genproto: google.golang.org/genproto/googleapis/devtools/containeranalysis/v1beta1/common Index | Files

package common

import "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1beta1/common"

Index

Package Files

common.pb.go

Variables

var (
    NoteKind_name = map[int32]string{
        0:  "NOTE_KIND_UNSPECIFIED",
        1:  "VULNERABILITY",
        2:  "BUILD",
        3:  "IMAGE",
        4:  "PACKAGE",
        5:  "DEPLOYMENT",
        6:  "DISCOVERY",
        7:  "ATTESTATION",
    }
    NoteKind_value = map[string]int32{
        "NOTE_KIND_UNSPECIFIED": 0,
        "VULNERABILITY":         1,
        "BUILD":                 2,
        "IMAGE":                 3,
        "PACKAGE":               4,
        "DEPLOYMENT":            5,
        "DISCOVERY":             6,
        "ATTESTATION":           7,
    }
)

Enum value maps for NoteKind.

var File_google_devtools_containeranalysis_v1beta1_common_common_proto protoreflect.FileDescriptor

type NoteKind Uses

type NoteKind int32

Kind represents the kinds of notes supported.

const (
    // Unknown.
    NoteKind_NOTE_KIND_UNSPECIFIED NoteKind = 0
    // The note and occurrence represent a package vulnerability.
    NoteKind_VULNERABILITY NoteKind = 1
    // The note and occurrence assert build provenance.
    NoteKind_BUILD NoteKind = 2
    // This represents an image basis relationship.
    NoteKind_IMAGE NoteKind = 3
    // This represents a package installed via a package manager.
    NoteKind_PACKAGE NoteKind = 4
    // The note and occurrence track deployment events.
    NoteKind_DEPLOYMENT NoteKind = 5
    // The note and occurrence track the initial discovery status of a resource.
    NoteKind_DISCOVERY NoteKind = 6
    // This represents a logical "role" that can attest to artifacts.
    NoteKind_ATTESTATION NoteKind = 7
)

func (NoteKind) Descriptor Uses

func (NoteKind) Descriptor() protoreflect.EnumDescriptor

func (NoteKind) Enum Uses

func (x NoteKind) Enum() *NoteKind

func (NoteKind) EnumDescriptor Uses

func (NoteKind) EnumDescriptor() ([]byte, []int)

Deprecated: Use NoteKind.Descriptor instead.

func (NoteKind) Number Uses

func (x NoteKind) Number() protoreflect.EnumNumber

func (NoteKind) String Uses

func (x NoteKind) String() string

func (NoteKind) Type Uses

func (NoteKind) Type() protoreflect.EnumType

type RelatedUrl Uses

type RelatedUrl struct {

    // Specific URL associated with the resource.
    Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
    // Label to describe usage of the URL.
    Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"`
    // contains filtered or unexported fields
}

Metadata for any related URL information.

func (*RelatedUrl) Descriptor Uses

func (*RelatedUrl) Descriptor() ([]byte, []int)

Deprecated: Use RelatedUrl.ProtoReflect.Descriptor instead.

func (*RelatedUrl) GetLabel Uses

func (x *RelatedUrl) GetLabel() string

func (*RelatedUrl) GetUrl Uses

func (x *RelatedUrl) GetUrl() string

func (*RelatedUrl) ProtoMessage Uses

func (*RelatedUrl) ProtoMessage()

func (*RelatedUrl) ProtoReflect Uses

func (x *RelatedUrl) ProtoReflect() protoreflect.Message

func (*RelatedUrl) Reset Uses

func (x *RelatedUrl) Reset()

func (*RelatedUrl) String Uses

func (x *RelatedUrl) String() string

type Signature Uses

type Signature struct {

    // The content of the signature, an opaque bytestring.
    // The payload that this signature verifies MUST be unambiguously provided
    // with the Signature during verification. A wrapper message might provide
    // the payload explicitly. Alternatively, a message might have a canonical
    // serialization that can always be unambiguously computed to derive the
    // payload.
    Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
    // The identifier for the public key that verifies this signature.
    //   * The `public_key_id` is required.
    //   * The `public_key_id` MUST be an RFC3986 conformant URI.
    //   * When possible, the `public_key_id` SHOULD be an immutable reference,
    //     such as a cryptographic digest.
    //
    // Examples of valid `public_key_id`s:
    //
    // OpenPGP V4 public key fingerprint:
    //   * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
    // See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
    // details on this scheme.
    //
    // RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
    // serialization):
    //   * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
    //   * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
    PublicKeyId string `protobuf:"bytes,2,opt,name=public_key_id,json=publicKeyId,proto3" json:"public_key_id,omitempty"`
    // contains filtered or unexported fields
}

Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm).

In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:

* The `public_key_id` is not recognized by the verifier.
* The public key that `public_key_id` refers to does not verify the
  signature with respect to the payload.

The `signature` contents SHOULD NOT be "attached" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).

func (*Signature) Descriptor Uses

func (*Signature) Descriptor() ([]byte, []int)

Deprecated: Use Signature.ProtoReflect.Descriptor instead.

func (*Signature) GetPublicKeyId Uses

func (x *Signature) GetPublicKeyId() string

func (*Signature) GetSignature Uses

func (x *Signature) GetSignature() []byte

func (*Signature) ProtoMessage Uses

func (*Signature) ProtoMessage()

func (*Signature) ProtoReflect Uses

func (x *Signature) ProtoReflect() protoreflect.Message

func (*Signature) Reset Uses

func (x *Signature) Reset()

func (*Signature) String Uses

func (x *Signature) String() string

Package common imports 5 packages (graph) and is imported by 9 packages. Updated 2020-09-28. Refresh now. Tools for package owners.