# README
Go API client for Grafeas
This is a heavily modified and working fork of the generated Swagger go client, adapted to follow the OpenApi specification as recorded here. It also provides the client as a mockable interface and removes unnecessary complexity of the original.
This is a client library for the Grafeas API in Go, generated by Swagger Codegen.
Overview
- API version: v1beta1
- Package version: 0.1.0
- Build package: io.swagger.codegen.languages.GoClientCodegen
Installation
go get github.com/ocibuilder/gofeas
Documentation for API Endpoints
All URIs are relative to http://localhost
| Class | Method | HTTP request | Description |
|---|---|---|---|
| GrafeasV1Beta1Api | BatchCreateNotes | Post /v1beta1/{parent=projects/*}/notes:batchCreate | Creates new notes in batch. |
| GrafeasV1Beta1Api | BatchCreateOccurrences | Post /v1beta1/{parent=projects/*}/occurrences:batchCreate | Creates new occurrences in batch. |
| GrafeasV1Beta1Api | CreateNote | Post /v1beta1/{parent=projects/*}/notes | Creates a new note. |
| GrafeasV1Beta1Api | CreateOccurrence | Post /v1beta1/{parent=projects/*}/occurrences | Creates a new occurrence. |
| GrafeasV1Beta1Api | DeleteNote | Delete /v1beta1/{name=projects//notes/} | Deletes the specified note. |
| GrafeasV1Beta1Api | DeleteOccurrence | Delete /v1beta1/{name=projects//occurrences/} | Deletes the specified occurrence. For example, use this method to delete an occurrence when the occurrence is no longer applicable for the given resource. |
| GrafeasV1Beta1Api | GetNote | Get /v1beta1/{name=projects//notes/} | Gets the specified note. |
| GrafeasV1Beta1Api | GetOccurrence | Get /v1beta1/{name=projects//occurrences/} | Gets the specified occurrence. |
| GrafeasV1Beta1Api | GetOccurrenceNote | Get /v1beta1/{name=projects//occurrences/}/notes | Gets the note attached to the specified occurrence. Consumer projects can use this method to get a note that belongs to a provider project. |
| GrafeasV1Beta1Api | GetVulnerabilityOccurrencesSummary | Get /v1beta1/{parent=projects/*}/occurrences:vulnerabilitySummary | Gets a summary of the number and severity of occurrences. |
| GrafeasV1Beta1Api | ListNoteOccurrences | Get /v1beta1/{name=projects//notes/}/occurrences | Lists occurrences referencing the specified note. Provider projects can use this method to get all occurrences across consumer projects referencing the specified note. |
| GrafeasV1Beta1Api | ListNotes | Get /v1beta1/{parent=projects/*}/notes | Lists notes for the specified project. |
| GrafeasV1Beta1Api | ListOccurrences | Get /v1beta1/{parent=projects/*}/occurrences | Lists occurrences for the specified project. |
| GrafeasV1Beta1Api | UpdateNote | Patch /v1beta1/{name=projects//notes/} | Updates the specified note. |
| GrafeasV1Beta1Api | UpdateOccurrence | Patch /v1beta1/{name=projects//occurrences/} | Updates the specified occurrence. |
Documentation For Models
- AliasContextKind
- AttestationAttestation
- AttestationAuthority
- AttestationGenericSignedAttestation
- AttestationGenericSignedAttestationContentType
- AttestationPgpSignedAttestation
- AttestationPgpSignedAttestationContentType
- AuthorityHint
- BuildBuild
- BuildBuildSignature
- BuildSignatureKeyType
- CvsSv3AttackComplexity
- CvsSv3AttackVector
- CvsSv3Impact
- CvsSv3PrivilegesRequired
- CvsSv3Scope
- CvsSv3UserInteraction
- DeploymentDeployable
- DeploymentDeployment
- DeploymentPlatform
- DiscoveredAnalysisStatus
- DiscoveredContinuousAnalysis
- DiscoveryDiscovered
- DiscoveryDiscovery
- HashHashType
- ImageBasis
- ImageDerived
- ImageFingerprint
- ImageLayer
- LayerDirective
- PackageArchitecture
- PackageDistribution
- PackageInstallation
- PackagePackage
- PackageVersion
- ProtobufAny
- ProtobufFieldMask
- ProvenanceArtifact
- ProvenanceBuildProvenance
- ProvenanceCommand
