feat: add GetVulnerabilityOccurrencesSummary (#42)

* changes without context autosynth cannot find the source of changes triggered by earlier changes in this repository, or by version upgrades to tools such as linters. * chore: manual regen * Fixing the grafeas import Co-authored-by: Bu Sun Kim <busunkim@google.com> Co-authored-by: Bu Sun Kim <8822365+busunkim96@users.noreply.github.com> Co-authored-by: Dina Graves Portman <dinagraves@google.com>
googleapis · Nov 18, 2020 · 7f3e8b3 · 7f3e8b3
1 parent 5c7d920
commit 7f3e8b3
Show file tree

Hide file tree

Showing 16 changed files with 1,406 additions and 424 deletions.
diff --git a/devtools-containeranalysis-v1-py.tar.gz b/devtools-containeranalysis-v1-py.tar.gz
diff --git a/docs/containeranalysis_v1/types.rst b/docs/containeranalysis_v1/types.rst
@@ -3,3 +3,4 @@ Types for Google Cloud Devtools Containeranalysis v1 API
 
 .. automodule:: google.cloud.devtools.containeranalysis_v1.types
     :members:
+    :show-inheritance:
diff --git a/google/cloud/devtools/containeranalysis/__init__.py b/google/cloud/devtools/containeranalysis/__init__.py
@@ -21,8 +21,16 @@
 from google.cloud.devtools.containeranalysis_v1.services.container_analysis.client import (
     ContainerAnalysisClient,
 )
+from google.cloud.devtools.containeranalysis_v1.types.containeranalysis import (
+    GetVulnerabilityOccurrencesSummaryRequest,
+)
+from google.cloud.devtools.containeranalysis_v1.types.containeranalysis import (
+    VulnerabilityOccurrencesSummary,
+)
 
 __all__ = (
     "ContainerAnalysisAsyncClient",
     "ContainerAnalysisClient",
+    "GetVulnerabilityOccurrencesSummaryRequest",
+    "VulnerabilityOccurrencesSummary",
 )
diff --git a/google/cloud/devtools/containeranalysis_v1/__init__.py b/google/cloud/devtools/containeranalysis_v1/__init__.py
@@ -16,6 +16,12 @@
 #
 
 from .services.container_analysis import ContainerAnalysisClient
+from .types.containeranalysis import GetVulnerabilityOccurrencesSummaryRequest
+from .types.containeranalysis import VulnerabilityOccurrencesSummary
 
 
-__all__ = ("ContainerAnalysisClient",)
+__all__ = (
+    "GetVulnerabilityOccurrencesSummaryRequest",
+    "VulnerabilityOccurrencesSummary",
+    "ContainerAnalysisClient",
+)
diff --git a/google/cloud/devtools/containeranalysis_v1/proto/containeranalysis.proto b/google/cloud/devtools/containeranalysis_v1/proto/containeranalysis.proto
@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC.
+// Copyright 2019 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -11,17 +11,19 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-//
 
 syntax = "proto3";
 
 package google.devtools.containeranalysis.v1;
 
 import "google/api/annotations.proto";
 import "google/api/client.proto";
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
 import "google/iam/v1/iam_policy.proto";
 import "google/iam/v1/policy.proto";
 import "google/protobuf/timestamp.proto";
+import "grafeas/v1/vulnerability.proto";
 
 option csharp_namespace = "Google.Cloud.DevTools.ContainerAnalysis.V1";
 option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1;containeranalysis";
@@ -105,4 +107,48 @@ service ContainerAnalysis {
     };
     option (google.api.method_signature) = "resource,permissions";
   }
+
+  // Gets a summary of the number and severity of occurrences.
+  rpc GetVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest) returns (VulnerabilityOccurrencesSummary) {
+    option (google.api.http) = {
+      get: "/v1/{parent=projects/*}/occurrences:vulnerabilitySummary"
+    };
+    option (google.api.method_signature) = "parent,filter";
+  }
+}
+
+// Request to get a vulnerability summary for some set of occurrences.
+message GetVulnerabilityOccurrencesSummaryRequest {
+  // The name of the project to get a vulnerability summary for in the form of
+  // `projects/[PROJECT_ID]`.
+  string parent = 1 [
+    (google.api.resource_reference).type = "cloudresourcemanager.googleapis.com/Project",
+    (google.api.field_behavior) = REQUIRED
+  ];
+
+  // The filter expression.
+  string filter = 2;
+}
+
+// A summary of how many vulnerability occurrences there are per resource and
+// severity type.
+message VulnerabilityOccurrencesSummary {
+  // Per resource and severity counts of fixable and total vulnerabilities.
+  message FixableTotalByDigest {
+    // The affected resource.
+    string resource_uri = 1;
+
+    // The severity for this count. SEVERITY_UNSPECIFIED indicates total across
+    // all severities.
+    grafeas.v1.Severity severity = 2;
+
+    // The number of fixable vulnerabilities associated with this resource.
+    int64 fixable_count = 3;
+
+    // The total number of vulnerabilities associated with this resource.
+    int64 total_count = 4;
+  }
+
+  // A listing by resource of the number of fixable and total vulnerabilities.
+  repeated FixableTotalByDigest counts = 1;
 }