package grafeas.v1beta1

Get desktop application:
View/edit binary Protocol Buffers messages

[Grafeas](grafeas.io) API. Retrieves analysis results of Cloud components such as Docker container images. Analysis results are stored as a series of occurrences. An `Occurrence` contains information about a specific analysis instance on a resource. An occurrence refers to a `Note`. A note contains details describing the analysis and is generally stored in a separate project, called a `Provider`. Multiple occurrences can refer to the same note. For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

• rpc GetOccurrence (GetOccurrenceRequest, Occurrence)

  grafeas.proto:54

  Gets the specified occurrence.

  message GetOccurrenceRequest

  grafeas.proto:296

  Request to get an occurrence.

  • string name = 1

    The name of the occurrence in the form of `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.

• rpc ListOccurrences (ListOccurrencesRequest, ListOccurrencesResponse)

  grafeas.proto:61

  Lists occurrences for the specified project.

  message ListOccurrencesRequest

  grafeas.proto:303

  Request to list occurrences.

  • string parent = 1

    The name of the project to list occurrences for in the form of `projects/[PROJECT_ID]`.

  • string filter = 2

    The filter expression.

  • int32 page_size = 3

    Number of occurrences to return in the list.

  • string page_token = 4

    Token to provide to skip to a particular spot in the list.

  message ListOccurrencesResponse

  grafeas.proto:321

  Response for listing occurrences.

  • repeated Occurrence occurrences = 1

    The occurrences requested.

  • string next_page_token = 2

    The next pagination token in the list response. It should be used as `page_token` for the following request. An empty value means no more results.

• rpc DeleteOccurrence (DeleteOccurrenceRequest, google.protobuf.Empty)

  grafeas.proto:71

  Deletes the specified occurrence. For example, use this method to delete an occurrence when the occurrence is no longer applicable for the given resource.

  message DeleteOccurrenceRequest

  grafeas.proto:331

  Request to delete a occurrence.

  • string name = 1

    The name of the occurrence in the form of `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.

• rpc CreateOccurrence (CreateOccurrenceRequest, Occurrence)

  grafeas.proto:79

  Creates a new occurrence.

  message CreateOccurrenceRequest

  grafeas.proto:338

  Request to create a new occurrence.

  • string parent = 1

    The name of the project in the form of `projects/[PROJECT_ID]`, under which the occurrence is to be created.

  • optional Occurrence occurrence = 2

    The occurrence to create.

• rpc BatchCreateOccurrences (BatchCreateOccurrencesRequest, BatchCreateOccurrencesResponse)

  grafeas.proto:87

  Creates new occurrences in batch.

  message BatchCreateOccurrencesRequest

  grafeas.proto:461

  Request to create occurrences in batch.

  • string parent = 1

    The name of the project in the form of `projects/[PROJECT_ID]`, under which the occurrences are to be created.

  • repeated Occurrence occurrences = 2

    The occurrences to create.

  message BatchCreateOccurrencesResponse

  grafeas.proto:470

  Response for creating occurrences in batch.

  • repeated Occurrence occurrences = 1

    The occurrences that were created.

• rpc UpdateOccurrence (UpdateOccurrenceRequest, Occurrence)

  grafeas.proto:96

  Updates the specified occurrence.

  message UpdateOccurrenceRequest

  grafeas.proto:347

  Request to update an occurrence.

  • string name = 1

    The name of the occurrence in the form of `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.

  • optional Occurrence occurrence = 2

    The updated occurrence.

  • optional google.protobuf.FieldMask update_mask = 3

    The fields to update.

• rpc GetOccurrenceNote (GetOccurrenceNoteRequest, Note)

  grafeas.proto:105

  Gets the note attached to the specified occurrence. Consumer projects can use this method to get a note that belongs to a provider project.

  message GetOccurrenceNoteRequest

  grafeas.proto:365

  Request to get the note to which the specified occurrence is attached.

  • string name = 1

    The name of the occurrence in the form of `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.

• rpc GetNote (GetNoteRequest, Note)

  grafeas.proto:112

  Gets the specified note.

  message GetNoteRequest

  grafeas.proto:358

  Request to get a note.

  • string name = 1

    The name of the note in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.

• rpc ListNotes (ListNotesRequest, ListNotesResponse)

  grafeas.proto:119

  Lists notes for the specified project.

  message ListNotesRequest

  grafeas.proto:372

  Request to list notes.

  • string parent = 1

    The name of the project to list notes for in the form of `projects/[PROJECT_ID]`.

  • string filter = 2

    The filter expression.

