docs(samples): include metadata file, add exclusions for samples to h…

…andwritten libraries (#375) - [ ] Regenerate this pull request now. PiperOrigin-RevId: 429395631 Source-Link: googleapis/googleapis@84594b3 Source-Link: googleapis/googleapis-gen@ed74f97 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiZWQ3NGY5NzBmZDgyOTE0ODc0ZTZiMjdiMDQ3NjNjZmE2NmJhZmU5YiJ9
googleapis · Feb 18, 2022 · 158c51c · 158c51c
1 parent 7bb1f9e
commit 158c51c
Show file tree

Hide file tree

Showing 63 changed files with 28,050 additions and 24,796 deletions.
diff --git a/packages/google-devtools-containeranalysis/.jsdoc.js b/packages/google-devtools-containeranalysis/.jsdoc.js
@@ -1,4 +1,4 @@
-// Copyright 2021 Google LLC
+// Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -40,7 +40,7 @@ module.exports = {
     includePattern: '\\.js$'
   },
   templates: {
-    copyright: 'Copyright 2021 Google LLC',
+    copyright: 'Copyright 2022 Google LLC',
     includeDate: false,
     sourceFiles: false,
     systemName: '@google-cloud/containeranalysis',

diff --git a/packages/google-devtools-containeranalysis/linkinator.config.json b/packages/google-devtools-containeranalysis/linkinator.config.json
@@ -3,8 +3,14 @@
   "skip": [
     "https://codecov.io/gh/googleapis/",
     "www.googleapis.com",
-    "img.shields.io"
+    "img.shields.io",
+    "https://console.cloud.google.com/cloudshell",
+    "https://support.google.com"
   ],
   "silent": true,
-  "concurrency": 5
+  "concurrency": 5,
+  "retry": true,
+  "retryErrors": true,
+  "retryErrorsCount": 5,
+  "retryErrorsJitter": 3000
 }
diff --git a/...ols-containeranalysis/protos/google/devtools/containeranalysis/v1/containeranalysis.proto b/...ols-containeranalysis/protos/google/devtools/containeranalysis/v1/containeranalysis.proto
@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC
+// Copyright 2021 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -23,7 +23,9 @@ import "google/api/resource.proto";
 import "google/iam/v1/iam_policy.proto";
 import "google/iam/v1/policy.proto";
 import "google/protobuf/timestamp.proto";
-import "grafeas/v1/vulnerability.proto";
+import "grafeas/v1/common.proto";
+import "grafeas/v1/grafeas.proto";
+import "grafeas/v1/severity.proto";
 
 option csharp_namespace = "Google.Cloud.DevTools.ContainerAnalysis.V1";
 option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1;containeranalysis";
@@ -48,8 +50,7 @@ option php_namespace = "Google\\Cloud\\ContainerAnalysis\\V1";
 // image with the vulnerability referring to that note.
 service ContainerAnalysis {
   option (google.api.default_host) = "containeranalysis.googleapis.com";
-  option (google.api.oauth_scopes) =
-      "https://www.googleapis.com/auth/cloud-platform";
+  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
 
   // Sets the access control policy on the specified note or occurrence.
   // Requires `containeranalysis.notes.setIamPolicy` or
@@ -59,8 +60,7 @@ service ContainerAnalysis {
   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
   // occurrences.
-  rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest)
-      returns (google.iam.v1.Policy) {
+  rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) {
     option (google.api.http) = {
       post: "/v1/{resource=projects/*/notes/*}:setIamPolicy"
       body: "*"
@@ -80,8 +80,7 @@ service ContainerAnalysis {
   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
   // occurrences.
-  rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest)
-      returns (google.iam.v1.Policy) {
+  rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) {
     option (google.api.http) = {
       post: "/v1/{resource=projects/*/notes/*}:getIamPolicy"
       body: "*"
@@ -100,8 +99,7 @@ service ContainerAnalysis {
   // The resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for
   // notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for
   // occurrences.
-  rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest)
-      returns (google.iam.v1.TestIamPermissionsResponse) {
+  rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) {
     option (google.api.http) = {
       post: "/v1/{resource=projects/*/notes/*}:testIamPermissions"
       body: "*"
@@ -114,9 +112,7 @@ service ContainerAnalysis {
   }
 
