Categorygithub.com/devtron-labs/image-scannergrafeas
package
0.0.0-20241003100141-b4049696fc85
Repository: https://github.com/devtron-labs/image-scanner.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
21
Dependents
1
Files
2.5k SLOC

# README

Go API client for grafeas

No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)

Overview

This API client was generated by the swagger-codegen project. By using the swagger-spec from a remote server, you can easily generate an API client.

  • API version: version not set
  • Package version: 0.1.4
  • Build package: io.swagger.codegen.languages.GoClientCodegen

Installation

Put the package under your project folder and add the following in import:

import "./grafeas"

Documentation for API Endpoints

All URIs are relative to http://localhost

ClassMethodHTTP requestDescription
GrafeasV1Beta1ApiBatchCreateNotesPost /v1beta1/{parent=projects/*}/notes:batchCreateCreates new notes in batch.
GrafeasV1Beta1ApiBatchCreateOccurrencesPost /v1beta1/{parent=projects/*}/occurrences:batchCreateCreates new occurrences in batch.
GrafeasV1Beta1ApiCreateNotePost /v1beta1/{parent=projects/*}/notesCreates a new note.
GrafeasV1Beta1ApiCreateOccurrencePost /v1beta1/{parent=projects/*}/occurrencesCreates a new occurrence.
GrafeasV1Beta1ApiDeleteNoteDelete /v1beta1/{name=projects//notes/}Deletes the specified note.
GrafeasV1Beta1ApiDeleteOccurrenceDelete /v1beta1/{name=projects//occurrences/}Deletes the specified occurrence. For example, use this method to delete an occurrence when the occurrence is no longer applicable for the given resource.
GrafeasV1Beta1ApiGetNoteGet /v1beta1/{name=projects//notes/}Gets the specified note.
GrafeasV1Beta1ApiGetOccurrenceGet /v1beta1/{name=projects//occurrences/}Gets the specified occurrence.
GrafeasV1Beta1ApiGetOccurrenceNoteGet /v1beta1/{name=projects//occurrences/}/notesGets the note attached to the specified occurrence. Consumer projects can use this method to get a note that belongs to a provider project.
GrafeasV1Beta1ApiGetVulnerabilityOccurrencesSummaryGet /v1beta1/{parent=projects/*}/occurrences:vulnerabilitySummaryGets a summary of the number and severity of occurrences.
GrafeasV1Beta1ApiListNoteOccurrencesGet /v1beta1/{name=projects//notes/}/occurrencesLists occurrences referencing the specified note. Provider projects can use this method to get all occurrences across consumer projects referencing the specified note.
GrafeasV1Beta1ApiListNotesGet /v1beta1/{parent=projects/*}/notesLists notes for the specified project.
GrafeasV1Beta1ApiListOccurrencesGet /v1beta1/{parent=projects/*}/occurrencesLists occurrences for the specified project.
GrafeasV1Beta1ApiUpdateNotePatch /v1beta1/{name=projects//notes/}Updates the specified note.
GrafeasV1Beta1ApiUpdateOccurrencePatch /v1beta1/{name=projects//occurrences/}Updates the specified occurrence.

Documentation For Models

Documentation For Authorization

Endpoints do not require authorization.

Author

# Functions

CacheExpires helper function to determine remaining time before repeating a request.
NewAPIClient creates a new API client.
No description provided by the author
No description provided by the author
No description provided by the author

# Constants

List of DiscoveredContinuousAnalysis.
List of LayerDirective.
List of CVSSv3AttackVector.
List of DiscoveredAnalysisStatus.
List of packageArchitecture.
List of LayerDirective.
List of v1beta1NoteKind.
List of v1beta1NoteKind.
List of CVSSv3Scope.
List of LayerDirective.
CONTENT_TYPE_UNSPECIFIED_AttestationGenericSignedAttestationContentType
List of attestationGenericSignedAttestationContentType.
CONTENT_TYPE_UNSPECIFIED_AttestationPgpSignedAttestationContentType
List of attestationPgpSignedAttestationContentType.
List of DiscoveredContinuousAnalysis.
List of LayerDirective.
List of vulnerabilitySeverity.
List of DeploymentPlatform.
List of v1beta1NoteKind.
List of LayerDirective.
List of v1beta1NoteKind.
List of LayerDirective.
List of LayerDirective.
List of LayerDirective.
List of DiscoveredAnalysisStatus.
List of DiscoveredAnalysisStatus.
List of DiscoveredAnalysisStatus.
List of AliasContextKind.
List of DeploymentPlatform.
List of DeploymentPlatform.
List of HashHashType.
List of LayerDirective.
List of CVSSv3AttackComplexity.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of vulnerabilitySeverity.
List of v1beta1NoteKind.
List of DiscoveredContinuousAnalysis.
List of v1beta1NoteKind.
List of BuildSignatureKeyType.
List of AliasContextKind.
List of LayerDirective.
List of CVSSv3AttackVector.
List of CVSSv3AttackComplexity.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of vulnerabilitySeverity.
List of LayerDirective.
List of VersionVersionKind.
List of vulnerabilitySeverity.
List of vulnerabilitySeverity.
List of VersionVersionKind.
List of AliasContextKind.
List of CVSSv3AttackVector.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of CVSSv3UserInteraction.
List of VersionVersionKind.
List of v1beta1NoteKind.
List of LayerDirective.
List of AliasContextKind.
PACKAGE__V1beta1NoteKind
List of v1beta1NoteKind.
List of DiscoveredAnalysisStatus.
List of BuildSignatureKeyType.
List of CVSSv3AttackVector.
List of BuildSignatureKeyType.
List of DeploymentPlatform.
List of CVSSv3UserInteraction.
List of LayerDirective.
List of DiscoveredAnalysisStatus.
List of vulnerabilitySeverity.
List of HashHashType.
List of LayerDirective.
List of attestationGenericSignedAttestationContentType.
List of attestationPgpSignedAttestationContentType.
List of LayerDirective.
List of CVSSv3Scope.
List of CVSSv3AttackComplexity.
List of CVSSv3AttackVector.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of CVSSv3Scope.
List of CVSSv3UserInteraction.
List of LayerDirective.
List of VersionVersionKind.
List of LayerDirective.
List of v1beta1NoteKind.
List of LayerDirective.
List of packageArchitecture.
List of packageArchitecture.

