Docs
PackagesGoogle Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
google-native.containeranalysis/v1.Occurrence
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
Creates a new occurrence. Auto-naming is currently not supported for this resource.
Create Occurrence Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Occurrence(name: string, args: OccurrenceArgs, opts?: CustomResourceOptions);@overload
def Occurrence(resource_name: str,
args: OccurrenceArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Occurrence(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_uri: Optional[str] = None,
note_name: Optional[str] = None,
envelope: Optional[EnvelopeArgs] = None,
package: Optional[PackageOccurrenceArgs] = None,
compliance: Optional[ComplianceOccurrenceArgs] = None,
dsse_attestation: Optional[DSSEAttestationOccurrenceArgs] = None,
build: Optional[BuildOccurrenceArgs] = None,
image: Optional[ImageOccurrenceArgs] = None,
discovery: Optional[DiscoveryOccurrenceArgs] = None,
deployment: Optional[DeploymentOccurrenceArgs] = None,
project: Optional[str] = None,
remediation: Optional[str] = None,
attestation: Optional[AttestationOccurrenceArgs] = None,
sbom_reference: Optional[SBOMReferenceOccurrenceArgs] = None,
upgrade: Optional[UpgradeOccurrenceArgs] = None,
vulnerability: Optional[VulnerabilityOccurrenceArgs] = None)func NewOccurrence(ctx *Context, name string, args OccurrenceArgs, opts ...ResourceOption) (*Occurrence, error)public Occurrence(string name, OccurrenceArgs args, CustomResourceOptions? opts = null)
public Occurrence(String name, OccurrenceArgs args)
public Occurrence(String name, OccurrenceArgs args, CustomResourceOptions options)
type: google-native:containeranalysis/v1:Occurrence
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OccurrenceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OccurrenceArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OccurrenceArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OccurrenceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OccurrenceArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var occurrenceResource = new GoogleNative.ContainerAnalysis.V1.Occurrence("occurrenceResource", new()
{
ResourceUri = "string",
NoteName = "string",
Envelope = new GoogleNative.ContainerAnalysis.V1.Inputs.EnvelopeArgs
{
Payload = "string",
PayloadType = "string",
Signatures = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.EnvelopeSignatureArgs
{
Keyid = "string",
Sig = "string",
},
},
},
Package = new GoogleNative.ContainerAnalysis.V1.Inputs.PackageOccurrenceArgs
{
License = new GoogleNative.ContainerAnalysis.V1.Inputs.LicenseArgs
{
Comments = "string",
Expression = "string",
},
Location = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.LocationArgs
{
Path = "string",
},
},
},
Compliance = new GoogleNative.ContainerAnalysis.V1.Inputs.ComplianceOccurrenceArgs
{
NonComplianceReason = "string",
NonCompliantFiles = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.NonCompliantFileArgs
{
DisplayCommand = "string",
Path = "string",
Reason = "string",
},
},
},
DsseAttestation = new GoogleNative.ContainerAnalysis.V1.Inputs.DSSEAttestationOccurrenceArgs
{
Envelope = new GoogleNative.ContainerAnalysis.V1.Inputs.EnvelopeArgs
{
Payload = "string",
PayloadType = "string",
Signatures = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.EnvelopeSignatureArgs
{
Keyid = "string",
Sig = "string",
},
},
},
Statement = new GoogleNative.ContainerAnalysis.V1.Inputs.InTotoStatementArgs
{
PredicateType = "string",
Provenance = new GoogleNative.ContainerAnalysis.V1.Inputs.InTotoProvenanceArgs
{
BuilderConfig = new GoogleNative.ContainerAnalysis.V1.Inputs.BuilderConfigArgs
{
Id = "string",
},
Materials = new[]
{
"string",
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.MetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.CompletenessArgs
{
Arguments = false,
Environment = false,
Materials = false,
},
Reproducible = false,
},
Recipe = new GoogleNative.ContainerAnalysis.V1.Inputs.RecipeArgs
{
Arguments = new[]
{
{
{ "string", "string" },
},
},
DefinedInMaterial = "string",
EntryPoint = "string",
Environment = new[]
{
{
{ "string", "string" },
},
},
Type = "string",
},
},
SlsaProvenance = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaProvenanceArgs
{
Builder = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaBuilderArgs
{
Id = "string",
},
Materials = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.MaterialArgs
{
Digest =
{
{ "string", "string" },
},
Uri = "string",
},
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaMetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaCompletenessArgs
{
Arguments = false,
Environment = false,
Materials = false,
},
Reproducible = false,
},
Recipe = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaRecipeArgs
{
Arguments =
{
{ "string", "string" },
},
DefinedInMaterial = "string",
EntryPoint = "string",
Environment =
{
{ "string", "string" },
},
Type = "string",
},
},
SlsaProvenanceZeroTwo = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaProvenanceZeroTwoArgs
{
BuildConfig =
{
{ "string", "string" },
},
BuildType = "string",
Builder = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs
{
Id = "string",
},
Invocation = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs
{
ConfigSource = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs
{
Digest =
{
{ "string", "string" },
},
EntryPoint = "string",
Uri = "string",
},
Environment =
{
{ "string", "string" },
},
Parameters =
{
{ "string", "string" },
},
},
Materials = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs
{
Digest =
{
{ "string", "string" },
},
Uri = "string",
},
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs
{
Environment = false,
Materials = false,
Parameters = false,
},
Reproducible = false,
},
},
Subject = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SubjectArgs
{
Digest =
{
{ "string", "string" },
},
Name = "string",
},
},
Type = "string",
},
},
Build = new GoogleNative.ContainerAnalysis.V1.Inputs.BuildOccurrenceArgs
{
InTotoSlsaProvenanceV1 = new GoogleNative.ContainerAnalysis.V1.Inputs.InTotoSlsaProvenanceV1Args
{
Predicate = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaProvenanceV1Args
{
BuildDefinition = new GoogleNative.ContainerAnalysis.V1.Inputs.BuildDefinitionArgs
{
BuildType = "string",
ExternalParameters =
{
{ "string", "string" },
},
InternalParameters =
{
{ "string", "string" },
},
ResolvedDependencies = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.ResourceDescriptorArgs
{
Annotations =
{
{ "string", "string" },
},
Content = "string",
Digest =
{
{ "string", "string" },
},
DownloadLocation = "string",
MediaType = "string",
Name = "string",
Uri = "string",
},
},
},
RunDetails = new GoogleNative.ContainerAnalysis.V1.Inputs.RunDetailsArgs
{
Builder = new GoogleNative.ContainerAnalysis.V1.Inputs.ProvenanceBuilderArgs
{
BuilderDependencies = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.ResourceDescriptorArgs
{
Annotations =
{
{ "string", "string" },
},
Content = "string",
Digest =
{
{ "string", "string" },
},
DownloadLocation = "string",
MediaType = "string",
Name = "string",
Uri = "string",
},
},
Id = "string",
Version =
{
{ "string", "string" },
},
},
Byproducts = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.ResourceDescriptorArgs
{
Annotations =
{
{ "string", "string" },
},
Content = "string",
Digest =
{
{ "string", "string" },
},
DownloadLocation = "string",
MediaType = "string",
Name = "string",
Uri = "string",
},
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.BuildMetadataArgs
{
FinishedOn = "string",
InvocationId = "string",
StartedOn = "string",
},
},
},
PredicateType = "string",
Subject = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SubjectArgs
{
Digest =
{
{ "string", "string" },
},
Name = "string",
},
},
Type = "string",
},
IntotoStatement = new GoogleNative.ContainerAnalysis.V1.Inputs.InTotoStatementArgs
{
PredicateType = "string",
Provenance = new GoogleNative.ContainerAnalysis.V1.Inputs.InTotoProvenanceArgs
{
BuilderConfig = new GoogleNative.ContainerAnalysis.V1.Inputs.BuilderConfigArgs
{
Id = "string",
},
Materials = new[]
{
"string",
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.MetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.CompletenessArgs
{
Arguments = false,
Environment = false,
Materials = false,
},
Reproducible = false,
},
Recipe = new GoogleNative.ContainerAnalysis.V1.Inputs.RecipeArgs
{
Arguments = new[]
{
{
{ "string", "string" },
},
},
DefinedInMaterial = "string",
EntryPoint = "string",
Environment = new[]
{
{
{ "string", "string" },
},
},
Type = "string",
},
},
SlsaProvenance = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaProvenanceArgs
{
Builder = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaBuilderArgs
{
Id = "string",
},
Materials = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.MaterialArgs
{
Digest =
{
{ "string", "string" },
},
Uri = "string",
},
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaMetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaCompletenessArgs
{
Arguments = false,
Environment = false,
Materials = false,
},
Reproducible = false,
},
Recipe = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaRecipeArgs
{
Arguments =
{
{ "string", "string" },
},
DefinedInMaterial = "string",
EntryPoint = "string",
Environment =
{
{ "string", "string" },
},
Type = "string",
},
},
SlsaProvenanceZeroTwo = new GoogleNative.ContainerAnalysis.V1.Inputs.SlsaProvenanceZeroTwoArgs
{
BuildConfig =
{
{ "string", "string" },
},
BuildType = "string",
Builder = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs
{
Id = "string",
},
Invocation = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs
{
ConfigSource = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs
{
Digest =
{
{ "string", "string" },
},
EntryPoint = "string",
Uri = "string",
},
Environment =
{
{ "string", "string" },
},
Parameters =
{
{ "string", "string" },
},
},
Materials = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs
{
Digest =
{
{ "string", "string" },
},
Uri = "string",
},
},
Metadata = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs
{
BuildFinishedOn = "string",
BuildInvocationId = "string",
BuildStartedOn = "string",
Completeness = new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs
{
Environment = false,
Materials = false,
Parameters = false,
},
Reproducible = false,
},
},
Subject = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SubjectArgs
{
Digest =
{
{ "string", "string" },
},
Name = "string",
},
},
Type = "string",
},
Provenance = new GoogleNative.ContainerAnalysis.V1.Inputs.BuildProvenanceArgs
{
Id = "string",
EndTime = "string",
BuiltArtifacts = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.ArtifactArgs
{
Checksum = "string",
Id = "string",
Names = new[]
{
"string",
},
},
},
Commands = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.CommandArgs
{
Name = "string",
Args = new[]
{
"string",
},
Dir = "string",
Env = new[]
{
"string",
},
Id = "string",
WaitFor = new[]
{
"string",
},
},
},
CreateTime = "string",
Creator = "string",
BuildOptions =
{
{ "string", "string" },
},
BuilderVersion = "string",
LogsUri = "string",
Project = "string",
SourceProvenance = new GoogleNative.ContainerAnalysis.V1.Inputs.SourceArgs
{
AdditionalContexts = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SourceContextArgs
{
CloudRepo = new GoogleNative.ContainerAnalysis.V1.Inputs.CloudRepoSourceContextArgs
{
AliasContext = new GoogleNative.ContainerAnalysis.V1.Inputs.AliasContextArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.AliasContextKind.KindUnspecified,
Name = "string",
},
RepoId = new GoogleNative.ContainerAnalysis.V1.Inputs.RepoIdArgs
{
ProjectRepoId = new GoogleNative.ContainerAnalysis.V1.Inputs.ProjectRepoIdArgs
{
Project = "string",
RepoName = "string",
},
Uid = "string",
},
RevisionId = "string",
},
Gerrit = new GoogleNative.ContainerAnalysis.V1.Inputs.GerritSourceContextArgs
{
AliasContext = new GoogleNative.ContainerAnalysis.V1.Inputs.AliasContextArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.AliasContextKind.KindUnspecified,
Name = "string",
},
GerritProject = "string",
HostUri = "string",
RevisionId = "string",
},
Git = new GoogleNative.ContainerAnalysis.V1.Inputs.GitSourceContextArgs
{
RevisionId = "string",
Url = "string",
},
Labels =
{
{ "string", "string" },
},
},
},
ArtifactStorageSourceUri = "string",
Context = new GoogleNative.ContainerAnalysis.V1.Inputs.SourceContextArgs
{
CloudRepo = new GoogleNative.ContainerAnalysis.V1.Inputs.CloudRepoSourceContextArgs
{
AliasContext = new GoogleNative.ContainerAnalysis.V1.Inputs.AliasContextArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.AliasContextKind.KindUnspecified,
Name = "string",
},
RepoId = new GoogleNative.ContainerAnalysis.V1.Inputs.RepoIdArgs
{
ProjectRepoId = new GoogleNative.ContainerAnalysis.V1.Inputs.ProjectRepoIdArgs
{
Project = "string",
RepoName = "string",
},
Uid = "string",
},
RevisionId = "string",
},
Gerrit = new GoogleNative.ContainerAnalysis.V1.Inputs.GerritSourceContextArgs
{
AliasContext = new GoogleNative.ContainerAnalysis.V1.Inputs.AliasContextArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.AliasContextKind.KindUnspecified,
Name = "string",
},
GerritProject = "string",
HostUri = "string",
RevisionId = "string",
},
Git = new GoogleNative.ContainerAnalysis.V1.Inputs.GitSourceContextArgs
{
RevisionId = "string",
Url = "string",
},
Labels =
{
{ "string", "string" },
},
},
FileHashes =
{
{ "string", "string" },
},
},
StartTime = "string",
TriggerId = "string",
},
ProvenanceBytes = "string",
},
Image = new GoogleNative.ContainerAnalysis.V1.Inputs.ImageOccurrenceArgs
{
Fingerprint = new GoogleNative.ContainerAnalysis.V1.Inputs.FingerprintArgs
{
V1Name = "string",
V2Blob = new[]
{
"string",
},
},
LayerInfo = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.LayerArgs
{
Directive = "string",
Arguments = "string",
},
},
},
Discovery = new GoogleNative.ContainerAnalysis.V1.Inputs.DiscoveryOccurrenceArgs
{
AnalysisCompleted = new GoogleNative.ContainerAnalysis.V1.Inputs.AnalysisCompletedArgs
{
AnalysisType = new[]
{
"string",
},
},
AnalysisError = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.StatusArgs
{
Code = 0,
Details = new[]
{
{
{ "string", "string" },
},
},
Message = "string",
},
},
AnalysisStatus = GoogleNative.ContainerAnalysis.V1.DiscoveryOccurrenceAnalysisStatus.AnalysisStatusUnspecified,
AnalysisStatusError = new GoogleNative.ContainerAnalysis.V1.Inputs.StatusArgs
{
Code = 0,
Details = new[]
{
{
{ "string", "string" },
},
},
Message = "string",
},
ContinuousAnalysis = GoogleNative.ContainerAnalysis.V1.DiscoveryOccurrenceContinuousAnalysis.ContinuousAnalysisUnspecified,
Cpe = "string",
LastScanTime = "string",
SbomStatus = new GoogleNative.ContainerAnalysis.V1.Inputs.SBOMStatusArgs
{
Error = "string",
SbomState = GoogleNative.ContainerAnalysis.V1.SBOMStatusSbomState.SbomStateUnspecified,
},
},
Deployment = new GoogleNative.ContainerAnalysis.V1.Inputs.DeploymentOccurrenceArgs
{
DeployTime = "string",
Address = "string",
Config = "string",
Platform = GoogleNative.ContainerAnalysis.V1.DeploymentOccurrencePlatform.PlatformUnspecified,
UndeployTime = "string",
UserEmail = "string",
},
Project = "string",
Remediation = "string",
Attestation = new GoogleNative.ContainerAnalysis.V1.Inputs.AttestationOccurrenceArgs
{
SerializedPayload = "string",
Jwts = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.JwtArgs
{
CompactJwt = "string",
},
},
Signatures = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SignatureArgs
{
PublicKeyId = "string",
Signature = "string",
},
},
},
SbomReference = new GoogleNative.ContainerAnalysis.V1.Inputs.SBOMReferenceOccurrenceArgs
{
Payload = new GoogleNative.ContainerAnalysis.V1.Inputs.SbomReferenceIntotoPayloadArgs
{
Predicate = new GoogleNative.ContainerAnalysis.V1.Inputs.SbomReferenceIntotoPredicateArgs
{
Digest =
{
{ "string", "string" },
},
Location = "string",
MimeType = "string",
ReferrerId = "string",
},
PredicateType = "string",
Subject = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.SubjectArgs
{
Digest =
{
{ "string", "string" },
},
Name = "string",
},
},
Type = "string",
},
PayloadType = "string",
Signatures = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.EnvelopeSignatureArgs
{
Keyid = "string",
Sig = "string",
},
},
},
Upgrade = new GoogleNative.ContainerAnalysis.V1.Inputs.UpgradeOccurrenceArgs
{
Distribution = new GoogleNative.ContainerAnalysis.V1.Inputs.UpgradeDistributionArgs
{
Classification = "string",
CpeUri = "string",
Cve = new[]
{
"string",
},
Severity = "string",
},
Package = "string",
ParsedVersion = new GoogleNative.ContainerAnalysis.V1.Inputs.VersionArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.VersionKind.VersionKindUnspecified,
Epoch = 0,
FullName = "string",
Inclusive = false,
Name = "string",
Revision = "string",
},
WindowsUpdate = new GoogleNative.ContainerAnalysis.V1.Inputs.WindowsUpdateArgs
{
Categories = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.CategoryArgs
{
CategoryId = "string",
Name = "string",
},
},
Description = "string",
Identity = new GoogleNative.ContainerAnalysis.V1.Inputs.IdentityArgs
{
Revision = 0,
UpdateId = "string",
},
KbArticleIds = new[]
{
"string",
},
LastPublishedTimestamp = "string",
SupportUrl = "string",
Title = "string",
},
},
Vulnerability = new GoogleNative.ContainerAnalysis.V1.Inputs.VulnerabilityOccurrenceArgs
{
PackageIssue = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.PackageIssueArgs
{
AffectedCpeUri = "string",
