Class: Google::Apis::ContaineranalysisV1beta1::Note

Inherits:

Object

• Object
• Google::Apis::ContaineranalysisV1beta1::Note

Includes:

Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:

lib/google/apis/containeranalysis_v1beta1/classes.rb,
lib/google/apis/containeranalysis_v1beta1/representations.rb,
lib/google/apis/containeranalysis_v1beta1/representations.rb

Overview

A type of analysis that can be done for a resource.

Instance Attribute Summary

• #attestation_authority ⇒ Google::Apis::ContaineranalysisV1beta1::Authority

  Note kind that represents a logical attestation "role" or "authority".

• #base_image ⇒ Google::Apis::ContaineranalysisV1beta1::Basis

  Basis describes the base image portion (Note) of the DockerImage relationship.

• #build ⇒ Google::Apis::ContaineranalysisV1beta1::Build

  Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.

• #create_time ⇒ String

  Output only.

• #deployable ⇒ Google::Apis::ContaineranalysisV1beta1::Deployable

  An artifact that can be deployed in some runtime.

• #discovery ⇒ Google::Apis::ContaineranalysisV1beta1::Discovery

  A note that indicates a type of analysis a provider would perform.

• #expiration_time ⇒ String

  Time of expiration for this note.

• #intoto ⇒ Google::Apis::ContaineranalysisV1beta1::InToto

  This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout.

• #kind ⇒ String

  Output only.

• #long_description ⇒ String

  A detailed description of this note.

• #name ⇒ String

  Output only.

• #package ⇒ Google::Apis::ContaineranalysisV1beta1::Package

  Package represents a particular package version.

• #related_note_names ⇒ Array<String>

  Other notes related to this note.

• #related_url ⇒ Array<Google::Apis::ContaineranalysisV1beta1::RelatedUrl>

  URLs associated with this note.

• #sbom ⇒ Google::Apis::ContaineranalysisV1beta1::DocumentNote

  DocumentNote represents an SPDX Document Creation Information section: https:// spdx.github.io/spdx-spec/v2.3/document-creation-information/ Corresponds to the JSON property sbom.

• #short_description ⇒ String

  A one sentence description of this note.

• #spdx_file ⇒ Google::Apis::ContaineranalysisV1beta1::FileNote

  FileNote represents an SPDX File Information section: https://spdx.github.io/ spdx-spec/4-file-information/ Corresponds to the JSON property spdxFile.

• #spdx_package ⇒ Google::Apis::ContaineranalysisV1beta1::PackageInfoNote

  PackageInfoNote represents an SPDX Package Information section: https://spdx.

• #spdx_relationship ⇒ Google::Apis::ContaineranalysisV1beta1::RelationshipNote

  RelationshipNote represents an SPDX Relationship section: https://spdx.github.

• #update_time ⇒ String

  Output only.

• #vulnerability ⇒ Google::Apis::ContaineranalysisV1beta1::Vulnerability

  Vulnerability provides metadata about a security vulnerability in a Note.

• #vulnerability_assessment ⇒ Google::Apis::ContaineranalysisV1beta1::VulnerabilityAssessmentNote

  A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.

Instance Method Summary

• #initialize(**args) ⇒ Note constructor

  A new instance of Note.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ Note

Returns a new instance of Note.

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4432

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#attestation_authority ⇒ Google::Apis::ContaineranalysisV1beta1::Authority

Note kind that represents a logical attestation "role" or "authority". For example, an organization might have one Authority for "QA" and one for " build". This note is intended to act strictly as a grouping mechanism for the attached occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an occurrence to a given note. It also provides a single point of lookup to find all attached attestation occurrences, even if they don't all live in the same project. Corresponds to the JSON property attestationAuthority

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Authority)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4310

def attestation_authority
  @attestation_authority
end

#base_image ⇒ Google::Apis::ContaineranalysisV1beta1::Basis

Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g. a tag of the resource_url. Corresponds to the JSON property baseImage

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Basis)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4317

def base_image
  @base_image
end

#build ⇒ Google::Apis::ContaineranalysisV1beta1::Build

Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence. Corresponds to the JSON property build

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Build)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4323

def build
  @build
end

#create_time ⇒ String

Output only. The time this note was created. This field can be used as a filter in list requests. Corresponds to the JSON property createTime

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4329

def create_time
  @create_time
end

#deployable ⇒ Google::Apis::ContaineranalysisV1beta1::Deployable

An artifact that can be deployed in some runtime. Corresponds to the JSON property deployable

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Deployable)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4334

def deployable
  @deployable
end

#discovery ⇒ Google::Apis::ContaineranalysisV1beta1::Discovery

A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A Discovery occurrence is created in a consumer's project at the start of analysis. Corresponds to the JSON property discovery

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Discovery)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4341

def discovery
  @discovery
end

#expiration_time ⇒ String

Time of expiration for this note. Empty if note does not expire. Corresponds to the JSON property expirationTime

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4346

def expiration_time
  @expiration_time
end

#intoto ⇒ Google::Apis::ContaineranalysisV1beta1::InToto

This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout. This information goes into a Grafeas note. Corresponds to the JSON property intoto

Returns:

• (Google::Apis::ContaineranalysisV1beta1::InToto)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4352

def intoto
  @intoto
end

#kind ⇒ String

Output only. The type of analysis. This field can be used as a filter in list requests. Corresponds to the JSON property kind