- ProvenanceFileHashes
- ProvenanceHash
- ProvenanceSource
- RpcStatus
- SourceAliasContext
- SourceCloudRepoSourceContext
- SourceGerritSourceContext
- SourceGitSourceContext
- SourceProjectRepoId
- SourceRepoId
- SourceSourceContext
- V1beta1BatchCreateNotesRequest
- V1beta1BatchCreateNotesResponse
- V1beta1BatchCreateOccurrencesRequest
- V1beta1BatchCreateOccurrencesResponse
- V1beta1ListNoteOccurrencesResponse
- V1beta1ListNotesResponse
- V1beta1ListOccurrencesResponse
- V1beta1Note
- V1beta1NoteKind
- V1beta1Occurrence
- V1beta1RelatedUrl
- V1beta1Resource
- V1beta1Signature
- V1beta1VulnerabilityOccurrencesSummary
- V1beta1attestationDetails
- V1beta1buildDetails
- V1beta1deploymentDetails
- V1beta1discoveryDetails
- V1beta1imageDetails
- V1beta1packageDetails
- V1beta1packageLocation
- V1beta1vulnerabilityDetails
- VersionVersionKind
- VulnerabilityCvsSv3
- VulnerabilityDetail
- VulnerabilityOccurrencesSummaryFixableTotalByDigest
- VulnerabilityPackageIssue
- VulnerabilitySeverity
- VulnerabilityVulnerability
- VulnerabilityVulnerabilityLocation
- VulnerabilityWindowsDetail
- WindowsDetailKnowledgeBase
Documentation For Authorization
Endpoints do not require authorization.
Author
Grafeas authors.
# Functions
CacheExpires helper function to determine remaining time before repeating a request.
NewAPIClient creates a new API client.
No description provided by the author
No description provided by the author
No description provided by the author
# Constants
List of DiscoveredContinuousAnalysis.
List of LayerDirective.
List of CVSSv3AttackVector.
List of DiscoveredAnalysisStatus.
List of packageArchitecture.
List of LayerDirective.
List of v1beta1NoteKind.
List of v1beta1NoteKind.
List of CVSSv3Scope.
List of LayerDirective.
List of attestationGenericSignedAttestationContentType.
List of attestationPgpSignedAttestationContentType.
List of DiscoveredContinuousAnalysis.
List of LayerDirective.
List of vulnerabilitySeverity.
List of DeploymentPlatform.
List of v1beta1NoteKind.
List of LayerDirective.
List of v1beta1NoteKind.
List of LayerDirective.
List of LayerDirective.
List of LayerDirective.
List of DiscoveredAnalysisStatus.
List of DiscoveredAnalysisStatus.
List of DiscoveredAnalysisStatus.
List of AliasContextKind.
List of DeploymentPlatform.
List of DeploymentPlatform.
List of HashHashType.
List of LayerDirective.
List of CVSSv3AttackComplexity.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of vulnerabilitySeverity.
List of v1beta1NoteKind.
List of DiscoveredContinuousAnalysis.
List of BuildSignatureKeyType.
List of AliasContextKind.
List of LayerDirective.
List of CVSSv3AttackVector.
List of CVSSv3AttackComplexity.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of vulnerabilitySeverity.
List of LayerDirective.
List of VersionVersionKind.
List of vulnerabilitySeverity.
List of vulnerabilitySeverity.
List of VersionVersionKind.
List of AliasContextKind.
List of CVSSv3AttackVector.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of CVSSv3UserInteraction.
List of VersionVersionKind.
List of v1beta1NoteKind.
List of LayerDirective.
List of AliasContextKind.
List of v1beta1NoteKind.
List of DiscoveredAnalysisStatus.
List of BuildSignatureKeyType.
List of CVSSv3AttackVector.
List of BuildSignatureKeyType.
List of DeploymentPlatform.
List of CVSSv3UserInteraction.
List of LayerDirective.
List of DiscoveredAnalysisStatus.
List of vulnerabilitySeverity.
List of HashHashType.
List of LayerDirective.
List of attestationGenericSignedAttestationContentType.
List of attestationPgpSignedAttestationContentType.
List of LayerDirective.
List of CVSSv3Scope.
List of CVSSv3AttackComplexity.
List of CVSSv3AttackVector.
List of CVSSv3Impact.
List of CVSSv3PrivilegesRequired.
List of CVSSv3Scope.
List of CVSSv3UserInteraction.
List of LayerDirective.