AffectedPackage = "string",
AffectedVersion = new GoogleNative.ContainerAnalysis.V1.Inputs.VersionArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.VersionKind.VersionKindUnspecified,
Epoch = 0,
FullName = "string",
Inclusive = false,
Name = "string",
Revision = "string",
},
FixedVersion = new GoogleNative.ContainerAnalysis.V1.Inputs.VersionArgs
{
Kind = GoogleNative.ContainerAnalysis.V1.VersionKind.VersionKindUnspecified,
Epoch = 0,
FullName = "string",
Inclusive = false,
Name = "string",
Revision = "string",
},
FileLocation = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.GrafeasV1FileLocationArgs
{
FilePath = "string",
},
},
FixedCpeUri = "string",
FixedPackage = "string",
PackageType = "string",
},
},
CvssV2 = new GoogleNative.ContainerAnalysis.V1.Inputs.CVSSArgs
{
AttackComplexity = GoogleNative.ContainerAnalysis.V1.CVSSAttackComplexity.AttackComplexityUnspecified,
AttackVector = GoogleNative.ContainerAnalysis.V1.CVSSAttackVector.AttackVectorUnspecified,
Authentication = GoogleNative.ContainerAnalysis.V1.CVSSAuthentication.AuthenticationUnspecified,
AvailabilityImpact = GoogleNative.ContainerAnalysis.V1.CVSSAvailabilityImpact.ImpactUnspecified,
BaseScore = 0,
ConfidentialityImpact = GoogleNative.ContainerAnalysis.V1.CVSSConfidentialityImpact.ImpactUnspecified,
ExploitabilityScore = 0,
ImpactScore = 0,
IntegrityImpact = GoogleNative.ContainerAnalysis.V1.CVSSIntegrityImpact.ImpactUnspecified,
PrivilegesRequired = GoogleNative.ContainerAnalysis.V1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
Scope = GoogleNative.ContainerAnalysis.V1.CVSSScope.ScopeUnspecified,
UserInteraction = GoogleNative.ContainerAnalysis.V1.CVSSUserInteraction.UserInteractionUnspecified,
},
Cvssv3 = new GoogleNative.ContainerAnalysis.V1.Inputs.CVSSArgs
{
AttackComplexity = GoogleNative.ContainerAnalysis.V1.CVSSAttackComplexity.AttackComplexityUnspecified,
AttackVector = GoogleNative.ContainerAnalysis.V1.CVSSAttackVector.AttackVectorUnspecified,
Authentication = GoogleNative.ContainerAnalysis.V1.CVSSAuthentication.AuthenticationUnspecified,
AvailabilityImpact = GoogleNative.ContainerAnalysis.V1.CVSSAvailabilityImpact.ImpactUnspecified,
BaseScore = 0,
ConfidentialityImpact = GoogleNative.ContainerAnalysis.V1.CVSSConfidentialityImpact.ImpactUnspecified,
ExploitabilityScore = 0,
ImpactScore = 0,
IntegrityImpact = GoogleNative.ContainerAnalysis.V1.CVSSIntegrityImpact.ImpactUnspecified,
PrivilegesRequired = GoogleNative.ContainerAnalysis.V1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
Scope = GoogleNative.ContainerAnalysis.V1.CVSSScope.ScopeUnspecified,
UserInteraction = GoogleNative.ContainerAnalysis.V1.CVSSUserInteraction.UserInteractionUnspecified,
},
EffectiveSeverity = GoogleNative.ContainerAnalysis.V1.VulnerabilityOccurrenceEffectiveSeverity.SeverityUnspecified,
ExtraDetails = "string",
Type = "string",
VexAssessment = new GoogleNative.ContainerAnalysis.V1.Inputs.VexAssessmentArgs
{
Impacts = new[]
{
"string",
},
Justification = new GoogleNative.ContainerAnalysis.V1.Inputs.JustificationArgs
{
Details = "string",
JustificationType = GoogleNative.ContainerAnalysis.V1.JustificationJustificationType.JustificationTypeUnspecified,
},
NoteName = "string",
RelatedUris = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.RelatedUrlArgs
{
Label = "string",
Url = "string",
},
},
Remediations = new[]
{
new GoogleNative.ContainerAnalysis.V1.Inputs.RemediationArgs
{
Details = "string",
RemediationType = GoogleNative.ContainerAnalysis.V1.RemediationRemediationType.RemediationTypeUnspecified,
RemediationUri = new GoogleNative.ContainerAnalysis.V1.Inputs.RelatedUrlArgs
{
Label = "string",
Url = "string",
},
},
},
State = GoogleNative.ContainerAnalysis.V1.VexAssessmentState.StateUnspecified,
VulnerabilityId = "string",
},
},
});
example, err := containeranalysis.NewOccurrence(ctx, "occurrenceResource", &containeranalysis.OccurrenceArgs{
ResourceUri: pulumi.String("string"),
NoteName: pulumi.String("string"),
Envelope: &containeranalysis.EnvelopeArgs{
Payload: pulumi.String("string"),
PayloadType: pulumi.String("string"),
Signatures: containeranalysis.EnvelopeSignatureArray{
&containeranalysis.EnvelopeSignatureArgs{
Keyid: pulumi.String("string"),
Sig: pulumi.String("string"),
},
},
},
Package: &containeranalysis.PackageOccurrenceArgs{
License: &containeranalysis.LicenseArgs{
Comments: pulumi.String("string"),
Expression: pulumi.String("string"),
},
Location: containeranalysis.LocationArray{
&containeranalysis.LocationArgs{
Path: pulumi.String("string"),
},
},
},
Compliance: &containeranalysis.ComplianceOccurrenceArgs{
NonComplianceReason: pulumi.String("string"),
NonCompliantFiles: containeranalysis.NonCompliantFileArray{
&containeranalysis.NonCompliantFileArgs{
DisplayCommand: pulumi.String("string"),
Path: pulumi.String("string"),
Reason: pulumi.String("string"),
},
},
},
DsseAttestation: &containeranalysis.DSSEAttestationOccurrenceArgs{
Envelope: &containeranalysis.EnvelopeArgs{
Payload: pulumi.String("string"),
PayloadType: pulumi.String("string"),
Signatures: containeranalysis.EnvelopeSignatureArray{
&containeranalysis.EnvelopeSignatureArgs{
Keyid: pulumi.String("string"),
Sig: pulumi.String("string"),
},
},
},
Statement: &containeranalysis.InTotoStatementArgs{
PredicateType: pulumi.String("string"),
Provenance: &containeranalysis.InTotoProvenanceArgs{
BuilderConfig: &containeranalysis.BuilderConfigArgs{
Id: pulumi.String("string"),
},
Materials: pulumi.StringArray{
pulumi.String("string"),
},
Metadata: &containeranalysis.MetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.CompletenessArgs{
Arguments: pulumi.Bool(false),
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
Recipe: &containeranalysis.RecipeArgs{
Arguments: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
DefinedInMaterial: pulumi.String("string"),
EntryPoint: pulumi.String("string"),
Environment: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
},
SlsaProvenance: &containeranalysis.SlsaProvenanceArgs{
Builder: &containeranalysis.SlsaBuilderArgs{
Id: pulumi.String("string"),
},
Materials: containeranalysis.MaterialArray{
&containeranalysis.MaterialArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Uri: pulumi.String("string"),
},
},
Metadata: &containeranalysis.SlsaMetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.SlsaCompletenessArgs{
Arguments: pulumi.Bool(false),
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
Recipe: &containeranalysis.SlsaRecipeArgs{
Arguments: pulumi.StringMap{
"string": pulumi.String("string"),
},
DefinedInMaterial: pulumi.String("string"),
EntryPoint: pulumi.String("string"),
Environment: pulumi.StringMap{
"string": pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
SlsaProvenanceZeroTwo: &containeranalysis.SlsaProvenanceZeroTwoArgs{
BuildConfig: pulumi.StringMap{
"string": pulumi.String("string"),
},
BuildType: pulumi.String("string"),
Builder: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs{
Id: pulumi.String("string"),
},
Invocation: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs{
ConfigSource: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
EntryPoint: pulumi.String("string"),
Uri: pulumi.String("string"),
},
Environment: pulumi.StringMap{
"string": pulumi.String("string"),
},
Parameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Materials: containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArray{
&containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Uri: pulumi.String("string"),
},
},
Metadata: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs{
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
Parameters: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
},
Subject: containeranalysis.SubjectArray{
&containeranalysis.SubjectArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
},
Build: &containeranalysis.BuildOccurrenceArgs{
InTotoSlsaProvenanceV1: &containeranalysis.InTotoSlsaProvenanceV1Args{
Predicate: &containeranalysis.SlsaProvenanceV1Args{
BuildDefinition: &containeranalysis.BuildDefinitionArgs{
BuildType: pulumi.String("string"),
ExternalParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
InternalParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
ResolvedDependencies: containeranalysis.ResourceDescriptorArray{
&containeranalysis.ResourceDescriptorArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
Content: pulumi.String("string"),
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
DownloadLocation: pulumi.String("string"),
MediaType: pulumi.String("string"),
Name: pulumi.String("string"),
Uri: pulumi.String("string"),
},
},
},
RunDetails: &containeranalysis.RunDetailsArgs{
Builder: &containeranalysis.ProvenanceBuilderArgs{
BuilderDependencies: containeranalysis.ResourceDescriptorArray{
&containeranalysis.ResourceDescriptorArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
Content: pulumi.String("string"),
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
DownloadLocation: pulumi.String("string"),
MediaType: pulumi.String("string"),
Name: pulumi.String("string"),
Uri: pulumi.String("string"),
},
},
Id: pulumi.String("string"),
Version: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Byproducts: containeranalysis.ResourceDescriptorArray{
&containeranalysis.ResourceDescriptorArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
Content: pulumi.String("string"),
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
DownloadLocation: pulumi.String("string"),
MediaType: pulumi.String("string"),
Name: pulumi.String("string"),
Uri: pulumi.String("string"),
},
},
Metadata: &containeranalysis.BuildMetadataArgs{
FinishedOn: pulumi.String("string"),
InvocationId: pulumi.String("string"),
StartedOn: pulumi.String("string"),
},
},
},
PredicateType: pulumi.String("string"),
Subject: containeranalysis.SubjectArray{
&containeranalysis.SubjectArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
IntotoStatement: &containeranalysis.InTotoStatementArgs{
PredicateType: pulumi.String("string"),
Provenance: &containeranalysis.InTotoProvenanceArgs{
BuilderConfig: &containeranalysis.BuilderConfigArgs{
Id: pulumi.String("string"),
},
Materials: pulumi.StringArray{
pulumi.String("string"),
},
Metadata: &containeranalysis.MetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.CompletenessArgs{
Arguments: pulumi.Bool(false),
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
Recipe: &containeranalysis.RecipeArgs{
Arguments: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
DefinedInMaterial: pulumi.String("string"),
EntryPoint: pulumi.String("string"),
Environment: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
},
SlsaProvenance: &containeranalysis.SlsaProvenanceArgs{
Builder: &containeranalysis.SlsaBuilderArgs{
Id: pulumi.String("string"),
},
Materials: containeranalysis.MaterialArray{
&containeranalysis.MaterialArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Uri: pulumi.String("string"),
},
},
Metadata: &containeranalysis.SlsaMetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.SlsaCompletenessArgs{
Arguments: pulumi.Bool(false),
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
Recipe: &containeranalysis.SlsaRecipeArgs{
Arguments: pulumi.StringMap{
"string": pulumi.String("string"),
},
DefinedInMaterial: pulumi.String("string"),
EntryPoint: pulumi.String("string"),
Environment: pulumi.StringMap{
"string": pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
SlsaProvenanceZeroTwo: &containeranalysis.SlsaProvenanceZeroTwoArgs{
BuildConfig: pulumi.StringMap{
"string": pulumi.String("string"),
},
BuildType: pulumi.String("string"),
Builder: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs{
Id: pulumi.String("string"),
},
Invocation: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs{
ConfigSource: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
EntryPoint: pulumi.String("string"),
Uri: pulumi.String("string"),
},
Environment: pulumi.StringMap{
"string": pulumi.String("string"),
},
Parameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Materials: containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArray{
&containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Uri: pulumi.String("string"),
},
},
Metadata: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs{
BuildFinishedOn: pulumi.String("string"),
BuildInvocationId: pulumi.String("string"),
BuildStartedOn: pulumi.String("string"),
Completeness: &containeranalysis.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs{
Environment: pulumi.Bool(false),
Materials: pulumi.Bool(false),
Parameters: pulumi.Bool(false),
},
Reproducible: pulumi.Bool(false),
},
},
Subject: containeranalysis.SubjectArray{
&containeranalysis.SubjectArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
Provenance: &containeranalysis.BuildProvenanceArgs{
Id: pulumi.String("string"),
EndTime: pulumi.String("string"),
BuiltArtifacts: containeranalysis.ArtifactArray{
&containeranalysis.ArtifactArgs{
Checksum: pulumi.String("string"),
Id: pulumi.String("string"),
Names: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Commands: containeranalysis.CommandArray{
&containeranalysis.CommandArgs{
Name: pulumi.String("string"),
Args: pulumi.StringArray{
pulumi.String("string"),
},
Dir: pulumi.String("string"),
Env: pulumi.StringArray{
pulumi.String("string"),
},
Id: pulumi.String("string"),
WaitFor: pulumi.StringArray{
pulumi.String("string"),
},
},
},
CreateTime: pulumi.String("string"),
Creator: pulumi.String("string"),
BuildOptions: pulumi.StringMap{
"string": pulumi.String("string"),
},
BuilderVersion: pulumi.String("string"),
LogsUri: pulumi.String("string"),
Project: pulumi.String("string"),
SourceProvenance: &containeranalysis.SourceArgs{
AdditionalContexts: containeranalysis.SourceContextArray{
&containeranalysis.SourceContextArgs{
CloudRepo: &containeranalysis.CloudRepoSourceContextArgs{
AliasContext: &containeranalysis.AliasContextArgs{
Kind: containeranalysis.AliasContextKindKindUnspecified,
Name: pulumi.String("string"),
},
RepoId: &containeranalysis.RepoIdArgs{
ProjectRepoId: &containeranalysis.ProjectRepoIdArgs{
Project: pulumi.String("string"),
RepoName: pulumi.String("string"),
},
Uid: pulumi.String("string"),
},
RevisionId: pulumi.String("string"),
},
Gerrit: &containeranalysis.GerritSourceContextArgs{
AliasContext: &containeranalysis.AliasContextArgs{
Kind: containeranalysis.AliasContextKindKindUnspecified,
Name: pulumi.String("string"),
},
GerritProject: pulumi.String("string"),
HostUri: pulumi.String("string"),
RevisionId: pulumi.String("string"),
},
Git: &containeranalysis.GitSourceContextArgs{
RevisionId: pulumi.String("string"),
Url: pulumi.String("string"),
},
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
},
ArtifactStorageSourceUri: pulumi.String("string"),
Context: &containeranalysis.SourceContextArgs{
CloudRepo: &containeranalysis.CloudRepoSourceContextArgs{
AliasContext: &containeranalysis.AliasContextArgs{
Kind: containeranalysis.AliasContextKindKindUnspecified,
Name: pulumi.String("string"),
},
RepoId: &containeranalysis.RepoIdArgs{
ProjectRepoId: &containeranalysis.ProjectRepoIdArgs{
Project: pulumi.String("string"),
RepoName: pulumi.String("string"),
},
Uid: pulumi.String("string"),
},
RevisionId: pulumi.String("string"),
},
Gerrit: &containeranalysis.GerritSourceContextArgs{
AliasContext: &containeranalysis.AliasContextArgs{
Kind: containeranalysis.AliasContextKindKindUnspecified,
Name: pulumi.String("string"),
},
GerritProject: pulumi.String("string"),
HostUri: pulumi.String("string"),
RevisionId: pulumi.String("string"),
},
Git: &containeranalysis.GitSourceContextArgs{
RevisionId: pulumi.String("string"),
Url: pulumi.String("string"),
},
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
FileHashes: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
StartTime: pulumi.String("string"),
TriggerId: pulumi.String("string"),
},
ProvenanceBytes: pulumi.String("string"),
},
Image: &containeranalysis.ImageOccurrenceArgs{
Fingerprint: &containeranalysis.FingerprintArgs{
V1Name: pulumi.String("string"),
V2Blob: pulumi.StringArray{
pulumi.String("string"),
},
},
LayerInfo: containeranalysis.LayerArray{
&containeranalysis.LayerArgs{
Directive: pulumi.String("string"),
Arguments: pulumi.String("string"),
},
},
},
Discovery: &containeranalysis.DiscoveryOccurrenceArgs{
AnalysisCompleted: &containeranalysis.AnalysisCompletedArgs{
AnalysisType: pulumi.StringArray{
pulumi.String("string"),
},
},
AnalysisError: containeranalysis.StatusArray{
&containeranalysis.StatusArgs{
Code: pulumi.Int(0),
Details: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Message: pulumi.String("string"),
},
},
AnalysisStatus: containeranalysis.DiscoveryOccurrenceAnalysisStatusAnalysisStatusUnspecified,
AnalysisStatusError: &containeranalysis.StatusArgs{
Code: pulumi.Int(0),
Details: pulumi.StringMapArray{
pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Message: pulumi.String("string"),
},
ContinuousAnalysis: containeranalysis.DiscoveryOccurrenceContinuousAnalysisContinuousAnalysisUnspecified,
Cpe: pulumi.String("string"),
LastScanTime: pulumi.String("string"),
SbomStatus: &containeranalysis.SBOMStatusArgs{
Error: pulumi.String("string"),
SbomState: containeranalysis.SBOMStatusSbomStateSbomStateUnspecified,
},
},
Deployment: &containeranalysis.DeploymentOccurrenceArgs{
DeployTime: pulumi.String("string"),
Address: pulumi.String("string"),
Config: pulumi.String("string"),
Platform: containeranalysis.DeploymentOccurrencePlatformPlatformUnspecified,
UndeployTime: pulumi.String("string"),
UserEmail: pulumi.String("string"),
},
