Client for Container Analysis API#
-
class
google.cloud.devtools.containeranalysis_v1.
ContainerAnalysisClient
(transport=None, channel=None, credentials=None, client_config=None, client_info=None, client_options=None)[source]# Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.
Analysis results are stored as a series of occurrences. An
Occurrence
contains information about a specific analysis instance on a resource. An occurrence refers to aNote
. A note contains details describing the analysis and is generally stored in a separate project, called aProvider
. Multiple occurrences can refer to the same note.For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.
Constructor.
- Parameters
(Union[ContainerAnalysisGrpcTransport, (transport) – Callable[[~.Credentials, type], ~.ContainerAnalysisGrpcTransport]): A transport instance, responsible for actually making the API calls. The default transport uses the gRPC protocol. This argument may also be a callable which returns a transport instance. Callables will be sent the credentials as the first argument and the default transport class as the second argument.
channel (grpc.Channel) – DEPRECATED. A
Channel
instance through which to make calls. This argument is mutually exclusive withcredentials
; providing both will raise an exception.credentials (google.auth.credentials.Credentials) – The authorization credentials to attach to requests. These credentials identify this application to the service. If none are specified, the client will attempt to ascertain the credentials from the environment. This argument is mutually exclusive with providing a transport instance to
transport
; doing so will raise an exception.client_config (dict) – DEPRECATED. A dictionary of call options for each method. If not specified, the default configuration is used.
client_info (google.api_core.gapic_v1.client_info.ClientInfo) – The client info used to send a user-agent string along with API requests. If
None
, then default info will be used. Generally, you only need to set this if you’re developing your own client library.client_options (Union[dict, google.api_core.client_options.ClientOptions]) – Client options used to set user options on the client. API Endpoint should be set through client_options.
-
classmethod
from_service_account_file
(filename, *args, **kwargs)[source]# Creates an instance of this client using the provided credentials file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
-
classmethod
from_service_account_json
(filename, *args, **kwargs)# Creates an instance of this client using the provided credentials file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
-
get_grafeas_client
()[source]# Returns an equivalent grafeas client.
- Returns
A
GrafeasClient
instance.
-
get_iam_policy
(resource, options_=None, retry=<object object>, timeout=<object object>, metadata=None)[source]# Gets the access control policy for a note or an occurrence resource. Requires
containeranalysis.notes.setIamPolicy
orcontaineranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.The resource takes the format
projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes andprojects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.Example
>>> from google.cloud.devtools import containeranalysis_v1 >>> >>> client = containeranalysis_v1.ContainerAnalysisClient() >>> >>> resource = client.note_path('[PROJECT]', '[NOTE]') >>> >>> response = client.get_iam_policy(resource)
- Parameters
resource (str) – REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
options_ (Union[dict, GetPolicyOptions]) –
OPTIONAL: A
GetPolicyOptions
object for specifying options toGetIamPolicy
. This field is only used by Cloud IAM.If a dict is provided, it must be of the same form as the protobuf message
GetPolicyOptions
retry (Optional[google.api_core.retry.Retry]) – A retry object used to retry requests. If
None
is specified, requests will be retried using a default configuration.timeout (Optional[float]) – The amount of time, in seconds, to wait for the request to complete. Note that if
retry
is specified, the timeout applies to each individual attempt.metadata (Optional[Sequence[Tuple[str, str]]]) – Additional metadata that is provided to the method.
- Returns
A
Policy
instance.- Raises
google.api_core.exceptions.GoogleAPICallError – If the request failed for any reason.
google.api_core.exceptions.RetryError – If the request failed due to a retryable error and retry attempts failed.
ValueError – If the parameters are invalid.
-
classmethod
occurrence_path
(project, occurrence)[source]# Return a fully-qualified occurrence string.
-
set_iam_policy
(resource, policy, retry=<object object>, timeout=<object object>, metadata=None)[source]# Sets the access control policy on the specified note or occurrence. Requires
containeranalysis.notes.setIamPolicy
orcontaineranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.The resource takes the format
projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes andprojects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.Example
>>> from google.cloud.devtools import containeranalysis_v1 >>> >>> client = containeranalysis_v1.ContainerAnalysisClient() >>> >>> resource = client.note_path('[PROJECT]', '[NOTE]') >>> >>> # TODO: Initialize `policy`: >>> policy = {} >>> >>> response = client.set_iam_policy(resource, policy)
- Parameters
resource (str) – REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
policy (Union[dict, Policy]) –
REQUIRED: The complete policy to be applied to the
resource
. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.If a dict is provided, it must be of the same form as the protobuf message
Policy
retry (Optional[google.api_core.retry.Retry]) – A retry object used to retry requests. If
None
is specified, requests will be retried using a default configuration.timeout (Optional[float]) – The amount of time, in seconds, to wait for the request to complete. Note that if
retry
is specified, the timeout applies to each individual attempt.metadata (Optional[Sequence[Tuple[str, str]]]) – Additional metadata that is provided to the method.
- Returns
A
Policy
instance.- Raises
google.api_core.exceptions.GoogleAPICallError – If the request failed for any reason.
google.api_core.exceptions.RetryError – If the request failed due to a retryable error and retry attempts failed.
ValueError – If the parameters are invalid.
-
test_iam_permissions
(resource, permissions, retry=<object object>, timeout=<object object>, metadata=None)[source]# Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example,
containeranalysis.notes.list
).The resource takes the format
projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes andprojects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.Example
>>> from google.cloud.devtools import containeranalysis_v1 >>> >>> client = containeranalysis_v1.ContainerAnalysisClient() >>> >>> resource = client.note_path('[PROJECT]', '[NOTE]') >>> >>> # TODO: Initialize `permissions`: >>> permissions = [] >>> >>> response = client.test_iam_permissions(resource, permissions)
- Parameters
resource (str) – REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
permissions (list[str]) – The set of permissions to check for the
resource
. Permissions with wildcards (such as ‘*’ or ‘storage.*’) are not allowed. For more information see IAM Overview.retry (Optional[google.api_core.retry.Retry]) – A retry object used to retry requests. If
None
is specified, requests will be retried using a default configuration.timeout (Optional[float]) – The amount of time, in seconds, to wait for the request to complete. Note that if
retry
is specified, the timeout applies to each individual attempt.metadata (Optional[Sequence[Tuple[str, str]]]) – Additional metadata that is provided to the method.
- Returns
A
TestIamPermissionsResponse
instance.- Raises
google.api_core.exceptions.GoogleAPICallError – If the request failed for any reason.
google.api_core.exceptions.RetryError – If the request failed due to a retryable error and retry attempts failed.
ValueError – If the parameters are invalid.