You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1.projects.notes.html
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -1192,7 +1192,7 @@ <h3>Method Details</h3>
1192
1192
1193
1193
{ # Request message for `GetIamPolicy` method.
1194
1194
"options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
1195
-
"requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
1195
+
"requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1alpha1.projects.notes.html
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -764,7 +764,7 @@ <h3>Method Details</h3>
764
764
765
765
{ # Request message for `GetIamPolicy` method.
766
766
"options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
767
-
"requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
767
+
"requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html
+42-7Lines changed: 42 additions & 7 deletions
Original file line number
Diff line number
Diff line change
@@ -373,8 +373,9 @@ <h3>Method Details</h3>
373
373
],
374
374
},
375
375
"statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
376
-
"predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
"predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
378
+
"provenance": { # provenance is a predicate of type intotoprovenance
378
379
"builderConfig": { # required
379
380
"id": "A String",
380
381
},
@@ -408,15 +409,49 @@ <h3>Method Details</h3>
408
409
"type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
"slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
413
+
"builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
414
+
"id": "A String", # id is the id of the slsa provenance builder
415
+
},
416
+
"materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
417
+
{ # Material is a material used in the generation of the provenance
418
+
"digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
419
+
"a_key": "A String",
420
+
},
421
+
"uri": "A String", # uri is the uri of the material
422
+
},
423
+
],
424
+
"metadata": { # Other properties of the build. # metadata is the metadata of the provenance
425
+
"buildFinishedOn": "A String", # The timestamp of when the build completed.
426
+
"buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
427
+
"buildStartedOn": "A String", # The timestamp of when the build started.
428
+
"completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
429
+
"arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
430
+
"environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
431
+
"materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
432
+
},
433
+
"reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
434
+
},
435
+
"recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
436
+
"arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
437
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
438
+
},
439
+
"definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
440
+
"entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
441
+
"environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
442
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
443
+
},
444
+
"type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
445
+
},
446
+
},
447
+
"subject": [ # subject is the subjects of the intoto statement
448
+
{ # Subject refers to the subject of the intoto statement
449
+
"digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
414
450
"a_key": "A String",
415
451
},
416
-
"name": "A String",
452
+
"name": "A String", # name is the name of the Subject used here
"envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
0 commit comments