Project: pulumi.String("string"),
Remediation: pulumi.String("string"),
Attestation: &containeranalysis.AttestationOccurrenceArgs{
SerializedPayload: pulumi.String("string"),
Jwts: containeranalysis.JwtArray{
&containeranalysis.JwtArgs{
CompactJwt: pulumi.String("string"),
},
},
Signatures: containeranalysis.SignatureArray{
&containeranalysis.SignatureArgs{
PublicKeyId: pulumi.String("string"),
Signature: pulumi.String("string"),
},
},
},
SbomReference: &containeranalysis.SBOMReferenceOccurrenceArgs{
Payload: &containeranalysis.SbomReferenceIntotoPayloadArgs{
Predicate: &containeranalysis.SbomReferenceIntotoPredicateArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
MimeType: pulumi.String("string"),
ReferrerId: pulumi.String("string"),
},
PredicateType: pulumi.String("string"),
Subject: containeranalysis.SubjectArray{
&containeranalysis.SubjectArgs{
Digest: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
},
},
Type: pulumi.String("string"),
},
PayloadType: pulumi.String("string"),
Signatures: containeranalysis.EnvelopeSignatureArray{
&containeranalysis.EnvelopeSignatureArgs{
Keyid: pulumi.String("string"),
Sig: pulumi.String("string"),
},
},
},
Upgrade: &containeranalysis.UpgradeOccurrenceArgs{
Distribution: &containeranalysis.UpgradeDistributionArgs{
Classification: pulumi.String("string"),
CpeUri: pulumi.String("string"),
Cve: pulumi.StringArray{
pulumi.String("string"),
},
Severity: pulumi.String("string"),
},
Package: pulumi.String("string"),
ParsedVersion: &containeranalysis.VersionArgs{
Kind: containeranalysis.VersionKindVersionKindUnspecified,
Epoch: pulumi.Int(0),
FullName: pulumi.String("string"),
Inclusive: pulumi.Bool(false),
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
WindowsUpdate: &containeranalysis.WindowsUpdateArgs{
Categories: containeranalysis.CategoryArray{
&containeranalysis.CategoryArgs{
CategoryId: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
Description: pulumi.String("string"),
Identity: &containeranalysis.IdentityArgs{
Revision: pulumi.Int(0),
UpdateId: pulumi.String("string"),
},
KbArticleIds: pulumi.StringArray{
pulumi.String("string"),
},
LastPublishedTimestamp: pulumi.String("string"),
SupportUrl: pulumi.String("string"),
Title: pulumi.String("string"),
},
},
Vulnerability: &containeranalysis.VulnerabilityOccurrenceArgs{
PackageIssue: containeranalysis.PackageIssueArray{
&containeranalysis.PackageIssueArgs{
AffectedCpeUri: pulumi.String("string"),
AffectedPackage: pulumi.String("string"),
AffectedVersion: &containeranalysis.VersionArgs{
Kind: containeranalysis.VersionKindVersionKindUnspecified,
Epoch: pulumi.Int(0),
FullName: pulumi.String("string"),
Inclusive: pulumi.Bool(false),
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
FixedVersion: &containeranalysis.VersionArgs{
Kind: containeranalysis.VersionKindVersionKindUnspecified,
Epoch: pulumi.Int(0),
FullName: pulumi.String("string"),
Inclusive: pulumi.Bool(false),
Name: pulumi.String("string"),
Revision: pulumi.String("string"),
},
FileLocation: containeranalysis.GrafeasV1FileLocationArray{
&containeranalysis.GrafeasV1FileLocationArgs{
FilePath: pulumi.String("string"),
},
},
FixedCpeUri: pulumi.String("string"),
FixedPackage: pulumi.String("string"),
PackageType: pulumi.String("string"),
},
},
CvssV2: &containeranalysis.CVSSArgs{
AttackComplexity: containeranalysis.CVSSAttackComplexityAttackComplexityUnspecified,
AttackVector: containeranalysis.CVSSAttackVectorAttackVectorUnspecified,
Authentication: containeranalysis.CVSSAuthenticationAuthenticationUnspecified,
AvailabilityImpact: containeranalysis.CVSSAvailabilityImpactImpactUnspecified,
BaseScore: pulumi.Float64(0),
ConfidentialityImpact: containeranalysis.CVSSConfidentialityImpactImpactUnspecified,
ExploitabilityScore: pulumi.Float64(0),
ImpactScore: pulumi.Float64(0),
IntegrityImpact: containeranalysis.CVSSIntegrityImpactImpactUnspecified,
PrivilegesRequired: containeranalysis.CVSSPrivilegesRequiredPrivilegesRequiredUnspecified,
Scope: containeranalysis.CVSSScopeScopeUnspecified,
UserInteraction: containeranalysis.CVSSUserInteractionUserInteractionUnspecified,
},
Cvssv3: &containeranalysis.CVSSArgs{
AttackComplexity: containeranalysis.CVSSAttackComplexityAttackComplexityUnspecified,
AttackVector: containeranalysis.CVSSAttackVectorAttackVectorUnspecified,
Authentication: containeranalysis.CVSSAuthenticationAuthenticationUnspecified,
AvailabilityImpact: containeranalysis.CVSSAvailabilityImpactImpactUnspecified,
BaseScore: pulumi.Float64(0),
ConfidentialityImpact: containeranalysis.CVSSConfidentialityImpactImpactUnspecified,
ExploitabilityScore: pulumi.Float64(0),
ImpactScore: pulumi.Float64(0),
IntegrityImpact: containeranalysis.CVSSIntegrityImpactImpactUnspecified,
PrivilegesRequired: containeranalysis.CVSSPrivilegesRequiredPrivilegesRequiredUnspecified,
Scope: containeranalysis.CVSSScopeScopeUnspecified,
UserInteraction: containeranalysis.CVSSUserInteractionUserInteractionUnspecified,
},
EffectiveSeverity: containeranalysis.VulnerabilityOccurrenceEffectiveSeveritySeverityUnspecified,
ExtraDetails: pulumi.String("string"),
Type: pulumi.String("string"),
VexAssessment: &containeranalysis.VexAssessmentArgs{
Impacts: pulumi.StringArray{
pulumi.String("string"),
},
Justification: &containeranalysis.JustificationArgs{
Details: pulumi.String("string"),
JustificationType: containeranalysis.JustificationJustificationTypeJustificationTypeUnspecified,
},
NoteName: pulumi.String("string"),
RelatedUris: containeranalysis.RelatedUrlArray{
&containeranalysis.RelatedUrlArgs{
Label: pulumi.String("string"),
Url: pulumi.String("string"),
},
},
Remediations: containeranalysis.RemediationArray{
&containeranalysis.RemediationArgs{
Details: pulumi.String("string"),
RemediationType: containeranalysis.RemediationRemediationTypeRemediationTypeUnspecified,
RemediationUri: &containeranalysis.RelatedUrlArgs{
Label: pulumi.String("string"),
Url: pulumi.String("string"),
},
},
},
State: containeranalysis.VexAssessmentStateStateUnspecified,
VulnerabilityId: pulumi.String("string"),
},
},
})
var occurrenceResource = new Occurrence("occurrenceResource", OccurrenceArgs.builder()
.resourceUri("string")
.noteName("string")
.envelope(EnvelopeArgs.builder()
.payload("string")
.payloadType("string")
.signatures(EnvelopeSignatureArgs.builder()
.keyid("string")
.sig("string")
.build())
.build())
.package_(PackageOccurrenceArgs.builder()
.license(LicenseArgs.builder()
.comments("string")
.expression("string")
.build())
.location(LocationArgs.builder()
.path("string")
.build())
.build())
.compliance(ComplianceOccurrenceArgs.builder()
.nonComplianceReason("string")
.nonCompliantFiles(NonCompliantFileArgs.builder()
.displayCommand("string")
.path("string")
.reason("string")
.build())
.build())
.dsseAttestation(DSSEAttestationOccurrenceArgs.builder()
.envelope(EnvelopeArgs.builder()
.payload("string")
.payloadType("string")
.signatures(EnvelopeSignatureArgs.builder()
.keyid("string")
.sig("string")
.build())
.build())
.statement(InTotoStatementArgs.builder()
.predicateType("string")
.provenance(InTotoProvenanceArgs.builder()
.builderConfig(BuilderConfigArgs.builder()
.id("string")
.build())
.materials("string")
.metadata(MetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(CompletenessArgs.builder()
.arguments(false)
.environment(false)
.materials(false)
.build())
.reproducible(false)
.build())
.recipe(RecipeArgs.builder()
.arguments(Map.of("string", "string"))
.definedInMaterial("string")
.entryPoint("string")
.environment(Map.of("string", "string"))
.type("string")
.build())
.build())
.slsaProvenance(SlsaProvenanceArgs.builder()
.builder(SlsaBuilderArgs.builder()
.id("string")
.build())
.materials(MaterialArgs.builder()
.digest(Map.of("string", "string"))
.uri("string")
.build())
.metadata(SlsaMetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(SlsaCompletenessArgs.builder()
.arguments(false)
.environment(false)
.materials(false)
.build())
.reproducible(false)
.build())
.recipe(SlsaRecipeArgs.builder()
.arguments(Map.of("string", "string"))
.definedInMaterial("string")
.entryPoint("string")
.environment(Map.of("string", "string"))
.type("string")
.build())
.build())
.slsaProvenanceZeroTwo(SlsaProvenanceZeroTwoArgs.builder()
.buildConfig(Map.of("string", "string"))
.buildType("string")
.builder(GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs.builder()
.id("string")
.build())
.invocation(GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs.builder()
.configSource(GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs.builder()
.digest(Map.of("string", "string"))
.entryPoint("string")
.uri("string")
.build())
.environment(Map.of("string", "string"))
.parameters(Map.of("string", "string"))
.build())
.materials(GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs.builder()
.digest(Map.of("string", "string"))
.uri("string")
.build())
.metadata(GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs.builder()
.environment(false)
.materials(false)
.parameters(false)
.build())
.reproducible(false)
.build())
.build())
.subject(SubjectArgs.builder()
.digest(Map.of("string", "string"))
.name("string")
.build())
.type("string")
.build())
.build())
.build(BuildOccurrenceArgs.builder()
.inTotoSlsaProvenanceV1(InTotoSlsaProvenanceV1Args.builder()
.predicate(SlsaProvenanceV1Args.builder()
.buildDefinition(BuildDefinitionArgs.builder()
.buildType("string")
.externalParameters(Map.of("string", "string"))
.internalParameters(Map.of("string", "string"))
.resolvedDependencies(ResourceDescriptorArgs.builder()
.annotations(Map.of("string", "string"))
.content("string")
.digest(Map.of("string", "string"))
.downloadLocation("string")
.mediaType("string")
.name("string")
.uri("string")
.build())
.build())
.runDetails(RunDetailsArgs.builder()
.builder(ProvenanceBuilderArgs.builder()
.builderDependencies(ResourceDescriptorArgs.builder()
.annotations(Map.of("string", "string"))
.content("string")
.digest(Map.of("string", "string"))
.downloadLocation("string")
.mediaType("string")
.name("string")
.uri("string")
.build())
.id("string")
.version(Map.of("string", "string"))
.build())
.byproducts(ResourceDescriptorArgs.builder()
.annotations(Map.of("string", "string"))
.content("string")
.digest(Map.of("string", "string"))
.downloadLocation("string")
.mediaType("string")
.name("string")
.uri("string")
.build())
.metadata(BuildMetadataArgs.builder()
.finishedOn("string")
.invocationId("string")
.startedOn("string")
.build())
.build())
.build())
.predicateType("string")
.subject(SubjectArgs.builder()
.digest(Map.of("string", "string"))
.name("string")
.build())
.type("string")
.build())
.intotoStatement(InTotoStatementArgs.builder()
.predicateType("string")
.provenance(InTotoProvenanceArgs.builder()
.builderConfig(BuilderConfigArgs.builder()
.id("string")
.build())
.materials("string")
.metadata(MetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(CompletenessArgs.builder()
.arguments(false)
.environment(false)
.materials(false)
.build())
.reproducible(false)
.build())
.recipe(RecipeArgs.builder()
.arguments(Map.of("string", "string"))
.definedInMaterial("string")
.entryPoint("string")
.environment(Map.of("string", "string"))
.type("string")
.build())
.build())
.slsaProvenance(SlsaProvenanceArgs.builder()
.builder(SlsaBuilderArgs.builder()
.id("string")
.build())
.materials(MaterialArgs.builder()
.digest(Map.of("string", "string"))
.uri("string")
.build())
.metadata(SlsaMetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(SlsaCompletenessArgs.builder()
.arguments(false)
.environment(false)
.materials(false)
.build())
.reproducible(false)
.build())
.recipe(SlsaRecipeArgs.builder()
.arguments(Map.of("string", "string"))
.definedInMaterial("string")
.entryPoint("string")
.environment(Map.of("string", "string"))
.type("string")
.build())
.build())
.slsaProvenanceZeroTwo(SlsaProvenanceZeroTwoArgs.builder()
.buildConfig(Map.of("string", "string"))
.buildType("string")
.builder(GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs.builder()
.id("string")
.build())
.invocation(GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs.builder()
.configSource(GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs.builder()
.digest(Map.of("string", "string"))
.entryPoint("string")
.uri("string")
.build())
.environment(Map.of("string", "string"))
.parameters(Map.of("string", "string"))
.build())
.materials(GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs.builder()
.digest(Map.of("string", "string"))
.uri("string")
.build())
.metadata(GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs.builder()
.buildFinishedOn("string")
.buildInvocationId("string")
.buildStartedOn("string")
.completeness(GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs.builder()
.environment(false)
.materials(false)
.parameters(false)
.build())
.reproducible(false)
.build())
.build())
.subject(SubjectArgs.builder()
.digest(Map.of("string", "string"))
.name("string")
.build())
.type("string")
.build())
.provenance(BuildProvenanceArgs.builder()
.id("string")
.endTime("string")
.builtArtifacts(ArtifactArgs.builder()
.checksum("string")
.id("string")
.names("string")
.build())
.commands(CommandArgs.builder()
.name("string")
.args("string")
.dir("string")
.env("string")
.id("string")
.waitFor("string")
.build())
.createTime("string")
.creator("string")
.buildOptions(Map.of("string", "string"))
.builderVersion("string")
.logsUri("string")
.project("string")
.sourceProvenance(SourceArgs.builder()
.additionalContexts(SourceContextArgs.builder()
.cloudRepo(CloudRepoSourceContextArgs.builder()
.aliasContext(AliasContextArgs.builder()
.kind("KIND_UNSPECIFIED")
.name("string")
.build())
.repoId(RepoIdArgs.builder()
.projectRepoId(ProjectRepoIdArgs.builder()
.project("string")
.repoName("string")
.build())
.uid("string")
.build())
.revisionId("string")
.build())
.gerrit(GerritSourceContextArgs.builder()
.aliasContext(AliasContextArgs.builder()
.kind("KIND_UNSPECIFIED")
.name("string")
.build())
.gerritProject("string")
.hostUri("string")
.revisionId("string")
.build())
.git(GitSourceContextArgs.builder()
.revisionId("string")
.url("string")
.build())
.labels(Map.of("string", "string"))
.build())
.artifactStorageSourceUri("string")
.context(SourceContextArgs.builder()
.cloudRepo(CloudRepoSourceContextArgs.builder()
.aliasContext(AliasContextArgs.builder()
.kind("KIND_UNSPECIFIED")
.name("string")
.build())
.repoId(RepoIdArgs.builder()
.projectRepoId(ProjectRepoIdArgs.builder()
.project("string")
.repoName("string")
.build())
.uid("string")
.build())
.revisionId("string")
.build())
.gerrit(GerritSourceContextArgs.builder()
.aliasContext(AliasContextArgs.builder()
.kind("KIND_UNSPECIFIED")
.name("string")
.build())
.gerritProject("string")
.hostUri("string")
.revisionId("string")
.build())
.git(GitSourceContextArgs.builder()
.revisionId("string")
.url("string")
.build())
.labels(Map.of("string", "string"))
.build())
.fileHashes(Map.of("string", "string"))
.build())
.startTime("string")
.triggerId("string")
.build())
.provenanceBytes("string")
.build())
.image(ImageOccurrenceArgs.builder()
.fingerprint(FingerprintArgs.builder()
.v1Name("string")
.v2Blob("string")
.build())
.layerInfo(LayerArgs.builder()
.directive("string")
.arguments("string")
.build())
.build())
.discovery(DiscoveryOccurrenceArgs.builder()
.analysisCompleted(AnalysisCompletedArgs.builder()
.analysisType("string")
.build())
.analysisError(StatusArgs.builder()
.code(0)
.details(Map.of("string", "string"))
.message("string")
.build())
.analysisStatus("ANALYSIS_STATUS_UNSPECIFIED")
.analysisStatusError(StatusArgs.builder()
.code(0)
.details(Map.of("string", "string"))
.message("string")
.build())
.continuousAnalysis("CONTINUOUS_ANALYSIS_UNSPECIFIED")
.cpe("string")
.lastScanTime("string")
.sbomStatus(SBOMStatusArgs.builder()
.error("string")
.sbomState("SBOM_STATE_UNSPECIFIED")
.build())
.build())
.deployment(DeploymentOccurrenceArgs.builder()
.deployTime("string")
.address("string")
.config("string")
.platform("PLATFORM_UNSPECIFIED")
.undeployTime("string")
.userEmail("string")
.build())
.project("string")
.remediation("string")
.attestation(AttestationOccurrenceArgs.builder()
.serializedPayload("string")
.jwts(JwtArgs.builder()
.compactJwt("string")
.build())
.signatures(SignatureArgs.builder()
.publicKeyId("string")
.signature("string")
.build())
.build())
.sbomReference(SBOMReferenceOccurrenceArgs.builder()
.payload(SbomReferenceIntotoPayloadArgs.builder()
.predicate(SbomReferenceIntotoPredicateArgs.builder()
.digest(Map.of("string", "string"))
.location("string")
.mimeType("string")
.referrerId("string")
.build())
.predicateType("string")
.subject(SubjectArgs.builder()
.digest(Map.of("string", "string"))
.name("string")
.build())
.type("string")
.build())
.payloadType("string")
.signatures(EnvelopeSignatureArgs.builder()
.keyid("string")
.sig("string")
.build())
.build())
.upgrade(UpgradeOccurrenceArgs.builder()
.distribution(UpgradeDistributionArgs.builder()
.classification("string")
.cpeUri("string")
.cve("string")
.severity("string")
.build())
.package_("string")
.parsedVersion(VersionArgs.builder()
.kind("VERSION_KIND_UNSPECIFIED")
.epoch(0)
.fullName("string")
.inclusive(false)
.name("string")
.revision("string")
.build())
.windowsUpdate(WindowsUpdateArgs.builder()
.categories(CategoryArgs.builder()
.categoryId("string")
.name("string")
.build())
.description("string")
.identity(IdentityArgs.builder()
.revision(0)
.updateId("string")
.build())
.kbArticleIds("string")
.lastPublishedTimestamp("string")
.supportUrl("string")
.title("string")
.build())
.build())
