Class: Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent

Inherits:

Object

• Object
• Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb

Overview

An auditing event for one Pod.

Defined Under Namespace

Modules: PolicyConformanceVerdict Classes: ImageDetails

Instance Attribute Summary

• #deploy_time ⇒ ::Google::Protobuf::Timestamp

  Deploy time of the Pod from k8s.

• #end_time ⇒ ::Google::Protobuf::Timestamp

  Termination time of the Pod from k8s, or nothing if still running.

• #images ⇒ ::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails>

  List of images with auditing details.

• #pod ⇒ ::String

  The name of the Pod.

• #pod_namespace ⇒ ::String

  The k8s namespace of the Pod.

• #policy_name ⇒ ::String

  The name of the policy.

• #verdict ⇒ ::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict

  Auditing verdict for this Pod.

Instance Attribute Details

#deploy_time ⇒ ::Google::Protobuf::Timestamp

Returns Deploy time of the Pod from k8s.

Returns:

• (::Google::Protobuf::Timestamp) —

  Deploy time of the Pod from k8s.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#end_time ⇒ ::Google::Protobuf::Timestamp

Returns Termination time of the Pod from k8s, or nothing if still running.

Returns:

• (::Google::Protobuf::Timestamp) —

  Termination time of the Pod from k8s, or nothing if still running.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#images ⇒ ::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails>

Returns List of images with auditing details.

Returns:

• (::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails>) —

  List of images with auditing details.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#pod ⇒ ::String

Returns The name of the Pod.

Returns:

• (::String) —

  The name of the Pod.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#pod_namespace ⇒ ::String

Returns The k8s namespace of the Pod.

Returns:

• (::String) —

  The k8s namespace of the Pod.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#policy_name ⇒ ::String

Returns The name of the policy.

Returns:

• (::String) —

  The name of the policy.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end

#verdict ⇒ ::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict

Returns Auditing verdict for this Pod.

Returns:

• (::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::PolicyConformanceVerdict) —

  Auditing verdict for this Pod.

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/continuous_validation_logging.rb', line 57

class ContinuousValidationPodEvent
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Container image with auditing details.
  # @!attribute [rw] image
  #   @return [::String]
  #     The name of the image.
  # @!attribute [rw] container_name
  #   @return [::String]
  #     The name of the container.
  # @!attribute [rw] container_type
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::ContainerType]
  #     The container type that this image belongs to.
  # @!attribute [rw] result
  #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::AuditResult]
  #     The result of the audit for this image.
  # @!attribute [rw] description
  #   @return [::String]
  #     Description of the above result.
  # @!attribute [rw] check_results
  #   @return [::Array<::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult>]
  #     List of check results.
  class ImageDetails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # @!attribute [rw] check_set_index
    #   @return [::String]
    #     The index of the check set.
    # @!attribute [rw] check_set_name
    #   @return [::String]
    #     The name of the check set.
    # @!attribute [rw] check_set_scope
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckSetScope]
    #     The scope of the check set.
    # @!attribute [rw] check_index
    #   @return [::String]
    #     The index of the check.
    # @!attribute [rw] check_name
    #   @return [::String]
    #     The name of the check.
    # @!attribute [rw] check_type
    #   @return [::String]
    #     The type of the check.
    # @!attribute [rw] verdict
    #   @return [::Google::Cloud::BinaryAuthorization::V1beta1::ContinuousValidationEvent::ContinuousValidationPodEvent::ImageDetails::CheckResult::CheckVerdict]
    #     The verdict of this check.
    # @!attribute [rw] explanation
    #   @return [::String]
    #     User-friendly explanation of this check result.
    class CheckResult
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A scope specifier for check sets.
      # @!attribute [rw] kubernetes_service_account
      #   @return [::String]
      #     Matches a single Kubernetes service account, e.g.
      #     'my-namespace:my-service-account'.
      #     `kubernetes_service_account` scope is always more specific than
      #     `kubernetes_namespace` scope for the same namespace.
      # @!attribute [rw] kubernetes_namespace
      #   @return [::String]
      #     Matches all Kubernetes service accounts in the provided
      #     namespace, unless a more specific `kubernetes_service_account`
      #     scope already matched.
      class CheckSetScope
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end

      # Result of evaluating one check.
      module CheckVerdict
        # We should always have a verdict. This is an error.
        CHECK_VERDICT_UNSPECIFIED = 0

        # The check was successfully evaluated and the image did not satisfy
        # the check.
        NON_CONFORMANT = 1
      end
    end

    # The container type.
    module ContainerType
      # The container type should always be specified. This is an error.
      CONTAINER_TYPE_UNSPECIFIED = 0

      # A regular deployment.
      CONTAINER = 1

      # Init container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
      INIT_CONTAINER = 2

      # Ephemeral container defined as specified at
      # https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/
      EPHEMERAL_CONTAINER = 3
    end

    # Result of the audit.
    module AuditResult
      # Unspecified result. This is an error.
      AUDIT_RESULT_UNSPECIFIED = 0

      # Image is allowed.
      ALLOW = 1

      # Image is denied.
      DENY = 2
    end
  end

  # Audit time policy conformance verdict.
  module PolicyConformanceVerdict
    # We should always have a verdict. This is an error.
    POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0

    # The pod violates the policy.
    VIOLATES_POLICY = 1
  end
end