   // Gets a summary of the number and severity of occurrences.
-  rpc GetVulnerabilityOccurrencesSummary(
-      GetVulnerabilityOccurrencesSummaryRequest)
-      returns (VulnerabilityOccurrencesSummary) {
+  rpc GetVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest) returns (VulnerabilityOccurrencesSummary) {
     option (google.api.http) = {
       get: "/v1/{parent=projects/*}/occurrences:vulnerabilitySummary"
     };
@@ -126,12 +122,13 @@ service ContainerAnalysis {
 
 // Request to get a vulnerability summary for some set of occurrences.
 message GetVulnerabilityOccurrencesSummaryRequest {
-  // The name of the project to get a vulnerability summary for in the form of
+  // Required. The name of the project to get a vulnerability summary for in the form of
   // `projects/[PROJECT_ID]`.
   string parent = 1 [
-    (google.api.resource_reference).type =
-        "cloudresourcemanager.googleapis.com/Project",
-    (google.api.field_behavior) = REQUIRED
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "cloudresourcemanager.googleapis.com/Project"
+    }
   ];
 
   // The filter expression.

diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/compliance.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/compliance.proto
@@ -16,7 +16,7 @@ syntax = "proto3";
 
 package grafeas.v1;
 
-import "grafeas/v1/vulnerability.proto";
+import "grafeas/v1/severity.proto";
 
 option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
 option java_multiple_files = true;

diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/cvss.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/cvss.proto
@@ -83,3 +83,78 @@ message CVSSv3 {
     IMPACT_NONE = 3;
   }
 }
+
+// Common Vulnerability Scoring System.
+// For details, see https://www.first.org/cvss/specification-document
+// This is a message we will try to use for storing multiple versions of
+// CVSS. The intention is that as new versions of CVSS scores get added, we
+// will be able to modify this message rather than adding new protos for each
+// new version of the score.
+message CVSS {
+  // The base score is a function of the base metric scores.
+  float base_score = 1;
+
+  float exploitability_score = 2;
+
+  float impact_score = 3;
+
+  // Base Metrics
+  // Represents the intrinsic characteristics of a vulnerability that are
+  // constant over time and across user environments.
+  AttackVector attack_vector = 4;
+  AttackComplexity attack_complexity = 5;
+  Authentication authentication = 6;
+  PrivilegesRequired privileges_required = 7;
+  UserInteraction user_interaction = 8;
+  Scope scope = 9;
+  Impact confidentiality_impact = 10;
+  Impact integrity_impact = 11;
+  Impact availability_impact = 12;
+
+  enum AttackVector {
+    ATTACK_VECTOR_UNSPECIFIED = 0;
+    ATTACK_VECTOR_NETWORK = 1;
+    ATTACK_VECTOR_ADJACENT = 2;
+    ATTACK_VECTOR_LOCAL = 3;
+    ATTACK_VECTOR_PHYSICAL = 4;
+  }
+
+  enum AttackComplexity {
+    ATTACK_COMPLEXITY_UNSPECIFIED = 0;
+    ATTACK_COMPLEXITY_LOW = 1;
+    ATTACK_COMPLEXITY_HIGH = 2;
+  }
+
+  enum Authentication {
+    AUTHENTICATION_UNSPECIFIED = 0;
+    AUTHENTICATION_MULTIPLE = 1;
+    AUTHENTICATION_SINGLE = 2;
+    AUTHENTICATION_NONE = 3;
+  }
+
+  enum PrivilegesRequired {
+    PRIVILEGES_REQUIRED_UNSPECIFIED = 0;
+    PRIVILEGES_REQUIRED_NONE = 1;
+    PRIVILEGES_REQUIRED_LOW = 2;
+    PRIVILEGES_REQUIRED_HIGH = 3;
+  }
+
+  enum UserInteraction {
+    USER_INTERACTION_UNSPECIFIED = 0;
+    USER_INTERACTION_NONE = 1;
+    USER_INTERACTION_REQUIRED = 2;
+  }
+
+  enum Scope {
+    SCOPE_UNSPECIFIED = 0;
+    SCOPE_UNCHANGED = 1;
+    SCOPE_CHANGED = 2;
+  }
+
+  enum Impact {
+    IMPACT_UNSPECIFIED = 0;
+    IMPACT_HIGH = 1;
+    IMPACT_LOW = 2;
+    IMPACT_NONE = 3;
+  }
+}
diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/discovery.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/discovery.proto
@@ -16,6 +16,7 @@ syntax = "proto3";
 
 package grafeas.v1;
 