# Variables

ContextAccessToken takes a string oauth2 access token as authentication for the request.
ContextAPIKey takes an APIKey as authentication for the request.
ContextBasicAuth takes BasicAuth as authentication for the request.
ContextOAuth2 takes a oauth2.TokenSource as authentication for the request.

# Structs

APIClient manages communication with the grafeas.proto API vversion not set In most cases there should be only one, shared, APIClient.
APIKey provides API key based authentication to a request passed via context using ContextAPIKey.
No description provided by the author
Occurrence that represents a single \"attestation\".
Note kind that represents a logical attestation \"role\" or \"authority\".
An attestation wrapper that uses the Grafeas `Signature` message.
An attestation wrapper with a PGP-compatible signature.
This submessage provides human-readable hints about the purpose of the authority.
BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth.
Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.
Message encapsulating the signature of the verified build.
No description provided by the author
An artifact that can be deployed in some runtime.
The period during which some deployable was active in a runtime.
Provides information about the analysis status of a discovered resource.
A note that indicates a type of analysis a provider would perform.
GenericSwaggerError Provides access to the body, error and model on returned errors.
No description provided by the author
Verifiers (e.g.
Basis describes the base image portion (Note) of the DockerImage relationship.
Derived describes the derived image portion (Occurrence) of the DockerImage relationship.
A set of properties that uniquely identify a given Docker image.
Layer holds metadata specific to a layer of a Docker image.
No description provided by the author
This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout.
This corresponds to an in-toto link.
No description provided by the author
This defines the format used to record keys used in the software supply chain.
Defines a hash object for use in Materials and Products.
Defines an object for the byproducts field in in-toto links.
Defines an object for the environment field in in-toto links.
No description provided by the author
No description provided by the author
No description provided by the author
This represents a particular channel of distribution for a given package.
This represents how a particular software package may be installed on a system.
This represents a particular package that is distributed over various channels.
Version contains structured information about the version of a package.
`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.
paths: \"f.a\" paths: \"f.b.d\" Here `f` represents a field in some root message, `a` and `b` fields in the message found in `f`, and `d` a field found in the message in `f.b`.
Provenance of a build.
Command describes a step performed as part of the build pipeline.
Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.
Container message for hash values.
Source describes the location of the source used for the build.
- Simple to use and understand for most users - Flexible enough to meet unexpected needs # Overview The `Status` message contains three pieces of data: error code, error message, and error details.
An alias to a repo revision.
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
A SourceContext referring to a Gerrit project.
A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).
Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.
A unique identifier for a Cloud Repo.
A SourceContext is a reference to a tree of files.
Details of an attestation occurrence.
Request to create notes in batch.
Response for creating notes in batch.
Request to create occurrences in batch.
Response for creating occurrences in batch.
Details of a build occurrence.
Details of a deployment occurrence.
Details of a discovery occurrence.
Details of an image occurrence.
This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself.
A signature object consists of the KeyID used and the signature itself.
Response for listing occurrences for a note.
Response for listing notes.
Response for listing occurrences.
A type of analysis that can be done for a resource.
An instance of an analysis type that has been found on a resource.
Details of a package occurrence.
An occurrence of a particular package installation found within a system's filesystem.
Artifact describes a build product.
Metadata for any related URL information.
An entity that can have metadata.
Details of a vulnerability Occurrence.
A summary of how many vulnerability occurrences there are per resource and severity type.
No description provided by the author
No description provided by the author
Per resource and severity counts of fixable and total vulnerabilities.
This message wraps a location affected by a vulnerability and its associated fix (if one is available).
Vulnerability provides metadata about a security vulnerability in a Note.
The location of the vulnerability.
No description provided by the author
No description provided by the author

# Type aliases

AliasContextKind : The type of an alias.
AttestationGenericSignedAttestationContentType : Type of the attestation plaintext that was signed.
AttestationPgpSignedAttestationContentType : Type (for example schema) of the attestation payload that was signed.
BuildSignatureKeyType : Public key formats.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
DeploymentPlatform : Types of platforms.
DiscoveredAnalysisStatus : Analysis status for a resource.
DiscoveredContinuousAnalysis : Whether the resource is continuously analyzed.
No description provided by the author
HashHashType : Specifies the hash algorithm.
LayerDirective : Instructions from Dockerfile.
PackageArchitecture : Instruction set architectures supported by various package managers.
V1beta1NoteKind : Kind represents the kinds of notes supported.
VersionVersionKind : Whether this is an ordinary package version or a sentinel MIN/MAX version.
VulnerabilitySeverity : Note provider-assigned severity/impact ranking.