  • int32 page_size = 3

    Number of notes to return in the list.

  • string page_token = 4

    Token to provide to skip to a particular spot in the list.

  message ListNotesResponse

  grafeas.proto:385

  Response for listing notes.

  • repeated Note notes = 1

    The notes requested.

  • string next_page_token = 2

    The next pagination token in the list response. It should be used as `page_token` for the following request. An empty value means no more results.

• rpc DeleteNote (DeleteNoteRequest, google.protobuf.Empty)

  grafeas.proto:126

  Deletes the specified note.

  message DeleteNoteRequest

  grafeas.proto:395

  Request to delete a note.

  • string name = 1

    The name of the note in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.

• rpc CreateNote (CreateNoteRequest, Note)

  grafeas.proto:133

  Creates a new note.

  message CreateNoteRequest

  grafeas.proto:402

  Request to create a new note.

  • string parent = 1

    The name of the project in the form of `projects/[PROJECT_ID]`, under which the note is to be created.

  • string note_id = 2

    The ID to use for this note.

  • optional Note note = 3

    The note to create.

• rpc BatchCreateNotes (BatchCreateNotesRequest, BatchCreateNotesResponse)

  grafeas.proto:141

  Creates new notes in batch.

  message BatchCreateNotesRequest

  grafeas.proto:445

  Request to create notes in batch.

  • string parent = 1

    The name of the project in the form of `projects/[PROJECT_ID]`, under which the notes are to be created.

  • map<string, Note> notes = 2

    The notes to create.

  message BatchCreateNotesResponse

  grafeas.proto:455

  Response for creating notes in batch.

  • repeated Note notes = 1

    The notes that were created.

• rpc UpdateNote (UpdateNoteRequest, Note)

  grafeas.proto:150

  Updates the specified note.

  message UpdateNoteRequest

  grafeas.proto:413

  Request to update a note.

  • string name = 1

    The name of the note in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.

  • optional Note note = 2

    The updated note.

  • optional google.protobuf.FieldMask update_mask = 3

    The fields to update.

• rpc ListNoteOccurrences (ListNoteOccurrencesRequest, ListNoteOccurrencesResponse)

  grafeas.proto:160

  Lists occurrences referencing the specified note. Provider projects can use this method to get all occurrences across consumer projects referencing the specified note.

  message ListNoteOccurrencesRequest

  grafeas.proto:424

  Request to list occurrences for a note.

  • string name = 1

    The name of the note to list occurrences for in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.

  • string filter = 2

    The filter expression.

  • int32 page_size = 3

    Number of occurrences to return in the list.

  • string page_token = 4

    Token to provide to skip to a particular spot in the list.

  message ListNoteOccurrencesResponse

  grafeas.proto:437

  Response for listing occurrences for a note.

  • repeated Occurrence occurrences = 1

    The occurrences attached to the specified note.

  • string next_page_token = 2

    Token to provide to skip to a particular spot in the list.

• rpc GetVulnerabilityOccurrencesSummary (GetVulnerabilityOccurrencesSummaryRequest, VulnerabilityOccurrencesSummary)

  grafeas.proto:168

  Gets a summary of the number and severity of occurrences.

  message GetVulnerabilityOccurrencesSummaryRequest

  grafeas.proto:476

  Request to get a vulnerability summary for some set of occurrences.

  • string parent = 1

    The name of the project to get a vulnerability summary for in the form of `projects/[PROJECT_ID]`.

  • string filter = 2

    The filter expression.

  message VulnerabilityOccurrencesSummary

  grafeas.proto:486

  A summary of how many vulnerability occurrences there are per resource and severity type.

  • repeated VulnerabilityOccurrencesSummary.FixableTotalByDigest counts = 1

    A listing by resource of the number of fixable and total vulnerabilities.

A type of analysis that can be done for a resource.

Used as response type in: GrafeasV1Beta1.CreateNote, GrafeasV1Beta1.GetNote, GrafeasV1Beta1.GetOccurrenceNote, GrafeasV1Beta1.UpdateNote

Used as field type in: BatchCreateNotesRequest, BatchCreateNotesResponse, CreateNoteRequest, ListNotesResponse, UpdateNoteRequest

• string name = 1

  Output only. The name of the note in the form of `projects/[PROVIDER_ID]/notes/[NOTE_ID]`.

• string short_description = 2

  A one sentence description of this note.

• string long_description = 3

  A detailed description of this note.

• NoteKind kind = 4

  Output only. The type of analysis. This field can be used as a filter in list requests.

• repeated RelatedUrl related_url = 5

  URLs associated with this note.