+import "google/api/field_behavior.proto";
 import "google/protobuf/timestamp.proto";
 import "google/rpc/status.proto";
 import "grafeas/v1/common.proto";
@@ -80,4 +81,8 @@ message DiscoveryOccurrence {
 
   // The last time this resource was scanned.
   google.protobuf.Timestamp last_scan_time = 5;
+
+  // The time occurrences related to this discovery occurrence were archived.
+  google.protobuf.Timestamp archive_time = 6
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/severity.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/severity.proto
@@ -0,0 +1,38 @@
+// Copyright 2021 The Grafeas Authors. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package grafeas.v1;
+
+option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
+option java_multiple_files = true;
+option java_package = "io.grafeas.v1";
+option objc_class_prefix = "GRA";
+
+// Note provider assigned severity/impact ranking.
+enum Severity {
+  // Unknown.
+  SEVERITY_UNSPECIFIED = 0;
+  // Minimal severity.
+  MINIMAL = 1;
+  // Low severity.
+  LOW = 2;
+  // Medium severity.
+  MEDIUM = 3;
+  // High severity.
+  HIGH = 4;
+  // Critical severity.
+  CRITICAL = 5;
+}
diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto
@@ -21,36 +21,21 @@ import "google/protobuf/timestamp.proto";
 import "grafeas/v1/common.proto";
 import "grafeas/v1/cvss.proto";
 import "grafeas/v1/package.proto";
+import "grafeas/v1/severity.proto";
 
 option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
 option java_multiple_files = true;
 option java_package = "io.grafeas.v1";
 option objc_class_prefix = "GRA";
 
-// Note provider assigned severity/impact ranking.
-enum Severity {
-  // Unknown.
-  SEVERITY_UNSPECIFIED = 0;
-  // Minimal severity.
-  MINIMAL = 1;
-  // Low severity.
-  LOW = 2;
-  // Medium severity.
-  MEDIUM = 3;
-  // High severity.
-  HIGH = 4;
-  // Critical severity.
-  CRITICAL = 5;
-}
-
 // A security vulnerability that can be found in resources.
 message VulnerabilityNote {
   // The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
   // where 0 indicates low severity and 10 indicates high severity.
   float cvss_score = 1;
 
   // The note provider assigned severity of this vulnerability.
-  Severity severity = 2;
+  grafeas.v1.Severity severity = 2;
 
   // Details of all known distros and packages affected by this vulnerability.
   repeated Detail details = 3;
@@ -172,24 +157,15 @@ message VulnerabilityOccurrence {
   string type = 1;
 
   // Output only. The note provider assigned severity of this vulnerability.
-  Severity severity = 2;
+  grafeas.v1.Severity severity = 2;
 
   // Output only. The CVSS score of this vulnerability. CVSS score is on a
   // scale of 0 - 10 where 0 indicates low severity and 10 indicates high
   // severity.
   float cvss_score = 3;
 
-  // The CVSS v3 score for this vulnerability.
-  message CVSSV3 {
-    // The base score for for this vulnerability according to cvss v3.
-    float base_score = 1;
-    // The severity rating assigned to this vulnerability by vulnerability
-    // provider.
-    Severity severity = 2;
-  }
-
   // The cvss v3 score for the vulnerability.
-  CVSSV3 cvssv3 = 10;
+  CVSS cvssv3 = 10;
 
   // Required. The set of affected locations and their fixes (if available)
   // within the associated resource.
@@ -231,7 +207,8 @@ message VulnerabilityOccurrence {
     // The distro or language system assigned severity for this vulnerability
     // when that is available and note provider assigned severity when it is not
     // available.
-    Severity effective_severity = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
+    grafeas.v1.Severity effective_severity = 9
+        [(google.api.field_behavior) = OUTPUT_ONLY];
   }
 
   // Output only. A one sentence description of this vulnerability.
@@ -253,7 +230,7 @@ message VulnerabilityOccurrence {
   // PackageIssue level. In the case where multiple PackageIssues have differing
   // effective severities, this field should be the highest severity for any of
   // the PackageIssues.
-  Severity effective_severity = 8;
+  grafeas.v1.Severity effective_severity = 8;
 
   // Output only. Whether at least one of the affected packages has a fix
   // available.