benchmark is defined in. - string version = 2; -} - -// An indication that the compliance checks in the associated ComplianceNote -// were not satisfied for particular resources or a specified reason. -message ComplianceOccurrence { - repeated NonCompliantFile non_compliant_files = 2; - string non_compliance_reason = 3; -} - -// Details about files that caused a compliance check to fail. -message NonCompliantFile { - // display_command is a single command that can be used to display a list of - // non compliant files. When there is no such command, we can also iterate a - // list of non compliant file using 'path'. - - // Empty if `display_command` is set. - string path = 1; - // Command to display the non-compliant files. - string display_command = 2; - // Explains why a file is non compliant for a CIS check. - string reason = 3; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto b/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto deleted file mode 100644 index ab7e2b8..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/cvss.proto +++ /dev/null @@ -1,159 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option java_outer_classname = "CVSSProto"; - -// Common Vulnerability Scoring System version 3. -// For details, see https://www.first.org/cvss/specification-document -message CVSSv3 { - // The base score is a function of the base metric scores. - float base_score = 1; - - float exploitability_score = 2; - - float impact_score = 3; - - // Base Metrics - // Represents the intrinsic characteristics of a vulnerability that are - // constant over time and across user environments. - AttackVector attack_vector = 5; - AttackComplexity attack_complexity = 6; - PrivilegesRequired privileges_required = 7; - UserInteraction user_interaction = 8; - Scope scope = 9; - Impact confidentiality_impact = 10; - Impact integrity_impact = 11; - Impact availability_impact = 12; - - enum AttackVector { - ATTACK_VECTOR_UNSPECIFIED = 0; - ATTACK_VECTOR_NETWORK = 1; - ATTACK_VECTOR_ADJACENT = 2; - ATTACK_VECTOR_LOCAL = 3; - ATTACK_VECTOR_PHYSICAL = 4; - } - - enum AttackComplexity { - ATTACK_COMPLEXITY_UNSPECIFIED = 0; - ATTACK_COMPLEXITY_LOW = 1; - ATTACK_COMPLEXITY_HIGH = 2; - } - - enum PrivilegesRequired { - PRIVILEGES_REQUIRED_UNSPECIFIED = 0; - PRIVILEGES_REQUIRED_NONE = 1; - PRIVILEGES_REQUIRED_LOW = 2; - PRIVILEGES_REQUIRED_HIGH = 3; - } - - enum UserInteraction { - USER_INTERACTION_UNSPECIFIED = 0; - USER_INTERACTION_NONE = 1; - USER_INTERACTION_REQUIRED = 2; - } - - enum Scope { - SCOPE_UNSPECIFIED = 0; - SCOPE_UNCHANGED = 1; - SCOPE_CHANGED = 2; - } - - enum Impact { - IMPACT_UNSPECIFIED = 0; - IMPACT_HIGH = 1; - IMPACT_LOW = 2; - IMPACT_NONE = 3; - } -} - -// Common Vulnerability Scoring System. -// For details, see https://www.first.org/cvss/specification-document -// This is a message we will try to use for storing various versions of CVSS -// rather than making a separate proto for storing a specific version. -message CVSS { - // The base score is a function of the base metric scores. - float base_score = 1; - - float exploitability_score = 2; - - float impact_score = 3; - - // Base Metrics - // Represents the intrinsic characteristics of a vulnerability that are - // constant over time and across user environments. - AttackVector attack_vector = 4; - AttackComplexity attack_complexity = 5; - Authentication authentication = 6; - PrivilegesRequired privileges_required = 7; - UserInteraction user_interaction = 8; - Scope scope = 9; - Impact confidentiality_impact = 10; - Impact integrity_impact = 11; - Impact availability_impact = 12; - - enum AttackVector { - ATTACK_VECTOR_UNSPECIFIED = 0; - ATTACK_VECTOR_NETWORK = 1; - ATTACK_VECTOR_ADJACENT = 2; - ATTACK_VECTOR_LOCAL = 3; - ATTACK_VECTOR_PHYSICAL = 4; - } - - enum AttackComplexity { - ATTACK_COMPLEXITY_UNSPECIFIED = 0; - ATTACK_COMPLEXITY_LOW = 1; - ATTACK_COMPLEXITY_HIGH = 2; - } - - enum Authentication { - AUTHENTICATION_UNSPECIFIED = 0; - AUTHENTICATION_MULTIPLE = 1; - AUTHENTICATION_SINGLE = 2; - AUTHENTICATION_NONE = 3; - } - - enum PrivilegesRequired { - PRIVILEGES_REQUIRED_UNSPECIFIED = 0; - PRIVILEGES_REQUIRED_NONE = 1; - PRIVILEGES_REQUIRED_LOW = 2; - PRIVILEGES_REQUIRED_HIGH = 3; - } - - enum UserInteraction { - USER_INTERACTION_UNSPECIFIED = 0; - USER_INTERACTION_NONE = 1; - USER_INTERACTION_REQUIRED = 2; - } - - enum Scope { - SCOPE_UNSPECIFIED = 0; - SCOPE_UNCHANGED = 1; - SCOPE_CHANGED = 2; - } - - enum Impact { - IMPACT_UNSPECIFIED = 0; - IMPACT_HIGH = 1; - IMPACT_LOW = 2; - IMPACT_NONE = 3; - } -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto b/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto deleted file mode 100644 index 5204004..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/deployment.proto +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/timestamp.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// An artifact that can be deployed in some runtime. -message DeploymentNote { - // Required. Resource URI for the artifact being deployed. - repeated string resource_uri = 1; -} - -// The period during which some deployable was active in a runtime. -message DeploymentOccurrence { - // Identity of the user that triggered this deployment. - string user_email = 1; - - // Required. Beginning of the lifetime of this deployment. - google.protobuf.Timestamp deploy_time = 2; - - // End of the lifetime of this deployment. - google.protobuf.Timestamp undeploy_time = 3; - - // Configuration used to create this deployment. - string config = 4; - - // Address of the runtime element hosting this deployment. - string address = 5; - - // Output only. Resource URI for the artifact being deployed taken from - // the deployable field with the same name. - repeated string resource_uri = 6; - - // Types of platforms. - enum Platform { - // Unknown. - PLATFORM_UNSPECIFIED = 0; - // Google Container Engine. - GKE = 1; - // Google App Engine: Flexible Environment. - FLEX = 2; - // Custom user-defined platform. - CUSTOM = 3; - } - // Platform hosting this deployment. - Platform platform = 7; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto b/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto deleted file mode 100644 index 13939b2..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/discovery.proto +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/api/field_behavior.proto"; -import "google/protobuf/timestamp.proto"; -import "google/rpc/status.proto"; -import "grafeas/v1/common.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// A note that indicates a type of analysis a provider would perform. This note -// exists in a provider's project. A `Discovery` occurrence is created in a -// consumer's project at the start of analysis. -message DiscoveryNote { - // Required. Immutable. The kind of analysis that is handled by this - // discovery. - grafeas.v1.NoteKind analysis_kind = 1; -} - -// Provides information about the analysis status of a discovered resource. -message DiscoveryOccurrence { - // Whether the resource is continuously analyzed. - enum ContinuousAnalysis { - // Unknown. - CONTINUOUS_ANALYSIS_UNSPECIFIED = 0; - // The resource is continuously analyzed. - ACTIVE = 1; - // The resource is ignored for continuous analysis. - INACTIVE = 2; - } - - // Whether the resource is continuously analyzed. - ContinuousAnalysis continuous_analysis = 1; - - // Analysis status for a resource. Currently for initial analysis only (not - // updated in continuous analysis). - enum AnalysisStatus { - // Unknown. - ANALYSIS_STATUS_UNSPECIFIED = 0; - // Resource is known but no action has been taken yet. - PENDING = 1; - // Resource is being analyzed. - SCANNING = 2; - // Analysis has finished successfully. - FINISHED_SUCCESS = 3; - // Analysis has finished unsuccessfully, the analysis itself is in a bad - // state. - FINISHED_FAILED = 4; - // The resource is known not to be supported - FINISHED_UNSUPPORTED = 5; - } - - // The status of discovery for the resource. - AnalysisStatus analysis_status = 2; - - // When an error is encountered this will contain a LocalizedMessage under - // details to show to the user. The LocalizedMessage is output only and - // populated by the API. - google.rpc.Status analysis_status_error = 3; - - // The CPE of the resource being scanned. - string cpe = 4; - - // The last time this resource was scanned. - google.protobuf.Timestamp last_scan_time = 5; - - // The time occurrences related to this discovery occurrence were archived. - google.protobuf.Timestamp archive_time = 6 - [(google.api.field_behavior) = OUTPUT_ONLY]; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto b/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto deleted file mode 100644 index 34ba3df..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/dsse_attestation.proto +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -syntax = "proto3"; - -package grafeas.v1; - -import "grafeas/v1/common.proto"; -import "grafeas/v1/intoto_statement.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -message DSSEAttestationNote { - // This submessage provides human-readable hints about the purpose of the - // authority. Because the name of a note acts as its resource reference, it is - // important to disambiguate the canonical name of the Note (which might be a - // UUID for security purposes) from "readable" names more suitable for debug - // output. Note that these hints should not be used to look up authorities in - // security sensitive contexts, such as when looking up attestations to - // verify. - message DSSEHint { - // Required. The human readable name of this attestation authority, for - // example "cloudbuild-prod". - string human_readable_name = 1; - } - // DSSEHint hints at the purpose of the attestation authority. - DSSEHint hint = 1; -} - -// Deprecated. Prefer to use a regular Occurrence, and populate the -// Envelope at the top level of the Occurrence. -message DSSEAttestationOccurrence { - // If doing something security critical, make sure to verify the signatures in - // this metadata. - Envelope envelope = 1; - oneof decoded_payload { - InTotoStatement statement = 2; - } -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto b/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto deleted file mode 100644 index 5665fe3..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/grafeas.proto +++ /dev/null @@ -1,544 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/protobuf/empty.proto"; -import "google/protobuf/field_mask.proto"; -import "google/protobuf/timestamp.proto"; -import "grafeas/v1/attestation.proto"; -import "grafeas/v1/build.proto"; -import "grafeas/v1/common.proto"; -import "grafeas/v1/compliance.proto"; -import "grafeas/v1/deployment.proto"; -import "grafeas/v1/discovery.proto"; -import "grafeas/v1/dsse_attestation.proto"; -import "grafeas/v1/image.proto"; -import "grafeas/v1/package.proto"; -import "grafeas/v1/upgrade.proto"; -import "grafeas/v1/vulnerability.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option (google.api.resource_definition) = { - type: "grafeas.io/Project" - pattern: "projects/{project}" -}; - -// [Grafeas](https://grafeas.io) API. -// -// Retrieves analysis results of Cloud components such as Docker container -// images. -// -// Analysis results are stored as a series of occurrences. An `Occurrence` -// contains information about a specific analysis instance on a resource. An -// occurrence refers to a `Note`. A note contains details describing the -// analysis and is generally stored in a separate project, called a `Provider`. -// Multiple occurrences can refer to the same note. -// -// For example, an SSL vulnerability could affect multiple images. In this case, -// there would be one note for the vulnerability and an occurrence for each -// image with the vulnerability referring to that note. -service Grafeas { - option (google.api.default_host) = "containeranalysis.googleapis.com"; - - // Gets the specified occurrence. - rpc GetOccurrence(GetOccurrenceRequest) returns (Occurrence) { - option (google.api.http) = { - get: "/v1/{name=projects/*/occurrences/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Lists occurrences for the specified project. - rpc ListOccurrences(ListOccurrencesRequest) - returns (ListOccurrencesResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*}/occurrences" - }; - option (google.api.method_signature) = "parent,filter"; - } - - // Deletes the specified occurrence. For example, use this method to delete an - // occurrence when the occurrence is no longer applicable for the given - // resource. - rpc DeleteOccurrence(DeleteOccurrenceRequest) - returns (google.protobuf.Empty) { - option (google.api.http) = { - delete: "/v1/{name=projects/*/occurrences/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Creates a new occurrence. - rpc CreateOccurrence(CreateOccurrenceRequest) returns (Occurrence) { - option (google.api.http) = { - post: "/v1/{parent=projects/*}/occurrences" - body: "occurrence" - }; - option (google.api.method_signature) = "parent,occurrence"; - } - - // Creates new occurrences in batch. - rpc BatchCreateOccurrences(BatchCreateOccurrencesRequest) - returns (BatchCreateOccurrencesResponse) { - option (google.api.http) = { - post: "/v1/{parent=projects/*}/occurrences:batchCreate" - body: "*" - }; - option (google.api.method_signature) = "parent,occurrences"; - } - - // Updates the specified occurrence. - rpc UpdateOccurrence(UpdateOccurrenceRequest) returns (Occurrence) { - option (google.api.http) = { - patch: "/v1/{name=projects/*/occurrences/*}" - body: "occurrence" - }; - option (google.api.method_signature) = "name,occurrence,update_mask"; - } - - // Gets the note attached to the specified occurrence. Consumer projects can - // use this method to get a note that belongs to a provider project. - rpc GetOccurrenceNote(GetOccurrenceNoteRequest) returns (Note) { - option (google.api.http) = { - get: "/v1/{name=projects/*/occurrences/*}/notes" - }; - option (google.api.method_signature) = "name"; - } - - // Gets the specified note. - rpc GetNote(GetNoteRequest) returns (Note) { - option (google.api.http) = { - get: "/v1/{name=projects/*/notes/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Lists notes for the specified project. - rpc ListNotes(ListNotesRequest) returns (ListNotesResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*}/notes" - }; - option (google.api.method_signature) = "parent,filter"; - } - - // Deletes the specified note. - rpc DeleteNote(DeleteNoteRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - delete: "/v1/{name=projects/*/notes/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Creates a new note. - rpc CreateNote(CreateNoteRequest) returns (Note) { - option (google.api.http) = { - post: "/v1/{parent=projects/*}/notes" - body: "note" - }; - option (google.api.method_signature) = "parent,note_id,note"; - } - - // Creates new notes in batch. - rpc BatchCreateNotes(BatchCreateNotesRequest) - returns (BatchCreateNotesResponse) { - option (google.api.http) = { - post: "/v1/{parent=projects/*}/notes:batchCreate" - body: "*" - }; - option (google.api.method_signature) = "parent,notes"; - } - - // Updates the specified note. - rpc UpdateNote(UpdateNoteRequest) returns (Note) { - option (google.api.http) = { - patch: "/v1/{name=projects/*/notes/*}" - body: "note" - }; - option (google.api.method_signature) = "name,note,update_mask"; - } - - // Lists occurrences referencing the specified note. Provider projects can use - // this method to get all occurrences across consumer projects referencing the - // specified note. - rpc ListNoteOccurrences(ListNoteOccurrencesRequest) - returns (ListNoteOccurrencesResponse) { - option (google.api.http) = { - get: "/v1/{name=projects/*/notes/*}/occurrences" - }; - option (google.api.method_signature) = "name,filter"; - } -} - -// An instance of an analysis type that has been found on a resource. -message Occurrence { - option (google.api.resource) = { - type: "grafeas.io/Occurrence" - pattern: "projects/{project}/occurrences/{occurrence}" - }; - - // Output only. The name of the occurrence in the form of - // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - string name = 1; - - // Required. Immutable. A URI that represents the resource for which the - // occurrence applies. For example, - // `https://gcr.io/project/image@sha256:123abc` for a Docker image. - string resource_uri = 2; - - // Required. Immutable. The analysis note associated with this occurrence, in - // the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. This field can be - // used as a filter in list requests. - string note_name = 3; - - // Output only. This explicitly denotes which of the occurrence details are - // specified. This field can be used as a filter in list requests. - grafeas.v1.NoteKind kind = 4; - - // A description of actions that can be taken to remedy the note. - string remediation = 5; - - // Output only. The time this occurrence was created. - google.protobuf.Timestamp create_time = 6; - - // Output only. The time this occurrence was last updated. - google.protobuf.Timestamp update_time = 7; - - // Required. Immutable. Describes the details of the note kind found on this - // resource. - oneof details { - // Describes a security vulnerability. - grafeas.v1.VulnerabilityOccurrence vulnerability = 8; - // Describes a verifiable build. - grafeas.v1.BuildOccurrence build = 9; - // Describes how this resource derives from the basis in the associated - // note. - grafeas.v1.ImageOccurrence image = 10; - // Describes the installation of a package on the linked resource. - grafeas.v1.PackageOccurrence package = 11; - // Describes the deployment of an artifact on a runtime. - grafeas.v1.DeploymentOccurrence deployment = 12; - // Describes when a resource was discovered. - grafeas.v1.DiscoveryOccurrence discovery = 13; - // Describes an attestation of an artifact. - grafeas.v1.AttestationOccurrence attestation = 14; - // Describes an available package upgrade on the linked resource. - grafeas.v1.UpgradeOccurrence upgrade = 15; - // Describes a compliance violation on a linked resource. - grafeas.v1.ComplianceOccurrence compliance = 16; - // Describes an attestation of an artifact using dsse. - grafeas.v1.DSSEAttestationOccurrence dsse_attestation = 17; - } - - // https://github.com/secure-systems-lab/dsse - grafeas.v1.Envelope envelope = 18; -} - -// A type of analysis that can be done for a resource. -message Note { - option (google.api.resource) = { - type: "grafeas.io/Note" - pattern: "projects/{project}/notes/{note}" - }; - - // Output only. The name of the note in the form of - // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - string name = 1; - - // A one sentence description of this note. - string short_description = 2; - - // A detailed description of this note. - string long_description = 3; - - // Output only. The type of analysis. This field can be used as a filter in - // list requests. - grafeas.v1.NoteKind kind = 4; - - // URLs associated with this note. - repeated grafeas.v1.RelatedUrl related_url = 5; - - // Time of expiration for this note. Empty if note does not expire. - google.protobuf.Timestamp expiration_time = 6; - - // Output only. The time this note was created. This field can be used as a - // filter in list requests. - google.protobuf.Timestamp create_time = 7; - - // Output only. The time this note was last updated. This field can be used as - // a filter in list requests. - google.protobuf.Timestamp update_time = 8; - - // Other notes related to this note. - repeated string related_note_names = 9; - - // Required. Immutable. The type of analysis this note represents. - oneof type { - // A note describing a package vulnerability. - grafeas.v1.VulnerabilityNote vulnerability = 10; - // A note describing build provenance for a verifiable build. - grafeas.v1.BuildNote build = 11; - // A note describing a base image. - grafeas.v1.ImageNote image = 12; - // A note describing a package hosted by various package managers. - grafeas.v1.PackageNote package = 13; - // A note describing something that can be deployed. - grafeas.v1.DeploymentNote deployment = 14; - // A note describing the initial analysis of a resource. - grafeas.v1.DiscoveryNote discovery = 15; - // A note describing an attestation role. - grafeas.v1.AttestationNote attestation = 16; - // A note describing available package upgrades. - grafeas.v1.UpgradeNote upgrade = 17; - // A note describing a compliance check. - grafeas.v1.ComplianceNote compliance = 18; - // A note describing a dsse attestation note. - grafeas.v1.DSSEAttestationNote dsse_attestation = 19; - } -} - -// Request to get an occurrence. -message GetOccurrenceRequest { - // The name of the occurrence in the form of - // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Occurrence" - ]; -} - -// Request to list occurrences. -message ListOccurrencesRequest { - // The name of the project to list occurrences for in the form of - // `projects/[PROJECT_ID]`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - - // The filter expression. - string filter = 2; - - // Number of occurrences to return in the list. Must be positive. Max allowed - // page size is 1000. If not specified, page size defaults to 20. - int32 page_size = 3; - - // Token to provide to skip to a particular spot in the list. - string page_token = 4; -} - -// Response for listing occurrences. -message ListOccurrencesResponse { - // The occurrences requested. - repeated Occurrence occurrences = 1; - // The next pagination token in the list response. It should be used as - // `page_token` for the following request. An empty value means no more - // results. - string next_page_token = 2; -} - -// Request to delete an occurrence. -message DeleteOccurrenceRequest { - // The name of the occurrence in the form of - // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Occurrence" - ]; -} - -// Request to create a new occurrence. -message CreateOccurrenceRequest { - // The name of the project in the form of `projects/[PROJECT_ID]`, under which - // the occurrence is to be created. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - // The occurrence to create. - Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Request to update an occurrence. -message UpdateOccurrenceRequest { - // The name of the occurrence in the form of - // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Occurrence" - ]; - // The updated occurrence. - Occurrence occurrence = 2 [(google.api.field_behavior) = REQUIRED]; - // The fields to update. - google.protobuf.FieldMask update_mask = 3; -} - -// Request to get a note. -message GetNoteRequest { - // The name of the note in the form of - // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Note" - ]; -} - -// Request to get the note to which the specified occurrence is attached. -message GetOccurrenceNoteRequest { - // The name of the occurrence in the form of - // `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Occurrence" - ]; -} - -// Request to list notes. -message ListNotesRequest { - // The name of the project to list notes for in the form of - // `projects/[PROJECT_ID]`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - - // The filter expression. - string filter = 2; - - // Number of notes to return in the list. Must be positive. Max allowed page - // size is 1000. If not specified, page size defaults to 20. - int32 page_size = 3; - - // Token to provide to skip to a particular spot in the list. - string page_token = 4; -} - -// Response for listing notes. -message ListNotesResponse { - // The notes requested. - repeated Note notes = 1; - // The next pagination token in the list response. It should be used as - // `page_token` for the following request. An empty value means no more - // results. - string next_page_token = 2; -} - -// Request to delete a note. -message DeleteNoteRequest { - // The name of the note in the form of - // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Note" - ]; -} - -// Request to create a new note. -message CreateNoteRequest { - // The name of the project in the form of `projects/[PROJECT_ID]`, under which - // the note is to be created. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - // The ID to use for this note. - string note_id = 2 [(google.api.field_behavior) = REQUIRED]; - // The note to create. - Note note = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Request to update a note. -message UpdateNoteRequest { - // The name of the note in the form of - // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Note" - ]; - // The updated note. - Note note = 2 [(google.api.field_behavior) = REQUIRED]; - // The fields to update. - google.protobuf.FieldMask update_mask = 3; -} - -// Request to list occurrences for a note. -message ListNoteOccurrencesRequest { - // The name of the note to list occurrences for in the form of - // `projects/[PROVIDER_ID]/notes/[NOTE_ID]`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Note" - ]; - // The filter expression. - string filter = 2; - // Number of occurrences to return in the list. - int32 page_size = 3; - // Token to provide to skip to a particular spot in the list. - string page_token = 4; -} - -// Response for listing occurrences for a note. -message ListNoteOccurrencesResponse { - // The occurrences attached to the specified note. - repeated Occurrence occurrences = 1; - // Token to provide to skip to a particular spot in the list. - string next_page_token = 2; -} - -// Request to create notes in batch. -message BatchCreateNotesRequest { - // The name of the project in the form of `projects/[PROJECT_ID]`, under which - // the notes are to be created. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - - // The notes to create. Max allowed length is 1000. - map notes = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Response for creating notes in batch. -message BatchCreateNotesResponse { - // The notes that were created. - repeated Note notes = 1; -} - -// Request to create occurrences in batch. -message BatchCreateOccurrencesRequest { - // The name of the project in the form of `projects/[PROJECT_ID]`, under which - // the occurrences are to be created. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference).type = "grafeas.io/Project" - ]; - - // The occurrences to create. Max allowed length is 1000. - repeated Occurrence occurrences = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Response for creating occurrences in batch. -message BatchCreateOccurrencesResponse { - // The occurrences that were created. - repeated Occurrence occurrences = 1; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/image.proto b/owl-bot-staging/v1/protos/grafeas/v1/image.proto deleted file mode 100644 index 9ac162c..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/image.proto +++ /dev/null @@ -1,83 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Layer holds metadata specific to a layer of a Docker image. -message Layer { - // Required. The recovered Dockerfile directive used to construct this layer. - // See https://docs.docker.com/engine/reference/builder/ for more information. - string directive = 1; - - // The recovered arguments to the Dockerfile directive. - string arguments = 2; -} - -// A set of properties that uniquely identify a given Docker image. -message Fingerprint { - // Required. The layer ID of the final layer in the Docker image's v1 - // representation. - string v1_name = 1; - - // Required. The ordered list of v2 blobs that represent a given image. - repeated string v2_blob = 2; - - // Output only. The name of the image's v2 blobs computed via: - // [bottom] := v2_blob[bottom] - // [N] := sha256(v2_blob[N] + " " + v2_name[N+1]) - // Only the name of the final blob is kept. - string v2_name = 3; -} - -// Basis describes the base image portion (Note) of the DockerImage -// relationship. Linked occurrences are derived from this or an equivalent image -// via: -// FROM -// Or an equivalent reference, e.g., a tag of the resource_url. -message ImageNote { - // Required. Immutable. The resource_url for the resource representing the - // basis of associated occurrence images. - string resource_url = 1; - - // Required. Immutable. The fingerprint of the base image. - Fingerprint fingerprint = 2; -} - -// Details of the derived image portion of the DockerImage relationship. This -// image would be produced from a Dockerfile with FROM . -message ImageOccurrence { - // Required. The fingerprint of the derived image. - Fingerprint fingerprint = 1; - - // Output only. The number of layers by which this image differs from the - // associated image basis. - int32 distance = 2; - - // This contains layer-specific metadata, if populated it has length - // "distance" and is ordered with [distance] being the layer immediately - // following the base image and [1] being the final layer. - repeated Layer layer_info = 3; - - // Output only. This contains the base image URL for the derived image - // occurrence. - string base_resource_url = 4; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto deleted file mode 100644 index 78886b6..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/intoto_provenance.proto +++ /dev/null @@ -1,113 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/any.proto"; -import "google/protobuf/timestamp.