• optional google.protobuf.Timestamp expiration_time = 6

  Time of expiration for this note. Empty if note does not expire.

• optional google.protobuf.Timestamp create_time = 7

  Output only. The time this note was created. This field can be used as a filter in list requests.

• optional google.protobuf.Timestamp update_time = 8

  Output only. The time this note was last updated. This field can be used as a filter in list requests.

• repeated string related_note_names = 9

  Other notes related to this note.

• oneof type

  Required. Immutable. The type of analysis this note represents.

  • vulnerability.Vulnerability vulnerability = 10

    A note describing a package vulnerability.

  • build.Build build = 11

    A note describing build provenance for a verifiable build.

  • image.Basis base_image = 12

    A note describing a base image.

  • package.Package package = 13

    A note describing a package hosted by various package managers.

  • deployment.Deployable deployable = 14

    A note describing something that can be deployed.

  • discovery.Discovery discovery = 15

    A note describing the initial analysis of a resource.

  • attestation.Authority attestation_authority = 16

    A note describing an attestation role.

Kind represents the kinds of notes supported.

Used in: Note, Occurrence, discovery.Discovery

• NOTE_KIND_UNSPECIFIED = 0

  Unknown.

• VULNERABILITY = 1

  The note and occurrence represent a package vulnerability.

• BUILD = 2

  The note and occurrence assert build provenance.

• IMAGE = 3

  This represents an image basis relationship.

• PACKAGE = 4

  This represents a package installed via a package manager.

• DEPLOYMENT = 5

  The note and occurrence track deployment events.

• DISCOVERY = 6

  The note and occurrence track the initial discovery status of a resource.

• ATTESTATION = 7

  This represents a logical "role" that can attest to artifacts.

An instance of an analysis type that has been found on a resource.

Used as response type in: GrafeasV1Beta1.CreateOccurrence, GrafeasV1Beta1.GetOccurrence, GrafeasV1Beta1.UpdateOccurrence

Used as field type in: BatchCreateOccurrencesRequest, BatchCreateOccurrencesResponse, CreateOccurrenceRequest, ListNoteOccurrencesResponse, ListOccurrencesResponse, UpdateOccurrenceRequest

• string name = 1

  Output only. The name of the occurrence in the form of `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]`.

• optional Resource resource = 2

  Required. Immutable. The resource for which the occurrence applies.

• string note_name = 3

  Required. Immutable. The analysis note associated with this occurrence, in the form of `projects[PROVIDER_ID]/notes/[NOTE_ID]`. This field can be used as a filter in list requests.

• NoteKind kind = 4

  Output only. This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.

• string remediation = 5

  A description of actions that can be taken to remedy the note.

• optional google.protobuf.Timestamp create_time = 6

  Output only. The time this occurrence was created.

• optional google.protobuf.Timestamp update_time = 7

  Output only. The time this occurrence was last updated.

• oneof details

  Required. Immutable. Describes the details of the note kind found on this resource.

  • vulnerability.Details vulnerability = 8

    Describes a security vulnerability.

  • build.Details build = 9

    Describes a verifiable build.

  • image.Details derived_image = 10

    Describes how this resource derives from the basis in the associated note.

  • package.Details installation = 11

    Describes the installation of a package on the linked resource.

  • deployment.Details deployment = 12

    Describes the deployment of an artifact on a runtime.

  • discovery.Details discovered = 13

    Describes when a resource was discovered.

  • attestation.Details attestation = 14

    Describes an attestation of an artifact.

Metadata for any related URL information.

Used in: Note, vulnerability.Details

• string url = 1

  Specific URL associated with the resource.

• string label = 2

  Label to describe usage of the URL.

An entity that can have metadata. For example, a Docker image.

Used in: Occurrence, VulnerabilityOccurrencesSummary.FixableTotalByDigest

• string name = 1

  The name of the resource. For example, the name of a Docker image - "Debian".

• string uri = 2

  The unique URI of the resource. For example, `https://gcr.io/project/image@sha256:foo` for a Docker image.

• optional provenance.Hash content_hash = 3

  The hash of the resource content. For example, the Docker digest.

Per resource and severity counts of fixable and total vulnerabilites.

Used in: VulnerabilityOccurrencesSummary

• optional Resource resource = 1

  The affected resource.

• vulnerability.Severity severity = 2

  The severity for this count. SEVERITY_UNSPECIFIED indicates total across all severities.

• int64 fixable_count = 3

  The number of fixable vulnerabilities associated with this resource.

• int64 total_count = 4

  The total number of vulnerabilities associated with this resource.