List of VersionVersionKind.
List of LayerDirective.
List of v1beta1NoteKind.
List of LayerDirective.
List of packageArchitecture.
List of packageArchitecture.
# Variables
ContextAccessToken takes a string oauth2 access token as authentication for the request.
ContextAPIKey takes an APIKey as authentication for the request.
ContextBasicAuth takes BasicAuth as authentication for the request.
ContextOAuth2 takes a oauth2.TokenSource as authentication for the request.
# Structs
APIKey provides API key based authentication to a request passed via context using ContextAPIKey.
No description provided by the author
Occurrence that represents a single \"attestation\".
Note kind that represents a logical attestation \"role\" or \"authority\".
An attestation wrapper that uses the Grafeas `Signature` message.
An attestation wrapper with a PGP-compatible signature.
This submessage provides human-readable hints about the purpose of the authority.
BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth.
Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.
Message encapsulating the signature of the verified build.
APIClient manages communication with the proto/v1beta1/grafeas.proto API vversion not set In most cases there should be only one, shared, APIClient.
No description provided by the author
An artifact that can be deployed in some runtime.
The period during which some deployable was active in a runtime.
Provides information about the analysis status of a discovered resource.
A note that indicates a type of analysis a provider would perform.
GenericSwaggerError Provides access to the body, error and model on returned errors.
No description provided by the author
Basis describes the base image portion (Note) of the DockerImage relationship.
Derived describes the derived image portion (Occurrence) of the DockerImage relationship.
A set of properties that uniquely identify a given Docker image.
Layer holds metadata specific to a layer of a Docker image.
No description provided by the author
No description provided by the author
No description provided by the author
This represents a particular channel of distribution for a given package.
This represents how a particular software package may be installed on a system.
This represents a particular package that is distributed over various channels.
Version contains structured information about the version of a package.
`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.
paths: \"f.a\" paths: \"f.b.d\" Here `f` represents a field in some root message, `a` and `b` fields in the message found in `f`, and `d` a field found in the message in `f.b`.
Artifact describes a build product.
Provenance of a build.
Command describes a step performed as part of the build pipeline.
Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.
Container message for hash values.
Source describes the location of the source used for the build.
- Simple to use and understand for most users - Flexible enough to meet unexpected needs # Overview The `Status` message contains three pieces of data: error code, error message, and error details.
An alias to a repo revision.
A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.
A SourceContext referring to a Gerrit project.
A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).
Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.
A unique identifier for a Cloud Repo.
A SourceContext is a reference to a tree of files.
Details of an attestation occurrence.
Request to create notes in batch.
Response for creating notes in batch.
Request to create occurrences in batch.
Response for creating occurrences in batch.
Details of a build occurrence.
Details of a deployment occurrence.
Details of a discovery occurrence.
Details of an image occurrence.
Response for listing occurrences for a note.
Response for listing notes.
Response for listing occurrences.
A type of analysis that can be done for a resource.
An instance of an analysis type that has been found on a resource.
Details of a package occurrence.
An occurrence of a particular package installation found within a system's filesystem.
Metadata for any related URL information.
An entity that can have metadata.
Verifiers (e.g.
Details of a vulnerability Occurrence.
A summary of how many vulnerability occurrences there are per resource and severity type.
No description provided by the author
No description provided by the author
Per resource and severity counts of fixable and total vulnerabilities.
This message wraps a location affected by a vulnerability and its associated fix (if one is available).
Vulnerability provides metadata about a security vulnerability in a Note.
The location of the vulnerability.
No description provided by the author
No description provided by the author
# Type aliases
AliasContextKind : The type of an alias.
AttestationGenericSignedAttestationContentType : Type of the attestation plaintext that was signed.
AttestationPgpSignedAttestationContentType : Type (for example schema) of the attestation payload that was signed.
BuildSignatureKeyType : Public key formats.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
DeploymentPlatform : Types of platforms.
DiscoveredAnalysisStatus : Analysis status for a resource.
DiscoveredContinuousAnalysis : Whether the resource is continuously analyzed.
HashHashType : Specifies the hash algorithm.
LayerDirective : Instructions from Dockerfile.
PackageArchitecture : Instruction set architectures supported by various package managers.
V1beta1NoteKind : Kind represents the kinds of notes supported.
VersionVersionKind : Whether this is an ordinary package version or a sentinel MIN/MAX version.
VulnerabilitySeverity : Note provider-assigned severity/impact ranking.