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option java_outer_classname = "InTotoProvenanceProto"; - -// Spec defined at -// https://github.com/in-toto/attestation/blob/main/spec/predicates/provenance.md - -// Steps taken to build the artifact. -// For a TaskRun, typically each container corresponds to one step in the -// recipe. -message Recipe { - // URI indicating what type of recipe was performed. It determines the meaning - // of recipe.entryPoint, recipe.arguments, recipe.environment, and materials. - string type = 1; - // Index in materials containing the recipe steps that are not implied by - // recipe.type. For example, if the recipe type were "make", then this would - // point to the source containing the Makefile, not the make program itself. - // Set to -1 if the recipe doesn't come from a material, as zero is default - // unset value for int64. - int64 defined_in_material = 2; - // String identifying the entry point into the build. - // This is often a path to a configuration file and/or a target label within - // that file. The syntax and meaning are defined by recipe.type. For example, - // if the recipe type were "make", then this would reference the directory in - // which to run make as well as which target to use. - string entry_point = 3; - // Collection of all external inputs that influenced the build on top of - // recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe - // type were "make", then this might be the flags passed to make aside from - // the target, which is captured in recipe.entryPoint. Since the arguments - // field can greatly vary in structure, depending on the builder and recipe - // type, this is of form "Any". - repeated google.protobuf.Any arguments = 4; - // Any other builder-controlled inputs necessary for correctly evaluating the - // recipe. Usually only needed for reproducing the build but not evaluated as - // part of policy. Since the environment field can greatly vary in structure, - // depending on the builder and recipe type, this is of form "Any". - repeated google.protobuf.Any environment = 5; -} - -// Indicates that the builder claims certain fields in this message to be -// complete. -message Completeness { - // If true, the builder claims that recipe.arguments is complete, meaning that - // all external inputs are properly captured in the recipe. - bool arguments = 1; - // If true, the builder claims that recipe.environment is claimed to be - // complete. - bool environment = 2; - // If true, the builder claims that materials are complete, usually through - // some controls to prevent network access. Sometimes called "hermetic". - bool materials = 3; -} - -// Other properties of the build. -message Metadata { - // Identifies the particular build invocation, which can be useful for finding - // associated logs or other ad-hoc analysis. The value SHOULD be globally - // unique, per in-toto Provenance spec. - string build_invocation_id = 1; - // The timestamp of when the build started. - google.protobuf.Timestamp build_started_on = 2; - // The timestamp of when the build completed. - google.protobuf.Timestamp build_finished_on = 3; - // Indicates that the builder claims certain fields in this message to be - // complete. - Completeness completeness = 4; - // If true, the builder claims that running the recipe on materials will - // produce bit-for-bit identical output. - bool reproducible = 5; -} - -message BuilderConfig { - string id = 1; -} - -message InTotoProvenance { - BuilderConfig builder_config = 1; // required - // Identifies the configuration used for the build. - // When combined with materials, this SHOULD fully describe the build, - // such that re-running this recipe results in bit-for-bit identical output - // (if the build is reproducible). - Recipe recipe = 2; // required - Metadata metadata = 3; - // The collection of artifacts that influenced the build including sources, - // dependencies, build tools, base images, and so on. This is considered to be - // incomplete unless metadata.completeness.materials is true. Unset or null is - // equivalent to empty. - repeated string materials = 4; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto b/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto deleted file mode 100644 index 1f798d0..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/intoto_statement.proto +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "grafeas/v1/intoto_provenance.proto"; -import "grafeas/v1/slsa_provenance.proto"; -import "grafeas/v1/slsa_provenance_zero_two.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option java_outer_classname = "InTotoStatementProto"; - -// Spec defined at -// https://github.com/in-toto/attestation/tree/main/spec#statement The -// serialized InTotoStatement will be stored as Envelope.payload. -// Envelope.payloadType is always "application/vnd.in-toto+json". -message InTotoStatement { - // Always `https://in-toto.io/Statement/v0.1`. - string type = 1 [json_name = "_type"]; - repeated Subject subject = 2; - // `https://slsa.dev/provenance/v0.1` for SlsaProvenance. - string predicate_type = 3; - oneof predicate { - InTotoProvenance provenance = 4; - SlsaProvenance slsa_provenance = 5; - SlsaProvenanceZeroTwo slsa_provenance_zero_two = 6; - } -} -message Subject { - string name = 1; - // `"": ""` - // Algorithms can be e.g. sha256, sha512 - // See - // https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet - map digest = 2; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/package.proto b/owl-bot-staging/v1/protos/grafeas/v1/package.proto deleted file mode 100644 index 61b21db..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/package.proto +++ /dev/null @@ -1,192 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/api/field_behavior.proto"; -import "grafeas/v1/common.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Instruction set architectures supported by various package managers. -enum Architecture { - // Unknown architecture. - ARCHITECTURE_UNSPECIFIED = 0; - // X86 architecture. - X86 = 1; - // X64 architecture. - X64 = 2; -} - -// This represents a particular channel of distribution for a given package. -// E.g., Debian's jessie-backports dpkg mirror. -message Distribution { - // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) - // denoting the package manager version distributing a package. - string cpe_uri = 1 [(google.api.field_behavior) = REQUIRED]; - - // The CPU architecture for which packages in this distribution channel were - // built. - Architecture architecture = 2; - - // The latest available version of this package in this distribution channel. - Version latest_version = 3; - - // A freeform string denoting the maintainer of this package. - string maintainer = 4; - - // The distribution channel-specific homepage for this package. - string url = 5; - - // The distribution channel-specific description of this package. - string description = 6; -} - -// An occurrence of a particular package installation found within a system's -// filesystem. E.g., glibc was found in `/var/lib/dpkg/status`. -message Location { - // Deprecated. - // The CPE URI in [CPE format](https://cpe.mitre.org/specification/) - string cpe_uri = 1; - - // Deprecated. - // The version installed at this location. - Version version = 2; - - // The path from which we gathered that this package/version is installed. - string path = 3; -} - -// PackageNote represents a particular package version. -message PackageNote { - // The name of the package. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.field_behavior) = IMMUTABLE - ]; - - // Deprecated. - // The various channels by which a package is distributed. - repeated Distribution distribution = 10; - - // The type of package; whether native or non native (e.g., ruby gems, - // node.js packages, etc.). - string package_type = 11; - - // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) - // denoting the package manager version distributing a package. - // The cpe_uri will be blank for language packages. - string cpe_uri = 12; - - // The CPU architecture for which packages in this distribution channel were - // built. Architecture will be blank for language packages. - Architecture architecture = 13; - - // The version of the package. - Version version = 14; - - // A freeform text denoting the maintainer of this package. - string maintainer = 15; - - // The homepage for this package. - string url = 16; - - // The description of this package. - string description = 17; - - // Licenses that have been declared by the authors of the package. - License license = 18; - - // Hash value, typically a file digest, that allows unique - // identification a specific package. - repeated Digest digest = 19; -} - -// Details on how a particular software package was installed on a system. -message PackageOccurrence { - // The name of the installed package. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.field_behavior) = OUTPUT_ONLY - ]; - - // All of the places within the filesystem versions of this package - // have been found. - repeated Location location = 2; - - // The type of package; whether native or non native (e.g., ruby gems, - // node.js packages, etc.). - string package_type = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) - // denoting the package manager version distributing a package. - // The cpe_uri will be blank for language packages. - string cpe_uri = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // The CPU architecture for which packages in this distribution channel were - // built. Architecture will be blank for language packages. - Architecture architecture = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Licenses that have been declared by the authors of the package. - License license = 6; - - // The version of the package. - Version version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// Version contains structured information about the version of a package. -message Version { - // Used to correct mistakes in the version numbering scheme. - int32 epoch = 1; - - // Required only when version kind is NORMAL. The main part of the version - // name. - string name = 2; - - // The iteration of the package build from the above version. - string revision = 3; - - // Whether this version is specifying part of an inclusive range. Grafeas - // does not have the capability to specify version ranges; instead we have - // fields that specify start version and end versions. At times this is - // insufficient - we also need to specify whether the version is included in - // the range or is excluded from the range. This boolean is expected to be set - // to true when the version is included in a range. - bool inclusive = 6; - - // Whether this is an ordinary package version or a sentinel MIN/MAX version. - enum VersionKind { - // Unknown. - VERSION_KIND_UNSPECIFIED = 0; - // A standard package version. - NORMAL = 1; - // A special version representing negative infinity. - MINIMUM = 2; - // A special version representing positive infinity. - MAXIMUM = 3; - } - - // Required. Distinguishes between sentinel MIN/MAX versions and normal - // versions. - VersionKind kind = 4; - - // Human readable version string. This string is of the form - // :- and is only set when kind is NORMAL. - string full_name = 5; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto deleted file mode 100644 index 06b1097..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/provenance.proto +++ /dev/null @@ -1,265 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/timestamp.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Provenance of a build. Contains all information needed to verify the full -// details about the build from source to completion. -message BuildProvenance { - // Required. Unique identifier of the build. - string id = 1; - - // ID of the project. - string project_id = 2; - - // Commands requested by the build. - repeated Command commands = 3; - - // Output of the build. - repeated Artifact built_artifacts = 4; - - // Time at which the build was created. - google.protobuf.Timestamp create_time = 5; - - // Time at which execution of the build was started. - google.protobuf.Timestamp start_time = 6; - - // Time at which execution of the build was finished. - google.protobuf.Timestamp end_time = 7; - - // E-mail address of the user who initiated this build. Note that this was the - // user's e-mail address at the time the build was initiated; this address may - // not represent the same end-user for all time. - string creator = 8; - - // URI where any logs for this provenance were written. - string logs_uri = 9; - - // Details of the Source input to the build. - Source source_provenance = 10; - - // Trigger identifier if the build was triggered automatically; empty if not. - string trigger_id = 11; - - // Special options applied to this build. This is a catch-all field where - // build providers can enter any desired additional details. - map build_options = 12; - - // Version string of the builder at the time this build was executed. - string builder_version = 13; -} - -// Source describes the location of the source used for the build. -message Source { - // If provided, the input binary artifacts for the build came from this - // location. - string artifact_storage_source_uri = 1; - - // Hash(es) of the build source, which can be used to verify that the original - // source integrity was maintained in the build. - // - // The keys to this map are file paths used as build source and the values - // contain the hash values for those files. - // - // If the build source came in a single package such as a gzipped tarfile - // (.tar.gz), the FileHash will be for the single path to that file. - map file_hashes = 2; - - // If provided, the source code used for the build came from this location. - SourceContext context = 3; - - // If provided, some of the source code used for the build may be found in - // these locations, in the case where the source repository had multiple - // remotes or submodules. This list will not include the context specified in - // the context field. - repeated SourceContext additional_contexts = 4; -} - -// Container message for hashes of byte content of files, used in source -// messages to verify integrity of source input to the build. -message FileHashes { - // Required. Collection of file hashes. - repeated Hash file_hash = 1; -} - -// Container message for hash values. -message Hash { - // Required. The type of hash that was performed, e.g. "SHA-256". - string type = 1; - // Required. The hash value. - bytes value = 2; -} - -// Command describes a step performed as part of the build pipeline. -message Command { - // Required. Name of the command, as presented on the command line, or if the - // command is packaged as a Docker container, as presented to `docker pull`. - string name = 1; - - // Environment variables set before running this command. - repeated string env = 2; - - // Command-line arguments used when executing this command. - repeated string args = 3; - - // Working directory (relative to project source root) used when running this - // command. - string dir = 4; - - // Optional unique identifier for this command, used in wait_for to reference - // this command as a dependency. - string id = 5; - - // The ID(s) of the command(s) that this command depends on. - repeated string wait_for = 6; -} - -// Artifact describes a build product. -message Artifact { - // Hash or checksum value of a binary, or Docker Registry 2.0 digest of a - // container. - string checksum = 1; - - // Artifact ID, if any; for container images, this will be a URL by digest - // like `gcr.io/projectID/imagename@sha256:123456`. - string id = 2; - - // Related artifact names. This may be the path to a binary or jar file, or in - // the case of a container build, the name used to push the container image to - // Google Container Registry, as presented to `docker push`. Note that a - // single Artifact ID can have multiple names, for example if two tags are - // applied to one image. - repeated string names = 3; -} - -// A SourceContext is a reference to a tree of files. A SourceContext together -// with a path point to a unique revision of a single file or directory. -message SourceContext { - // A SourceContext can refer any one of the following types of repositories. - oneof context { - // A SourceContext referring to a revision in a Google Cloud Source Repo. - CloudRepoSourceContext cloud_repo = 1; - - // A SourceContext referring to a Gerrit project. - GerritSourceContext gerrit = 2; - - // A SourceContext referring to any third party Git repo (e.g., GitHub). - GitSourceContext git = 3; - } - - // Labels with user defined metadata. - map labels = 4; -} - -// An alias to a repo revision. -message AliasContext { - // The type of an alias. - enum Kind { - // Unknown. - KIND_UNSPECIFIED = 0; - // Git tag. - FIXED = 1; - // Git branch. - MOVABLE = 2; - // Used to specify non-standard aliases. For example, if a Git repo has a - // ref named "refs/foo/bar". - OTHER = 4; - } - - // The alias kind. - Kind kind = 1; - - // The alias name. - string name = 2; -} - -// A CloudRepoSourceContext denotes a particular revision in a Google Cloud -// Source Repo. -message CloudRepoSourceContext { - // The ID of the repo. - RepoId repo_id = 1; - - // A revision in a Cloud Repo can be identified by either its revision ID or - // its alias. - oneof revision { - // A revision ID. - string revision_id = 2; - - // An alias, which may be a branch or tag. - AliasContext alias_context = 3; - } -} - -// A SourceContext referring to a Gerrit project. -message GerritSourceContext { - // The URI of a running Gerrit instance. - string host_uri = 1; - - // The full project name within the host. Projects may be nested, so - // "project/subproject" is a valid project name. The "repo name" is the - // hostURI/project. - string gerrit_project = 2; - - // A revision in a Gerrit project can be identified by either its revision ID - // or its alias. - oneof revision { - // A revision (commit) ID. - string revision_id = 3; - - // An alias, which may be a branch or tag. - AliasContext alias_context = 4; - } -} - -// A GitSourceContext denotes a particular revision in a third party Git -// repository (e.g., GitHub). -message GitSourceContext { - // Git repository URL. - string url = 1; - - // Git commit hash. - string revision_id = 2; -} - -// A unique identifier for a Cloud Repo. -message RepoId { - // A cloud repo can be identified by either its project ID and repository name - // combination, or its globally unique identifier. - oneof id { - // A combination of a project ID and a repo name. - ProjectRepoId project_repo_id = 1; - - // A server-assigned, globally unique identifier. - string uid = 2; - } -} - -// Selects a repo using a Google Cloud Platform project ID (e.g., -// winged-cargo-31) and a repo name within that project. -message ProjectRepoId { - // The ID of the project. - string project_id = 1; - - // The name of the repo. Leave empty for the default repo. - string repo_name = 2; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/severity.proto b/owl-bot-staging/v1/protos/grafeas/v1/severity.proto deleted file mode 100644 index cc9cc38..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/severity.proto +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// Note provider assigned severity/impact ranking. -enum Severity { - // Unknown. - SEVERITY_UNSPECIFIED = 0; - // Minimal severity. - MINIMAL = 1; - // Low severity. - LOW = 2; - // Medium severity. - MEDIUM = 3; - // High severity. - HIGH = 4; - // Critical severity. - CRITICAL = 5; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto deleted file mode 100644 index c038af0..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance.proto +++ /dev/null @@ -1,115 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/any.proto"; -import "google/protobuf/timestamp.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option java_outer_classname = "SlsaProvenanceProto"; - -message SlsaProvenance { - // Steps taken to build the artifact. - // For a TaskRun, typically each container corresponds to one step in the - // recipe. - message SlsaRecipe { - // URI indicating what type of recipe was performed. It determines the - // meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and - // materials. - string type = 1; - // Index in materials containing the recipe steps that are not implied by - // recipe.type. For example, if the recipe type were "make", then this would - // point to the source containing the Makefile, not the make program itself. - // Set to -1 if the recipe doesn't come from a material, as zero is default - // unset value for int64. - int64 defined_in_material = 2; - // String identifying the entry point into the build. - // This is often a path to a configuration file and/or a target label within - // that file. The syntax and meaning are defined by recipe.type. For - // example, if the recipe type were "make", then this would reference the - // directory in which to run make as well as which target to use. - string entry_point = 3; - // Collection of all external inputs that influenced the build on top of - // recipe.definedInMaterial and recipe.entryPoint. For example, if the - // recipe type were "make", then this might be the flags passed to make - // aside from the target, which is captured in recipe.entryPoint. Depending - // on the recipe Type, the structure may be different. - google.protobuf.Any arguments = 4; - // Any other builder-controlled inputs necessary for correctly evaluating - // the recipe. Usually only needed for reproducing the build but not - // evaluated as part of policy. Depending on the recipe Type, the structure - // may be different. - google.protobuf.Any environment = 5; - } - - // Indicates that the builder claims certain fields in this message to be - // complete. - message SlsaCompleteness { - // If true, the builder claims that recipe.arguments is complete, meaning - // that all external inputs are properly captured in the recipe. - bool arguments = 1; - // If true, the builder claims that recipe.environment is claimed to be - // complete. - bool environment = 2; - // If true, the builder claims that materials are complete, usually through - // some controls to prevent network access. Sometimes called "hermetic". - bool materials = 3; - } - - // Other properties of the build. - message SlsaMetadata { - // Identifies the particular build invocation, which can be useful for - // finding associated logs or other ad-hoc analysis. The value SHOULD be - // globally unique, per in-toto Provenance spec. - string build_invocation_id = 1; - // The timestamp of when the build started. - google.protobuf.Timestamp build_started_on = 2; - // The timestamp of when the build completed. - google.protobuf.Timestamp build_finished_on = 3; - // Indicates that the builder claims certain fields in this message to be - // complete. - SlsaCompleteness completeness = 4; - // If true, the builder claims that running the recipe on materials will - // produce bit-for-bit identical output. - bool reproducible = 5; - } - - message SlsaBuilder { - string id = 1; - } - - message Material { - string uri = 1; - map digest = 2; - } - - SlsaBuilder builder = 1; // required - // Identifies the configuration used for the build. - // When combined with materials, this SHOULD fully describe the build, - // such that re-running this recipe results in bit-for-bit identical output - // (if the build is reproducible). - SlsaRecipe recipe = 2; // required - SlsaMetadata metadata = 3; - // The collection of artifacts that influenced the build including sources, - // dependencies, build tools, base images, and so on. This is considered to be - // incomplete unless metadata.completeness.materials is true. Unset or null is - // equivalent to empty. - repeated Material materials = 4; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto b/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto deleted file mode 100644 index 11cdd1c..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/slsa_provenance_zero_two.proto +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2021 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/struct.proto"; -import "google/protobuf/timestamp.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; -option java_outer_classname = "SlsaProvenanceZeroTwoProto"; - -message SlsaProvenanceZeroTwo { - // See full explanation of fields at slsa.dev/provenance/v0.2. - - // Identifies the entity that executed the recipe, which is trusted to have - // correctly performed the operation and populated this provenance. - message SlsaBuilder { - string id = 1; - } - - // The collection of artifacts that influenced the build including sources, - // dependencies, build tools, base images, and so on. - message SlsaMaterial { - string uri = 1; - map digest = 2; - } - - // Identifies the event that kicked off the build. - message SlsaInvocation { - SlsaConfigSource config_source = 1; - google.protobuf.Struct parameters = 2; - google.protobuf.Struct environment = 3; - } - - // Describes where the config file that kicked off the build came from. - // This is effectively a pointer to the source where buildConfig came from. - message SlsaConfigSource { - string uri = 1; - map digest = 2; - string entry_point = 3; - } - - // Other properties of the build. - message SlsaMetadata { - string build_invocation_id = 1; - google.protobuf.Timestamp build_started_on = 2; - google.protobuf.Timestamp build_finished_on = 3; - SlsaCompleteness completeness = 4; - bool reproducible = 5; - } - - // Indicates that the builder claims certain fields in this message to be - // complete. - message SlsaCompleteness { - bool parameters = 1; - bool environment = 2; - bool materials = 3; - } - - SlsaBuilder builder = 1; - string build_type = 2; - SlsaInvocation invocation = 3; - google.protobuf.Struct build_config = 4; - SlsaMetadata metadata = 5; - repeated SlsaMaterial materials = 6; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto b/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto deleted file mode 100644 index 89d3892..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/upgrade.proto +++ /dev/null @@ -1,114 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/protobuf/timestamp.proto"; -import "grafeas/v1/package.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// An Upgrade Note represents a potential upgrade of a package to a given -// version. For each package version combination (i.e. bash 4.0, bash 4.1, -// bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field -// represents the information related to the update. -message UpgradeNote { - // Required for non-Windows OS. The package this Upgrade is for. - string package = 1; - // Required for non-Windows OS. The version of the package in machine + human - // readable form. - grafeas.v1.Version version = 2; - // Metadata about the upgrade for each specific operating system. - repeated UpgradeDistribution distributions = 3; - // Required for Windows OS. Represents the metadata about the Windows update. - WindowsUpdate windows_update = 4; -} - -// The Upgrade Distribution represents metadata about the Upgrade for each -// operating system (CPE). Some distributions have additional metadata around -// updates, classifying them into various categories and severities. -message UpgradeDistribution { - // Required - The specific operating system this metadata applies to. See - // https://cpe.mitre.org/specification/. - string cpe_uri = 1; - // The operating system classification of this Upgrade, as specified by the - // upstream operating system upgrade feed. For Windows the classification is - // one of the category_ids listed at - // https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85) - string classification = 2; - // The severity as specified by the upstream operating system. - string severity = 3; - // The cve tied to this Upgrade. - repeated string cve = 4; -} - -// Windows Update represents the metadata about the update for the Windows -// operating system. The fields in this message come from the Windows Update API -// documented at -// https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate. -message WindowsUpdate { - // The unique identifier of the update. - message Identity { - // The revision independent identifier of the update. - string update_id = 1; - // The revision number of the update. - int32 revision = 2; - } - // Required - The unique identifier for the update. - Identity identity = 1; - // The localized title of the update. - string title = 2; - // The localized description of the update. - string description = 3; - // The category to which the update belongs. - message Category { - // The identifier of the category. - string category_id = 1; - // The localized name of the category. - string name = 2; - } - // The list of categories to which the update belongs. - repeated Category categories = 4; - // The Microsoft Knowledge Base article IDs that are associated with the - // update. - repeated string kb_article_ids = 5; - // The hyperlink to the support information for the update. - string support_url = 6; - // The last published timestamp of the update. - google.protobuf.Timestamp last_published_timestamp = 7; -} - -// An Upgrade Occurrence represents that a specific resource_url could install a -// specific upgrade. This presence is supplied via local sources (i.e. it is -// present in the mirror and the running system has noticed its availability). -// For Windows, both distribution and windows_update contain information for the -// Windows update. -message UpgradeOccurrence { - // Required for non-Windows OS. The package this Upgrade is for. - string package = 1; - // Required for non-Windows OS. The version of the package in a machine + - // human readable form. - grafeas.v1.Version parsed_version = 3; - // Metadata about the upgrade for available for the specific operating system - // for the resource_url. This allows efficient filtering, as well as - // making it easier to use the occurrence. - UpgradeDistribution distribution = 4; - // Required for Windows OS. Represents the metadata about the Windows update. - WindowsUpdate windows_update = 5; -} diff --git a/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto b/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto deleted file mode 100644 index 70ab550..0000000 --- a/owl-bot-staging/v1/protos/grafeas/v1/vulnerability.proto +++ /dev/null @@ -1,241 +0,0 @@ -// Copyright 2019 The Grafeas Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package grafeas.v1; - -import "google/api/field_behavior.proto"; -import "google/protobuf/timestamp.proto"; -import "grafeas/v1/common.proto"; -import "grafeas/v1/cvss.proto"; -import "grafeas/v1/package.proto"; -import "grafeas/v1/severity.proto"; - -option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; -option java_multiple_files = true; -option java_package = "io.grafeas.v1"; -option objc_class_prefix = "GRA"; - -// A