.vulnerability(VulnerabilityOccurrenceArgs.builder()
.packageIssue(PackageIssueArgs.builder()
.affectedCpeUri("string")
.affectedPackage("string")
.affectedVersion(VersionArgs.builder()
.kind("VERSION_KIND_UNSPECIFIED")
.epoch(0)
.fullName("string")
.inclusive(false)
.name("string")
.revision("string")
.build())
.fixedVersion(VersionArgs.builder()
.kind("VERSION_KIND_UNSPECIFIED")
.epoch(0)
.fullName("string")
.inclusive(false)
.name("string")
.revision("string")
.build())
.fileLocation(GrafeasV1FileLocationArgs.builder()
.filePath("string")
.build())
.fixedCpeUri("string")
.fixedPackage("string")
.packageType("string")
.build())
.cvssV2(CVSSArgs.builder()
.attackComplexity("ATTACK_COMPLEXITY_UNSPECIFIED")
.attackVector("ATTACK_VECTOR_UNSPECIFIED")
.authentication("AUTHENTICATION_UNSPECIFIED")
.availabilityImpact("IMPACT_UNSPECIFIED")
.baseScore(0)
.confidentialityImpact("IMPACT_UNSPECIFIED")
.exploitabilityScore(0)
.impactScore(0)
.integrityImpact("IMPACT_UNSPECIFIED")
.privilegesRequired("PRIVILEGES_REQUIRED_UNSPECIFIED")
.scope("SCOPE_UNSPECIFIED")
.userInteraction("USER_INTERACTION_UNSPECIFIED")
.build())
.cvssv3(CVSSArgs.builder()
.attackComplexity("ATTACK_COMPLEXITY_UNSPECIFIED")
.attackVector("ATTACK_VECTOR_UNSPECIFIED")
.authentication("AUTHENTICATION_UNSPECIFIED")
.availabilityImpact("IMPACT_UNSPECIFIED")
.baseScore(0)
.confidentialityImpact("IMPACT_UNSPECIFIED")
.exploitabilityScore(0)
.impactScore(0)
.integrityImpact("IMPACT_UNSPECIFIED")
.privilegesRequired("PRIVILEGES_REQUIRED_UNSPECIFIED")
.scope("SCOPE_UNSPECIFIED")
.userInteraction("USER_INTERACTION_UNSPECIFIED")
.build())
.effectiveSeverity("SEVERITY_UNSPECIFIED")
.extraDetails("string")
.type("string")
.vexAssessment(VexAssessmentArgs.builder()
.impacts("string")
.justification(JustificationArgs.builder()
.details("string")
.justificationType("JUSTIFICATION_TYPE_UNSPECIFIED")
.build())
.noteName("string")
.relatedUris(RelatedUrlArgs.builder()
.label("string")
.url("string")
.build())
.remediations(RemediationArgs.builder()
.details("string")
.remediationType("REMEDIATION_TYPE_UNSPECIFIED")
.remediationUri(RelatedUrlArgs.builder()
.label("string")
.url("string")
.build())
.build())
.state("STATE_UNSPECIFIED")
.vulnerabilityId("string")
.build())
.build())
.build());
occurrence_resource = google_native.containeranalysis.v1.Occurrence("occurrenceResource",
resource_uri="string",
note_name="string",
envelope=google_native.containeranalysis.v1.EnvelopeArgs(
payload="string",
payload_type="string",
signatures=[google_native.containeranalysis.v1.EnvelopeSignatureArgs(
keyid="string",
sig="string",
)],
),
package=google_native.containeranalysis.v1.PackageOccurrenceArgs(
license=google_native.containeranalysis.v1.LicenseArgs(
comments="string",
expression="string",
),
location=[google_native.containeranalysis.v1.LocationArgs(
path="string",
)],
),
compliance=google_native.containeranalysis.v1.ComplianceOccurrenceArgs(
non_compliance_reason="string",
non_compliant_files=[google_native.containeranalysis.v1.NonCompliantFileArgs(
display_command="string",
path="string",
reason="string",
)],
),
dsse_attestation=google_native.containeranalysis.v1.DSSEAttestationOccurrenceArgs(
envelope=google_native.containeranalysis.v1.EnvelopeArgs(
payload="string",
payload_type="string",
signatures=[google_native.containeranalysis.v1.EnvelopeSignatureArgs(
keyid="string",
sig="string",
)],
),
statement=google_native.containeranalysis.v1.InTotoStatementArgs(
predicate_type="string",
provenance=google_native.containeranalysis.v1.InTotoProvenanceArgs(
builder_config=google_native.containeranalysis.v1.BuilderConfigArgs(
id="string",
),
materials=["string"],
metadata=google_native.containeranalysis.v1.MetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.CompletenessArgs(
arguments=False,
environment=False,
materials=False,
),
reproducible=False,
),
recipe=google_native.containeranalysis.v1.RecipeArgs(
arguments=[{
"string": "string",
}],
defined_in_material="string",
entry_point="string",
environment=[{
"string": "string",
}],
type="string",
),
),
slsa_provenance=google_native.containeranalysis.v1.SlsaProvenanceArgs(
builder=google_native.containeranalysis.v1.SlsaBuilderArgs(
id="string",
),
materials=[google_native.containeranalysis.v1.MaterialArgs(
digest={
"string": "string",
},
uri="string",
)],
metadata=google_native.containeranalysis.v1.SlsaMetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.SlsaCompletenessArgs(
arguments=False,
environment=False,
materials=False,
),
reproducible=False,
),
recipe=google_native.containeranalysis.v1.SlsaRecipeArgs(
arguments={
"string": "string",
},
defined_in_material="string",
entry_point="string",
environment={
"string": "string",
},
type="string",
),
),
slsa_provenance_zero_two=google_native.containeranalysis.v1.SlsaProvenanceZeroTwoArgs(
build_config={
"string": "string",
},
build_type="string",
builder=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs(
id="string",
),
invocation=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs(
config_source=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs(
digest={
"string": "string",
},
entry_point="string",
uri="string",
),
environment={
"string": "string",
},
parameters={
"string": "string",
},
),
materials=[google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs(
digest={
"string": "string",
},
uri="string",
)],
metadata=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs(
environment=False,
materials=False,
parameters=False,
),
reproducible=False,
),
),
subject=[google_native.containeranalysis.v1.SubjectArgs(
digest={
"string": "string",
},
name="string",
)],
type="string",
),
),
build=google_native.containeranalysis.v1.BuildOccurrenceArgs(
in_toto_slsa_provenance_v1=google_native.containeranalysis.v1.InTotoSlsaProvenanceV1Args(
predicate=google_native.containeranalysis.v1.SlsaProvenanceV1Args(
build_definition=google_native.containeranalysis.v1.BuildDefinitionArgs(
build_type="string",
external_parameters={
"string": "string",
},
internal_parameters={
"string": "string",
},
resolved_dependencies=[google_native.containeranalysis.v1.ResourceDescriptorArgs(
annotations={
"string": "string",
},
content="string",
digest={
"string": "string",
},
download_location="string",
media_type="string",
name="string",
uri="string",
)],
),
run_details=google_native.containeranalysis.v1.RunDetailsArgs(
builder=google_native.containeranalysis.v1.ProvenanceBuilderArgs(
builder_dependencies=[google_native.containeranalysis.v1.ResourceDescriptorArgs(
annotations={
"string": "string",
},
content="string",
digest={
"string": "string",
},
download_location="string",
media_type="string",
name="string",
uri="string",
)],
id="string",
version={
"string": "string",
},
),
byproducts=[google_native.containeranalysis.v1.ResourceDescriptorArgs(
annotations={
"string": "string",
},
content="string",
digest={
"string": "string",
},
download_location="string",
media_type="string",
name="string",
uri="string",
)],
metadata=google_native.containeranalysis.v1.BuildMetadataArgs(
finished_on="string",
invocation_id="string",
started_on="string",
),
),
),
predicate_type="string",
subject=[google_native.containeranalysis.v1.SubjectArgs(
digest={
"string": "string",
},
name="string",
)],
type="string",
),
intoto_statement=google_native.containeranalysis.v1.InTotoStatementArgs(
predicate_type="string",
provenance=google_native.containeranalysis.v1.InTotoProvenanceArgs(
builder_config=google_native.containeranalysis.v1.BuilderConfigArgs(
id="string",
),
materials=["string"],
metadata=google_native.containeranalysis.v1.MetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.CompletenessArgs(
arguments=False,
environment=False,
materials=False,
),
reproducible=False,
),
recipe=google_native.containeranalysis.v1.RecipeArgs(
arguments=[{
"string": "string",
}],
defined_in_material="string",
entry_point="string",
environment=[{
"string": "string",
}],
type="string",
),
),
slsa_provenance=google_native.containeranalysis.v1.SlsaProvenanceArgs(
builder=google_native.containeranalysis.v1.SlsaBuilderArgs(
id="string",
),
materials=[google_native.containeranalysis.v1.MaterialArgs(
digest={
"string": "string",
},
uri="string",
)],
metadata=google_native.containeranalysis.v1.SlsaMetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.SlsaCompletenessArgs(
arguments=False,
environment=False,
materials=False,
),
reproducible=False,
),
recipe=google_native.containeranalysis.v1.SlsaRecipeArgs(
arguments={
"string": "string",
},
defined_in_material="string",
entry_point="string",
environment={
"string": "string",
},
type="string",
),
),
slsa_provenance_zero_two=google_native.containeranalysis.v1.SlsaProvenanceZeroTwoArgs(
build_config={
"string": "string",
},
build_type="string",
builder=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs(
id="string",
),
invocation=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs(
config_source=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs(
digest={
"string": "string",
},
entry_point="string",
uri="string",
),
environment={
"string": "string",
},
parameters={
"string": "string",
},
),
materials=[google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs(
digest={
"string": "string",
},
uri="string",
)],
metadata=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs(
build_finished_on="string",
build_invocation_id="string",
build_started_on="string",
completeness=google_native.containeranalysis.v1.GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs(
environment=False,
materials=False,
parameters=False,
),
reproducible=False,
),
),
subject=[google_native.containeranalysis.v1.SubjectArgs(
digest={
"string": "string",
},
name="string",
)],
type="string",
),
provenance=google_native.containeranalysis.v1.BuildProvenanceArgs(
id="string",
end_time="string",
built_artifacts=[google_native.containeranalysis.v1.ArtifactArgs(
checksum="string",
id="string",
names=["string"],
)],
commands=[google_native.containeranalysis.v1.CommandArgs(
name="string",
args=["string"],
dir="string",
env=["string"],
id="string",
wait_for=["string"],
)],
create_time="string",
creator="string",
build_options={
"string": "string",
},
builder_version="string",
logs_uri="string",
project="string",
source_provenance=google_native.containeranalysis.v1.SourceArgs(
additional_contexts=[google_native.containeranalysis.v1.SourceContextArgs(
cloud_repo=google_native.containeranalysis.v1.CloudRepoSourceContextArgs(
alias_context=google_native.containeranalysis.v1.AliasContextArgs(
kind=google_native.containeranalysis.v1.AliasContextKind.KIND_UNSPECIFIED,
name="string",
),
repo_id=google_native.containeranalysis.v1.RepoIdArgs(
project_repo_id=google_native.containeranalysis.v1.ProjectRepoIdArgs(
project="string",
repo_name="string",
),
uid="string",
),
revision_id="string",
),
gerrit=google_native.containeranalysis.v1.GerritSourceContextArgs(
alias_context=google_native.containeranalysis.v1.AliasContextArgs(
kind=google_native.containeranalysis.v1.AliasContextKind.KIND_UNSPECIFIED,
name="string",
),
gerrit_project="string",
host_uri="string",
revision_id="string",
),
git=google_native.containeranalysis.v1.GitSourceContextArgs(
revision_id="string",
url="string",
),
labels={
"string": "string",
},
)],
artifact_storage_source_uri="string",
context=google_native.containeranalysis.v1.SourceContextArgs(
cloud_repo=google_native.containeranalysis.v1.CloudRepoSourceContextArgs(
alias_context=google_native.containeranalysis.v1.AliasContextArgs(
kind=google_native.containeranalysis.v1.AliasContextKind.KIND_UNSPECIFIED,
name="string",
),
repo_id=google_native.containeranalysis.v1.RepoIdArgs(
project_repo_id=google_native.containeranalysis.v1.ProjectRepoIdArgs(
project="string",
repo_name="string",
),
uid="string",
),
revision_id="string",
),
gerrit=google_native.containeranalysis.v1.GerritSourceContextArgs(
alias_context=google_native.containeranalysis.v1.AliasContextArgs(
kind=google_native.containeranalysis.v1.AliasContextKind.KIND_UNSPECIFIED,
name="string",
),
gerrit_project="string",
host_uri="string",
revision_id="string",
),
git=google_native.containeranalysis.v1.GitSourceContextArgs(
revision_id="string",
url="string",
),
labels={
"string": "string",
},
),
file_hashes={
"string": "string",
},
),
start_time="string",
trigger_id="string",
),
provenance_bytes="string",
),
image=google_native.containeranalysis.v1.ImageOccurrenceArgs(
fingerprint=google_native.containeranalysis.v1.FingerprintArgs(
v1_name="string",
v2_blob=["string"],
),
layer_info=[google_native.containeranalysis.v1.LayerArgs(
directive="string",
arguments="string",
)],
),
discovery=google_native.containeranalysis.v1.DiscoveryOccurrenceArgs(
analysis_completed=google_native.containeranalysis.v1.AnalysisCompletedArgs(
analysis_type=["string"],
),
analysis_error=[google_native.containeranalysis.v1.StatusArgs(
code=0,
details=[{
"string": "string",
}],
message="string",
)],
analysis_status=google_native.containeranalysis.v1.DiscoveryOccurrenceAnalysisStatus.ANALYSIS_STATUS_UNSPECIFIED,
analysis_status_error=google_native.containeranalysis.v1.StatusArgs(
code=0,
details=[{
"string": "string",
}],
message="string",
),
continuous_analysis=google_native.containeranalysis.v1.DiscoveryOccurrenceContinuousAnalysis.CONTINUOUS_ANALYSIS_UNSPECIFIED,
cpe="string",
last_scan_time="string",
sbom_status=google_native.containeranalysis.v1.SBOMStatusArgs(
error="string",
sbom_state=google_native.containeranalysis.v1.SBOMStatusSbomState.SBOM_STATE_UNSPECIFIED,
),
),
deployment=google_native.containeranalysis.v1.DeploymentOccurrenceArgs(
deploy_time="string",
address="string",
config="string",
platform=google_native.containeranalysis.v1.DeploymentOccurrencePlatform.PLATFORM_UNSPECIFIED,
undeploy_time="string",
user_email="string",
),
project="string",
remediation="string",
attestation=google_native.containeranalysis.v1.AttestationOccurrenceArgs(
serialized_payload="string",
jwts=[google_native.containeranalysis.v1.JwtArgs(
compact_jwt="string",
)],
signatures=[google_native.containeranalysis.v1.SignatureArgs(
public_key_id="string",
signature="string",
)],
),
sbom_reference=google_native.containeranalysis.v1.SBOMReferenceOccurrenceArgs(
payload=google_native.containeranalysis.v1.SbomReferenceIntotoPayloadArgs(
predicate=google_native.containeranalysis.v1.SbomReferenceIntotoPredicateArgs(
digest={
"string": "string",
},
location="string",
mime_type="string",
referrer_id="string",
),
predicate_type="string",
subject=[google_native.containeranalysis.v1.SubjectArgs(
digest={
"string": "string",
},
name="string",
)],
type="string",
),
payload_type="string",
signatures=[google_native.containeranalysis.v1.EnvelopeSignatureArgs(
keyid="string",
sig="string",
)],
),
upgrade=google_native.containeranalysis.v1.UpgradeOccurrenceArgs(
distribution=google_native.containeranalysis.v1.UpgradeDistributionArgs(
classification="string",
cpe_uri="string",
cve=["string"],
severity="string",
),
package="string",
parsed_version=google_native.containeranalysis.v1.VersionArgs(
kind=google_native.containeranalysis.v1.VersionKind.VERSION_KIND_UNSPECIFIED,
epoch=0,
full_name="string",
inclusive=False,
name="string",
revision="string",
),
windows_update=google_native.containeranalysis.v1.WindowsUpdateArgs(
categories=[google_native.containeranalysis.v1.CategoryArgs(
category_id="string",
name="string",
)],
description="string",
identity=google_native.containeranalysis.v1.IdentityArgs(
revision=0,
update_id="string",
),
kb_article_ids=["string"],
last_published_timestamp="string",
support_url="string",
title="string",
),
),
vulnerability=google_native.containeranalysis.v1.VulnerabilityOccurrenceArgs(
package_issue=[google_native.containeranalysis.v1.PackageIssueArgs(
affected_cpe_uri="string",
affected_package="string",
affected_version=google_native.containeranalysis.v1.VersionArgs(
kind=google_native.containeranalysis.v1.VersionKind.VERSION_KIND_UNSPECIFIED,
epoch=0,
full_name="string",
inclusive=False,
name="string",
revision="string",
),
fixed_version=google_native.containeranalysis.v1.VersionArgs(
kind=google_native.containeranalysis.v1.VersionKind.VERSION_KIND_UNSPECIFIED,
epoch=0,
full_name="string",
inclusive=False,
name="string",
revision="string",
),
file_location=[google_native.containeranalysis.v1.GrafeasV1FileLocationArgs(
file_path="string",
)],
fixed_cpe_uri="string",
fixed_package="string",
package_type="string",
)],
cvss_v2=google_native.containeranalysis.v1.CVSSArgs(
attack_complexity=google_native.containeranalysis.v1.CVSSAttackComplexity.ATTACK_COMPLEXITY_UNSPECIFIED,
attack_vector=google_native.containeranalysis.v1.CVSSAttackVector.ATTACK_VECTOR_UNSPECIFIED,
authentication=google_native.containeranalysis.v1.CVSSAuthentication.AUTHENTICATION_UNSPECIFIED,
availability_impact=google_native.containeranalysis.v1.CVSSAvailabilityImpact.IMPACT_UNSPECIFIED,
base_score=0,
confidentiality_impact=google_native.containeranalysis.v1.CVSSConfidentialityImpact.IMPACT_UNSPECIFIED,
exploitability_score=0,
impact_score=0,
integrity_impact=google_native.containeranalysis.v1.CVSSIntegrityImpact.IMPACT_UNSPECIFIED,
privileges_required=google_native.containeranalysis.v1.CVSSPrivilegesRequired.PRIVILEGES_REQUIRED_UNSPECIFIED,
scope=google_native.containeranalysis.v1.CVSSScope.SCOPE_UNSPECIFIED,
user_interaction=google_native.containeranalysis.v1.CVSSUserInteraction.USER_INTERACTION_UNSPECIFIED,
),
cvssv3=google_native.containeranalysis.v1.CVSSArgs(
attack_complexity=google_native.containeranalysis.v1.CVSSAttackComplexity.ATTACK_COMPLEXITY_UNSPECIFIED,
attack_vector=google_native.containeranalysis.v1.CVSSAttackVector.ATTACK_VECTOR_UNSPECIFIED,