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4358

def kind
  @kind
end

#long_description ⇒ String

A detailed description of this note. Corresponds to the JSON property longDescription

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4363

def long_description
  @long_description
end

#name ⇒ String

Output only. The name of the note in the form of projects/[PROVIDER_ID]/notes/ [NOTE_ID]. Corresponds to the JSON property name

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4369

def name
  @name
end

#package ⇒ Google::Apis::ContaineranalysisV1beta1::Package

Package represents a particular package version. Corresponds to the JSON property package

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Package)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4374

def package
  @package
end

#related_note_names ⇒ Array<String>

Other notes related to this note. Corresponds to the JSON property relatedNoteNames

Returns:

• (Array<String>)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4379

def related_note_names
  @related_note_names
end

#related_url ⇒ Array<Google::Apis::ContaineranalysisV1beta1::RelatedUrl>

URLs associated with this note. Corresponds to the JSON property relatedUrl

Returns:

• (Array<Google::Apis::ContaineranalysisV1beta1::RelatedUrl>)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4384

def related_url
  @related_url
end

#sbom ⇒ Google::Apis::ContaineranalysisV1beta1::DocumentNote

DocumentNote represents an SPDX Document Creation Information section: https:// spdx.github.io/spdx-spec/v2.3/document-creation-information/ Corresponds to the JSON property sbom

Returns:

• (Google::Apis::ContaineranalysisV1beta1::DocumentNote)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4390

def sbom
  @sbom
end

#short_description ⇒ String

A one sentence description of this note. Corresponds to the JSON property shortDescription

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4395

def short_description
  @short_description
end

#spdx_file ⇒ Google::Apis::ContaineranalysisV1beta1::FileNote

FileNote represents an SPDX File Information section: https://spdx.github.io/ spdx-spec/4-file-information/ Corresponds to the JSON property spdxFile

Returns:

• (Google::Apis::ContaineranalysisV1beta1::FileNote)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4401

def spdx_file
  @spdx_file
end

#spdx_package ⇒ Google::Apis::ContaineranalysisV1beta1::PackageInfoNote

PackageInfoNote represents an SPDX Package Information section: https://spdx. github.io/spdx-spec/3-package-information/ Corresponds to the JSON property spdxPackage

Returns:

• (Google::Apis::ContaineranalysisV1beta1::PackageInfoNote)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4407

def spdx_package
  @spdx_package
end

#spdx_relationship ⇒ Google::Apis::ContaineranalysisV1beta1::RelationshipNote

RelationshipNote represents an SPDX Relationship section: https://spdx.github. io/spdx-spec/7-relationships-between-SPDX-elements/ Corresponds to the JSON property spdxRelationship

Returns:

• (Google::Apis::ContaineranalysisV1beta1::RelationshipNote)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4413

def spdx_relationship
  @spdx_relationship
end

#update_time ⇒ String

Output only. The time this note was last updated. This field can be used as a filter in list requests. Corresponds to the JSON property updateTime

Returns:

• (String)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4419

def update_time
  @update_time
end

#vulnerability ⇒ Google::Apis::ContaineranalysisV1beta1::Vulnerability

Vulnerability provides metadata about a security vulnerability in a Note. Corresponds to the JSON property vulnerability

Returns:

• (Google::Apis::ContaineranalysisV1beta1::Vulnerability)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4424

def vulnerability
  @vulnerability
end

#vulnerability_assessment ⇒ Google::Apis::ContaineranalysisV1beta1::VulnerabilityAssessmentNote

A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE. Corresponds to the JSON property vulnerabilityAssessment

Returns:

• (Google::Apis::ContaineranalysisV1beta1::VulnerabilityAssessmentNote)

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4430

def vulnerability_assessment
  @vulnerability_assessment
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/containeranalysis_v1beta1/classes.rb', line 4437

def update!(**args)
  @attestation_authority = args[:attestation_authority] if args.key?(:attestation_authority)
  @base_image = args[:base_image] if args.key?(:base_image)
  @build = args[:build] if args.key?(:build)
  @create_time = args[:create_time] if args.key?(:create_time)
  @deployable = args[:deployable] if args.key?(:deployable)
  @discovery = args[:discovery] if args.key?(:discovery)
  @expiration_time = args[:expiration_time] if args.key?(:expiration_time)
  @intoto = args[:intoto] if args.key?(:intoto)
  @kind = args[:kind] if args.key?(:kind)
  @long_description = args[:long_description] if args.key?(:long_description)
  @name = args[:name] if args.key?(:name)
  @package = args[:package] if args.key?(:package)
  @related_note_names = args[:related_note_names] if args.key?(:related_note_names)
  @related_url = args[:related_url] if args.key?(:related_url)
  @sbom = args[:sbom] if args.key?(:sbom)
  @short_description = args[:short_description] if args.key?(:short_description)
  @spdx_file = args[:spdx_file] if args.key?(:spdx_file)
  @spdx_package = args[:spdx_package] if args.key?(:spdx_package)
  @spdx_relationship = args[:spdx_relationship] if args.key?(:spdx_relationship)
  @update_time = args[:update_time] if args.key?(:update_time)
  @vulnerability = args[:vulnerability] if args.key?(:vulnerability)
  @vulnerability_assessment = args[:vulnerability_assessment] if args.key?(:vulnerability_assessment)
end