security vulnerability that can be found in resources. -message VulnerabilityNote { - // The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 - // where 0 indicates low severity and 10 indicates high severity. - float cvss_score = 1; - - // The note provider assigned severity of this vulnerability. - grafeas.v1.Severity severity = 2; - - // Details of all known distros and packages affected by this vulnerability. - repeated Detail details = 3; - - // A detail for a distro and package affected by this vulnerability and its - // associated fix (if one is available). - message Detail { - // The distro assigned severity of this vulnerability. - string severity_name = 1; - - // A vendor-specific description of this vulnerability. - string description = 2; - - // The type of package; whether native or non native (e.g., ruby gems, - // node.js packages, etc.). - string package_type = 3; - - // Required. The [CPE URI](https://cpe.mitre.org/specification/) this - // vulnerability affects. - string affected_cpe_uri = 4; - - // Required. The package this vulnerability affects. - string affected_package = 5; - - // The version number at the start of an interval in which this - // vulnerability exists. A vulnerability can affect a package between - // version numbers that are disjoint sets of intervals (example: - // [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be - // represented in its own Detail. If a specific affected version is provided - // by a vulnerability database, affected_version_start and - // affected_version_end will be the same in that Detail. - grafeas.v1.Version affected_version_start = 6; - - // The version number at the end of an interval in which this vulnerability - // exists. A vulnerability can affect a package between version numbers - // that are disjoint sets of intervals (example: [1.0.0-1.1.0], - // [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its - // own Detail. If a specific affected version is provided by a vulnerability - // database, affected_version_start and affected_version_end will be the - // same in that Detail. - grafeas.v1.Version affected_version_end = 7; - - // The distro recommended [CPE URI](https://cpe.mitre.org/specification/) - // to update to that contains a fix for this vulnerability. It is possible - // for this to be different from the affected_cpe_uri. - string fixed_cpe_uri = 8; - - // The distro recommended package to update to that contains a fix for this - // vulnerability. It is possible for this to be different from the - // affected_package. - string fixed_package = 9; - - // The distro recommended version to update to that contains a - // fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no - // such version is yet available. - grafeas.v1.Version fixed_version = 10; - - // Whether this detail is obsolete. Occurrences are expected not to point to - // obsolete details. - bool is_obsolete = 11; - - // The time this information was last changed at the source. This is an - // upstream timestamp from the underlying information source - e.g. Ubuntu - // security tracker. - google.protobuf.Timestamp source_update_time = 12; - - // The source from which the information in this Detail was obtained. - string source = 13; - - // The name of the vendor of the product. - string vendor = 14; - } - - // The full description of the CVSSv3 for this vulnerability. - CVSSv3 cvss_v3 = 4; - - // Windows details get their own format because the information format and - // model don't match a normal detail. Specifically Windows updates are done as - // patches, thus Windows vulnerabilities really are a missing package, rather - // than a package being at an incorrect version. - repeated WindowsDetail windows_details = 5; - - message WindowsDetail { - // Required. The [CPE URI](https://cpe.mitre.org/specification/) this - // vulnerability affects. - string cpe_uri = 1; - - // Required. The name of this vulnerability. - string name = 2; - - // The description of this vulnerability. - string description = 3; - - // Required. The names of the KBs which have hotfixes to mitigate this - // vulnerability. Note that there may be multiple hotfixes (and thus - // multiple KBs) that mitigate a given vulnerability. Currently any listed - // KBs presence is considered a fix. - repeated KnowledgeBase fixing_kbs = 4; - - message KnowledgeBase { - // The KB name (generally of the form KB[0-9]+ (e.g., KB123456)). - string name = 1; - // A link to the KB in the [Windows update catalog] - // (https://www.catalog.update.microsoft.com/). - string url = 2; - } - } - - // The time this information was last changed at the source. This is an - // upstream timestamp from the underlying information source - e.g. Ubuntu - // security tracker. - google.protobuf.Timestamp source_update_time = 6; -} - -// An occurrence of a severity vulnerability on a resource. -message VulnerabilityOccurrence { - // The type of package; whether native or non native (e.g., ruby gems, node.js - // packages, etc.). - string type = 1; - - // Output only. The note provider assigned severity of this vulnerability. - grafeas.v1.Severity severity = 2; - - // Output only. The CVSS score of this vulnerability. CVSS score is on a - // scale of 0 - 10 where 0 indicates low severity and 10 indicates high - // severity. - float cvss_score = 3; - - // The cvss v3 score for the vulnerability. - CVSS cvssv3 = 10; - - // Required. The set of affected locations and their fixes (if available) - // within the associated resource. - repeated PackageIssue package_issue = 4; - - // A detail for a distro and package this vulnerability occurrence was found - // in and its associated fix (if one is available). - message PackageIssue { - // Required. The [CPE URI](https://cpe.mitre.org/specification/) this - // vulnerability was found in. - string affected_cpe_uri = 1; - - // Required. The package this vulnerability was found in. - string affected_package = 2; - - // Required. The version of the package that is installed on the resource - // affected by this vulnerability. - grafeas.v1.Version affected_version = 3; - - // The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability - // was fixed in. It is possible for this to be different from the - // affected_cpe_uri. - string fixed_cpe_uri = 4; - - // The package this vulnerability was fixed in. It is possible for this to - // be different from the affected_package. - string fixed_package = 5; - - // Required. The version of the package this vulnerability was fixed in. - // Setting this to VersionKind.MAXIMUM means no fix is yet available. - grafeas.v1.Version fixed_version = 6; - - // Output only. Whether a fix is available for this package. - bool fix_available = 7; - - // The type of package (e.g. OS, MAVEN, GO). - string package_type = 8; - - // The distro or language system assigned severity for this vulnerability - // when that is available and note provider assigned severity when it is not - // available. - grafeas.v1.Severity effective_severity = 9 - [(google.api.field_behavior) = OUTPUT_ONLY]; - - // The location at which this package was found. - repeated FileLocation file_location = 10; - } - - // Output only. A one sentence description of this vulnerability. - string short_description = 5; - - // Output only. A detailed description of this vulnerability. - string long_description = 6; - - // Output only. URLs related to this vulnerability. - repeated grafeas.v1.RelatedUrl related_urls = 7; - - // The distro assigned severity for this vulnerability when it is available, - // otherwise this is the note provider assigned severity. - // - // When there are multiple PackageIssues for this vulnerability, they can have - // different effective severities because some might be provided by the distro - // while others are provided by the language ecosystem for a language pack. - // For this reason, it is advised to use the effective severity on the - // PackageIssue level. In the case where multiple PackageIssues have differing - // effective severities, this field should be the highest severity for any of - // the PackageIssues. - grafeas.v1.Severity effective_severity = 8; - - // Output only. Whether at least one of the affected packages has a fix - // available. - bool fix_available = 9; -} diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js deleted file mode 100644 index 1499dc5..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.create_attestor.js +++ /dev/null @@ -1,70 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(parent, attestorId, attestor) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The parent of this attestor google.cloud.binaryauthorization.v1.Attestor. - */ - // const parent = 'abc123' - /** - * Required. The attestors google.cloud.binaryauthorization.v1.Attestor ID. - */ - // const attestorId = 'abc123' - /** - * Required. The initial attestor google.cloud.binaryauthorization.v1.Attestor value. The service will - * overwrite the attestor name google.cloud.binaryauthorization.v1.Attestor.name field with the resource name, - * in the format `projects/* /attestors/*`. - */ - // const attestor = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callCreateAttestor() { - // Construct request - const request = { - parent, - attestorId, - attestor, - }; - - // Run request - const response = await binaryauthorizationClient.createAttestor(request); - console.log(response); - } - - callCreateAttestor(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js deleted file mode 100644 index e25decb..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The name of the attestors google.cloud.binaryauthorization.v1.Attestor to delete, in the format - * `projects/* /attestors/*`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callDeleteAttestor() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.deleteAttestor(request); - console.log(response); - } - - callDeleteAttestor(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js deleted file mode 100644 index 98295e2..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_attestor.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The name of the attestor google.cloud.binaryauthorization.v1.Attestor to retrieve, in the format - * `projects/* /attestors/*`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callGetAttestor() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getAttestor(request); - console.log(response); - } - - callGetAttestor(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js deleted file mode 100644 index bc8f4f6..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.get_policy.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name of the policy google.cloud.binaryauthorization.v1.Policy to retrieve, - * in the format `projects/* /policy`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callGetPolicy() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getPolicy(request); - console.log(response); - } - - callGetPolicy(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js deleted file mode 100644 index aebdf8c..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.list_attestors.js +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(parent) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name of the project associated with the - * attestors google.cloud.binaryauthorization.v1.Attestor, in the format `projects/*`. - */ - // const parent = 'abc123' - /** - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - */ - // const pageSize = 1234 - /** - * A token identifying a page of results the server should return. Typically, - * this is the value of ListAttestorsResponse.next_page_token google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token returned - * from the previous call to the `ListAttestors` method. - */ - // const pageToken = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callListAttestors() { - // Construct request - const request = { - parent, - }; - - // Run request - const iterable = await binaryauthorizationClient.listAttestorsAsync(request); - for await (const response of iterable) { - console.log(response); - } - } - - callListAttestors(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js deleted file mode 100644 index 6c5acdc..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_attestor.js +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(attestor) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The updated attestor google.cloud.binaryauthorization.v1.Attestor value. The service will - * overwrite the attestor name google.cloud.binaryauthorization.v1.Attestor.name field with the resource name - * in the request URL, in the format `projects/* /attestors/*`. - */ - // const attestor = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callUpdateAttestor() { - // Construct request - const request = { - attestor, - }; - - // Run request - const response = await binaryauthorizationClient.updateAttestor(request); - console.log(response); - } - - callUpdateAttestor(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js b/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js deleted file mode 100644 index c70c3a6..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/binauthz_management_service_v1.update_policy.js +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(policy) { - // [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. A new or updated policy google.cloud.binaryauthorization.v1.Policy value. The service will - * overwrite the policy name google.cloud.binaryauthorization.v1.Policy.name field with the resource name in - * the request URL, in the format `projects/* /policy`. - */ - // const policy = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Client(); - - async function callUpdatePolicy() { - // Construct request - const request = { - policy, - }; - - // Run request - const response = await binaryauthorizationClient.updatePolicy(request); - console.log(response); - } - - callUpdatePolicy(); - // [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json deleted file mode 100644 index f605144..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/snippet_metadata.google.cloud.binaryauthorization.v1.json +++ /dev/null @@ -1,403 +0,0 @@ -{ - "clientLibrary": { - "name": "nodejs-binaryauthorization", - "version": "0.1.0", - "language": "TYPESCRIPT", - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ] - }, - "snippets": [ - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "title": "BinauthzManagementServiceV1 getPolicy Sample", - "origin": "API_DEFINITION", - "description": " A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy. Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.", - "canonical": true, - "file": "binauthz_management_service_v1.get_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetPolicy", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Policy", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "GetPolicy", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "title": "BinauthzManagementServiceV1 updatePolicy Sample", - "origin": "API_DEFINITION", - "description": " Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.", - "canonical": true, - "file": "binauthz_management_service_v1.update_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 52, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "UpdatePolicy", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "async": true, - "parameters": [ - { - "name": "policy", - "type": ".google.cloud.binaryauthorization.v1.Policy" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Policy", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "UpdatePolicy", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "title": "BinauthzManagementServiceV1 createAttestor Sample", - "origin": "API_DEFINITION", - "description": " Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.", - "canonical": true, - "file": "binauthz_management_service_v1.create_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 62, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "CreateAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "async": true, - "parameters": [ - { - "name": "parent", - "type": "TYPE_STRING" - }, - { - "name": "attestor_id", - "type": "TYPE_STRING" - }, - { - "name": "attestor", - "type": ".google.cloud.binaryauthorization.v1.Attestor" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "CreateAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "title": "BinauthzManagementServiceV1 getAttestor Sample", - "origin": "API_DEFINITION", - "description": " Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1.get_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "GetAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "title": "BinauthzManagementServiceV1 updateAttestor Sample", - "origin": "API_DEFINITION", - "description": " Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1.update_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 52, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "UpdateAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "async": true, - "parameters": [ - { - "name": "attestor", - "type": ".google.cloud.binaryauthorization.v1.Attestor" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "UpdateAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "title": "BinauthzManagementServiceV1 listAttestors Sample", - "origin": "API_DEFINITION", - "description": " Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. Returns INVALID_ARGUMENT if the project does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1.list_attestors.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 64, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "ListAttestors", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "async": true, - "parameters": [ - { - "name": "parent", - "type": "TYPE_STRING" - }, - { - "name": "page_size", - "type": "TYPE_INT32" - }, - { - "name": "page_token", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.ListAttestorsResponse", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "ListAttestors", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "title": "BinauthzManagementServiceV1 deleteAttestor Sample", - "origin": "API_DEFINITION", - "description": " Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1.delete_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "DeleteAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.protobuf.Empty", - "client": { - "shortName": "BinauthzManagementServiceV1Client", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1Client" - }, - "method": { - "shortName": "DeleteAttestor", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1", - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "title": "BinauthzManagementServiceV1 getSystemPolicy Sample", - "origin": "API_DEFINITION", - "description": " Gets the current system policy in the specified location.", - "canonical": true, - "file": "system_policy_v1.get_system_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetSystemPolicy", - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.Policy", - "client": { - "shortName": "SystemPolicyV1Client", - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1Client" - }, - "method": { - "shortName": "GetSystemPolicy", - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "shortName": "SystemPolicyV1", - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "title": "BinauthzManagementServiceV1 validateAttestationOccurrence Sample", - "origin": "API_DEFINITION", - "description": " Returns whether the given Attestation for the given image URI was signed by the given Attestor", - "canonical": true, - "file": "validation_helper_v1.validate_attestation_occurrence.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 72, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "ValidateAttestationOccurrence", - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "async": true, - "parameters": [ - { - "name": "attestor", - "type": "TYPE_STRING" - }, - { - "name": "attestation", - "type": ".grafeas.v1.AttestationOccurrence" - }, - { - "name": "occurrence_note", - "type": "TYPE_STRING" - }, - { - "name": "occurrence_resource_uri", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse", - "client": { - "shortName": "ValidationHelperV1Client", - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1Client" - }, - "method": { - "shortName": "ValidateAttestationOccurrence", - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "shortName": "ValidationHelperV1", - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1" - } - } - } - } - ] -} diff --git a/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js b/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js deleted file mode 100644 index d749cd7..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/system_policy_v1.get_system_policy.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name, in the format `locations/* /policy`. - * Note that the system policy is not associated with a project. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {SystemPolicyV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new SystemPolicyV1Client(); - - async function callGetSystemPolicy() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getSystemPolicy(request); - console.log(response); - } - - callGetSystemPolicy(); - // [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js b/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js deleted file mode 100644 index ff236be..0000000 --- a/owl-bot-staging/v1/samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js +++ /dev/null @@ -1,80 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(attestor, attestation, occurrenceNote, occurrenceResourceUri) { - // [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name of the Attestor google.cloud.binaryauthorization.v1.Attestor of the - * occurrence grafeas.v1.Occurrence, in the format - * `projects/* /attestors/*`. - */ - // const attestor = 'abc123' - /** - * Required. An AttestationOccurrence grafeas.v1.AttestationOccurrence to - * be checked that it can be verified by the Attestor. It does not have to be - * an existing entity in Container Analysis. It must otherwise be a valid - * AttestationOccurrence. - */ - // const attestation = {} - /** - * Required. The resource name of the Note grafeas.v1.Note to which the - * containing Occurrence grafeas.v1.Occurrence is associated. - */ - // const occurrenceNote = 'abc123' - /** - * Required. The URI of the artifact (e.g. container image) that is the - * subject of the containing Occurrence grafeas.v1.Occurrence. - */ - // const occurrenceResourceUri = 'abc123' - - // Imports the Binaryauthorization library - const {ValidationHelperV1Client} = require('@google-cloud/binary-authorization').v1; - - // Instantiates a client - const binaryauthorizationClient = new ValidationHelperV1Client(); - - async function callValidateAttestationOccurrence() { - // Construct request - const request = { - attestor, - attestation, - occurrenceNote, - occurrenceResourceUri, - }; - - // Run request - const response = await binaryauthorizationClient.validateAttestationOccurrence(request); - console.log(response); - } - - callValidateAttestationOccurrence(); - // [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1/src/index.ts b/owl-bot-staging/v1/src/index.ts deleted file mode 100644 index 1b0b77a..0000000 --- a/owl-bot-staging/v1/src/index.ts +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as v1 from './v1'; -const BinauthzManagementServiceV1Client = v1.BinauthzManagementServiceV1Client; -type BinauthzManagementServiceV1Client = v1.BinauthzManagementServiceV1Client; -const SystemPolicyV1Client = v1.SystemPolicyV1Client; -type SystemPolicyV1Client = v1.SystemPolicyV1Client; -const ValidationHelperV1Client = v1.ValidationHelperV1Client; -type ValidationHelperV1Client = v1.ValidationHelperV1Client; -export {v1, BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client}; -export default {v1, BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client}; -import * as protos from '../protos/protos'; -export {protos} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts deleted file mode 100644 index 1150353..0000000 --- a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client.ts +++ /dev/null @@ -1,1078 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall} from 'google-gax'; - -import { Transform } from 'stream'; -import { RequestType } from 'google-gax/build/src/apitypes'; -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1/binauthz_management_service_v1_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './binauthz_management_service_v1_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * Google Cloud Management Service for Binary Authorization admission policies - * and attestation authorities. - * - * This API implements a REST model with the following objects: - * - * * {@link google.cloud.binaryauthorization.v1.Policy|Policy} - * * {@link google.cloud.binaryauthorization.v1.Attestor|Attestor} - * @class - * @memberof v1 - */ -export class BinauthzManagementServiceV1Client { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - pathTemplates: {[name: string]: gax.PathTemplate}; - binauthzManagementServiceV1Stub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of BinauthzManagementServiceV1Client. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof BinauthzManagementServiceV1Client; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - attestorPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/attestors/{attestor}' - ), - locationPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'locations/{location}/policy' - ), - projectPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}' - ), - projectPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/policy' - ), - }; - - // Some of the methods on this service return "paged" results, - // (e.g. 50 results at a time, with tokens to get subsequent - // pages). Denote the keys used for pagination and results. - this.descriptors.page = { - listAttestors: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'attestors') - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.binauthzManagementServiceV1Stub) { - return this.binauthzManagementServiceV1Stub; - } - - // Put together the "service stub" for - // google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1. - this.binauthzManagementServiceV1Stub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const binauthzManagementServiceV1StubMethods = - ['getPolicy', 'updatePolicy', 'createAttestor', 'getAttestor', 'updateAttestor', 'listAttestors', 'deleteAttestor']; - for (const methodName of binauthzManagementServiceV1StubMethods) { - const callPromise = this.binauthzManagementServiceV1Stub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - this.descriptors.page[methodName] || - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.binauthzManagementServiceV1Stub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- -/** - * A {@link google.cloud.binaryauthorization.v1.Policy|policy} specifies the {@link google.cloud.binaryauthorization.v1.Attestor|attestors} that must attest to - * a container image, before the project is allowed to deploy that - * image. There is at most one policy per project. All image admission - * requests are permitted if a project has no policy. - * - * Gets the {@link google.cloud.binaryauthorization.v1.Policy|policy} for this project. Returns a default - * {@link google.cloud.binaryauthorization.v1.Policy|policy} if the project does not have one. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.binaryauthorization.v1.Policy|policy} to retrieve, - * in the format `projects/* /policy`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.get_policy.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async - */ - getPolicy( - request?: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|undefined, {}|undefined - ]>; - getPolicy( - request: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): void; - getPolicy( - request: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): void; - getPolicy( - request?: protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetPolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getPolicy(request, options, callback); - } -/** - * Creates or updates a project's {@link google.cloud.binaryauthorization.v1.Policy|policy}, and returns a copy of the - * new {@link google.cloud.binaryauthorization.v1.Policy|policy}. A policy is always updated as a whole, to avoid race - * conditions with concurrent policy enforcement (or management!) - * requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - * if the request is malformed. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.binaryauthorization.v1.Policy} request.policy - * Required. A new or updated {@link google.cloud.binaryauthorization.v1.Policy|policy} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1.Policy.name|policy name} field with the resource name in - * the request URL, in the format `projects/* /policy`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.update_policy.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async - */ - updatePolicy( - request?: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|undefined, {}|undefined - ]>; - updatePolicy( - request: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): void; - updatePolicy( - request: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): void; - updatePolicy( - request?: protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IUpdatePolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'policy.name': request.policy!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updatePolicy(request, options, callback); - } -/** - * Creates an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}, and returns a copy of the new - * {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. Returns NOT_FOUND if the project does not exist, - * INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - * {@link google.cloud.binaryauthorization.v1.Attestor|attestor} already exists. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The parent of this {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. - * @param {string} request.attestorId - * Required. The {@link google.cloud.binaryauthorization.v1.Attestor|attestors} ID. - * @param {google.cloud.binaryauthorization.v1.Attestor} request.attestor - * Required. The initial {@link google.cloud.binaryauthorization.v1.Attestor|attestor} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1.Attestor.name|attestor name} field with the resource name, - * in the format `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.create_attestor.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async - */ - createAttestor( - request?: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|undefined, {}|undefined - ]>; - createAttestor( - request: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): void; - createAttestor( - request: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): void; - createAttestor( - request?: protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.ICreateAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createAttestor(request, options, callback); - } -/** - * Gets an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. - * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The name of the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} to retrieve, in the format - * `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.get_attestor.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async - */ - getAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|undefined, {}|undefined - ]>; - getAttestor( - request: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): void; - getAttestor( - request: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): void; - getAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IGetAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getAttestor(request, options, callback); - } -/** - * Updates an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. - * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.binaryauthorization.v1.Attestor} request.attestor - * Required. The updated {@link google.cloud.binaryauthorization.v1.Attestor|attestor} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1.Attestor.name|attestor name} field with the resource name - * in the request URL, in the format `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.update_attestor.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async - */ - updateAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|undefined, {}|undefined - ]>; - updateAttestor( - request: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): void; - updateAttestor( - request: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): void; - updateAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor, - protos.google.cloud.binaryauthorization.v1.IUpdateAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'attestor.name': request.attestor!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updateAttestor(request, options, callback); - } -/** - * Deletes an {@link google.cloud.binaryauthorization.v1.Attestor|attestor}. Returns NOT_FOUND if the - * {@link google.cloud.binaryauthorization.v1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The name of the {@link google.cloud.binaryauthorization.v1.Attestor|attestors} to delete, in the format - * `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Empty]{@link google.protobuf.Empty}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.delete_attestor.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async - */ - deleteAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|undefined, {}|undefined - ]>; - deleteAttestor( - request: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): void; - deleteAttestor( - request: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, - callback: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): void; - deleteAttestor( - request?: protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1.IDeleteAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.deleteAttestor(request, options, callback); - } - - /** - * Lists {@link google.cloud.binaryauthorization.v1.Attestor|attestors}. - * Returns INVALID_ARGUMENT if the project does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listAttestorsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listAttestors( - request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor[], - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest|null, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse - ]>; - listAttestors( - request: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1.IAttestor>): void; - listAttestors( - request: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - callback: PaginationCallback< - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1.IAttestor>): void; - listAttestors( - request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1.IAttestor>, - callback?: PaginationCallback< - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1.IAttestor>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IAttestor[], - protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest|null, - protos.google.cloud.binaryauthorization.v1.IListAttestorsResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listAttestors(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listAttestorsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listAttestorsStream( - request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const defaultCallSettings = this._defaults['listAttestors']; - const callSettings = defaultCallSettings.merge(options); - this.initialize(); - return this.descriptors.page.listAttestors.createStream( - this.innerApiCalls.listAttestors as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listAttestors`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [Attestor]{@link google.cloud.binaryauthorization.v1.Attestor}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example include:samples/generated/v1/binauthz_management_service_v1.list_attestors.js - * region_tag:binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async - */ - listAttestorsAsync( - request?: protos.google.cloud.binaryauthorization.v1.IListAttestorsRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const defaultCallSettings = this._defaults['listAttestors']; - const callSettings = defaultCallSettings.merge(options); - this.initialize(); - return this.descriptors.page.listAttestors.asyncIterate( - this.innerApiCalls['listAttestors'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified attestor resource name string. - * - * @param {string} project - * @param {string} attestor - * @returns {string} Resource name string. - */ - attestorPath(project:string,attestor:string) { - return this.pathTemplates.attestorPathTemplate.render({ - project: project, - attestor: attestor, - }); - } - - /** - * Parse the project from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the project. - */ - matchProjectFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).project; - } - - /** - * Parse the attestor from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the attestor. - */ - matchAttestorFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; - } - - /** - * Return a fully-qualified locationPolicy resource name string. - * - * @param {string} location - * @returns {string} Resource name string. - */ - locationPolicyPath(location:string) { - return this.pathTemplates.locationPolicyPathTemplate.render({ - location: location, - }); - } - - /** - * Parse the location from LocationPolicy resource. - * - * @param {string} locationPolicyName - * A fully-qualified path representing location_policy resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationPolicyName(locationPolicyName: string) { - return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; - } - - /** - * Return a fully-qualified project resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPath(project:string) { - return this.pathTemplates.projectPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from Project resource. - * - * @param {string} projectName - * A fully-qualified path representing Project resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectName(projectName: string) { - return this.pathTemplates.projectPathTemplate.match(projectName).project; - } - - /** - * Return a fully-qualified projectPolicy resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPolicyPath(project:string) { - return this.pathTemplates.projectPolicyPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from ProjectPolicy resource. - * - * @param {string} projectPolicyName - * A fully-qualified path representing project_policy resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectPolicyName(projectPolicyName: string) { - return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - if (this.binauthzManagementServiceV1Stub && !this._terminated) { - return this.binauthzManagementServiceV1Stub.then(stub => { - this._terminated = true; - stub.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json deleted file mode 100644 index d8357fd..0000000 --- a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_client_config.json +++ /dev/null @@ -1,61 +0,0 @@ -{ - "interfaces": { - "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "GetPolicy": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdatePolicy": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "CreateAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "GetAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdateAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "ListAttestors": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "DeleteAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json b/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json deleted file mode 100644 index 2e7010a..0000000 --- a/owl-bot-staging/v1/src/v1/binauthz_management_service_v1_proto_list.json +++ /dev/null @@ -1,6 +0,0 @@ -[ - "../../protos/google/cloud/binaryauthorization/v1/resources.proto", - "../../protos/google/cloud/binaryauthorization/v1/service.proto", - "../../protos/grafeas/v1/attestation.proto", - "../../protos/grafeas/v1/common.proto" -] diff --git a/owl-bot-staging/v1/src/v1/gapic_metadata.json b/owl-bot-staging/v1/src/v1/gapic_metadata.json deleted file mode 100644 index b28d368..0000000 --- a/owl-bot-staging/v1/src/v1/gapic_metadata.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "schema": "1.0", - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "typescript", - "protoPackage": "google.cloud.binaryauthorization.v1", - "libraryPackage": "@google-cloud/binary-authorization", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "GetPolicy": { - "methods": [ - "getPolicy" - ] - }, - "UpdatePolicy": { - "methods": [ - "updatePolicy" - ] - }, - "CreateAttestor": { - "methods": [ - "createAttestor" - ] - }, - "GetAttestor": { - "methods": [ - "getAttestor" - ] - }, - "UpdateAttestor": { - "methods": [ - "updateAttestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "deleteAttestor" - ] - }, - "ListAttestors": { - "methods": [ - "listAttestors", - "listAttestorsStream", - "listAttestorsAsync" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "GetPolicy": { - "methods": [ - "getPolicy" - ] - }, - "UpdatePolicy": { - "methods": [ - "updatePolicy" - ] - }, - "CreateAttestor": { - "methods": [ - "createAttestor" - ] - }, - "GetAttestor": { - "methods": [ - "getAttestor" - ] - }, - "UpdateAttestor": { - "methods": [ - "updateAttestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "deleteAttestor" - ] - }, - "ListAttestors": { - "methods": [ - "listAttestors", - "listAttestorsStream", - "listAttestorsAsync" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "getSystemPolicy" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "getSystemPolicy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validateAttestationOccurrence" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validateAttestationOccurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/index.ts b/owl-bot-staging/v1/src/v1/index.ts deleted file mode 100644 index 90f5dd2..0000000 --- a/owl-bot-staging/v1/src/v1/index.ts +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -export {BinauthzManagementServiceV1Client} from './binauthz_management_service_v1_client'; -export {SystemPolicyV1Client} from './system_policy_v1_client'; -export {ValidationHelperV1Client} from './validation_helper_v1_client'; diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts b/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts deleted file mode 100644 index 8bcd71e..0000000 --- a/owl-bot-staging/v1/src/v1/system_policy_v1_client.ts +++ /dev/null @@ -1,492 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; - -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1/system_policy_v1_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './system_policy_v1_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * API for working with the system policy. - * @class - * @memberof v1 - */ -export class SystemPolicyV1Client { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - pathTemplates: {[name: string]: gax.PathTemplate}; - systemPolicyV1Stub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of SystemPolicyV1Client. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof SystemPolicyV1Client; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - attestorPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/attestors/{attestor}' - ), - locationPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'locations/{location}/policy' - ), - projectPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}' - ), - projectPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/policy' - ), - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.binaryauthorization.v1.SystemPolicyV1', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.systemPolicyV1Stub) { - return this.systemPolicyV1Stub; - } - - // Put together the "service stub" for - // google.cloud.binaryauthorization.v1.SystemPolicyV1. - this.systemPolicyV1Stub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.SystemPolicyV1') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.binaryauthorization.v1.SystemPolicyV1, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const systemPolicyV1StubMethods = - ['getSystemPolicy']; - for (const methodName of systemPolicyV1StubMethods) { - const callPromise = this.systemPolicyV1Stub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.systemPolicyV1Stub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- -/** - * Gets the current system policy in the specified location. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name, in the format `locations/* /policy`. - * Note that the system policy is not associated with a project. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/system_policy_v1.get_system_policy.js - * region_tag:binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async - */ - getSystemPolicy( - request?: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|undefined, {}|undefined - ]>; - getSystemPolicy( - request: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): void; - getSystemPolicy( - request: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): void; - getSystemPolicy( - request?: protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IPolicy, - protos.google.cloud.binaryauthorization.v1.IGetSystemPolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getSystemPolicy(request, options, callback); - } - - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified attestor resource name string. - * - * @param {string} project - * @param {string} attestor - * @returns {string} Resource name string. - */ - attestorPath(project:string,attestor:string) { - return this.pathTemplates.attestorPathTemplate.render({ - project: project, - attestor: attestor, - }); - } - - /** - * Parse the project from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the project. - */ - matchProjectFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).project; - } - - /** - * Parse the attestor from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the attestor. - */ - matchAttestorFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; - } - - /** - * Return a fully-qualified locationPolicy resource name string. - * - * @param {string} location - * @returns {string} Resource name string. - */ - locationPolicyPath(location:string) { - return this.pathTemplates.locationPolicyPathTemplate.render({ - location: location, - }); - } - - /** - * Parse the location from LocationPolicy resource. - * - * @param {string} locationPolicyName - * A fully-qualified path representing location_policy resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationPolicyName(locationPolicyName: string) { - return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; - } - - /** - * Return a fully-qualified project resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPath(project:string) { - return this.pathTemplates.projectPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from Project resource. - * - * @param {string} projectName - * A fully-qualified path representing Project resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectName(projectName: string) { - return this.pathTemplates.projectPathTemplate.match(projectName).project; - } - - /** - * Return a fully-qualified projectPolicy resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPolicyPath(project:string) { - return this.pathTemplates.projectPolicyPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from ProjectPolicy resource. - * - * @param {string} projectPolicyName - * A fully-qualified path representing project_policy resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectPolicyName(projectPolicyName: string) { - return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - if (this.systemPolicyV1Stub && !this._terminated) { - return this.systemPolicyV1Stub.then(stub => { - this._terminated = true; - stub.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json b/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json deleted file mode 100644 index 1d25944..0000000 --- a/owl-bot-staging/v1/src/v1/system_policy_v1_client_config.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "interfaces": { - "google.cloud.binaryauthorization.v1.SystemPolicyV1": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "GetSystemPolicy": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json b/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json deleted file mode 100644 index 2e7010a..0000000 --- a/owl-bot-staging/v1/src/v1/system_policy_v1_proto_list.json +++ /dev/null @@ -1,6 +0,0 @@ -[ - "../../protos/google/cloud/binaryauthorization/v1/resources.proto", - "../../protos/google/cloud/binaryauthorization/v1/service.proto", - "../../protos/grafeas/v1/attestation.proto", - "../../protos/grafeas/v1/common.proto" -] diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts b/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts deleted file mode 100644 index 32af240..0000000 --- a/owl-bot-staging/v1/src/v1/validation_helper_v1_client.ts +++ /dev/null @@ -1,505 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; - -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1/validation_helper_v1_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './validation_helper_v1_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * BinAuthz Attestor verification - * @class - * @memberof v1 - */ -export class ValidationHelperV1Client { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - pathTemplates: {[name: string]: gax.PathTemplate}; - validationHelperV1Stub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of ValidationHelperV1Client. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof ValidationHelperV1Client; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - attestorPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/attestors/{attestor}' - ), - locationPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'locations/{location}/policy' - ), - projectPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}' - ), - projectPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/policy' - ), - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.binaryauthorization.v1.ValidationHelperV1', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.validationHelperV1Stub) { - return this.validationHelperV1Stub; - } - - // Put together the "service stub" for - // google.cloud.binaryauthorization.v1.ValidationHelperV1. - this.validationHelperV1Stub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1.ValidationHelperV1') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.binaryauthorization.v1.ValidationHelperV1, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const validationHelperV1StubMethods = - ['validateAttestationOccurrence']; - for (const methodName of validationHelperV1StubMethods) { - const callPromise = this.validationHelperV1Stub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.validationHelperV1Stub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- -/** - * Returns whether the given Attestation for the given image URI - * was signed by the given Attestor - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.attestor - * Required. The resource name of the {@link google.cloud.binaryauthorization.v1.Attestor|Attestor} of the - * {@link grafeas.v1.Occurrence|occurrence}, in the format - * `projects/* /attestors/*`. - * @param {grafeas.v1.AttestationOccurrence} request.attestation - * Required. An {@link grafeas.v1.AttestationOccurrence|AttestationOccurrence} to - * be checked that it can be verified by the Attestor. It does not have to be - * an existing entity in Container Analysis. It must otherwise be a valid - * AttestationOccurrence. - * @param {string} request.occurrenceNote - * Required. The resource name of the {@link grafeas.v1.Note|Note} to which the - * containing {@link grafeas.v1.Occurrence|Occurrence} is associated. - * @param {string} request.occurrenceResourceUri - * Required. The URI of the artifact (e.g. container image) that is the - * subject of the containing {@link grafeas.v1.Occurrence|Occurrence}. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [ValidateAttestationOccurrenceResponse]{@link google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1/validation_helper_v1.validate_attestation_occurrence.js - * region_tag:binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async - */ - validateAttestationOccurrence( - request?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|undefined, {}|undefined - ]>; - validateAttestationOccurrence( - request: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, - {}|null|undefined>): void; - validateAttestationOccurrence( - request: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, - {}|null|undefined>): void; - validateAttestationOccurrence( - request?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse, - protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'attestor': request.attestor || '', - }); - this.initialize(); - return this.innerApiCalls.validateAttestationOccurrence(request, options, callback); - } - - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified attestor resource name string. - * - * @param {string} project - * @param {string} attestor - * @returns {string} Resource name string. - */ - attestorPath(project:string,attestor:string) { - return this.pathTemplates.attestorPathTemplate.render({ - project: project, - attestor: attestor, - }); - } - - /** - * Parse the project from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the project. - */ - matchProjectFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).project; - } - - /** - * Parse the attestor from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the attestor. - */ - matchAttestorFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; - } - - /** - * Return a fully-qualified locationPolicy resource name string. - * - * @param {string} location - * @returns {string} Resource name string. - */ - locationPolicyPath(location:string) { - return this.pathTemplates.locationPolicyPathTemplate.render({ - location: location, - }); - } - - /** - * Parse the location from LocationPolicy resource. - * - * @param {string} locationPolicyName - * A fully-qualified path representing location_policy resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationPolicyName(locationPolicyName: string) { - return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; - } - - /** - * Return a fully-qualified project resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPath(project:string) { - return this.pathTemplates.projectPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from Project resource. - * - * @param {string} projectName - * A fully-qualified path representing Project resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectName(projectName: string) { - return this.pathTemplates.projectPathTemplate.match(projectName).project; - } - - /** - * Return a fully-qualified projectPolicy resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPolicyPath(project:string) { - return this.pathTemplates.projectPolicyPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from ProjectPolicy resource. - * - * @param {string} projectPolicyName - * A fully-qualified path representing project_policy resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectPolicyName(projectPolicyName: string) { - return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - if (this.validationHelperV1Stub && !this._terminated) { - return this.validationHelperV1Stub.then(stub => { - this._terminated = true; - stub.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json b/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json deleted file mode 100644 index 7c2d8e6..0000000 --- a/owl-bot-staging/v1/src/v1/validation_helper_v1_client_config.