authentication=google_native.containeranalysis.v1.CVSSAuthentication.AUTHENTICATION_UNSPECIFIED,
availability_impact=google_native.containeranalysis.v1.CVSSAvailabilityImpact.IMPACT_UNSPECIFIED,
base_score=0,
confidentiality_impact=google_native.containeranalysis.v1.CVSSConfidentialityImpact.IMPACT_UNSPECIFIED,
exploitability_score=0,
impact_score=0,
integrity_impact=google_native.containeranalysis.v1.CVSSIntegrityImpact.IMPACT_UNSPECIFIED,
privileges_required=google_native.containeranalysis.v1.CVSSPrivilegesRequired.PRIVILEGES_REQUIRED_UNSPECIFIED,
scope=google_native.containeranalysis.v1.CVSSScope.SCOPE_UNSPECIFIED,
user_interaction=google_native.containeranalysis.v1.CVSSUserInteraction.USER_INTERACTION_UNSPECIFIED,
),
effective_severity=google_native.containeranalysis.v1.VulnerabilityOccurrenceEffectiveSeverity.SEVERITY_UNSPECIFIED,
extra_details="string",
type="string",
vex_assessment=google_native.containeranalysis.v1.VexAssessmentArgs(
impacts=["string"],
justification=google_native.containeranalysis.v1.JustificationArgs(
details="string",
justification_type=google_native.containeranalysis.v1.JustificationJustificationType.JUSTIFICATION_TYPE_UNSPECIFIED,
),
note_name="string",
related_uris=[google_native.containeranalysis.v1.RelatedUrlArgs(
label="string",
url="string",
)],
remediations=[google_native.containeranalysis.v1.RemediationArgs(
details="string",
remediation_type=google_native.containeranalysis.v1.RemediationRemediationType.REMEDIATION_TYPE_UNSPECIFIED,
remediation_uri=google_native.containeranalysis.v1.RelatedUrlArgs(
label="string",
url="string",
),
)],
state=google_native.containeranalysis.v1.VexAssessmentState.STATE_UNSPECIFIED,
vulnerability_id="string",
),
))
const occurrenceResource = new google_native.containeranalysis.v1.Occurrence("occurrenceResource", {
resourceUri: "string",
noteName: "string",
envelope: {
payload: "string",
payloadType: "string",
signatures: [{
keyid: "string",
sig: "string",
}],
},
"package": {
license: {
comments: "string",
expression: "string",
},
location: [{
path: "string",
}],
},
compliance: {
nonComplianceReason: "string",
nonCompliantFiles: [{
displayCommand: "string",
path: "string",
reason: "string",
}],
},
dsseAttestation: {
envelope: {
payload: "string",
payloadType: "string",
signatures: [{
keyid: "string",
sig: "string",
}],
},
statement: {
predicateType: "string",
provenance: {
builderConfig: {
id: "string",
},
materials: ["string"],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
arguments: false,
environment: false,
materials: false,
},
reproducible: false,
},
recipe: {
arguments: [{
string: "string",
}],
definedInMaterial: "string",
entryPoint: "string",
environment: [{
string: "string",
}],
type: "string",
},
},
slsaProvenance: {
builder: {
id: "string",
},
materials: [{
digest: {
string: "string",
},
uri: "string",
}],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
arguments: false,
environment: false,
materials: false,
},
reproducible: false,
},
recipe: {
arguments: {
string: "string",
},
definedInMaterial: "string",
entryPoint: "string",
environment: {
string: "string",
},
type: "string",
},
},
slsaProvenanceZeroTwo: {
buildConfig: {
string: "string",
},
buildType: "string",
builder: {
id: "string",
},
invocation: {
configSource: {
digest: {
string: "string",
},
entryPoint: "string",
uri: "string",
},
environment: {
string: "string",
},
parameters: {
string: "string",
},
},
materials: [{
digest: {
string: "string",
},
uri: "string",
}],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
environment: false,
materials: false,
parameters: false,
},
reproducible: false,
},
},
subject: [{
digest: {
string: "string",
},
name: "string",
}],
type: "string",
},
},
build: {
inTotoSlsaProvenanceV1: {
predicate: {
buildDefinition: {
buildType: "string",
externalParameters: {
string: "string",
},
internalParameters: {
string: "string",
},
resolvedDependencies: [{
annotations: {
string: "string",
},
content: "string",
digest: {
string: "string",
},
downloadLocation: "string",
mediaType: "string",
name: "string",
uri: "string",
}],
},
runDetails: {
builder: {
builderDependencies: [{
annotations: {
string: "string",
},
content: "string",
digest: {
string: "string",
},
downloadLocation: "string",
mediaType: "string",
name: "string",
uri: "string",
}],
id: "string",
version: {
string: "string",
},
},
byproducts: [{
annotations: {
string: "string",
},
content: "string",
digest: {
string: "string",
},
downloadLocation: "string",
mediaType: "string",
name: "string",
uri: "string",
}],
metadata: {
finishedOn: "string",
invocationId: "string",
startedOn: "string",
},
},
},
predicateType: "string",
subject: [{
digest: {
string: "string",
},
name: "string",
}],
type: "string",
},
intotoStatement: {
predicateType: "string",
provenance: {
builderConfig: {
id: "string",
},
materials: ["string"],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
arguments: false,
environment: false,
materials: false,
},
reproducible: false,
},
recipe: {
arguments: [{
string: "string",
}],
definedInMaterial: "string",
entryPoint: "string",
environment: [{
string: "string",
}],
type: "string",
},
},
slsaProvenance: {
builder: {
id: "string",
},
materials: [{
digest: {
string: "string",
},
uri: "string",
}],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
arguments: false,
environment: false,
materials: false,
},
reproducible: false,
},
recipe: {
arguments: {
string: "string",
},
definedInMaterial: "string",
entryPoint: "string",
environment: {
string: "string",
},
type: "string",
},
},
slsaProvenanceZeroTwo: {
buildConfig: {
string: "string",
},
buildType: "string",
builder: {
id: "string",
},
invocation: {
configSource: {
digest: {
string: "string",
},
entryPoint: "string",
uri: "string",
},
environment: {
string: "string",
},
parameters: {
string: "string",
},
},
materials: [{
digest: {
string: "string",
},
uri: "string",
}],
metadata: {
buildFinishedOn: "string",
buildInvocationId: "string",
buildStartedOn: "string",
completeness: {
environment: false,
materials: false,
parameters: false,
},
reproducible: false,
},
},
subject: [{
digest: {
string: "string",
},
name: "string",
}],
type: "string",
},
provenance: {
id: "string",
endTime: "string",
builtArtifacts: [{
checksum: "string",
id: "string",
names: ["string"],
}],
commands: [{
name: "string",
args: ["string"],
dir: "string",
env: ["string"],
id: "string",
waitFor: ["string"],
}],
createTime: "string",
creator: "string",
buildOptions: {
string: "string",
},
builderVersion: "string",
logsUri: "string",
project: "string",
sourceProvenance: {
additionalContexts: [{
cloudRepo: {
aliasContext: {
kind: google_native.containeranalysis.v1.AliasContextKind.KindUnspecified,
name: "string",
},
repoId: {
projectRepoId: {
project: "string",
repoName: "string",
},
uid: "string",
},
revisionId: "string",
},
gerrit: {
aliasContext: {
kind: google_native.containeranalysis.v1.AliasContextKind.KindUnspecified,
name: "string",
},
gerritProject: "string",
hostUri: "string",
revisionId: "string",
},
git: {
revisionId: "string",
url: "string",
},
labels: {
string: "string",
},
}],
artifactStorageSourceUri: "string",
context: {
cloudRepo: {
aliasContext: {
kind: google_native.containeranalysis.v1.AliasContextKind.KindUnspecified,
name: "string",
},
repoId: {
projectRepoId: {
project: "string",
repoName: "string",
},
uid: "string",
},
revisionId: "string",
},
gerrit: {
aliasContext: {
kind: google_native.containeranalysis.v1.AliasContextKind.KindUnspecified,
name: "string",
},
gerritProject: "string",
hostUri: "string",
revisionId: "string",
},
git: {
revisionId: "string",
url: "string",
},
labels: {
string: "string",
},
},
fileHashes: {
string: "string",
},
},
startTime: "string",
triggerId: "string",
},
provenanceBytes: "string",
},
image: {
fingerprint: {
v1Name: "string",
v2Blob: ["string"],
},
layerInfo: [{
directive: "string",
arguments: "string",
}],
},
discovery: {
analysisCompleted: {
analysisType: ["string"],
},
analysisError: [{
code: 0,
details: [{
string: "string",
}],
message: "string",
}],
analysisStatus: google_native.containeranalysis.v1.DiscoveryOccurrenceAnalysisStatus.AnalysisStatusUnspecified,
analysisStatusError: {
code: 0,
details: [{
string: "string",
}],
message: "string",
},
continuousAnalysis: google_native.containeranalysis.v1.DiscoveryOccurrenceContinuousAnalysis.ContinuousAnalysisUnspecified,
cpe: "string",
lastScanTime: "string",
sbomStatus: {
error: "string",
sbomState: google_native.containeranalysis.v1.SBOMStatusSbomState.SbomStateUnspecified,
},
},
deployment: {
deployTime: "string",
address: "string",
config: "string",
platform: google_native.containeranalysis.v1.DeploymentOccurrencePlatform.PlatformUnspecified,
undeployTime: "string",
userEmail: "string",
},
project: "string",
remediation: "string",
attestation: {
serializedPayload: "string",
jwts: [{
compactJwt: "string",
}],
signatures: [{
publicKeyId: "string",
signature: "string",
}],
},
sbomReference: {
payload: {
predicate: {
digest: {
string: "string",
},
location: "string",
mimeType: "string",
referrerId: "string",
},
predicateType: "string",
subject: [{
digest: {
string: "string",
},
name: "string",
}],
type: "string",
},
payloadType: "string",
signatures: [{
keyid: "string",
sig: "string",
}],
},
upgrade: {
distribution: {
classification: "string",
cpeUri: "string",
cve: ["string"],
severity: "string",
},
"package": "string",
parsedVersion: {
kind: google_native.containeranalysis.v1.VersionKind.VersionKindUnspecified,
epoch: 0,
fullName: "string",
inclusive: false,
name: "string",
revision: "string",
},
windowsUpdate: {
categories: [{
categoryId: "string",
name: "string",
}],
description: "string",
identity: {
revision: 0,
updateId: "string",
},
kbArticleIds: ["string"],
lastPublishedTimestamp: "string",
supportUrl: "string",
title: "string",
},
},
vulnerability: {
packageIssue: [{
affectedCpeUri: "string",
affectedPackage: "string",
affectedVersion: {
kind: google_native.containeranalysis.v1.VersionKind.VersionKindUnspecified,
epoch: 0,
fullName: "string",
inclusive: false,
name: "string",
revision: "string",
},
fixedVersion: {
kind: google_native.containeranalysis.v1.VersionKind.VersionKindUnspecified,
epoch: 0,
fullName: "string",
inclusive: false,
name: "string",
revision: "string",
},
fileLocation: [{
filePath: "string",
}],
fixedCpeUri: "string",
fixedPackage: "string",
packageType: "string",
}],
cvssV2: {
attackComplexity: google_native.containeranalysis.v1.CVSSAttackComplexity.AttackComplexityUnspecified,
attackVector: google_native.containeranalysis.v1.CVSSAttackVector.AttackVectorUnspecified,
authentication: google_native.containeranalysis.v1.CVSSAuthentication.AuthenticationUnspecified,
availabilityImpact: google_native.containeranalysis.v1.CVSSAvailabilityImpact.ImpactUnspecified,
baseScore: 0,
confidentialityImpact: google_native.containeranalysis.v1.CVSSConfidentialityImpact.ImpactUnspecified,
exploitabilityScore: 0,
impactScore: 0,
integrityImpact: google_native.containeranalysis.v1.CVSSIntegrityImpact.ImpactUnspecified,
privilegesRequired: google_native.containeranalysis.v1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
scope: google_native.containeranalysis.v1.CVSSScope.ScopeUnspecified,
userInteraction: google_native.containeranalysis.v1.CVSSUserInteraction.UserInteractionUnspecified,
},
cvssv3: {
attackComplexity: google_native.containeranalysis.v1.CVSSAttackComplexity.AttackComplexityUnspecified,
attackVector: google_native.containeranalysis.v1.CVSSAttackVector.AttackVectorUnspecified,
authentication: google_native.containeranalysis.v1.CVSSAuthentication.AuthenticationUnspecified,
availabilityImpact: google_native.containeranalysis.v1.CVSSAvailabilityImpact.ImpactUnspecified,
baseScore: 0,
confidentialityImpact: google_native.containeranalysis.v1.CVSSConfidentialityImpact.ImpactUnspecified,
exploitabilityScore: 0,
impactScore: 0,
integrityImpact: google_native.containeranalysis.v1.CVSSIntegrityImpact.ImpactUnspecified,
privilegesRequired: google_native.containeranalysis.v1.CVSSPrivilegesRequired.PrivilegesRequiredUnspecified,
scope: google_native.containeranalysis.v1.CVSSScope.ScopeUnspecified,
userInteraction: google_native.containeranalysis.v1.CVSSUserInteraction.UserInteractionUnspecified,
},
effectiveSeverity: google_native.containeranalysis.v1.VulnerabilityOccurrenceEffectiveSeverity.SeverityUnspecified,
extraDetails: "string",
type: "string",
vexAssessment: {
impacts: ["string"],
justification: {
details: "string",
justificationType: google_native.containeranalysis.v1.JustificationJustificationType.JustificationTypeUnspecified,
},
noteName: "string",
relatedUris: [{
label: "string",
url: "string",
}],
remediations: [{
details: "string",
remediationType: google_native.containeranalysis.v1.RemediationRemediationType.RemediationTypeUnspecified,
remediationUri: {
label: "string",
url: "string",
},
}],
state: google_native.containeranalysis.v1.VexAssessmentState.StateUnspecified,
vulnerabilityId: "string",
},
},
});
type: google-native:containeranalysis/v1:Occurrence
properties:
attestation:
jwts:
- compactJwt: string
serializedPayload: string
signatures:
- publicKeyId: string
signature: string
build:
inTotoSlsaProvenanceV1:
predicate:
buildDefinition:
buildType: string
externalParameters:
string: string
internalParameters:
string: string
resolvedDependencies:
- annotations:
string: string
content: string
digest:
string: string
downloadLocation: string
mediaType: string
name: string
uri: string
runDetails:
builder:
builderDependencies:
- annotations:
string: string
content: string
digest:
string: string
downloadLocation: string
mediaType: string
name: string
uri: string
id: string
version:
string: string
byproducts:
- annotations:
string: string
content: string
digest:
string: string
downloadLocation: string
mediaType: string
name: string
uri: string
metadata:
finishedOn: string
invocationId: string
startedOn: string
predicateType: string
subject:
- digest:
string: string
name: string
type: string
intotoStatement:
predicateType: string
provenance:
builderConfig:
id: string
materials:
- string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
arguments: false
environment: false
materials: false
reproducible: false
recipe:
arguments:
- string: string
definedInMaterial: string
entryPoint: string
environment:
- string: string
type: string
slsaProvenance:
builder:
id: string
materials:
- digest:
string: string
uri: string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
arguments: false
environment: false
materials: false
reproducible: false
recipe:
arguments:
string: string
definedInMaterial: string
entryPoint: string
environment:
string: string
type: string
slsaProvenanceZeroTwo:
buildConfig:
string: string
buildType: string
builder:
id: string
invocation:
configSource:
digest:
string: string
entryPoint: string
uri: string
environment:
string: string
parameters:
string: string
materials:
- digest:
string: string
uri: string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
environment: false
materials: false
parameters: false
reproducible: false
subject:
- digest:
string: string
name: string
type: string
provenance:
buildOptions:
string: string
builderVersion: string
builtArtifacts:
- checksum: string
id: string
names:
- string
commands:
- args:
- string
dir: string
env:
- string
id: string
name: string
waitFor:
- string
createTime: string
creator: string
endTime: string
id: string
logsUri: string
project: string
sourceProvenance:
additionalContexts:
- cloudRepo:
aliasContext:
kind: KIND_UNSPECIFIED
name: string
repoId:
projectRepoId:
project: string
repoName: string
uid: string
revisionId: string
gerrit:
aliasContext:
kind: KIND_UNSPECIFIED
name: string
gerritProject: string
hostUri: string
revisionId: string
git:
revisionId: string
url: string
labels:
string: string
artifactStorageSourceUri: string
context:
cloudRepo:
aliasContext:
kind: KIND_UNSPECIFIED
name: string
repoId:
projectRepoId:
project: string
repoName: string
uid: string
revisionId: string
gerrit:
aliasContext:
kind: KIND_UNSPECIFIED
name: string
gerritProject: string
hostUri: string
revisionId: string
git:
revisionId: string
url: string
labels:
string: string
fileHashes:
string: string
startTime: string
triggerId: string
provenanceBytes: string
compliance:
nonComplianceReason: string
nonCompliantFiles:
- displayCommand: string
path: string
reason: string
deployment:
address: string
config: string
deployTime: string
platform: PLATFORM_UNSPECIFIED
undeployTime: string
userEmail: string
discovery:
analysisCompleted:
analysisType:
- string
analysisError:
- code: 0
details:
- string: string
message: string
analysisStatus: ANALYSIS_STATUS_UNSPECIFIED
analysisStatusError:
code: 0
details:
- string: string
message: string
continuousAnalysis: CONTINUOUS_ANALYSIS_UNSPECIFIED
cpe: string
lastScanTime: string
sbomStatus:
error: string
sbomState: SBOM_STATE_UNSPECIFIED
dsseAttestation:
envelope:
payload: string
payloadType: string
signatures:
- keyid: string
sig: string
statement:
predicateType: string
provenance:
builderConfig:
id: string
materials:
- string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
arguments: false
environment: false
materials: false
reproducible: false
recipe:
arguments:
- string: string
definedInMaterial: string
entryPoint: string
environment:
- string: string
type: string
slsaProvenance:
builder:
id: string
materials:
- digest:
string: string
uri: string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
arguments: false
environment: false
materials: false
reproducible: false
recipe:
arguments:
string: string
definedInMaterial: string
entryPoint: string
environment:
string: string
type: string
slsaProvenanceZeroTwo:
buildConfig:
string: string
buildType: string
builder:
id: string
invocation:
configSource:
digest:
string: string
entryPoint: string
uri: string
environment:
string: string
parameters:
string: string
materials:
- digest:
string: string
uri: string
metadata:
buildFinishedOn: string
buildInvocationId: string
buildStartedOn: string
completeness:
environment: false
materials: false
parameters: false
reproducible: false
subject:
- digest:
string: string
name: string
type: string
envelope:
payload: string
payloadType: string
signatures:
- keyid: string
sig: string
image:
fingerprint:
v1Name: string
v2Blob:
- string
layerInfo:
- arguments: string
directive: string
noteName: string
package:
license:
comments: string
expression: string
location:
- path: string
project: string
remediation: string
resourceUri: string
sbomReference:
payload:
predicate:
digest:
string: string
location: string
mimeType: string
referrerId: string
predicateType: string
subject:
- digest:
string: string
name: string
type: string
payloadType: string
signatures:
- keyid: string
sig: string
upgrade:
distribution:
classification: string
cpeUri: string
cve:
- string
severity: string
package: string
parsedVersion:
epoch: 0
fullName: string
inclusive: false
kind: VERSION_KIND_UNSPECIFIED
name: string
revision: string
windowsUpdate:
categories:
- categoryId: string
name: string
description: string
identity:
revision: 0
updateId: string
kbArticleIds:
- string
lastPublishedTimestamp: string
supportUrl: string
title: string
vulnerability:
cvssV2:
attackComplexity: ATTACK_COMPLEXITY_UNSPECIFIED
attackVector: ATTACK_VECTOR_UNSPECIFIED
authentication: AUTHENTICATION_UNSPECIFIED
availabilityImpact: IMPACT_UNSPECIFIED
baseScore: 0
confidentialityImpact: IMPACT_UNSPECIFIED
exploitabilityScore: 0
impactScore: 0
integrityImpact: IMPACT_UNSPECIFIED
privilegesRequired: PRIVILEGES_REQUIRED_UNSPECIFIED
scope: SCOPE_UNSPECIFIED
userInteraction: USER_INTERACTION_UNSPECIFIED
cvssv3:
attackComplexity: ATTACK_COMPLEXITY_UNSPECIFIED
attackVector: ATTACK_VECTOR_UNSPECIFIED
authentication: AUTHENTICATION_UNSPECIFIED
availabilityImpact: IMPACT_UNSPECIFIED
baseScore: 0
confidentialityImpact: IMPACT_UNSPECIFIED
exploitabilityScore: 0
impactScore: 0
integrityImpact: IMPACT_UNSPECIFIED
privilegesRequired: PRIVILEGES_REQUIRED_UNSPECIFIED
scope: SCOPE_UNSPECIFIED
userInteraction: USER_INTERACTION_UNSPECIFIED
effectiveSeverity: SEVERITY_UNSPECIFIED
extraDetails: string
packageIssue:
- affectedCpeUri: string
affectedPackage: string
affectedVersion:
epoch: 0
fullName: string
inclusive: false
kind: VERSION_KIND_UNSPECIFIED
name: string
revision: string
fileLocation:
- filePath: string
fixedCpeUri: string
fixedPackage: string
fixedVersion:
epoch: 0
fullName: string
inclusive: false
kind: VERSION_KIND_UNSPECIFIED
name: string
revision: string
packageType: string
type: string
vexAssessment:
impacts:
- string
justification:
details: string
justificationType: JUSTIFICATION_TYPE_UNSPECIFIED
noteName: string
relatedUris:
- label: string
url: string
remediations:
- details: string
remediationType: REMEDIATION_TYPE_UNSPECIFIED
remediationUri:
label: string
url: string
state: STATE_UNSPECIFIED
vulnerabilityId: string
Occurrence Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Occurrence resource accepts the following input properties:
- Note
Name string - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - Resource
Uri string - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - Attestation
Pulumi.
Google Native. Container Analysis. V1. Inputs. Attestation Occurrence - Describes an attestation of an artifact.
- Build
Pulumi.
Google Native. Container Analysis. V1. Inputs. Build Occurrence - Describes a verifiable build.
- Compliance
Pulumi.
Google Native. Container Analysis. V1. Inputs. Compliance Occurrence - Describes a compliance violation on a linked resource.
- Deployment
Pulumi.
Google Native. Container Analysis. V1. Inputs. Deployment Occurrence - Describes the deployment of an artifact on a runtime.
- Discovery
Pulumi.
Google Native. Container Analysis. V1. Inputs. Discovery Occurrence - Describes when a resource was discovered.
- Dsse
Attestation Pulumi.Google Native. Container Analysis. V1. Inputs. DSSEAttestation Occurrence - Describes an attestation of an artifact using dsse.
- Envelope
Pulumi.
Google Native. Container Analysis. V1. Inputs. Envelope - https://github.com/secure-systems-lab/dsse
- Image
Pulumi.
Google Native. Container Analysis. V1. Inputs. Image Occurrence - Describes how this resource derives from the basis in the associated note.
- Package
Pulumi.
Google Native. Container Analysis. V1. Inputs. Package Occurrence - Describes the installation of a package on the linked resource.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- Sbom
Reference Pulumi.Google Native. Container Analysis. V1. Inputs. SBOMReference Occurrence - Describes a specific SBOM reference occurrences.
- Upgrade
Pulumi.
Google Native. Container Analysis. V1. Inputs. Upgrade Occurrence - Describes an available package upgrade on the linked resource.
- Vulnerability
Pulumi.
Google Native. Container Analysis. V1. Inputs. Vulnerability Occurrence - Describes a security vulnerability.
- Note
Name string - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - Resource
Uri string - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - Attestation
Attestation
Occurrence Args - Describes an attestation of an artifact.
- Build
Build
Occurrence Args - Describes a verifiable build.
- Compliance
Compliance
Occurrence Args - Describes a compliance violation on a linked resource.
- Deployment
Deployment
Occurrence Args - Describes the deployment of an artifact on a runtime.
- Discovery
Discovery
Occurrence Args - Describes when a resource was discovered.
- Dsse
Attestation DSSEAttestationOccurrence Args - Describes an attestation of an artifact using dsse.
- Envelope
Envelope
Args - https://github.com/secure-systems-lab/dsse
- Image
Image
Occurrence Args - Describes how this resource derives from the basis in the associated note.
- Package
Package
Occurrence Args - Describes the installation of a package on the linked resource.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- Sbom
Reference SBOMReferenceOccurrence Args - Describes a specific SBOM reference occurrences.
- Upgrade
Upgrade
Occurrence Args - Describes an available package upgrade on the linked resource.
- Vulnerability
Vulnerability
Occurrence Args - Describes a security vulnerability.
- note
Name String - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - resource
Uri String - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - attestation
Attestation
Occurrence - Describes an attestation of an artifact.
- build
Build
Occurrence - Describes a verifiable build.
- compliance
Compliance
Occurrence - Describes a compliance violation on a linked resource.
- deployment
Deployment
Occurrence - Describes the deployment of an artifact on a runtime.
- discovery
Discovery
Occurrence - Describes when a resource was discovered.
- dsse
Attestation DSSEAttestationOccurrence - Describes an attestation of an artifact using dsse.
- envelope Envelope
- https://github.com/secure-systems-lab/dsse
- image
Image
Occurrence - Describes how this resource derives from the basis in the associated note.
- package_
Package
Occurrence - Describes the installation of a package on the linked resource.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
- sbom
Reference SBOMReferenceOccurrence - Describes a specific SBOM reference occurrences.
- upgrade
Upgrade
Occurrence - Describes an available package upgrade on the linked resource.
- vulnerability
Vulnerability
Occurrence - Describes a security vulnerability.
- note
Name string - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - resource
Uri string - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - attestation
Attestation
Occurrence - Describes an attestation of an artifact.
- build
Build
Occurrence - Describes a verifiable build.
- compliance
Compliance
Occurrence - Describes a compliance violation on a linked resource.
- deployment
Deployment
Occurrence - Describes the deployment of an artifact on a runtime.
- discovery
Discovery
Occurrence - Describes when a resource was discovered.
- dsse
Attestation DSSEAttestationOccurrence - Describes an attestation of an artifact using dsse.
- envelope Envelope
- https://github.com/secure-systems-lab/dsse
- image
Image
Occurrence - Describes how this resource derives from the basis in the associated note.
- package
Package
Occurrence - Describes the installation of a package on the linked resource.
- project string
- remediation string
- A description of actions that can be taken to remedy the note.
- sbom
Reference SBOMReferenceOccurrence - Describes a specific SBOM reference occurrences.
- upgrade
Upgrade
Occurrence - Describes an available package upgrade on the linked resource.
- vulnerability
Vulnerability
Occurrence - Describes a security vulnerability.
- note_
name str - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - resource_
uri str - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - attestation
Attestation
Occurrence Args - Describes an attestation of an artifact.
- build
Build
Occurrence Args - Describes a verifiable build.
- compliance
Compliance
Occurrence Args - Describes a compliance violation on a linked resource.
- deployment
Deployment
Occurrence Args - Describes the deployment of an artifact on a runtime.
- discovery
Discovery
Occurrence Args - Describes when a resource was discovered.
- dsse_
attestation DSSEAttestationOccurrence Args - Describes an attestation of an artifact using dsse.
- envelope
Envelope
Args - https://github.com/secure-systems-lab/dsse
- image
Image
Occurrence Args - Describes how this resource derives from the basis in the associated note.
- package
Package
Occurrence Args - Describes the installation of a package on the linked resource.
- project str
- remediation str
- A description of actions that can be taken to remedy the note.
- sbom_
reference SBOMReferenceOccurrence Args - Describes a specific SBOM reference occurrences.
- upgrade
Upgrade
Occurrence Args - Describes an available package upgrade on the linked resource.
- vulnerability
Vulnerability
Occurrence Args - Describes a security vulnerability.
- note
Name String - Immutable. The analysis note associated with this occurrence, in the form of
projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. - resource
Uri String - Immutable. A URI that represents the resource for which the occurrence applies. For example,
https://gcr.io/project/image@sha256:123abcfor a Docker image. - attestation Property Map
- Describes an attestation of an artifact.
- build Property Map
- Describes a verifiable build.
- compliance Property Map
- Describes a compliance violation on a linked resource.
- deployment Property Map
- Describes the deployment of an artifact on a runtime.
- discovery Property Map
- Describes when a resource was discovered.
- dsse
Attestation Property Map - Describes an attestation of an artifact using dsse.
- envelope Property Map
- https://github.com/secure-systems-lab/dsse
- image Property Map
- Describes how this resource derives from the basis in the associated note.
- package Property Map
- Describes the installation of a package on the linked resource.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
- sbom
Reference Property Map - Describes a specific SBOM reference occurrences.
- upgrade Property Map
- Describes an available package upgrade on the linked resource.
- vulnerability Property Map
- Describes a security vulnerability.
Outputs
All input properties are implicitly available as output properties. Additionally, the Occurrence resource produces the following output properties:
- Create
Time string - The time this occurrence was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - Update
Time string - The time this occurrence was last updated.
- Create
Time string - The time this occurrence was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - Update
Time string - The time this occurrence was last updated.
- create
Time String - The time this occurrence was created.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - update
Time String - The time this occurrence was last updated.
- create
Time string - The time this occurrence was created.
- id string
- The provider-assigned unique ID for this managed resource.
- kind string
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name string
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - update
Time string - The time this occurrence was last updated.
- create_
time str - The time this occurrence was created.
- id str
- The provider-assigned unique ID for this managed resource.
- kind str
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name str
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - update_
time str - The time this occurrence was last updated.
- create
Time String - The time this occurrence was created.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence in the form of
projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. - update
Time String - The time this occurrence was last updated.
Supporting Types
AliasContext, AliasContextArgs
- Kind
Pulumi.
Google Native. Container Analysis. V1. Alias Context Kind - The alias kind.
- Name string
- The alias name.
- Kind
Alias
Context Kind - The alias kind.
- Name string
- The alias name.
- kind
Alias
Context Kind - The alias kind.
- name String
- The alias name.
- kind
Alias
Context Kind - The alias kind.
- name string
- The alias name.
- kind
Alias
Context Kind - The alias kind.
- name str
- The alias name.
- kind "KIND_UNSPECIFIED" | "FIXED" | "MOVABLE" | "OTHER"
- The alias kind.
- name String
- The alias name.
AliasContextKind, AliasContextKindArgs
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown.
- Fixed
- FIXEDGit tag.
- Movable
- MOVABLEGit branch.
- Other
- OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
- Alias
Context Kind Kind Unspecified - KIND_UNSPECIFIEDUnknown.
- Alias
Context Kind Fixed - FIXEDGit tag.
- Alias
Context Kind Movable - MOVABLEGit branch.
- Alias
Context Kind Other - OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown.
- Fixed
- FIXEDGit tag.
- Movable
- MOVABLEGit branch.
- Other
- OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
- Kind
Unspecified - KIND_UNSPECIFIEDUnknown.
- Fixed
- FIXEDGit tag.
- Movable
- MOVABLEGit branch.
- Other
- OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
- KIND_UNSPECIFIED
- KIND_UNSPECIFIEDUnknown.
- FIXED
- FIXEDGit tag.
- MOVABLE
- MOVABLEGit branch.
- OTHER
- OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
- "KIND_UNSPECIFIED"
- KIND_UNSPECIFIEDUnknown.
- "FIXED"
- FIXEDGit tag.
- "MOVABLE"
- MOVABLEGit branch.
- "OTHER"
- OTHERUsed to specify non-standard aliases. For example, if a Git repo has a ref named "refs/foo/bar".
AliasContextResponse, AliasContextResponseArgs
AnalysisCompleted, AnalysisCompletedArgs
- Analysis
Type List<string>
- Analysis
Type []string
- analysis
Type List<String>
- analysis
Type string[]
- analysis_
type Sequence[str]
- analysis
Type List<String>
AnalysisCompletedResponse, AnalysisCompletedResponseArgs
- Analysis
Type List<string>
- Analysis
Type []string
- analysis
Type List<String>
- analysis
Type string[]
- analysis_
type Sequence[str]
- analysis
Type List<String>
Artifact, ArtifactArgs
- Checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- Id string
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - Names List<string>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- Checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- Id string
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - Names []string
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum String
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- id String
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - names List<String>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- id string
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - names string[]
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum str
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- id str
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - names Sequence[str]
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum String
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- id String
- Artifact ID, if any; for container images, this will be a URL by digest like
gcr.io/projectID/imagename@sha256:123456. - names List<String>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
ArtifactResponse, ArtifactResponseArgs
- Checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- Names List<string>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- Checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- Names []string
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum String
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- names List<String>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum string
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- names string[]
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum str
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- names Sequence[str]
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
- checksum String
- Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container.
