Class: Google::Apis::BinaryauthorizationV1::TrustedDirectoryCheck

Inherits:

Object

Object
Google::Apis::BinaryauthorizationV1::TrustedDirectoryCheck

show all

Includes:: Core::Hashable, Core::JsonObjectSupport

Defined in:: lib/google/apis/binaryauthorization_v1/classes.rb,
lib/google/apis/binaryauthorization_v1/representations.rb,
lib/google/apis/binaryauthorization_v1/representations.rb

Overview

A trusted directory check, which rejects images that do not come from the set of user-configured trusted directories.

Instance Attribute Summary collapse

#trusted_dir_patterns ⇒ Array<String>
Required.

Instance Method Summary collapse

#initialize(**args) ⇒ TrustedDirectoryCheck constructor
A new instance of TrustedDirectoryCheck.
#update!(**args) ⇒ Object
Update properties of this object.

Constructor Details

#initialize(**args) ⇒ `TrustedDirectoryCheck`

Returns a new instance of TrustedDirectoryCheck.



1681
1682
1683

# File 'lib/google/apis/binaryauthorization_v1/classes.rb', line 1681

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#trusted_dir_patterns ⇒ `Array<String>`

Required. List of trusted directory patterns. A pattern is in the form " registry/path/to/directory". The registry domain part is defined as two or more dot-separated words, e.g., us.pkg.dev, or gcr.io. Additionally, * can be used in three ways as wildcards: 1. leading * to match varying prefixes in registry subdomain (useful for location prefixes); 2. trailing * after registry/ to match varying endings; 3. trailing ** after registry/ to match "/" as well. For example: -- gcr.io/my-project/my-repo is valid to match a single directory -- *-docker.pkg.dev/my-project/my-repo or *.gcr.io/ my-project are valid to match varying prefixes -- gcr.io/my-project/* will match all direct directories in my-project -- gcr.io/my-project/** would match all directories in my-project -- gcr.i* is not allowed since the registry is not completely specified -- sub*domain.gcr.io/nginx is not valid because only leading * or trailing * are allowed. -- *pkg.dev/my-project/ my-repo is not valid because leading * can only match subdomain -- **- docker.pkg.dev is not valid because one leading * is allowed, and that it cannot match / Corresponds to the JSON property trustedDirPatterns

Returns:

(Array<String>)



1679
1680
1681

# File 'lib/google/apis/binaryauthorization_v1/classes.rb', line 1679

def trusted_dir_patterns
  @trusted_dir_patterns
end

Instance Method Details

#update!(**args) ⇒ `Object`

Update properties of this object



1686
1687
1688

# File 'lib/google/apis/binaryauthorization_v1/classes.rb', line 1686

def update!(**args)
  @trusted_dir_patterns = args[:trusted_dir_patterns] if args.key?(:trusted_dir_patterns)
end