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "interfaces": { - "google.cloud.binaryauthorization.v1.ValidationHelperV1": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "ValidateAttestationOccurrence": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json b/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json deleted file mode 100644 index 2e7010a..0000000 --- a/owl-bot-staging/v1/src/v1/validation_helper_v1_proto_list.json +++ /dev/null @@ -1,6 +0,0 @@ -[ - "../../protos/google/cloud/binaryauthorization/v1/resources.proto", - "../../protos/google/cloud/binaryauthorization/v1/service.proto", - "../../protos/grafeas/v1/attestation.proto", - "../../protos/grafeas/v1/common.proto" -] diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js deleted file mode 100644 index 7a9db4e..0000000 --- a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -/* eslint-disable node/no-missing-require, no-unused-vars */ -const binaryauthorization = require('@google-cloud/binary-authorization'); - -function main() { - const binauthzManagementServiceV1Client = new binaryauthorization.BinauthzManagementServiceV1Client(); - const systemPolicyV1Client = new binaryauthorization.SystemPolicyV1Client(); - const validationHelperV1Client = new binaryauthorization.ValidationHelperV1Client(); -} - -main(); diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts deleted file mode 100644 index 4257ebc..0000000 --- a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import {BinauthzManagementServiceV1Client, SystemPolicyV1Client, ValidationHelperV1Client} from '@google-cloud/binary-authorization'; - -// check that the client class type name can be used -function doStuffWithBinauthzManagementServiceV1Client(client: BinauthzManagementServiceV1Client) { - client.close(); -} -function doStuffWithSystemPolicyV1Client(client: SystemPolicyV1Client) { - client.close(); -} -function doStuffWithValidationHelperV1Client(client: ValidationHelperV1Client) { - client.close(); -} - -function main() { - // check that the client instance can be created - const binauthzManagementServiceV1Client = new BinauthzManagementServiceV1Client(); - doStuffWithBinauthzManagementServiceV1Client(binauthzManagementServiceV1Client); - // check that the client instance can be created - const systemPolicyV1Client = new SystemPolicyV1Client(); - doStuffWithSystemPolicyV1Client(systemPolicyV1Client); - // check that the client instance can be created - const validationHelperV1Client = new ValidationHelperV1Client(); - doStuffWithValidationHelperV1Client(validationHelperV1Client); -} - -main(); diff --git a/owl-bot-staging/v1/system-test/install.ts b/owl-bot-staging/v1/system-test/install.ts deleted file mode 100644 index 8ec4522..0000000 --- a/owl-bot-staging/v1/system-test/install.ts +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import { packNTest } from 'pack-n-play'; -import { readFileSync } from 'fs'; -import { describe, it } from 'mocha'; - -describe('📦 pack-n-play test', () => { - - it('TypeScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'TypeScript user can use the type definitions', - ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() - } - }; - await packNTest(options); - }); - - it('JavaScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'JavaScript user can use the library', - ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() - } - }; - await packNTest(options); - }); - -}); diff --git a/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts b/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts deleted file mode 100644 index 3a47576..0000000 --- a/owl-bot-staging/v1/test/gapic_binauthz_management_service_v1_v1.ts +++ /dev/null @@ -1,1126 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as binauthzmanagementservicev1Module from '../src'; - -import {PassThrough} from 'stream'; - -import {protobuf} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { - const pagingStub = sinon.stub(); - if (responses) { - for (let i = 0; i < responses.length; ++i) { - pagingStub.onCall(i).callsArgWith(2, null, responses[i]); - } - } - const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; - const mockStream = new PassThrough({ - objectMode: true, - transform: transformStub, - }); - // trigger as many responses as needed - if (responses) { - for (let i = 0; i < responses.length; ++i) { - setImmediate(() => { mockStream.write({}); }); - } - setImmediate(() => { mockStream.end(); }); - } else { - setImmediate(() => { mockStream.write({}); }); - setImmediate(() => { mockStream.end(); }); - } - return sinon.stub().returns(mockStream); -} - -function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { - let counter = 0; - const asyncIterable = { - [Symbol.asyncIterator]() { - return { - async next() { - if (error) { - return Promise.reject(error); - } - if (counter >= responses!.length) { - return Promise.resolve({done: true, value: undefined}); - } - return Promise.resolve({done: false, value: responses![counter++]}); - } - }; - } - }; - return sinon.stub().returns(asyncIterable); -} - -describe('v1.BinauthzManagementServiceV1Client', () => { - it('has servicePath', () => { - const servicePath = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.binauthzManagementServiceV1Stub, undefined); - await client.initialize(); - assert(client.binauthzManagementServiceV1Stub); - }); - - it('has close method for the initialized client', done => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - assert(client.binauthzManagementServiceV1Stub); - client.close().then(() => { - done(); - }); - }); - - it('has close method for the non-initialized client', done => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.binauthzManagementServiceV1Stub, undefined); - client.close().then(() => { - done(); - }); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('getPolicy', () => { - it('invokes getPolicy without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.getPolicy = stubSimpleCall(expectedResponse); - const [response] = await client.getPolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getPolicy without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.getPolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getPolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getPolicy with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getPolicy(request), expectedError); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getPolicy with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetPolicyRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getPolicy(request), expectedError); - }); - }); - - describe('updatePolicy', () => { - it('invokes updatePolicy without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.updatePolicy = stubSimpleCall(expectedResponse); - const [response] = await client.updatePolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updatePolicy without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.updatePolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updatePolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updatePolicy with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updatePolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updatePolicy(request), expectedError); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updatePolicy with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.updatePolicy(request), expectedError); - }); - }); - - describe('createAttestor', () => { - it('invokes createAttestor without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.createAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.createAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.createAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createAttestor with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createAttestor(request), expectedError); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.CreateAttestorRequest()); - request.parent = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.createAttestor(request), expectedError); - }); - }); - - describe('getAttestor', () => { - it('invokes getAttestor without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.getAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.getAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.getAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getAttestor with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getAttestor(request), expectedError); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetAttestorRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getAttestor(request), expectedError); - }); - }); - - describe('updateAttestor', () => { - it('invokes updateAttestor without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.updateAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.updateAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()); - client.innerApiCalls.updateAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updateAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updateAttestor with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updateAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updateAttestor(request), expectedError); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.updateAttestor(request), expectedError); - }); - }); - - describe('deleteAttestor', () => { - it('invokes deleteAttestor without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); - client.innerApiCalls.deleteAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.deleteAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes deleteAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); - client.innerApiCalls.deleteAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.deleteAttestor( - request, - (err?: Error|null, result?: protos.google.protobuf.IEmpty|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes deleteAttestor with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.deleteAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.deleteAttestor(request), expectedError); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes deleteAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.DeleteAttestorRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.deleteAttestor(request), expectedError); - }); - }); - - describe('listAttestors', () => { - it('invokes listAttestors without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - ]; - client.innerApiCalls.listAttestors = stubSimpleCall(expectedResponse); - const [response] = await client.listAttestors(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listAttestors without error using callback', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - ]; - client.innerApiCalls.listAttestors = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listAttestors( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IAttestor[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listAttestors with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listAttestors = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listAttestors(request), expectedError); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listAttestorsStream without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - ]; - client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listAttestorsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.binaryauthorization.v1.Attestor[] = []; - stream.on('data', (response: protos.google.cloud.binaryauthorization.v1.Attestor) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); - assert.strictEqual( - (client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listAttestorsStream with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listAttestorsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.binaryauthorization.v1.Attestor[] = []; - stream.on('data', (response: protos.google.cloud.binaryauthorization.v1.Attestor) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); - assert.strictEqual( - (client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listAttestors without error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Attestor()), - ]; - client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.binaryauthorization.v1.IAttestor[] = []; - const iterable = client.listAttestorsAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listAttestors with error', async () => { - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listAttestorsAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.binaryauthorization.v1.IAttestor[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - - describe('Path templates', () => { - - describe('attestor', () => { - const fakePath = "/rendered/path/attestor"; - const expectedParameters = { - project: "projectValue", - attestor: "attestorValue", - }; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.attestorPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.attestorPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('attestorPath', () => { - const result = client.attestorPath("projectValue", "attestorValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromAttestorName', () => { - const result = client.matchProjectFromAttestorName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchAttestorFromAttestorName', () => { - const result = client.matchAttestorFromAttestorName(fakePath); - assert.strictEqual(result, "attestorValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('locationPolicy', () => { - const fakePath = "/rendered/path/locationPolicy"; - const expectedParameters = { - location: "locationValue", - }; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPolicyPath', () => { - const result = client.locationPolicyPath("locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchLocationFromLocationPolicyName', () => { - const result = client.matchLocationFromLocationPolicyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('project', () => { - const fakePath = "/rendered/path/project"; - const expectedParameters = { - project: "projectValue", - }; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPath', () => { - const result = client.projectPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectName', () => { - const result = client.matchProjectFromProjectName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('projectPolicy', () => { - const fakePath = "/rendered/path/projectPolicy"; - const expectedParameters = { - project: "projectValue", - }; - const client = new binauthzmanagementservicev1Module.v1.BinauthzManagementServiceV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPolicyPath', () => { - const result = client.projectPolicyPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectPolicyName', () => { - const result = client.matchProjectFromProjectPolicyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts b/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts deleted file mode 100644 index 7388939..0000000 --- a/owl-bot-staging/v1/test/gapic_system_policy_v1_v1.ts +++ /dev/null @@ -1,363 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as systempolicyv1Module from '../src'; - -import {protobuf} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -describe('v1.SystemPolicyV1Client', () => { - it('has servicePath', () => { - const servicePath = systempolicyv1Module.v1.SystemPolicyV1Client.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = systempolicyv1Module.v1.SystemPolicyV1Client.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = systempolicyv1Module.v1.SystemPolicyV1Client.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.systemPolicyV1Stub, undefined); - await client.initialize(); - assert(client.systemPolicyV1Stub); - }); - - it('has close method for the initialized client', done => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - assert(client.systemPolicyV1Stub); - client.close().then(() => { - done(); - }); - }); - - it('has close method for the non-initialized client', done => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.systemPolicyV1Stub, undefined); - client.close().then(() => { - done(); - }); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('getSystemPolicy', () => { - it('invokes getSystemPolicy without error', async () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.getSystemPolicy = stubSimpleCall(expectedResponse); - const [response] = await client.getSystemPolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getSystemPolicy without error using callback', async () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.Policy()); - client.innerApiCalls.getSystemPolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getSystemPolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getSystemPolicy with error', async () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getSystemPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getSystemPolicy(request), expectedError); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getSystemPolicy with closed client', async () => { - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getSystemPolicy(request), expectedError); - }); - }); - - describe('Path templates', () => { - - describe('attestor', () => { - const fakePath = "/rendered/path/attestor"; - const expectedParameters = { - project: "projectValue", - attestor: "attestorValue", - }; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.attestorPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.attestorPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('attestorPath', () => { - const result = client.attestorPath("projectValue", "attestorValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromAttestorName', () => { - const result = client.matchProjectFromAttestorName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchAttestorFromAttestorName', () => { - const result = client.matchAttestorFromAttestorName(fakePath); - assert.strictEqual(result, "attestorValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('locationPolicy', () => { - const fakePath = "/rendered/path/locationPolicy"; - const expectedParameters = { - location: "locationValue", - }; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPolicyPath', () => { - const result = client.locationPolicyPath("locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchLocationFromLocationPolicyName', () => { - const result = client.matchLocationFromLocationPolicyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('project', () => { - const fakePath = "/rendered/path/project"; - const expectedParameters = { - project: "projectValue", - }; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPath', () => { - const result = client.projectPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectName', () => { - const result = client.matchProjectFromProjectName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('projectPolicy', () => { - const fakePath = "/rendered/path/projectPolicy"; - const expectedParameters = { - project: "projectValue", - }; - const client = new systempolicyv1Module.v1.SystemPolicyV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPolicyPath', () => { - const result = client.projectPolicyPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectPolicyName', () => { - const result = client.matchProjectFromProjectPolicyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts b/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts deleted file mode 100644 index dea2f84..0000000 --- a/owl-bot-staging/v1/test/gapic_validation_helper_v1_v1.ts +++ /dev/null @@ -1,363 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as validationhelperv1Module from '../src'; - -import {protobuf} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -describe('v1.ValidationHelperV1Client', () => { - it('has servicePath', () => { - const servicePath = validationhelperv1Module.v1.ValidationHelperV1Client.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = validationhelperv1Module.v1.ValidationHelperV1Client.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = validationhelperv1Module.v1.ValidationHelperV1Client.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.validationHelperV1Stub, undefined); - await client.initialize(); - assert(client.validationHelperV1Stub); - }); - - it('has close method for the initialized client', done => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - assert(client.validationHelperV1Stub); - client.close().then(() => { - done(); - }); - }); - - it('has close method for the non-initialized client', done => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.validationHelperV1Stub, undefined); - client.close().then(() => { - done(); - }); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('validateAttestationOccurrence', () => { - it('invokes validateAttestationOccurrence without error', async () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); - request.attestor = ''; - const expectedHeaderRequestParams = "attestor="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse()); - client.innerApiCalls.validateAttestationOccurrence = stubSimpleCall(expectedResponse); - const [response] = await client.validateAttestationOccurrence(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes validateAttestationOccurrence without error using callback', async () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); - request.attestor = ''; - const expectedHeaderRequestParams = "attestor="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse()); - client.innerApiCalls.validateAttestationOccurrence = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.validateAttestationOccurrence( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1.IValidateAttestationOccurrenceResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes validateAttestationOccurrence with error', async () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); - request.attestor = ''; - const expectedHeaderRequestParams = "attestor="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.validateAttestationOccurrence = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.validateAttestationOccurrence(request), expectedError); - assert((client.innerApiCalls.validateAttestationOccurrence as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes validateAttestationOccurrence with closed client', async () => { - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest()); - request.attestor = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.validateAttestationOccurrence(request), expectedError); - }); - }); - - describe('Path templates', () => { - - describe('attestor', () => { - const fakePath = "/rendered/path/attestor"; - const expectedParameters = { - project: "projectValue", - attestor: "attestorValue", - }; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.attestorPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.attestorPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('attestorPath', () => { - const result = client.attestorPath("projectValue", "attestorValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromAttestorName', () => { - const result = client.matchProjectFromAttestorName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchAttestorFromAttestorName', () => { - const result = client.matchAttestorFromAttestorName(fakePath); - assert.strictEqual(result, "attestorValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('locationPolicy', () => { - const fakePath = "/rendered/path/locationPolicy"; - const expectedParameters = { - location: "locationValue", - }; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPolicyPath', () => { - const result = client.locationPolicyPath("locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchLocationFromLocationPolicyName', () => { - const result = client.matchLocationFromLocationPolicyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('project', () => { - const fakePath = "/rendered/path/project"; - const expectedParameters = { - project: "projectValue", - }; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPath', () => { - const result = client.projectPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectName', () => { - const result = client.matchProjectFromProjectName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('projectPolicy', () => { - const fakePath = "/rendered/path/projectPolicy"; - const expectedParameters = { - project: "projectValue", - }; - const client = new validationhelperv1Module.v1.ValidationHelperV1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPolicyPath', () => { - const result = client.projectPolicyPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectPolicyName', () => { - const result = client.matchProjectFromProjectPolicyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1/tsconfig.json b/owl-bot-staging/v1/tsconfig.json deleted file mode 100644 index c78f1c8..0000000 --- a/owl-bot-staging/v1/tsconfig.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "extends": "./node_modules/gts/tsconfig-google.json", - "compilerOptions": { - "rootDir": ".", - "outDir": "build", - "resolveJsonModule": true, - "lib": [ - "es2018", - "dom" - ] - }, - "include": [ - "src/*.ts", - "src/**/*.ts", - "test/*.ts", - "test/**/*.ts", - "system-test/*.ts" - ] -} diff --git a/owl-bot-staging/v1/webpack.config.js b/owl-bot-staging/v1/webpack.config.js deleted file mode 100644 index 2188a41..0000000 --- a/owl-bot-staging/v1/webpack.config.js +++ /dev/null @@ -1,64 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -const path = require('path'); - -module.exports = { - entry: './src/index.ts', - output: { - library: 'BinauthzManagementServiceV1', - filename: './binauthz-management-service-v1.js', - }, - node: { - child_process: 'empty', - fs: 'empty', - crypto: 'empty', - }, - resolve: { - alias: { - '../../../package.json': path.resolve(__dirname, 'package.json'), - }, - extensions: ['.js', '.json', '.ts'], - }, - module: { - rules: [ - { - test: /\.tsx?$/, - use: 'ts-loader', - exclude: /node_modules/ - }, - { - test: /node_modules[\\/]@grpc[\\/]grpc-js/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]grpc/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]retry-request/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]https?-proxy-agent/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]gtoken/, - use: 'null-loader' - }, - ], - }, - mode: 'production', -}; diff --git a/owl-bot-staging/v1beta1/.eslintignore b/owl-bot-staging/v1beta1/.eslintignore deleted file mode 100644 index cfc348e..0000000 --- a/owl-bot-staging/v1beta1/.eslintignore +++ /dev/null @@ -1,7 +0,0 @@ -**/node_modules -**/.coverage -build/ -docs/ -protos/ -system-test/ -samples/generated/ diff --git a/owl-bot-staging/v1beta1/.eslintrc.json b/owl-bot-staging/v1beta1/.eslintrc.json deleted file mode 100644 index 7821534..0000000 --- a/owl-bot-staging/v1beta1/.eslintrc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "./node_modules/gts" -} diff --git a/owl-bot-staging/v1beta1/.gitignore b/owl-bot-staging/v1beta1/.gitignore deleted file mode 100644 index 5d32b23..0000000 --- a/owl-bot-staging/v1beta1/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -**/*.log -**/node_modules -.coverage -coverage -.nyc_output -docs/ -out/ -build/ -system-test/secrets.js -system-test/*key.json -*.lock -.DS_Store -package-lock.json -__pycache__ diff --git a/owl-bot-staging/v1beta1/.jsdoc.js b/owl-bot-staging/v1beta1/.jsdoc.js deleted file mode 100644 index 28b3ad6..0000000 --- a/owl-bot-staging/v1beta1/.jsdoc.js +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -'use strict'; - -module.exports = { - opts: { - readme: './README.md', - package: './package.json', - template: './node_modules/jsdoc-fresh', - recurse: true, - verbose: true, - destination: './docs/' - }, - plugins: [ - 'plugins/markdown', - 'jsdoc-region-tag' - ], - source: { - excludePattern: '(^|\\/|\\\\)[._]', - include: [ - 'build/src', - 'protos' - ], - includePattern: '\\.js$' - }, - templates: { - copyright: 'Copyright 2022 Google LLC', - includeDate: false, - sourceFiles: false, - systemName: '@google-cloud/binary-authorization', - theme: 'lumen', - default: { - outputSourceFiles: false - } - }, - markdown: { - idInHeadings: true - } -}; diff --git a/owl-bot-staging/v1beta1/.mocharc.js b/owl-bot-staging/v1beta1/.mocharc.js deleted file mode 100644 index 481c522..0000000 --- a/owl-bot-staging/v1beta1/.mocharc.js +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -const config = { - "enable-source-maps": true, - "throw-deprecation": true, - "timeout": 10000 -} -if (process.env.MOCHA_THROW_DEPRECATION === 'false') { - delete config['throw-deprecation']; -} -if (process.env.MOCHA_REPORTER) { - config.reporter = process.env.MOCHA_REPORTER; -} -if (process.env.MOCHA_REPORTER_OUTPUT) { - config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; -} -module.exports = config diff --git a/owl-bot-staging/v1beta1/.prettierrc.js b/owl-bot-staging/v1beta1/.prettierrc.js deleted file mode 100644 index 494e147..0000000 --- a/owl-bot-staging/v1beta1/.prettierrc.js +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -module.exports = { - ...require('gts/.prettierrc.json') -} diff --git a/owl-bot-staging/v1beta1/README.md b/owl-bot-staging/v1beta1/README.md deleted file mode 100644 index 438dbbe..0000000 --- a/owl-bot-staging/v1beta1/README.md +++ /dev/null @@ -1 +0,0 @@ -Binaryauthorization: Nodejs Client diff --git a/owl-bot-staging/v1beta1/linkinator.config.json b/owl-bot-staging/v1beta1/linkinator.config.json deleted file mode 100644 index befd23c..0000000 --- a/owl-bot-staging/v1beta1/linkinator.config.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "recurse": true, - "skip": [ - "https://codecov.io/gh/googleapis/", - "www.googleapis.com", - "img.shields.io", - "https://console.cloud.google.com/cloudshell", - "https://support.google.com" - ], - "silent": true, - "concurrency": 5, - "retry": true, - "retryErrors": true, - "retryErrorsCount": 5, - "retryErrorsJitter": 3000 -} diff --git a/owl-bot-staging/v1beta1/package.json b/owl-bot-staging/v1beta1/package.json deleted file mode 100644 index 9694d94..0000000 --- a/owl-bot-staging/v1beta1/package.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "name": "@google-cloud/binary-authorization", - "version": "0.1.0", - "description": "Binaryauthorization client for Node.js", - "repository": "googleapis/nodejs-binaryauthorization", - "license": "Apache-2.0", - "author": "Google LLC", - "main": "build/src/index.js", - "files": [ - "build/src", - "build/protos" - ], - "keywords": [ - "google apis client", - "google api client", - "google apis", - "google api", - "google", - "google cloud platform", - "google cloud", - "cloud", - "google binaryauthorization", - "binaryauthorization", - "binauthz management service v1 beta1", - "system policy v1 beta1" - ], - "scripts": { - "clean": "gts clean", - "compile": "tsc -p . && cp -r protos build/", - "compile-protos": "compileProtos src", - "docs": "jsdoc -c .jsdoc.js", - "predocs-test": "npm run docs", - "docs-test": "linkinator docs", - "fix": "gts fix", - "lint": "gts check", - "prepare": "npm run compile-protos && npm run compile", - "system-test": "c8 mocha build/system-test", - "test": "c8 mocha build/test" - }, - "dependencies": { - "google-gax": "^2.29.4" - }, - "devDependencies": { - "@types/mocha": "^9.1.0", - "@types/node": "^16.0.0", - "@types/sinon": "^10.0.8", - "c8": "^7.11.0", - "gts": "^3.1.0", - "jsdoc": "^3.6.7", - "jsdoc-fresh": "^1.1.1", - "jsdoc-region-tag": "^1.3.1", - "linkinator": "^3.0.0", - "mocha": "^9.1.4", - "null-loader": "^4.0.1", - "pack-n-play": "^1.0.0-2", - "sinon": "^13.0.0", - "ts-loader": "^9.2.6", - "typescript": "^4.5.5", - "webpack": "^5.67.0", - "webpack-cli": "^4.9.1" - }, - "engines": { - "node": ">=v10.24.0" - } -} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto deleted file mode 100644 index 1666b51..0000000 --- a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto +++ /dev/null @@ -1,100 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.binaryauthorization.v1beta1; - -import "google/protobuf/timestamp.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; -option java_multiple_files = true; -option java_outer_classname = "ContinuousValidationLoggingProto"; -option java_package = "com.google.cloud.binaryauthorization.v1beta1"; -option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; -option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; - -// Represents an auditing event from Continuous Validation. -message ContinuousValidationEvent { - // An auditing event for one Pod. - message ContinuousValidationPodEvent { - // Audit time policy conformance verdict. - enum PolicyConformanceVerdict { - // We should always have a verdict. This is an error. - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0; - - // The pod violates the policy. - VIOLATES_POLICY = 1; - } - - // Container image with auditing details. - message ImageDetails { - // Result of the audit. - enum AuditResult { - // Unspecified result. This is an error. - AUDIT_RESULT_UNSPECIFIED = 0; - - // Image is allowed. - ALLOW = 1; - - // Image is denied. - DENY = 2; - } - - // The name of the image. - string image = 1; - - // The result of the audit for this image. - AuditResult result = 2; - - // Description of the above result. - string description = 3; - } - - // The k8s namespace of the Pod. - string pod_namespace = 7; - - // The name of the Pod. - string pod = 1; - - // Deploy time of the Pod from k8s. - google.protobuf.Timestamp deploy_time = 2; - - // Termination time of the Pod from k8s, or nothing if still running. - google.protobuf.Timestamp end_time = 3; - - // Auditing verdict for this Pod. - PolicyConformanceVerdict verdict = 4; - - // List of images with auditing details. - repeated ImageDetails images = 5; - } - - // An event describing that the project policy is unsupported by CV. - message UnsupportedPolicyEvent { - // A description of the unsupported policy. - string description = 1; - } - - // Type of CV event. - oneof event_type { - // Pod event. - ContinuousValidationPodEvent pod_event = 1; - - // Unsupported policy event. - UnsupportedPolicyEvent unsupported_policy_event = 2; - } -} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto deleted file mode 100644 index 3e5b638..0000000 --- a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/resources.proto +++ /dev/null @@ -1,344 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.binaryauthorization.v1beta1; - -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/protobuf/timestamp.proto"; -import "google/api/annotations.