- names List<String>
- Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to
docker push. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image.
AttestationOccurrence, AttestationOccurrenceArgs
- Serialized
Payload string - The serialized payload that is verified by one or more
signatures. - Jwts
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Jwt> - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - Signatures
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Signature> - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- Serialized
Payload string - The serialized payload that is verified by one or more
signatures. - Jwts []Jwt
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - Signatures []Signature
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- serialized
Payload String - The serialized payload that is verified by one or more
signatures. - jwts List<Jwt>
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - signatures List<Signature>
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- serialized
Payload string - The serialized payload that is verified by one or more
signatures. - jwts Jwt[]
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - signatures Signature[]
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- serialized_
payload str - The serialized payload that is verified by one or more
signatures. - jwts Sequence[Jwt]
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - signatures Sequence[Signature]
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- serialized
Payload String - The serialized payload that is verified by one or more
signatures. - jwts List<Property Map>
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - signatures List<Property Map>
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
AttestationOccurrenceResponse, AttestationOccurrenceResponseArgs
- Jwts
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Jwt Response> - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - Serialized
Payload string - The serialized payload that is verified by one or more
signatures. - Signatures
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Signature Response> - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- Jwts
[]Jwt
Response - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - Serialized
Payload string - The serialized payload that is verified by one or more
signatures. - Signatures
[]Signature
Response - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- jwts
List<Jwt
Response> - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - serialized
Payload String - The serialized payload that is verified by one or more
signatures. - signatures
List<Signature
Response> - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- jwts
Jwt
Response[] - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - serialized
Payload string - The serialized payload that is verified by one or more
signatures. - signatures
Signature
Response[] - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- jwts
Sequence[Jwt
Response] - One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - serialized_
payload str - The serialized payload that is verified by one or more
signatures. - signatures
Sequence[Signature
Response] - One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
- jwts List<Property Map>
- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the
serialized_payloadfield when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payloadSHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uriof this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. - serialized
Payload String - The serialized payload that is verified by one or more
signatures. - signatures List<Property Map>
- One or more signatures over
serialized_payload. Verifier implementations should consider this attestation message verified if at least onesignatureverifiesserialized_payload. SeeSignaturein common.proto for more details on signature structure and verification.
BuildDefinition, BuildDefinitionArgs
- Build
Type string - External
Parameters Dictionary<string, string> - Internal
Parameters Dictionary<string, string> - Resolved
Dependencies List<Pulumi.Google Native. Container Analysis. V1. Inputs. Resource Descriptor>
- Build
Type string - External
Parameters map[string]string - Internal
Parameters map[string]string - Resolved
Dependencies []ResourceDescriptor
- build
Type String - external
Parameters Map<String,String> - internal
Parameters Map<String,String> - resolved
Dependencies List<ResourceDescriptor>
- build
Type string - external
Parameters {[key: string]: string} - internal
Parameters {[key: string]: string} - resolved
Dependencies ResourceDescriptor[]
- build_
type str - external_
parameters Mapping[str, str] - internal_
parameters Mapping[str, str] - resolved_
dependencies Sequence[ResourceDescriptor]
- build
Type String - external
Parameters Map<String> - internal
Parameters Map<String> - resolved
Dependencies List<Property Map>
BuildDefinitionResponse, BuildDefinitionResponseArgs
- Build
Type string - External
Parameters Dictionary<string, string> - Internal
Parameters Dictionary<string, string> - Resolved
Dependencies List<Pulumi.Google Native. Container Analysis. V1. Inputs. Resource Descriptor Response>
- Build
Type string - External
Parameters map[string]string - Internal
Parameters map[string]string - Resolved
Dependencies []ResourceDescriptor Response
- build
Type String - external
Parameters Map<String,String> - internal
Parameters Map<String,String> - resolved
Dependencies List<ResourceDescriptor Response>
- build
Type string - external
Parameters {[key: string]: string} - internal
Parameters {[key: string]: string} - resolved
Dependencies ResourceDescriptor Response[]
- build_
type str - external_
parameters Mapping[str, str] - internal_
parameters Mapping[str, str] - resolved_
dependencies Sequence[ResourceDescriptor Response]
- build
Type String - external
Parameters Map<String> - internal
Parameters Map<String> - resolved
Dependencies List<Property Map>
BuildMetadata, BuildMetadataArgs
- Finished
On string - Invocation
Id string - Started
On string
- Finished
On string - Invocation
Id string - Started
On string
- finished
On String - invocation
Id String - started
On String
- finished
On string - invocation
Id string - started
On string
- finished_
on str - invocation_
id str - started_
on str
- finished
On String - invocation
Id String - started
On String
BuildMetadataResponse, BuildMetadataResponseArgs
- Finished
On string - Invocation
Id string - Started
On string
- Finished
On string - Invocation
Id string - Started
On string
- finished
On String - invocation
Id String - started
On String
- finished
On string - invocation
Id string - started
On string
- finished_
on str - invocation_
id str - started_
on str
- finished
On String - invocation
Id String - started
On String
BuildOccurrence, BuildOccurrenceArgs
- In
Toto Pulumi.Slsa Provenance V1 Google Native. Container Analysis. V1. Inputs. In Toto Slsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- Intoto
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. In Toto Provenance - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- Intoto
Statement Pulumi.Google Native. Container Analysis. V1. Inputs. In Toto Statement - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- Provenance
Pulumi.
Google Native. Container Analysis. V1. Inputs. Build Provenance - The actual provenance for the build.
- Provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- In
Toto InSlsa Provenance V1 Toto Slsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- Intoto
Provenance InToto Provenance - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- Intoto
Statement InToto Statement - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- Provenance
Build
Provenance - The actual provenance for the build.
- Provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto InSlsa Provenance V1 Toto Slsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance InToto Provenance - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement InToto Statement - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance - The actual provenance for the build.
- provenance
Bytes String - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto InSlsa Provenance V1 Toto Slsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance InToto Provenance - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement InToto Statement - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance - The actual provenance for the build.
- provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in_
toto_ Inslsa_ provenance_ v1 Toto Slsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto_
provenance InToto Provenance - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto_
statement InToto Statement - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance - The actual provenance for the build.
- provenance_
bytes str - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto Property MapSlsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance Property Map - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement Property Map - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance Property Map
- The actual provenance for the build.
- provenance
Bytes String - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
BuildOccurrenceResponse, BuildOccurrenceResponseArgs
- In
Toto Pulumi.Slsa Provenance V1 Google Native. Container Analysis. V1. Inputs. In Toto Slsa Provenance V1Response - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- Intoto
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. In Toto Provenance Response - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- Intoto
Statement Pulumi.Google Native. Container Analysis. V1. Inputs. In Toto Statement Response - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- Provenance
Pulumi.
Google Native. Container Analysis. V1. Inputs. Build Provenance Response - The actual provenance for the build.
- Provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- In
Toto InSlsa Provenance V1 Toto Slsa Provenance V1Response - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- Intoto
Provenance InToto Provenance Response - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- Intoto
Statement InToto Statement Response - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- Provenance
Build
Provenance Response - The actual provenance for the build.
- Provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto InSlsa Provenance V1 Toto Slsa Provenance V1Response - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance InToto Provenance Response - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement InToto Statement Response - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance Response - The actual provenance for the build.
- provenance
Bytes String - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto InSlsa Provenance V1 Toto Slsa Provenance V1Response - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance InToto Provenance Response - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement InToto Statement Response - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance Response - The actual provenance for the build.
- provenance
Bytes string - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in_
toto_ Inslsa_ provenance_ v1 Toto Slsa Provenance V1Response - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto_
provenance InToto Provenance Response - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto_
statement InToto Statement Response - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance
Build
Provenance Response - The actual provenance for the build.
- provenance_
bytes str - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
- in
Toto Property MapSlsa Provenance V1 - In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance.
- intoto
Provenance Property Map - Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
- intoto
Statement Property Map - In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
- provenance Property Map
- The actual provenance for the build.
- provenance
Bytes String - Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature,
provenance_bytescan be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes.
BuildProvenance, BuildProvenanceArgs
- Id string
- Unique identifier of the build.
- Build
Options Dictionary<string, string> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- Builder
Version string - Version string of the builder at the time this build was executed.
- Built
Artifacts List<Pulumi.Google Native. Container Analysis. V1. Inputs. Artifact> - Output of the build.
- Commands
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Command> - Commands requested by the build.
- Create
Time string - Time at which the build was created.
- Creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- End
Time string - Time at which execution of the build was finished.
- Logs
Uri string - URI where any logs for this provenance were written.
- Project string
- ID of the project.
- Source
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. Source - Details of the Source input to the build.
- Start
Time string - Time at which execution of the build was started.
- Trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- Id string
- Unique identifier of the build.
- Build
Options map[string]string - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- Builder
Version string - Version string of the builder at the time this build was executed.
- Built
Artifacts []Artifact - Output of the build.
- Commands []Command
- Commands requested by the build.
- Create
Time string - Time at which the build was created.
- Creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- End
Time string - Time at which execution of the build was finished.
- Logs
Uri string - URI where any logs for this provenance were written.
- Project string
- ID of the project.
- Source
Provenance Source - Details of the Source input to the build.
- Start
Time string - Time at which execution of the build was started.
- Trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- id String
- Unique identifier of the build.
- build
Options Map<String,String> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version String - Version string of the builder at the time this build was executed.
- built
Artifacts List<Artifact> - Output of the build.
- commands List<Command>
- Commands requested by the build.
- create
Time String - Time at which the build was created.
- creator String
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time String - Time at which execution of the build was finished.
- logs
Uri String - URI where any logs for this provenance were written.
- project String
- ID of the project.
- source
Provenance Source - Details of the Source input to the build.
- start
Time String - Time at which execution of the build was started.
- trigger
Id String - Trigger identifier if the build was triggered automatically; empty if not.
- id string
- Unique identifier of the build.
- build
Options {[key: string]: string} - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version string - Version string of the builder at the time this build was executed.
- built
Artifacts Artifact[] - Output of the build.
- commands Command[]
- Commands requested by the build.
- create
Time string - Time at which the build was created.
- creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time string - Time at which execution of the build was finished.
- logs
Uri string - URI where any logs for this provenance were written.
- project string
- ID of the project.
- source
Provenance Source - Details of the Source input to the build.
- start
Time string - Time at which execution of the build was started.
- trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- id str
- Unique identifier of the build.
- build_
options Mapping[str, str] - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder_
version str - Version string of the builder at the time this build was executed.
- built_
artifacts Sequence[Artifact] - Output of the build.
- commands Sequence[Command]
- Commands requested by the build.
- create_
time str - Time at which the build was created.
- creator str
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end_
time str - Time at which execution of the build was finished.
- logs_
uri str - URI where any logs for this provenance were written.
- project str
- ID of the project.
- source_
provenance Source - Details of the Source input to the build.
- start_
time str - Time at which execution of the build was started.
- trigger_
id str - Trigger identifier if the build was triggered automatically; empty if not.
- id String
- Unique identifier of the build.
- build
Options Map<String> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version String - Version string of the builder at the time this build was executed.
- built
Artifacts List<Property Map> - Output of the build.
- commands List<Property Map>
- Commands requested by the build.
- create
Time String - Time at which the build was created.
- creator String
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time String - Time at which execution of the build was finished.
- logs
Uri String - URI where any logs for this provenance were written.
- project String
- ID of the project.
- source
Provenance Property Map - Details of the Source input to the build.
- start
Time String - Time at which execution of the build was started.
- trigger
Id String - Trigger identifier if the build was triggered automatically; empty if not.
BuildProvenanceResponse, BuildProvenanceResponseArgs
- Build
Options Dictionary<string, string> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- Builder
Version string - Version string of the builder at the time this build was executed.
- Built
Artifacts List<Pulumi.Google Native. Container Analysis. V1. Inputs. Artifact Response> - Output of the build.
- Commands
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Command Response> - Commands requested by the build.
- Create
Time string - Time at which the build was created.
- Creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- End
Time string - Time at which execution of the build was finished.
- Logs
Uri string - URI where any logs for this provenance were written.
- Project string
- ID of the project.
- Source
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. Source Response - Details of the Source input to the build.
- Start
Time string - Time at which execution of the build was started.
- Trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- Build
Options map[string]string - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- Builder
Version string - Version string of the builder at the time this build was executed.
- Built
Artifacts []ArtifactResponse - Output of the build.
- Commands
[]Command
Response - Commands requested by the build.
- Create
Time string - Time at which the build was created.
- Creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- End
Time string - Time at which execution of the build was finished.
- Logs
Uri string - URI where any logs for this provenance were written.
- Project string
- ID of the project.
- Source
Provenance SourceResponse - Details of the Source input to the build.
- Start
Time string - Time at which execution of the build was started.
- Trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- build
Options Map<String,String> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version String - Version string of the builder at the time this build was executed.
- built
Artifacts List<ArtifactResponse> - Output of the build.
- commands
List<Command
Response> - Commands requested by the build.
- create
Time String - Time at which the build was created.
- creator String
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time String - Time at which execution of the build was finished.
- logs
Uri String - URI where any logs for this provenance were written.
- project String
- ID of the project.
- source
Provenance SourceResponse - Details of the Source input to the build.
- start
Time String - Time at which execution of the build was started.
- trigger
Id String - Trigger identifier if the build was triggered automatically; empty if not.
- build
Options {[key: string]: string} - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version string - Version string of the builder at the time this build was executed.
- built
Artifacts ArtifactResponse[] - Output of the build.
- commands
Command
Response[] - Commands requested by the build.
- create
Time string - Time at which the build was created.
- creator string
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time string - Time at which execution of the build was finished.
- logs
Uri string - URI where any logs for this provenance were written.
- project string
- ID of the project.
- source
Provenance SourceResponse - Details of the Source input to the build.
- start
Time string - Time at which execution of the build was started.
- trigger
Id string - Trigger identifier if the build was triggered automatically; empty if not.
- build_
options Mapping[str, str] - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder_
version str - Version string of the builder at the time this build was executed.
- built_
artifacts Sequence[ArtifactResponse] - Output of the build.
- commands
Sequence[Command
Response] - Commands requested by the build.
- create_
time str - Time at which the build was created.
- creator str
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end_
time str - Time at which execution of the build was finished.
- logs_
uri str - URI where any logs for this provenance were written.
- project str
- ID of the project.
- source_
provenance SourceResponse - Details of the Source input to the build.
- start_
time str - Time at which execution of the build was started.
- trigger_
id str - Trigger identifier if the build was triggered automatically; empty if not.
- build
Options Map<String> - Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
- builder
Version String - Version string of the builder at the time this build was executed.
- built
Artifacts List<Property Map> - Output of the build.
- commands List<Property Map>
- Commands requested by the build.
- create
Time String - Time at which the build was created.
- creator String
- E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time.
- end
Time String - Time at which execution of the build was finished.
- logs
Uri String - URI where any logs for this provenance were written.
- project String
- ID of the project.
- source
Provenance Property Map - Details of the Source input to the build.
- start
Time String - Time at which execution of the build was started.
- trigger
Id String - Trigger identifier if the build was triggered automatically; empty if not.
BuilderConfig, BuilderConfigArgs
- Id string
- Id string
- id String
- id string
- id str
- id String
CVSS, CVSSArgs
- Attack
Complexity Pulumi.Google Native. Container Analysis. V1. CVSSAttack Complexity - Attack
Vector Pulumi.Google Native. Container Analysis. V1. CVSSAttack Vector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- Authentication
Pulumi.
Google Native. Container Analysis. V1. CVSSAuthentication - Availability
Impact Pulumi.Google Native. Container Analysis. V1. CVSSAvailability Impact - Base
Score double - The base score is a function of the base metric scores.
- Confidentiality
Impact Pulumi.Google Native. Container Analysis. V1. CVSSConfidentiality Impact - Exploitability
Score double - Impact
Score double - Integrity
Impact Pulumi.Google Native. Container Analysis. V1. CVSSIntegrity Impact - Privileges
Required Pulumi.Google Native. Container Analysis. V1. CVSSPrivileges Required - Scope
Pulumi.
Google Native. Container Analysis. V1. CVSSScope - User
Interaction Pulumi.Google Native. Container Analysis. V1. CVSSUser Interaction
- Attack
Complexity CVSSAttackComplexity - Attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- Authentication CVSSAuthentication
- Availability
Impact CVSSAvailabilityImpact - Base
Score float64 - The base score is a function of the base metric scores.
- Confidentiality
Impact CVSSConfidentialityImpact - Exploitability
Score float64 - Impact
Score float64 - Integrity
Impact CVSSIntegrityImpact - Privileges
Required CVSSPrivilegesRequired - Scope CVSSScope
- User
Interaction CVSSUserInteraction
- attack
Complexity CVSSAttackComplexity - attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication CVSSAuthentication
- availability
Impact CVSSAvailabilityImpact - base
Score Double - The base score is a function of the base metric scores.
- confidentiality
Impact CVSSConfidentialityImpact - exploitability
Score Double - impact
Score Double - integrity
Impact CVSSIntegrityImpact - privileges
Required CVSSPrivilegesRequired - scope CVSSScope
- user
Interaction CVSSUserInteraction
- attack
Complexity CVSSAttackComplexity - attack
Vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication CVSSAuthentication
- availability
Impact CVSSAvailabilityImpact - base
Score number - The base score is a function of the base metric scores.
- confidentiality
Impact CVSSConfidentialityImpact - exploitability
Score number - impact
Score number - integrity
Impact CVSSIntegrityImpact - privileges
Required CVSSPrivilegesRequired - scope CVSSScope
- user
Interaction CVSSUserInteraction
- attack_
complexity CVSSAttackComplexity - attack_
vector CVSSAttackVector - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication CVSSAuthentication
- availability_
impact CVSSAvailabilityImpact - base_
score float - The base score is a function of the base metric scores.