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; -option java_multiple_files = true; -option java_outer_classname = "BinaryAuthorizationResourcesProto"; -option java_package = "com.google.cloud.binaryauthorization.v1beta1"; -option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; -option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; - -// A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for Binary Authorization. -message Policy { - option (google.api.resource) = { - type: "binaryauthorization.googleapis.com/Policy" - pattern: "projects/{project}/policy" - pattern: "locations/{location}/policy" - }; - - enum GlobalPolicyEvaluationMode { - // Not specified: DISABLE is assumed. - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0; - - // Enables system policy evaluation. - ENABLE = 1; - - // Disables system policy evaluation. - DISABLE = 2; - } - - // Output only. The resource name, in the format `projects/*/policy`. There is - // at most one policy per project. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Optional. A descriptive comment. - string description = 6 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Controls the evaluation of a Google-maintained global admission - // policy for common system-level images. Images not covered by the global - // policy will be subject to the project admission policy. This setting - // has no effect when specified inside a global admission policy. - GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Admission policy allowlisting. A matching admission request will - // always be permitted. This feature is typically used to exclude Google or - // third-party infrastructure images from Binary Authorization policies. - repeated AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-cluster admission rules. Cluster spec format: - // `location.clusterId`. There can be at most one admission rule per cluster - // spec. - // A `location` is either a compute zone (e.g. us-central1-a) or a region - // (e.g. us-central1). - // For `clusterId` syntax restrictions see - // https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - map cluster_admission_rules = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: - // `[a-z.-]+`, e.g. `some-namespace` - map kubernetes_namespace_admission_rules = 10 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-kubernetes-service-account admission rules. Service account - // spec format: `namespace:serviceaccount`. e.g. `test-ns:default` - map kubernetes_service_account_admission_rules = 8 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Per-istio-service-identity admission rules. Istio service - // identity spec format: - // `spiffe:///ns//sa/` or - // `/ns//sa/` - // e.g. `spiffe://example.com/ns/test-ns/sa/default` - map istio_service_identity_admission_rules = 9 [(google.api.field_behavior) = OPTIONAL]; - - // Required. Default admission rule for a cluster without a per-cluster, per- - // kubernetes-service-account, or per-istio-service-identity admission rule. - AdmissionRule default_admission_rule = 4 [(google.api.field_behavior) = REQUIRED]; - - // Output only. Time when the policy was last updated. - google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// An [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] exempts images -// from checks by [admission rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. -message AdmissionWhitelistPattern { - // An image name pattern to allowlist, in the form `registry/path/to/image`. - // This supports a trailing `*` as a wildcard, but this is allowed only in - // text after the `registry/` part. `*` wildcard does not match `/`, i.e., - // `gcr.io/nginx*` matches `gcr.io/nginx@latest`, but it does not match - // `gcr.io/nginx/image`. This also supports a trailing `**` wildcard which - // matches subdirectories, i.e., `gcr.io/nginx**` matches - // `gcr.io/nginx/image`. - string name_pattern = 1; -} - -// An [admission rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] specifies either that all container images -// used in a pod creation request must be attested to by one or more -// [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that all pod creations will be allowed, or that all -// pod creations will be denied. -// -// Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] -// are exempted from admission rules and will never block a pod creation. -message AdmissionRule { - enum EvaluationMode { - // Do not use. - EVALUATION_MODE_UNSPECIFIED = 0; - - // This rule allows all all pod creations. - ALWAYS_ALLOW = 1; - - // This rule allows a pod creation if all the attestors listed in - // `require_attestations_by` have valid attestations for all of the - // images in the pod spec. - REQUIRE_ATTESTATION = 2; - - // This rule denies all pod creations. - ALWAYS_DENY = 3; - } - - // Defines the possible actions when a pod creation is denied by an admission - // rule. - enum EnforcementMode { - // Do not use. - ENFORCEMENT_MODE_UNSPECIFIED = 0; - - // Enforce the admission rule by blocking the pod creation. - ENFORCED_BLOCK_AND_AUDIT_LOG = 1; - - // Dryrun mode: Audit logging only. This will allow the pod creation as if - // the admission request had specified break-glass. - DRYRUN_AUDIT_LOG_ONLY = 2; - } - - // Required. How this admission rule will be evaluated. - EvaluationMode evaluation_mode = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. The resource names of the attestors that must attest to - // a container image, in the format `projects/*/attestors/*`. Each - // attestor must exist before a policy can reference it. To add an attestor - // to a policy the principal issuing the policy change request must be able - // to read the attestor resource. - // - // Note: this field must be non-empty when the evaluation_mode field specifies - // REQUIRE_ATTESTATION, otherwise it must be empty. - repeated string require_attestations_by = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Required. The action when a pod creation is denied by the admission rule. - EnforcementMode enforcement_mode = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image -// artifacts. An existing attestor cannot be modified except where -// indicated. -message Attestor { - option (google.api.resource) = { - type: "binaryauthorization.googleapis.com/Attestor" - pattern: "projects/{project}/attestors/{attestor}" - }; - - // Required. The resource name, in the format: - // `projects/*/attestors/*`. This field may not be updated. - string name = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. A descriptive comment. This field may be updated. - // The field may be displayed in chooser dialogs. - string description = 6 [(google.api.field_behavior) = OPTIONAL]; - - // Required. Identifies an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to a - // container image artifact. This determines how an attestation will - // be stored, and how it will be used during policy - // enforcement. Updates may not change the attestor type, but individual - // attestor fields may be updated. - oneof attestor_type { - // A Drydock ATTESTATION_AUTHORITY Note, created by the user. - UserOwnedDrydockNote user_owned_drydock_note = 3; - } - - // Output only. Time when the attestor was last updated. - google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// An [user owned drydock note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] references a Drydock -// ATTESTATION_AUTHORITY Note created by the user. -message UserOwnedDrydockNote { - // Required. The Drydock resource name of a ATTESTATION_AUTHORITY Note, - // created by the user, in the format: `projects/*/notes/*` (or the legacy - // `providers/*/notes/*`). This field may not be updated. - // - // An attestation by this attestor is stored as a Drydock - // ATTESTATION_AUTHORITY Occurrence that names a container image and that - // links to this Note. Drydock is an external dependency. - string note_reference = 1 [(google.api.field_behavior) = REQUIRED]; - - // Optional. Public keys that verify attestations signed by this - // attestor. This field may be updated. - // - // If this field is non-empty, one of the specified public keys must - // verify that an attestation was signed by this attestor for the - // image specified in the admission request. - // - // If this field is empty, this attestor always returns that no - // valid attestations exist. - repeated AttestorPublicKey public_keys = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Output only. This field will contain the service account email address - // that this Attestor will use as the principal when querying Container - // Analysis. Attestor administrators must grant this service account the - // IAM role needed to read attestations from the [note_reference][Note] in - // Container Analysis (`containeranalysis.notes.occurrences.viewer`). - // - // This email address is fixed for the lifetime of the Attestor, but callers - // should not make any other assumptions about the service account email; - // future versions may use an email based on a different naming pattern. - string delegation_service_account_email = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// A public key in the PkixPublicKey format (see -// https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). -// Public keys of this type are typically textually encoded using the PEM -// format. -message PkixPublicKey { - // Represents a signature algorithm and other information necessary to verify - // signatures with a given public key. - // This is based primarily on the public key types supported by Tink's - // PemKeyType, which is in turn based on KMS's supported signing algorithms. - // See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz - // might support additional public key types independently of Tink and/or KMS. - enum SignatureAlgorithm { - option allow_alias = true; - - // Not specified. - SIGNATURE_ALGORITHM_UNSPECIFIED = 0; - - // RSASSA-PSS 2048 bit key with a SHA256 digest. - RSA_PSS_2048_SHA256 = 1; - - // RSASSA-PSS 3072 bit key with a SHA256 digest. - RSA_PSS_3072_SHA256 = 2; - - // RSASSA-PSS 4096 bit key with a SHA256 digest. - RSA_PSS_4096_SHA256 = 3; - - // RSASSA-PSS 4096 bit key with a SHA512 digest. - RSA_PSS_4096_SHA512 = 4; - - // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_2048_SHA256 = 5; - - // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_3072_SHA256 = 6; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_4096_SHA256 = 7; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - RSA_SIGN_PKCS1_4096_SHA512 = 8; - - // ECDSA on the NIST P-256 curve with a SHA256 digest. - ECDSA_P256_SHA256 = 9; - - // ECDSA on the NIST P-256 curve with a SHA256 digest. - EC_SIGN_P256_SHA256 = 9; - - // ECDSA on the NIST P-384 curve with a SHA384 digest. - ECDSA_P384_SHA384 = 10; - - // ECDSA on the NIST P-384 curve with a SHA384 digest. - EC_SIGN_P384_SHA384 = 10; - - // ECDSA on the NIST P-521 curve with a SHA512 digest. - ECDSA_P521_SHA512 = 11; - - // ECDSA on the NIST P-521 curve with a SHA512 digest. - EC_SIGN_P521_SHA512 = 11; - } - - // A PEM-encoded public key, as described in - // https://tools.ietf.org/html/rfc7468#section-13 - string public_key_pem = 1; - - // The signature algorithm used to verify a message against a signature using - // this key. - // These signature algorithm must match the structure and any object - // identifiers encoded in `public_key_pem` (i.e. this algorithm must match - // that of the public key). - SignatureAlgorithm signature_algorithm = 2; -} - -// An [attestor public key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be used to verify -// attestations signed by this attestor. -message AttestorPublicKey { - // Optional. A descriptive comment. This field may be updated. - string comment = 1 [(google.api.field_behavior) = OPTIONAL]; - - // The ID of this public key. - // Signatures verified by BinAuthz must include the ID of the public key that - // can be used to verify them, and that ID must match the contents of this - // field exactly. - // Additional restrictions on this field can be imposed based on which public - // key type is encapsulated. See the documentation on `public_key` cases below - // for details. - string id = 2; - - // Required. A public key reference or serialized instance. This field may be - // updated. - oneof public_key { - // ASCII-armored representation of a PGP public key, as the entire output by - // the command `gpg --export --armor foo@example.com` (either LF or CRLF - // line endings). - // When using this field, `id` should be left blank. The BinAuthz API - // handlers will calculate the ID and fill it in automatically. BinAuthz - // computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as - // upper-case hex. If `id` is provided by the caller, it will be - // overwritten by the API-calculated ID. - string ascii_armored_pgp_public_key = 3; - - // A raw PKIX SubjectPublicKeyInfo format public key. - // - // NOTE: `id` may be explicitly provided by the caller when using this - // type of public key, but it MUST be a valid RFC3986 URI. If `id` is left - // blank, a default one will be computed based on the digest of the DER - // encoding of the public key. - PkixPublicKey pkix_public_key = 5; - } -} diff --git a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto b/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto deleted file mode 100644 index 90e63b4..0000000 --- a/owl-bot-staging/v1beta1/protos/google/cloud/binaryauthorization/v1beta1/service.proto +++ /dev/null @@ -1,252 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.binaryauthorization.v1beta1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/cloud/binaryauthorization/v1beta1/resources.proto"; -import "google/protobuf/empty.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.BinaryAuthorization.V1Beta1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1;binaryauthorization"; -option java_multiple_files = true; -option java_outer_classname = "BinaryAuthorizationServiceProto"; -option java_package = "com.google.cloud.binaryauthorization.v1beta1"; -option php_namespace = "Google\\Cloud\\BinaryAuthorization\\V1beta1"; -option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; - -// Customer-facing API for Cloud Binary Authorization. - -// Google Cloud Management Service for Binary Authorization admission policies -// and attestation authorities. -// -// This API implements a REST model with the following objects: -// -// * [Policy][google.cloud.binaryauthorization.v1beta1.Policy] -// * [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] -service BinauthzManagementServiceV1Beta1 { - option (google.api.default_host) = "binaryauthorization.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must attest to - // a container image, before the project is allowed to deploy that - // image. There is at most one policy per project. All image admission - // requests are permitted if a project has no policy. - // - // Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this project. Returns a default - // [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project does not have one. - rpc GetPolicy(GetPolicyRequest) returns (Policy) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/policy}" - }; - option (google.api.method_signature) = "name"; - } - - // Creates or updates a project's [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a copy of the - // new [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A policy is always updated as a whole, to avoid race - // conditions with concurrent policy enforcement (or management!) - // requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - // if the request is malformed. - rpc UpdatePolicy(UpdatePolicyRequest) returns (Policy) { - option (google.api.http) = { - put: "/v1beta1/{policy.name=projects/*/policy}" - body: "policy" - }; - option (google.api.method_signature) = "policy"; - } - - // Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], and returns a copy of the new - // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the project does not exist, - // INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already exists. - rpc CreateAttestor(CreateAttestorRequest) returns (Attestor) { - option (google.api.http) = { - post: "/v1beta1/{parent=projects/*}/attestors" - body: "attestor" - }; - option (google.api.method_signature) = "parent,attestor_id,attestor"; - } - - // Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. - rpc GetAttestor(GetAttestorRequest) returns (Attestor) { - option (google.api.http) = { - get: "/v1beta1/{name=projects/*/attestors/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - // Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. - rpc UpdateAttestor(UpdateAttestorRequest) returns (Attestor) { - option (google.api.http) = { - put: "/v1beta1/{attestor.name=projects/*/attestors/*}" - body: "attestor" - }; - option (google.api.method_signature) = "attestor"; - } - - // Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - // Returns INVALID_ARGUMENT if the project does not exist. - rpc ListAttestors(ListAttestorsRequest) returns (ListAttestorsResponse) { - option (google.api.http) = { - get: "/v1beta1/{parent=projects/*}/attestors" - }; - option (google.api.method_signature) = "parent"; - } - - // Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the - // [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist. - rpc DeleteAttestor(DeleteAttestorRequest) returns (google.protobuf.Empty) { - option (google.api.http) = { - delete: "/v1beta1/{name=projects/*/attestors/*}" - }; - option (google.api.method_signature) = "name"; - } -} - -// Request message for [BinauthzManagementService.GetPolicy][]. -message GetPolicyRequest { - // Required. The resource name of the [policy][google.cloud.binaryauthorization.v1beta1.Policy] to retrieve, - // in the format `projects/*/policy`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Policy" - } - ]; -} - -// API for working with the system policy. -service SystemPolicyV1Beta1 { - option (google.api.default_host) = "binaryauthorization.googleapis.com"; - option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; - - // Gets the current system policy in the specified location. - rpc GetSystemPolicy(GetSystemPolicyRequest) returns (Policy) { - option (google.api.http) = { - get: "/v1beta1/{name=locations/*/policy}" - }; - option (google.api.method_signature) = "name"; - } -} - -// Request message for [BinauthzManagementService.UpdatePolicy][]. -message UpdatePolicyRequest { - // Required. A new or updated [policy][google.cloud.binaryauthorization.v1beta1.Policy] value. The service will - // overwrite the [policy name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the resource name in - // the request URL, in the format `projects/*/policy`. - Policy policy = 1 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.CreateAttestor][]. -message CreateAttestorRequest { - // Required. The parent of this [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudresourcemanager.googleapis.com/Project" - } - ]; - - // Required. The [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] ID. - string attestor_id = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The initial [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] value. The service will - // overwrite the [attestor name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with the resource name, - // in the format `projects/*/attestors/*`. - Attestor attestor = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.GetAttestor][]. -message GetAttestorRequest { - // Required. The name of the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] to retrieve, in the format - // `projects/*/attestors/*`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Attestor" - } - ]; -} - -// Request message for [BinauthzManagementService.UpdateAttestor][]. -message UpdateAttestorRequest { - // Required. The updated [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] value. The service will - // overwrite the [attestor name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with the resource name - // in the request URL, in the format `projects/*/attestors/*`. - Attestor attestor = 1 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [BinauthzManagementService.ListAttestors][]. -message ListAttestorsRequest { - // Required. The resource name of the project associated with the - // [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], in the format `projects/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudresourcemanager.googleapis.com/Project" - } - ]; - - // Requested page size. The server may return fewer results than requested. If - // unspecified, the server will pick an appropriate default. - int32 page_size = 2; - - // A token identifying a page of results the server should return. Typically, - // this is the value of [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] returned - // from the previous call to the `ListAttestors` method. - string page_token = 3; -} - -// Response message for [BinauthzManagementService.ListAttestors][]. -message ListAttestorsResponse { - // The list of [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - repeated Attestor attestors = 1; - - // A token to retrieve the next page of results. Pass this value in the - // [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] field in the subsequent call to the - // `ListAttestors` method to retrieve the next page of results. - string next_page_token = 2; -} - -// Request message for [BinauthzManagementService.DeleteAttestor][]. -message DeleteAttestorRequest { - // Required. The name of the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] to delete, in the format - // `projects/*/attestors/*`. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Attestor" - } - ]; -} - -// Request to read the current system policy. -message GetSystemPolicyRequest { - // Required. The resource name, in the format `locations/*/policy`. - // Note that the system policy is not associated with a project. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "binaryauthorization.googleapis.com/Policy" - } - ]; -} diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js deleted file mode 100644 index 83c48c7..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js +++ /dev/null @@ -1,70 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(parent, attestorId, attestor) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The parent of this attestor google.cloud.binaryauthorization.v1beta1.Attestor. - */ - // const parent = 'abc123' - /** - * Required. The attestors google.cloud.binaryauthorization.v1beta1.Attestor ID. - */ - // const attestorId = 'abc123' - /** - * Required. The initial attestor google.cloud.binaryauthorization.v1beta1.Attestor value. The service will - * overwrite the attestor name google.cloud.binaryauthorization.v1beta1.Attestor.name field with the resource name, - * in the format `projects/* /attestors/*`. - */ - // const attestor = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callCreateAttestor() { - // Construct request - const request = { - parent, - attestorId, - attestor, - }; - - // Run request - const response = await binaryauthorizationClient.createAttestor(request); - console.log(response); - } - - callCreateAttestor(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js deleted file mode 100644 index 0f439cf..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The name of the attestors google.cloud.binaryauthorization.v1beta1.Attestor to delete, in the format - * `projects/* /attestors/*`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callDeleteAttestor() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.deleteAttestor(request); - console.log(response); - } - - callDeleteAttestor(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js deleted file mode 100644 index 85719a8..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The name of the attestor google.cloud.binaryauthorization.v1beta1.Attestor to retrieve, in the format - * `projects/* /attestors/*`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callGetAttestor() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getAttestor(request); - console.log(response); - } - - callGetAttestor(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js deleted file mode 100644 index ce84d2d..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name of the policy google.cloud.binaryauthorization.v1beta1.Policy to retrieve, - * in the format `projects/* /policy`. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callGetPolicy() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getPolicy(request); - console.log(response); - } - - callGetPolicy(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js deleted file mode 100644 index 0023d64..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(parent) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name of the project associated with the - * attestors google.cloud.binaryauthorization.v1beta1.Attestor, in the format `projects/*`. - */ - // const parent = 'abc123' - /** - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - */ - // const pageSize = 1234 - /** - * A token identifying a page of results the server should return. Typically, - * this is the value of ListAttestorsResponse.next_page_token google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token returned - * from the previous call to the `ListAttestors` method. - */ - // const pageToken = 'abc123' - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callListAttestors() { - // Construct request - const request = { - parent, - }; - - // Run request - const iterable = await binaryauthorizationClient.listAttestorsAsync(request); - for await (const response of iterable) { - console.log(response); - } - } - - callListAttestors(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js deleted file mode 100644 index 8dbc0d1..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(attestor) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The updated attestor google.cloud.binaryauthorization.v1beta1.Attestor value. The service will - * overwrite the attestor name google.cloud.binaryauthorization.v1beta1.Attestor.name field with the resource name - * in the request URL, in the format `projects/* /attestors/*`. - */ - // const attestor = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callUpdateAttestor() { - // Construct request - const request = { - attestor, - }; - - // Run request - const response = await binaryauthorizationClient.updateAttestor(request); - console.log(response); - } - - callUpdateAttestor(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js deleted file mode 100644 index 12aa0a0..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(policy) { - // [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. A new or updated policy google.cloud.binaryauthorization.v1beta1.Policy value. The service will - * overwrite the policy name google.cloud.binaryauthorization.v1beta1.Policy.name field with the resource name in - * the request URL, in the format `projects/* /policy`. - */ - // const policy = {} - - // Imports the Binaryauthorization library - const {BinauthzManagementServiceV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new BinauthzManagementServiceV1Beta1Client(); - - async function callUpdatePolicy() { - // Construct request - const request = { - policy, - }; - - // Run request - const response = await binaryauthorizationClient.updatePolicy(request); - console.log(response); - } - - callUpdatePolicy(); - // [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json deleted file mode 100644 index ef53122..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/snippet_metadata.google.cloud.binaryauthorization.v1beta1.json +++ /dev/null @@ -1,351 +0,0 @@ -{ - "clientLibrary": { - "name": "nodejs-binaryauthorization", - "version": "0.1.0", - "language": "TYPESCRIPT", - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ] - }, - "snippets": [ - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "title": "BinauthzManagementServiceV1Beta1 getPolicy Sample", - "origin": "API_DEFINITION", - "description": " A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy. Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this project. Returns a default [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project does not have one.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.get_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetPolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "GetPolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "title": "BinauthzManagementServiceV1Beta1 updatePolicy Sample", - "origin": "API_DEFINITION", - "description": " Creates or updates a project's [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a copy of the new [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.update_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 52, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "UpdatePolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "async": true, - "parameters": [ - { - "name": "policy", - "type": ".google.cloud.binaryauthorization.v1beta1.Policy" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "UpdatePolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "title": "BinauthzManagementServiceV1Beta1 createAttestor Sample", - "origin": "API_DEFINITION", - "description": " Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], and returns a copy of the new [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already exists.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.create_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 62, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "CreateAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "async": true, - "parameters": [ - { - "name": "parent", - "type": "TYPE_STRING" - }, - { - "name": "attestor_id", - "type": "TYPE_STRING" - }, - { - "name": "attestor", - "type": ".google.cloud.binaryauthorization.v1beta1.Attestor" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "CreateAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "title": "BinauthzManagementServiceV1Beta1 getAttestor Sample", - "origin": "API_DEFINITION", - "description": " Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.get_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "GetAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "title": "BinauthzManagementServiceV1Beta1 updateAttestor Sample", - "origin": "API_DEFINITION", - "description": " Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.update_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 52, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "UpdateAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "async": true, - "parameters": [ - { - "name": "attestor", - "type": ".google.cloud.binaryauthorization.v1beta1.Attestor" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Attestor", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "UpdateAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "title": "BinauthzManagementServiceV1Beta1 listAttestors Sample", - "origin": "API_DEFINITION", - "description": " Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns INVALID_ARGUMENT if the project does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.list_attestors.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 64, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "ListAttestors", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "async": true, - "parameters": [ - { - "name": "parent", - "type": "TYPE_STRING" - }, - { - "name": "page_size", - "type": "TYPE_INT32" - }, - { - "name": "page_token", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "ListAttestors", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "title": "BinauthzManagementServiceV1Beta1 deleteAttestor Sample", - "origin": "API_DEFINITION", - "description": " Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not exist.", - "canonical": true, - "file": "binauthz_management_service_v1_beta1.delete_attestor.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "DeleteAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.protobuf.Empty", - "client": { - "shortName": "BinauthzManagementServiceV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1Client" - }, - "method": { - "shortName": "DeleteAttestor", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "shortName": "BinauthzManagementServiceV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1" - } - } - } - }, - { - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "title": "BinauthzManagementServiceV1Beta1 getSystemPolicy Sample", - "origin": "API_DEFINITION", - "description": " Gets the current system policy in the specified location.", - "canonical": true, - "file": "system_policy_v1_beta1.get_system_policy.js", - "language": "JAVASCRIPT", - "segments": [ - { - "start": 25, - "end": 51, - "type": "FULL" - } - ], - "clientMethod": { - "shortName": "GetSystemPolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "async": true, - "parameters": [ - { - "name": "name", - "type": "TYPE_STRING" - } - ], - "resultType": ".google.cloud.binaryauthorization.v1beta1.Policy", - "client": { - "shortName": "SystemPolicyV1Beta1Client", - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1Client" - }, - "method": { - "shortName": "GetSystemPolicy", - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "shortName": "SystemPolicyV1Beta1", - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1" - } - } - } - } - ] -} diff --git a/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js b/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js deleted file mode 100644 index e64583a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - - -'use strict'; - -function main(name) { - // [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] - /** - * TODO(developer): Uncomment these variables before running the sample. - */ - /** - * Required. The resource name, in the format `locations/* /policy`. - * Note that the system policy is not associated with a project. - */ - // const name = 'abc123' - - // Imports the Binaryauthorization library - const {SystemPolicyV1Beta1Client} = require('@google-cloud/binary-authorization').v1beta1; - - // Instantiates a client - const binaryauthorizationClient = new SystemPolicyV1Beta1Client(); - - async function callGetSystemPolicy() { - // Construct request - const request = { - name, - }; - - // Run request - const response = await binaryauthorizationClient.getSystemPolicy(request); - console.log(response); - } - - callGetSystemPolicy(); - // [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] -} - -process.on('unhandledRejection', err => { - console.error(err.message); - process.exitCode = 1; -}); -main(...process.argv.slice(2)); diff --git a/owl-bot-staging/v1beta1/src/index.ts b/owl-bot-staging/v1beta1/src/index.ts deleted file mode 100644 index fc03988..0000000 --- a/owl-bot-staging/v1beta1/src/index.ts +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as v1beta1 from './v1beta1'; -const BinauthzManagementServiceV1Beta1Client = v1beta1.BinauthzManagementServiceV1Beta1Client; -type BinauthzManagementServiceV1Beta1Client = v1beta1.BinauthzManagementServiceV1Beta1Client; -const SystemPolicyV1Beta1Client = v1beta1.SystemPolicyV1Beta1Client; -type SystemPolicyV1Beta1Client = v1beta1.SystemPolicyV1Beta1Client; -export {v1beta1, BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client}; -export default {v1beta1, BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client}; -import * as protos from '../protos/protos'; -export {protos} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts deleted file mode 100644 index 32e1e27..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client.ts +++ /dev/null @@ -1,1078 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall} from 'google-gax'; - -import { Transform } from 'stream'; -import { RequestType } from 'google-gax/build/src/apitypes'; -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1beta1/binauthz_management_service_v1_beta1_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './binauthz_management_service_v1_beta1_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * Google Cloud Management Service for Binary Authorization admission policies - * and attestation authorities. - * - * This API implements a REST model with the following objects: - * - * * {@link google.cloud.binaryauthorization.v1beta1.Policy|Policy} - * * {@link google.cloud.binaryauthorization.v1beta1.Attestor|Attestor} - * @class - * @memberof v1beta1 - */ -export class BinauthzManagementServiceV1Beta1Client { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - pathTemplates: {[name: string]: gax.PathTemplate}; - binauthzManagementServiceV1Beta1Stub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of BinauthzManagementServiceV1Beta1Client. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof BinauthzManagementServiceV1Beta1Client; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - attestorPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/attestors/{attestor}' - ), - locationPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'locations/{location}/policy' - ), - projectPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}' - ), - projectPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/policy' - ), - }; - - // Some of the methods on this service return "paged" results, - // (e.g. 50 results at a time, with tokens to get subsequent - // pages). Denote the keys used for pagination and results. - this.descriptors.page = { - listAttestors: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'attestors') - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.binauthzManagementServiceV1Beta1Stub) { - return this.binauthzManagementServiceV1Beta1Stub; - } - - // Put together the "service stub" for - // google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1. - this.binauthzManagementServiceV1Beta1Stub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const binauthzManagementServiceV1Beta1StubMethods = - ['getPolicy', 'updatePolicy', 'createAttestor', 'getAttestor', 'updateAttestor', 'listAttestors', 'deleteAttestor']; - for (const methodName of binauthzManagementServiceV1Beta1StubMethods) { - const callPromise = this.binauthzManagementServiceV1Beta1Stub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - this.descriptors.page[methodName] || - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.binauthzManagementServiceV1Beta1Stub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- -/** - * A {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} specifies the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} that must attest to - * a container image, before the project is allowed to deploy that - * image. There is at most one policy per project. All image admission - * requests are permitted if a project has no policy. - * - * Gets the {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} for this project. Returns a default - * {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} if the project does not have one. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} to retrieve, - * in the format `projects/* /policy`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_policy.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async - */ - getPolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|undefined, {}|undefined - ]>; - getPolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): void; - getPolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): void; - getPolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetPolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getPolicy(request, options, callback); - } -/** - * Creates or updates a project's {@link google.cloud.binaryauthorization.v1beta1.Policy|policy}, and returns a copy of the - * new {@link google.cloud.binaryauthorization.v1beta1.Policy|policy}. A policy is always updated as a whole, to avoid race - * conditions with concurrent policy enforcement (or management!) - * requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - * if the request is malformed. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.binaryauthorization.v1beta1.Policy} request.policy - * Required. A new or updated {@link google.cloud.binaryauthorization.v1beta1.Policy|policy} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Policy.name|policy name} field with the resource name in - * the request URL, in the format `projects/* /policy`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_policy.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async - */ - updatePolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|undefined, {}|undefined - ]>; - updatePolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): void; - updatePolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): void; - updatePolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IUpdatePolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'policy.name': request.policy!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updatePolicy(request, options, callback); - } -/** - * Creates an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}, and returns a copy of the new - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. Returns NOT_FOUND if the project does not exist, - * INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} already exists. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The parent of this {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. - * @param {string} request.attestorId - * Required. The {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} ID. - * @param {google.cloud.binaryauthorization.v1beta1.Attestor} request.attestor - * Required. The initial {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Attestor.name|attestor name} field with the resource name, - * in the format `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.create_attestor.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async - */ - createAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|undefined, {}|undefined - ]>; - createAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): void; - createAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): void; - createAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.ICreateAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createAttestor(request, options, callback); - } -/** - * Gets an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. - * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The name of the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} to retrieve, in the format - * `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.get_attestor.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async - */ - getAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|undefined, {}|undefined - ]>; - getAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): void; - getAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): void; - getAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IGetAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getAttestor(request, options, callback); - } -/** - * Updates an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. - * Returns NOT_FOUND if the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.binaryauthorization.v1beta1.Attestor} request.attestor - * Required. The updated {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} value. The service will - * overwrite the {@link google.cloud.binaryauthorization.v1beta1.Attestor.name|attestor name} field with the resource name - * in the request URL, in the format `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.update_attestor.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async - */ - updateAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|undefined, {}|undefined - ]>; - updateAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): void; - updateAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): void; - updateAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor, - protos.google.cloud.binaryauthorization.v1beta1.IUpdateAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'attestor.name': request.attestor!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updateAttestor(request, options, callback); - } -/** - * Deletes an {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor}. Returns NOT_FOUND if the - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestor} does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The name of the {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors} to delete, in the format - * `projects/* /attestors/*`. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Empty]{@link google.protobuf.Empty}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.delete_attestor.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async - */ - deleteAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, - options?: CallOptions): - Promise<[ - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|undefined, {}|undefined - ]>; - deleteAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, - options: CallOptions, - callback: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): void; - deleteAttestor( - request: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, - callback: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): void; - deleteAttestor( - request?: protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.protobuf.IEmpty, - protos.google.cloud.binaryauthorization.v1beta1.IDeleteAttestorRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.deleteAttestor(request, options, callback); - } - - /** - * Lists {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}. - * Returns INVALID_ARGUMENT if the project does not exist. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listAttestorsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listAttestors( - request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor[], - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest|null, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse - ]>; - listAttestors( - request: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): void; - listAttestors( - request: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - callback: PaginationCallback< - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): void; - listAttestors( - request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1beta1.IAttestor>, - callback?: PaginationCallback< - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse|null|undefined, - protos.google.cloud.binaryauthorization.v1beta1.IAttestor>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IAttestor[], - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest|null, - protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listAttestors(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listAttestorsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listAttestorsStream( - request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const defaultCallSettings = this._defaults['listAttestors']; - const callSettings = defaultCallSettings.merge(options); - this.initialize(); - return this.descriptors.page.listAttestors.createStream( - this.innerApiCalls.listAttestors as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listAttestors`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the project associated with the - * {@link google.cloud.binaryauthorization.v1beta1.Attestor|attestors}, in the format `projects/*`. - * @param {number} request.pageSize - * Requested page size. The server may return fewer results than requested. If - * unspecified, the server will pick an appropriate default. - * @param {string} request.pageToken - * A token identifying a page of results the server should return. Typically, - * this is the value of {@link google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token|ListAttestorsResponse.next_page_token} returned - * from the previous call to the `ListAttestors` method. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [Attestor]{@link google.cloud.binaryauthorization.v1beta1.Attestor}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example include:samples/generated/v1beta1/binauthz_management_service_v1_beta1.list_attestors.js - * region_tag:binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async - */ - listAttestorsAsync( - request?: protos.google.cloud.binaryauthorization.v1beta1.IListAttestorsRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const defaultCallSettings = this._defaults['listAttestors']; - const callSettings = defaultCallSettings.merge(options); - this.initialize(); - return this.descriptors.page.listAttestors.asyncIterate( - this.innerApiCalls['listAttestors'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified attestor resource name string. - * - * @param {string} project - * @param {string} attestor - * @returns {string} Resource name string. - */ - attestorPath(project:string,attestor:string) { - return this.pathTemplates.attestorPathTemplate.render({ - project: project, - attestor: attestor, - }); - } - - /** - * Parse the project from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the project. - */ - matchProjectFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).project; - } - - /** - * Parse the attestor from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the attestor. - */ - matchAttestorFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; - } - - /** - * Return a fully-qualified locationPolicy resource name string. - * - * @param {string} location - * @returns {string} Resource name string. - */ - locationPolicyPath(location:string) { - return this.pathTemplates.locationPolicyPathTemplate.render({ - location: location, - }); - } - - /** - * Parse the location from LocationPolicy resource. - * - * @param {string} locationPolicyName - * A fully-qualified path representing location_policy resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationPolicyName(locationPolicyName: string) { - return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; - } - - /** - * Return a fully-qualified project resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPath(project:string) { - return this.pathTemplates.projectPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from Project resource. - * - * @param {string} projectName - * A fully-qualified path representing Project resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectName(projectName: string) { - return this.pathTemplates.projectPathTemplate.match(projectName).project; - } - - /** - * Return a fully-qualified projectPolicy resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPolicyPath(project:string) { - return this.pathTemplates.projectPolicyPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from ProjectPolicy resource. - * - * @param {string} projectPolicyName - * A fully-qualified path representing project_policy resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectPolicyName(projectPolicyName: string) { - return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - if (this.binauthzManagementServiceV1Beta1Stub && !this._terminated) { - return this.binauthzManagementServiceV1Beta1Stub.then(stub => { - this._terminated = true; - stub.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json deleted file mode 100644 index 8a493c0..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_client_config.json +++ /dev/null @@ -1,61 +0,0 @@ -{ - "interfaces": { - "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "GetPolicy": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdatePolicy": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "CreateAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "GetAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdateAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "ListAttestors": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "DeleteAttestor": { - "timeout_millis": 600000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json b/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json deleted file mode 100644 index 4991b0d..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/binauthz_management_service_v1_beta1_proto_list.json +++ /dev/null @@ -1,5 +0,0 @@ -[ - "../../protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto", - "../../protos/google/cloud/binaryauthorization/v1beta1/resources.proto", - "../../protos/google/cloud/binaryauthorization/v1beta1/service.proto" -] diff --git a/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json deleted file mode 100644 index 6425d12..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/gapic_metadata.json +++ /dev/null @@ -1,121 +0,0 @@ -{ - "schema": "1.0", - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "typescript", - "protoPackage": "google.cloud.binaryauthorization.v1beta1", - "libraryPackage": "@google-cloud/binary-authorization", - "services": { - "BinauthzManagementServiceV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "GetPolicy": { - "methods": [ - "getPolicy" - ] - }, - "UpdatePolicy": { - "methods": [ - "updatePolicy" - ] - }, - "CreateAttestor": { - "methods": [ - "createAttestor" - ] - }, - "GetAttestor": { - "methods": [ - "getAttestor" - ] - }, - "UpdateAttestor": { - "methods": [ - "updateAttestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "deleteAttestor" - ] - }, - "ListAttestors": { - "methods": [ - "listAttestors", - "listAttestorsStream", - "listAttestorsAsync" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "GetPolicy": { - "methods": [ - "getPolicy" - ] - }, - "UpdatePolicy": { - "methods": [ - "updatePolicy" - ] - }, - "CreateAttestor": { - "methods": [ - "createAttestor" - ] - }, - "GetAttestor": { - "methods": [ - "getAttestor" - ] - }, - "UpdateAttestor": { - "methods": [ - "updateAttestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "deleteAttestor" - ] - }, - "ListAttestors": { - "methods": [ - "listAttestors", - "listAttestorsStream", - "listAttestorsAsync" - ] - } - } - } - } - }, - "SystemPolicyV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "getSystemPolicy" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "getSystemPolicy" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/index.ts b/owl-bot-staging/v1beta1/src/v1beta1/index.ts deleted file mode 100644 index be27de6..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/index.ts +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -export {BinauthzManagementServiceV1Beta1Client} from './binauthz_management_service_v1_beta1_client'; -export {SystemPolicyV1Beta1Client} from './system_policy_v1_beta1_client'; diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts deleted file mode 100644 index 26da57c..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client.ts +++ /dev/null @@ -1,492 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions} from 'google-gax'; - -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1beta1/system_policy_v1_beta1_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './system_policy_v1_beta1_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * API for working with the system policy. - * @class - * @memberof v1beta1 - */ -export class SystemPolicyV1Beta1Client { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - pathTemplates: {[name: string]: gax.PathTemplate}; - systemPolicyV1Beta1Stub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of SystemPolicyV1Beta1Client. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof SystemPolicyV1Beta1Client; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - attestorPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/attestors/{attestor}' - ), - locationPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'locations/{location}/policy' - ), - projectPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}' - ), - projectPolicyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/policy' - ), - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.systemPolicyV1Beta1Stub) { - return this.systemPolicyV1Beta1Stub; - } - - // Put together the "service stub" for - // google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1. - this.systemPolicyV1Beta1Stub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const systemPolicyV1Beta1StubMethods = - ['getSystemPolicy']; - for (const methodName of systemPolicyV1Beta1StubMethods) { - const callPromise = this.systemPolicyV1Beta1Stub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.systemPolicyV1Beta1Stub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'binaryauthorization.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- -/** - * Gets the current system policy in the specified location. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name, in the format `locations/* /policy`. - * Note that the system policy is not associated with a project. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.cloud.binaryauthorization.v1beta1.Policy}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example include:samples/generated/v1beta1/system_policy_v1_beta1.get_system_policy.js - * region_tag:binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async - */ - getSystemPolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|undefined, {}|undefined - ]>; - getSystemPolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): void; - getSystemPolicy( - request: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, - callback: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): void; - getSystemPolicy( - request?: protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.binaryauthorization.v1beta1.IPolicy, - protos.google.cloud.binaryauthorization.v1beta1.IGetSystemPolicyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getSystemPolicy(request, options, callback); - } - - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified attestor resource name string. - * - * @param {string} project - * @param {string} attestor - * @returns {string} Resource name string. - */ - attestorPath(project:string,attestor:string) { - return this.pathTemplates.attestorPathTemplate.render({ - project: project, - attestor: attestor, - }); - } - - /** - * Parse the project from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the project. - */ - matchProjectFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).project; - } - - /** - * Parse the attestor from Attestor resource. - * - * @param {string} attestorName - * A fully-qualified path representing Attestor resource. - * @returns {string} A string representing the attestor. - */ - matchAttestorFromAttestorName(attestorName: string) { - return this.pathTemplates.attestorPathTemplate.match(attestorName).attestor; - } - - /** - * Return a fully-qualified locationPolicy resource name string. - * - * @param {string} location - * @returns {string} Resource name string. - */ - locationPolicyPath(location:string) { - return this.pathTemplates.locationPolicyPathTemplate.render({ - location: location, - }); - } - - /** - * Parse the location from LocationPolicy resource. - * - * @param {string} locationPolicyName - * A fully-qualified path representing location_policy resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationPolicyName(locationPolicyName: string) { - return this.pathTemplates.locationPolicyPathTemplate.match(locationPolicyName).location; - } - - /** - * Return a fully-qualified project resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPath(project:string) { - return this.pathTemplates.projectPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from Project resource. - * - * @param {string} projectName - * A fully-qualified path representing Project resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectName(projectName: string) { - return this.pathTemplates.projectPathTemplate.match(projectName).project; - } - - /** - * Return a fully-qualified projectPolicy resource name string. - * - * @param {string} project - * @returns {string} Resource name string. - */ - projectPolicyPath(project:string) { - return this.pathTemplates.projectPolicyPathTemplate.render({ - project: project, - }); - } - - /** - * Parse the project from ProjectPolicy resource. - * - * @param {string} projectPolicyName - * A fully-qualified path representing project_policy resource. - * @returns {string} A string representing the project. - */ - matchProjectFromProjectPolicyName(projectPolicyName: string) { - return this.pathTemplates.projectPolicyPathTemplate.match(projectPolicyName).project; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - if (this.systemPolicyV1Beta1Stub && !this._terminated) { - return this.systemPolicyV1Beta1Stub.then(stub => { - this._terminated = true; - stub.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json deleted file mode 100644 index 640f4be..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_client_config.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "interfaces": { - "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "GetSystemPolicy": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json b/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json deleted file mode 100644 index 4991b0d..0000000 --- a/owl-bot-staging/v1beta1/src/v1beta1/system_policy_v1_beta1_proto_list.json +++ /dev/null @@ -1,5 +0,0 @@ -[ - "../../protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto", - "../../protos/google/cloud/binaryauthorization/v1beta1/resources.proto", - "../../protos/google/cloud/binaryauthorization/v1beta1/service.proto" -] diff --git a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js deleted file mode 100644 index faf5021..0000000 --- a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.js +++ /dev/null @@ -1,28 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -/* eslint-disable node/no-missing-require, no-unused-vars */ -const binaryauthorization = require('@google-cloud/binary-authorization'); - -function main() { - const binauthzManagementServiceV1Beta1Client = new binaryauthorization.BinauthzManagementServiceV1Beta1Client(); - const systemPolicyV1Beta1Client = new binaryauthorization.SystemPolicyV1Beta1Client(); -} - -main(); diff --git a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts deleted file mode 100644 index f8dfeff..0000000 --- a/owl-bot-staging/v1beta1/system-test/fixtures/sample/src/index.ts +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import {BinauthzManagementServiceV1Beta1Client, SystemPolicyV1Beta1Client} from '@google-cloud/binary-authorization'; - -// check that the client class type name can be used -function doStuffWithBinauthzManagementServiceV1Beta1Client(client: BinauthzManagementServiceV1Beta1Client) { - client.close(); -} -function doStuffWithSystemPolicyV1Beta1Client(client: SystemPolicyV1Beta1Client) { - client.close(); -} - -function main() { - // check that the client instance can be created - const binauthzManagementServiceV1Beta1Client = new BinauthzManagementServiceV1Beta1Client(); - doStuffWithBinauthzManagementServiceV1Beta1Client(binauthzManagementServiceV1Beta1Client); - // check that the client instance can be created - const systemPolicyV1Beta1Client = new SystemPolicyV1Beta1Client(); - doStuffWithSystemPolicyV1Beta1Client(systemPolicyV1Beta1Client); -} - -main(); diff --git a/owl-bot-staging/v1beta1/system-test/install.ts b/owl-bot-staging/v1beta1/system-test/install.ts deleted file mode 100644 index 8ec4522..0000000 --- a/owl-bot-staging/v1beta1/system-test/install.ts +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import { packNTest } from 'pack-n-play'; -import { readFileSync } from 'fs'; -import { describe, it } from 'mocha'; - -describe('📦 pack-n-play test', () => { - - it('TypeScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'TypeScript user can use the type definitions', - ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() - } - }; - await packNTest(options); - }); - - it('JavaScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'JavaScript user can use the library', - ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() - } - }; - await packNTest(options); - }); - -}); diff --git a/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts b/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts deleted file mode 100644 index 8078564..0000000 --- a/owl-bot-staging/v1beta1/test/gapic_binauthz_management_service_v1_beta1_v1beta1.ts +++ /dev/null @@ -1,1126 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as binauthzmanagementservicev1beta1Module from '../src'; - -import {PassThrough} from 'stream'; - -import {protobuf} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { - const pagingStub = sinon.stub(); - if (responses) { - for (let i = 0; i < responses.length; ++i) { - pagingStub.onCall(i).callsArgWith(2, null, responses[i]); - } - } - const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; - const mockStream = new PassThrough({ - objectMode: true, - transform: transformStub, - }); - // trigger as many responses as needed - if (responses) { - for (let i = 0; i < responses.length; ++i) { - setImmediate(() => { mockStream.write({}); }); - } - setImmediate(() => { mockStream.end(); }); - } else { - setImmediate(() => { mockStream.write({}); }); - setImmediate(() => { mockStream.end(); }); - } - return sinon.stub().returns(mockStream); -} - -function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { - let counter = 0; - const asyncIterable = { - [Symbol.asyncIterator]() { - return { - async next() { - if (error) { - return Promise.reject(error); - } - if (counter >= responses!.length) { - return Promise.resolve({done: true, value: undefined}); - } - return Promise.resolve({done: false, value: responses![counter++]}); - } - }; - } - }; - return sinon.stub().returns(asyncIterable); -} - -describe('v1beta1.BinauthzManagementServiceV1Beta1Client', () => { - it('has servicePath', () => { - const servicePath = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.binauthzManagementServiceV1Beta1Stub, undefined); - await client.initialize(); - assert(client.binauthzManagementServiceV1Beta1Stub); - }); - - it('has close method for the initialized client', done => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - assert(client.binauthzManagementServiceV1Beta1Stub); - client.close().then(() => { - done(); - }); - }); - - it('has close method for the non-initialized client', done => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.binauthzManagementServiceV1Beta1Stub, undefined); - client.close().then(() => { - done(); - }); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('getPolicy', () => { - it('invokes getPolicy without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.getPolicy = stubSimpleCall(expectedResponse); - const [response] = await client.getPolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getPolicy without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.getPolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getPolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getPolicy with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getPolicy(request), expectedError); - assert((client.innerApiCalls.getPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getPolicy with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getPolicy(request), expectedError); - }); - }); - - describe('updatePolicy', () => { - it('invokes updatePolicy without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.updatePolicy = stubSimpleCall(expectedResponse); - const [response] = await client.updatePolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updatePolicy without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.updatePolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updatePolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updatePolicy with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedHeaderRequestParams = "policy.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updatePolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updatePolicy(request), expectedError); - assert((client.innerApiCalls.updatePolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updatePolicy with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest()); - request.policy = {}; - request.policy.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.updatePolicy(request), expectedError); - }); - }); - - describe('createAttestor', () => { - it('invokes createAttestor without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.createAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.createAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.createAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createAttestor with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createAttestor(request), expectedError); - assert((client.innerApiCalls.createAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest()); - request.parent = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.createAttestor(request), expectedError); - }); - }); - - describe('getAttestor', () => { - it('invokes getAttestor without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.getAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.getAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.getAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getAttestor with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getAttestor(request), expectedError); - assert((client.innerApiCalls.getAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getAttestor(request), expectedError); - }); - }); - - describe('updateAttestor', () => { - it('invokes updateAttestor without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.updateAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.updateAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()); - client.innerApiCalls.updateAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updateAttestor( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updateAttestor with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedHeaderRequestParams = "attestor.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updateAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updateAttestor(request), expectedError); - assert((client.innerApiCalls.updateAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest()); - request.attestor = {}; - request.attestor.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.updateAttestor(request), expectedError); - }); - }); - - describe('deleteAttestor', () => { - it('invokes deleteAttestor without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); - client.innerApiCalls.deleteAttestor = stubSimpleCall(expectedResponse); - const [response] = await client.deleteAttestor(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes deleteAttestor without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.protobuf.Empty()); - client.innerApiCalls.deleteAttestor = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.deleteAttestor( - request, - (err?: Error|null, result?: protos.google.protobuf.IEmpty|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes deleteAttestor with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.deleteAttestor = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.deleteAttestor(request), expectedError); - assert((client.innerApiCalls.deleteAttestor as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes deleteAttestor with closed client', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.deleteAttestor(request), expectedError); - }); - }); - - describe('listAttestors', () => { - it('invokes listAttestors without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - ]; - client.innerApiCalls.listAttestors = stubSimpleCall(expectedResponse); - const [response] = await client.listAttestors(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listAttestors without error using callback', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - ]; - client.innerApiCalls.listAttestors = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listAttestors( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listAttestors with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listAttestors = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listAttestors(request), expectedError); - assert((client.innerApiCalls.listAttestors as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listAttestorsStream without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - ]; - client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listAttestorsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.binaryauthorization.v1beta1.Attestor[] = []; - stream.on('data', (response: protos.google.cloud.binaryauthorization.v1beta1.Attestor) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); - assert.strictEqual( - (client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listAttestorsStream with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listAttestors.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listAttestorsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.binaryauthorization.v1beta1.Attestor[] = []; - stream.on('data', (response: protos.google.cloud.binaryauthorization.v1beta1.Attestor) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listAttestors, request)); - assert.strictEqual( - (client.descriptors.page.listAttestors.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listAttestors without error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Attestor()), - ]; - client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[] = []; - const iterable = client.listAttestorsAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listAttestors with error', async () => { - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listAttestors.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listAttestorsAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.binaryauthorization.v1beta1.IAttestor[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listAttestors.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - - describe('Path templates', () => { - - describe('attestor', () => { - const fakePath = "/rendered/path/attestor"; - const expectedParameters = { - project: "projectValue", - attestor: "attestorValue", - }; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.attestorPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.attestorPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('attestorPath', () => { - const result = client.attestorPath("projectValue", "attestorValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromAttestorName', () => { - const result = client.matchProjectFromAttestorName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchAttestorFromAttestorName', () => { - const result = client.matchAttestorFromAttestorName(fakePath); - assert.strictEqual(result, "attestorValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('locationPolicy', () => { - const fakePath = "/rendered/path/locationPolicy"; - const expectedParameters = { - location: "locationValue", - }; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPolicyPath', () => { - const result = client.locationPolicyPath("locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchLocationFromLocationPolicyName', () => { - const result = client.matchLocationFromLocationPolicyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('project', () => { - const fakePath = "/rendered/path/project"; - const expectedParameters = { - project: "projectValue", - }; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPath', () => { - const result = client.projectPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectName', () => { - const result = client.matchProjectFromProjectName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('projectPolicy', () => { - const fakePath = "/rendered/path/projectPolicy"; - const expectedParameters = { - project: "projectValue", - }; - const client = new binauthzmanagementservicev1beta1Module.v1beta1.BinauthzManagementServiceV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPolicyPath', () => { - const result = client.projectPolicyPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectPolicyName', () => { - const result = client.matchProjectFromProjectPolicyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts b/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts deleted file mode 100644 index af6aa1d..0000000 --- a/owl-bot-staging/v1beta1/test/gapic_system_policy_v1_beta1_v1beta1.ts +++ /dev/null @@ -1,363 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as systempolicyv1beta1Module from '../src'; - -import {protobuf} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -describe('v1beta1.SystemPolicyV1Beta1Client', () => { - it('has servicePath', () => { - const servicePath = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.systemPolicyV1Beta1Stub, undefined); - await client.initialize(); - assert(client.systemPolicyV1Beta1Stub); - }); - - it('has close method for the initialized client', done => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - assert(client.systemPolicyV1Beta1Stub); - client.close().then(() => { - done(); - }); - }); - - it('has close method for the non-initialized client', done => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.systemPolicyV1Beta1Stub, undefined); - client.close().then(() => { - done(); - }); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('getSystemPolicy', () => { - it('invokes getSystemPolicy without error', async () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.getSystemPolicy = stubSimpleCall(expectedResponse); - const [response] = await client.getSystemPolicy(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getSystemPolicy without error using callback', async () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.Policy()); - client.innerApiCalls.getSystemPolicy = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getSystemPolicy( - request, - (err?: Error|null, result?: protos.google.cloud.binaryauthorization.v1beta1.IPolicy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getSystemPolicy with error', async () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getSystemPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getSystemPolicy(request), expectedError); - assert((client.innerApiCalls.getSystemPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getSystemPolicy with closed client', async () => { - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest()); - request.name = ''; - const expectedError = new Error('The client has already been closed.'); - client.close(); - await assert.rejects(client.getSystemPolicy(request), expectedError); - }); - }); - - describe('Path templates', () => { - - describe('attestor', () => { - const fakePath = "/rendered/path/attestor"; - const expectedParameters = { - project: "projectValue", - attestor: "attestorValue", - }; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.attestorPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.attestorPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('attestorPath', () => { - const result = client.attestorPath("projectValue", "attestorValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.attestorPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromAttestorName', () => { - const result = client.matchProjectFromAttestorName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchAttestorFromAttestorName', () => { - const result = client.matchAttestorFromAttestorName(fakePath); - assert.strictEqual(result, "attestorValue"); - assert((client.pathTemplates.attestorPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('locationPolicy', () => { - const fakePath = "/rendered/path/locationPolicy"; - const expectedParameters = { - location: "locationValue", - }; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPolicyPath', () => { - const result = client.locationPolicyPath("locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchLocationFromLocationPolicyName', () => { - const result = client.matchLocationFromLocationPolicyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('project', () => { - const fakePath = "/rendered/path/project"; - const expectedParameters = { - project: "projectValue", - }; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPath', () => { - const result = client.projectPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectName', () => { - const result = client.matchProjectFromProjectName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('projectPolicy', () => { - const fakePath = "/rendered/path/projectPolicy"; - const expectedParameters = { - project: "projectValue", - }; - const client = new systempolicyv1beta1Module.v1beta1.SystemPolicyV1Beta1Client({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.projectPolicyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.projectPolicyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('projectPolicyPath', () => { - const result = client.projectPolicyPath("projectValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.projectPolicyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromProjectPolicyName', () => { - const result = client.matchProjectFromProjectPolicyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.projectPolicyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1beta1/tsconfig.json b/owl-bot-staging/v1beta1/tsconfig.json deleted file mode 100644 index c78f1c8..0000000 --- a/owl-bot-staging/v1beta1/tsconfig.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "extends": "./node_modules/gts/tsconfig-google.json", - "compilerOptions": { - "rootDir": ".", - "outDir": "build", - "resolveJsonModule": true, - "lib": [ - "es2018", - "dom" - ] - }, - "include": [ - "src/*.ts", - "src/**/*.ts", - "test/*.ts", - "test/**/*.ts", - "system-test/*.ts" - ] -} diff --git a/owl-bot-staging/v1beta1/webpack.config.js b/owl-bot-staging/v1beta1/webpack.config.js deleted file mode 100644 index 58a92d5..0000000 --- a/owl-bot-staging/v1beta1/webpack.config.js +++ /dev/null @@ -1,64 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -const path = require('path'); - -module.exports = { - entry: './src/index.ts', - output: { - library: 'BinauthzManagementServiceV1Beta1', - filename: './binauthz-management-service-v1-beta1.js', - }, - node: { - child_process: 'empty', - fs: 'empty', - crypto: 'empty', - }, - resolve: { - alias: { - '../../../package.json': path.resolve(__dirname, 'package.json'), - }, - extensions: ['.js', '.json', '.ts'], - }, - module: { - rules: [ - { - test: /\.tsx?$/, - use: 'ts-loader', - exclude: /node_modules/ - }, - { - test: /node_modules[\\/]@grpc[\\/]grpc-js/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]grpc/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]retry-request/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]https?-proxy-agent/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]gtoken/, - use: 'null-loader' - }, - ], - }, - mode: 'production', -}; diff --git a/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto b/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto index 4f7bfdd..1666b51 100644 --- a/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto +++ b/protos/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.proto @@ -1,4 +1,4 @@ -// Copyright 2021 Google LLC +// Copyright 2022 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -31,6 +31,15 @@ option ruby_package = "Google::Cloud::BinaryAuthorization::V1beta1"; message ContinuousValidationEvent { // An auditing event for one Pod. message ContinuousValidationPodEvent { + // Audit time policy conformance verdict. + enum PolicyConformanceVerdict { + // We should always have a verdict. This is an error. + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0; + + // The pod violates the policy. + VIOLATES_POLICY = 1; + } + // Container image with auditing details. message ImageDetails { // Result of the audit. @@ -55,14 +64,8 @@ message ContinuousValidationEvent { string description = 3; } - // Audit time policy conformance verdict. - enum PolicyConformanceVerdict { - // We should always have a verdict. This is an error. - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0; - - // The pod violates the policy. - VIOLATES_POLICY = 1; - } + // The k8s namespace of the Pod. + string pod_namespace = 7; // The name of the Pod. string pod = 1; diff --git a/protos/protos.d.ts b/protos/protos.d.ts index 19e1461..df4bfbd 100644 --- a/protos/protos.d.ts +++ b/protos/protos.d.ts @@ -2255,6 +2255,9 @@ export namespace google { /** Properties of a ContinuousValidationPodEvent. */ interface IContinuousValidationPodEvent { + /** ContinuousValidationPodEvent podNamespace */ + podNamespace?: (string|null); + /** ContinuousValidationPodEvent pod */ pod?: (string|null); @@ -2280,6 +2283,9 @@ export namespace google { */ constructor(properties?: google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.IContinuousValidationPodEvent); + /** ContinuousValidationPodEvent podNamespace. */ + public podNamespace: string; + /** ContinuousValidationPodEvent pod. */ public pod: string; @@ -2368,6 +2374,12 @@ export namespace google { namespace ContinuousValidationPodEvent { + /** PolicyConformanceVerdict enum. */ + enum PolicyConformanceVerdict { + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0, + VIOLATES_POLICY = 1 + } + /** Properties of an ImageDetails. */ interface IImageDetails { @@ -2479,12 +2491,6 @@ export namespace google { DENY = 2 } } - - /** PolicyConformanceVerdict enum. */ - enum PolicyConformanceVerdict { - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0, - VIOLATES_POLICY = 1 - } } /** Properties of an UnsupportedPolicyEvent. */ diff --git a/protos/protos.js b/protos/protos.js index 40617dd..fbc5086 100644 --- a/protos/protos.js +++ b/protos/protos.js @@ -5344,6 +5344,7 @@ * Properties of a ContinuousValidationPodEvent. * @memberof google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent * @interface IContinuousValidationPodEvent + * @property {string|null} [podNamespace] ContinuousValidationPodEvent podNamespace * @property {string|null} [pod] ContinuousValidationPodEvent pod * @property {google.protobuf.ITimestamp|null} [deployTime] ContinuousValidationPodEvent deployTime * @property {google.protobuf.ITimestamp|null} [endTime] ContinuousValidationPodEvent endTime @@ -5367,6 +5368,14 @@ this[keys[i]] = properties[keys[i]]; } + /** + * ContinuousValidationPodEvent podNamespace. + * @member {string} podNamespace + * @memberof google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent + * @instance + */ + ContinuousValidationPodEvent.prototype.podNamespace = ""; + /** * ContinuousValidationPodEvent pod. * @member {string} pod @@ -5442,6 +5451,8 @@ if (message.images != null && message.images.length) for (var i = 0; i < message.images.length; ++i) $root.google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.encode(message.images[i], writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + if (message.podNamespace != null && Object.hasOwnProperty.call(message, "podNamespace")) + writer.uint32(/* id 7, wireType 2 =*/58).string(message.podNamespace); return writer; }; @@ -5476,6 +5487,9 @@ while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { + case 7: + message.podNamespace = reader.string(); + break; case 1: message.pod = reader.string(); break; @@ -5528,6 +5542,9 @@ ContinuousValidationPodEvent.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; + if (message.podNamespace != null && message.hasOwnProperty("podNamespace")) + if (!$util.isString(message.podNamespace)) + return "podNamespace: string expected"; if (message.pod != null && message.hasOwnProperty("pod")) if (!$util.isString(message.pod)) return "pod: string expected"; @@ -5573,6 +5590,8 @@ if (object instanceof $root.google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent) return object; var message = new $root.google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent(); + if (object.podNamespace != null) + message.podNamespace = String(object.podNamespace); if (object.pod != null) message.pod = String(object.pod); if (object.deployTime != null) { @@ -5628,6 +5647,7 @@ object.deployTime = null; object.endTime = null; object.verdict = options.enums === String ? "POLICY_CONFORMANCE_VERDICT_UNSPECIFIED" : 0; + object.podNamespace = ""; } if (message.pod != null && message.hasOwnProperty("pod")) object.pod = message.pod; @@ -5642,6 +5662,8 @@ for (var j = 0; j < message.images.length; ++j) object.images[j] = $root.google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.toObject(message.images[j], options); } + if (message.podNamespace != null && message.hasOwnProperty("podNamespace")) + object.podNamespace = message.podNamespace; return object; }; @@ -5656,6 +5678,20 @@ return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; + /** + * PolicyConformanceVerdict enum. + * @name google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict + * @enum {number} + * @property {number} POLICY_CONFORMANCE_VERDICT_UNSPECIFIED=0 POLICY_CONFORMANCE_VERDICT_UNSPECIFIED value + * @property {number} VIOLATES_POLICY=1 VIOLATES_POLICY value + */ + ContinuousValidationPodEvent.PolicyConformanceVerdict = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "POLICY_CONFORMANCE_VERDICT_UNSPECIFIED"] = 0; + values[valuesById[1] = "VIOLATES_POLICY"] = 1; + return values; + })(); + ContinuousValidationPodEvent.ImageDetails = (function() { /** @@ -5922,20 +5958,6 @@ return ImageDetails; })(); - /** - * PolicyConformanceVerdict enum. - * @name google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict - * @enum {number} - * @property {number} POLICY_CONFORMANCE_VERDICT_UNSPECIFIED=0 POLICY_CONFORMANCE_VERDICT_UNSPECIFIED value - * @property {number} VIOLATES_POLICY=1 VIOLATES_POLICY value - */ - ContinuousValidationPodEvent.PolicyConformanceVerdict = (function() { - var valuesById = {}, values = Object.create(valuesById); - values[valuesById[0] = "POLICY_CONFORMANCE_VERDICT_UNSPECIFIED"] = 0; - values[valuesById[1] = "VIOLATES_POLICY"] = 1; - return values; - })(); - return ContinuousValidationPodEvent; })(); diff --git a/protos/protos.json b/protos/protos.json index bd0b521..56a3832 100644 --- a/protos/protos.json +++ b/protos/protos.json @@ -701,6 +701,10 @@ "nested": { "ContinuousValidationPodEvent": { "fields": { + "podNamespace": { + "type": "string", + "id": 7 + }, "pod": { "type": "string", "id": 1 @@ -724,6 +728,12 @@ } }, "nested": { + "PolicyConformanceVerdict": { + "values": { + "POLICY_CONFORMANCE_VERDICT_UNSPECIFIED": 0, + "VIOLATES_POLICY": 1 + } + }, "ImageDetails": { "fields": { "image": { @@ -748,12 +758,6 @@ } } } - }, - "PolicyConformanceVerdict": { - "values": { - "POLICY_CONFORMANCE_VERDICT_UNSPECIFIED": 0, - "VIOLATES_POLICY": 1 - } } } },