- confidentiality_
impact CVSSConfidentialityImpact - exploitability_
score float - impact_
score float - integrity_
impact CVSSIntegrityImpact - privileges_
required CVSSPrivilegesRequired - scope CVSSScope
- user_
interaction CVSSUserInteraction
- attack
Complexity "ATTACK_COMPLEXITY_UNSPECIFIED" | "ATTACK_COMPLEXITY_LOW" | "ATTACK_COMPLEXITY_HIGH" | "ATTACK_COMPLEXITY_MEDIUM" - attack
Vector "ATTACK_VECTOR_UNSPECIFIED" | "ATTACK_VECTOR_NETWORK" | "ATTACK_VECTOR_ADJACENT" | "ATTACK_VECTOR_LOCAL" | "ATTACK_VECTOR_PHYSICAL" - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication "AUTHENTICATION_UNSPECIFIED" | "AUTHENTICATION_MULTIPLE" | "AUTHENTICATION_SINGLE" | "AUTHENTICATION_NONE"
- availability
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - base
Score Number - The base score is a function of the base metric scores.
- confidentiality
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - exploitability
Score Number - impact
Score Number - integrity
Impact "IMPACT_UNSPECIFIED" | "IMPACT_HIGH" | "IMPACT_LOW" | "IMPACT_NONE" | "IMPACT_PARTIAL" | "IMPACT_COMPLETE" - privileges
Required "PRIVILEGES_REQUIRED_UNSPECIFIED" | "PRIVILEGES_REQUIRED_NONE" | "PRIVILEGES_REQUIRED_LOW" | "PRIVILEGES_REQUIRED_HIGH" - scope "SCOPE_UNSPECIFIED" | "SCOPE_UNCHANGED" | "SCOPE_CHANGED"
- user
Interaction "USER_INTERACTION_UNSPECIFIED" | "USER_INTERACTION_NONE" | "USER_INTERACTION_REQUIRED"
CVSSAttackComplexity, CVSSAttackComplexityArgs
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIED
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOW
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGH
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUM
- CVSSAttack
Complexity Attack Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIED
- CVSSAttack
Complexity Attack Complexity Low - ATTACK_COMPLEXITY_LOW
- CVSSAttack
Complexity Attack Complexity High - ATTACK_COMPLEXITY_HIGH
- CVSSAttack
Complexity Attack Complexity Medium - ATTACK_COMPLEXITY_MEDIUM
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIED
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOW
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGH
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUM
- Attack
Complexity Unspecified - ATTACK_COMPLEXITY_UNSPECIFIED
- Attack
Complexity Low - ATTACK_COMPLEXITY_LOW
- Attack
Complexity High - ATTACK_COMPLEXITY_HIGH
- Attack
Complexity Medium - ATTACK_COMPLEXITY_MEDIUM
- ATTACK_COMPLEXITY_UNSPECIFIED
- ATTACK_COMPLEXITY_UNSPECIFIED
- ATTACK_COMPLEXITY_LOW
- ATTACK_COMPLEXITY_LOW
- ATTACK_COMPLEXITY_HIGH
- ATTACK_COMPLEXITY_HIGH
- ATTACK_COMPLEXITY_MEDIUM
- ATTACK_COMPLEXITY_MEDIUM
- "ATTACK_COMPLEXITY_UNSPECIFIED"
- ATTACK_COMPLEXITY_UNSPECIFIED
- "ATTACK_COMPLEXITY_LOW"
- ATTACK_COMPLEXITY_LOW
- "ATTACK_COMPLEXITY_HIGH"
- ATTACK_COMPLEXITY_HIGH
- "ATTACK_COMPLEXITY_MEDIUM"
- ATTACK_COMPLEXITY_MEDIUM
CVSSAttackVector, CVSSAttackVectorArgs
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIED
- Attack
Vector Network - ATTACK_VECTOR_NETWORK
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENT
- Attack
Vector Local - ATTACK_VECTOR_LOCAL
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICAL
- CVSSAttack
Vector Attack Vector Unspecified - ATTACK_VECTOR_UNSPECIFIED
- CVSSAttack
Vector Attack Vector Network - ATTACK_VECTOR_NETWORK
- CVSSAttack
Vector Attack Vector Adjacent - ATTACK_VECTOR_ADJACENT
- CVSSAttack
Vector Attack Vector Local - ATTACK_VECTOR_LOCAL
- CVSSAttack
Vector Attack Vector Physical - ATTACK_VECTOR_PHYSICAL
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIED
- Attack
Vector Network - ATTACK_VECTOR_NETWORK
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENT
- Attack
Vector Local - ATTACK_VECTOR_LOCAL
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICAL
- Attack
Vector Unspecified - ATTACK_VECTOR_UNSPECIFIED
- Attack
Vector Network - ATTACK_VECTOR_NETWORK
- Attack
Vector Adjacent - ATTACK_VECTOR_ADJACENT
- Attack
Vector Local - ATTACK_VECTOR_LOCAL
- Attack
Vector Physical - ATTACK_VECTOR_PHYSICAL
- ATTACK_VECTOR_UNSPECIFIED
- ATTACK_VECTOR_UNSPECIFIED
- ATTACK_VECTOR_NETWORK
- ATTACK_VECTOR_NETWORK
- ATTACK_VECTOR_ADJACENT
- ATTACK_VECTOR_ADJACENT
- ATTACK_VECTOR_LOCAL
- ATTACK_VECTOR_LOCAL
- ATTACK_VECTOR_PHYSICAL
- ATTACK_VECTOR_PHYSICAL
- "ATTACK_VECTOR_UNSPECIFIED"
- ATTACK_VECTOR_UNSPECIFIED
- "ATTACK_VECTOR_NETWORK"
- ATTACK_VECTOR_NETWORK
- "ATTACK_VECTOR_ADJACENT"
- ATTACK_VECTOR_ADJACENT
- "ATTACK_VECTOR_LOCAL"
- ATTACK_VECTOR_LOCAL
- "ATTACK_VECTOR_PHYSICAL"
- ATTACK_VECTOR_PHYSICAL
CVSSAuthentication, CVSSAuthenticationArgs
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIED
- Authentication
Multiple - AUTHENTICATION_MULTIPLE
- Authentication
Single - AUTHENTICATION_SINGLE
- Authentication
None - AUTHENTICATION_NONE
- CVSSAuthentication
Authentication Unspecified - AUTHENTICATION_UNSPECIFIED
- CVSSAuthentication
Authentication Multiple - AUTHENTICATION_MULTIPLE
- CVSSAuthentication
Authentication Single - AUTHENTICATION_SINGLE
- CVSSAuthentication
Authentication None - AUTHENTICATION_NONE
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIED
- Authentication
Multiple - AUTHENTICATION_MULTIPLE
- Authentication
Single - AUTHENTICATION_SINGLE
- Authentication
None - AUTHENTICATION_NONE
- Authentication
Unspecified - AUTHENTICATION_UNSPECIFIED
- Authentication
Multiple - AUTHENTICATION_MULTIPLE
- Authentication
Single - AUTHENTICATION_SINGLE
- Authentication
None - AUTHENTICATION_NONE
- AUTHENTICATION_UNSPECIFIED
- AUTHENTICATION_UNSPECIFIED
- AUTHENTICATION_MULTIPLE
- AUTHENTICATION_MULTIPLE
- AUTHENTICATION_SINGLE
- AUTHENTICATION_SINGLE
- AUTHENTICATION_NONE
- AUTHENTICATION_NONE
- "AUTHENTICATION_UNSPECIFIED"
- AUTHENTICATION_UNSPECIFIED
- "AUTHENTICATION_MULTIPLE"
- AUTHENTICATION_MULTIPLE
- "AUTHENTICATION_SINGLE"
- AUTHENTICATION_SINGLE
- "AUTHENTICATION_NONE"
- AUTHENTICATION_NONE
CVSSAvailabilityImpact, CVSSAvailabilityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- CVSSAvailability
Impact Impact Unspecified - IMPACT_UNSPECIFIED
- CVSSAvailability
Impact Impact High - IMPACT_HIGH
- CVSSAvailability
Impact Impact Low - IMPACT_LOW
- CVSSAvailability
Impact Impact None - IMPACT_NONE
- CVSSAvailability
Impact Impact Partial - IMPACT_PARTIAL
- CVSSAvailability
Impact Impact Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIED
- IMPACT_HIGH
- IMPACT_HIGH
- IMPACT_LOW
- IMPACT_LOW
- IMPACT_NONE
- IMPACT_NONE
- IMPACT_PARTIAL
- IMPACT_PARTIAL
- IMPACT_COMPLETE
- IMPACT_COMPLETE
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIED
- "IMPACT_HIGH"
- IMPACT_HIGH
- "IMPACT_LOW"
- IMPACT_LOW
- "IMPACT_NONE"
- IMPACT_NONE
- "IMPACT_PARTIAL"
- IMPACT_PARTIAL
- "IMPACT_COMPLETE"
- IMPACT_COMPLETE
CVSSConfidentialityImpact, CVSSConfidentialityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- CVSSConfidentiality
Impact Impact Unspecified - IMPACT_UNSPECIFIED
- CVSSConfidentiality
Impact Impact High - IMPACT_HIGH
- CVSSConfidentiality
Impact Impact Low - IMPACT_LOW
- CVSSConfidentiality
Impact Impact None - IMPACT_NONE
- CVSSConfidentiality
Impact Impact Partial - IMPACT_PARTIAL
- CVSSConfidentiality
Impact Impact Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIED
- IMPACT_HIGH
- IMPACT_HIGH
- IMPACT_LOW
- IMPACT_LOW
- IMPACT_NONE
- IMPACT_NONE
- IMPACT_PARTIAL
- IMPACT_PARTIAL
- IMPACT_COMPLETE
- IMPACT_COMPLETE
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIED
- "IMPACT_HIGH"
- IMPACT_HIGH
- "IMPACT_LOW"
- IMPACT_LOW
- "IMPACT_NONE"
- IMPACT_NONE
- "IMPACT_PARTIAL"
- IMPACT_PARTIAL
- "IMPACT_COMPLETE"
- IMPACT_COMPLETE
CVSSIntegrityImpact, CVSSIntegrityImpactArgs
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- CVSSIntegrity
Impact Impact Unspecified - IMPACT_UNSPECIFIED
- CVSSIntegrity
Impact Impact High - IMPACT_HIGH
- CVSSIntegrity
Impact Impact Low - IMPACT_LOW
- CVSSIntegrity
Impact Impact None - IMPACT_NONE
- CVSSIntegrity
Impact Impact Partial - IMPACT_PARTIAL
- CVSSIntegrity
Impact Impact Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- Impact
Unspecified - IMPACT_UNSPECIFIED
- Impact
High - IMPACT_HIGH
- Impact
Low - IMPACT_LOW
- Impact
None - IMPACT_NONE
- Impact
Partial - IMPACT_PARTIAL
- Impact
Complete - IMPACT_COMPLETE
- IMPACT_UNSPECIFIED
- IMPACT_UNSPECIFIED
- IMPACT_HIGH
- IMPACT_HIGH
- IMPACT_LOW
- IMPACT_LOW
- IMPACT_NONE
- IMPACT_NONE
- IMPACT_PARTIAL
- IMPACT_PARTIAL
- IMPACT_COMPLETE
- IMPACT_COMPLETE
- "IMPACT_UNSPECIFIED"
- IMPACT_UNSPECIFIED
- "IMPACT_HIGH"
- IMPACT_HIGH
- "IMPACT_LOW"
- IMPACT_LOW
- "IMPACT_NONE"
- IMPACT_NONE
- "IMPACT_PARTIAL"
- IMPACT_PARTIAL
- "IMPACT_COMPLETE"
- IMPACT_COMPLETE
CVSSPrivilegesRequired, CVSSPrivilegesRequiredArgs
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIED
- Privileges
Required None - PRIVILEGES_REQUIRED_NONE
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOW
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGH
- CVSSPrivileges
Required Privileges Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIED
- CVSSPrivileges
Required Privileges Required None - PRIVILEGES_REQUIRED_NONE
- CVSSPrivileges
Required Privileges Required Low - PRIVILEGES_REQUIRED_LOW
- CVSSPrivileges
Required Privileges Required High - PRIVILEGES_REQUIRED_HIGH
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIED
- Privileges
Required None - PRIVILEGES_REQUIRED_NONE
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOW
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGH
- Privileges
Required Unspecified - PRIVILEGES_REQUIRED_UNSPECIFIED
- Privileges
Required None - PRIVILEGES_REQUIRED_NONE
- Privileges
Required Low - PRIVILEGES_REQUIRED_LOW
- Privileges
Required High - PRIVILEGES_REQUIRED_HIGH
- PRIVILEGES_REQUIRED_UNSPECIFIED
- PRIVILEGES_REQUIRED_UNSPECIFIED
- PRIVILEGES_REQUIRED_NONE
- PRIVILEGES_REQUIRED_NONE
- PRIVILEGES_REQUIRED_LOW
- PRIVILEGES_REQUIRED_LOW
- PRIVILEGES_REQUIRED_HIGH
- PRIVILEGES_REQUIRED_HIGH
- "PRIVILEGES_REQUIRED_UNSPECIFIED"
- PRIVILEGES_REQUIRED_UNSPECIFIED
- "PRIVILEGES_REQUIRED_NONE"
- PRIVILEGES_REQUIRED_NONE
- "PRIVILEGES_REQUIRED_LOW"
- PRIVILEGES_REQUIRED_LOW
- "PRIVILEGES_REQUIRED_HIGH"
- PRIVILEGES_REQUIRED_HIGH
CVSSResponse, CVSSResponseArgs
- Attack
Complexity string - Attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- Authentication string
- Availability
Impact string - Base
Score double - The base score is a function of the base metric scores.
- Confidentiality
Impact string - Exploitability
Score double - Impact
Score double - Integrity
Impact string - Privileges
Required string - Scope string
- User
Interaction string
- Attack
Complexity string - Attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- Authentication string
- Availability
Impact string - Base
Score float64 - The base score is a function of the base metric scores.
- Confidentiality
Impact string - Exploitability
Score float64 - Impact
Score float64 - Integrity
Impact string - Privileges
Required string - Scope string
- User
Interaction string
- attack
Complexity String - attack
Vector String - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication String
- availability
Impact String - base
Score Double - The base score is a function of the base metric scores.
- confidentiality
Impact String - exploitability
Score Double - impact
Score Double - integrity
Impact String - privileges
Required String - scope String
- user
Interaction String
- attack
Complexity string - attack
Vector string - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication string
- availability
Impact string - base
Score number - The base score is a function of the base metric scores.
- confidentiality
Impact string - exploitability
Score number - impact
Score number - integrity
Impact string - privileges
Required string - scope string
- user
Interaction string
- attack_
complexity str - attack_
vector str - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication str
- availability_
impact str - base_
score float - The base score is a function of the base metric scores.
- confidentiality_
impact str - exploitability_
score float - impact_
score float - integrity_
impact str - privileges_
required str - scope str
- user_
interaction str
- attack
Complexity String - attack
Vector String - Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
- authentication String
- availability
Impact String - base
Score Number - The base score is a function of the base metric scores.
- confidentiality
Impact String - exploitability
Score Number - impact
Score Number - integrity
Impact String - privileges
Required String - scope String
- user
Interaction String
CVSSScope, CVSSScopeArgs
- Scope
Unspecified - SCOPE_UNSPECIFIED
- Scope
Unchanged - SCOPE_UNCHANGED
- Scope
Changed - SCOPE_CHANGED
- CVSSScope
Scope Unspecified - SCOPE_UNSPECIFIED
- CVSSScope
Scope Unchanged - SCOPE_UNCHANGED
- CVSSScope
Scope Changed - SCOPE_CHANGED
- Scope
Unspecified - SCOPE_UNSPECIFIED
- Scope
Unchanged - SCOPE_UNCHANGED
- Scope
Changed - SCOPE_CHANGED
- Scope
Unspecified - SCOPE_UNSPECIFIED
- Scope
Unchanged - SCOPE_UNCHANGED
- Scope
Changed - SCOPE_CHANGED
- SCOPE_UNSPECIFIED
- SCOPE_UNSPECIFIED
- SCOPE_UNCHANGED
- SCOPE_UNCHANGED
- SCOPE_CHANGED
- SCOPE_CHANGED
- "SCOPE_UNSPECIFIED"
- SCOPE_UNSPECIFIED
- "SCOPE_UNCHANGED"
- SCOPE_UNCHANGED
- "SCOPE_CHANGED"
- SCOPE_CHANGED
CVSSUserInteraction, CVSSUserInteractionArgs
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIED
- User
Interaction None - USER_INTERACTION_NONE
- User
Interaction Required - USER_INTERACTION_REQUIRED
- CVSSUser
Interaction User Interaction Unspecified - USER_INTERACTION_UNSPECIFIED
- CVSSUser
Interaction User Interaction None - USER_INTERACTION_NONE
- CVSSUser
Interaction User Interaction Required - USER_INTERACTION_REQUIRED
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIED
- User
Interaction None - USER_INTERACTION_NONE
- User
Interaction Required - USER_INTERACTION_REQUIRED
- User
Interaction Unspecified - USER_INTERACTION_UNSPECIFIED
- User
Interaction None - USER_INTERACTION_NONE
- User
Interaction Required - USER_INTERACTION_REQUIRED
- USER_INTERACTION_UNSPECIFIED
- USER_INTERACTION_UNSPECIFIED
- USER_INTERACTION_NONE
- USER_INTERACTION_NONE
- USER_INTERACTION_REQUIRED
- USER_INTERACTION_REQUIRED
- "USER_INTERACTION_UNSPECIFIED"
- USER_INTERACTION_UNSPECIFIED
- "USER_INTERACTION_NONE"
- USER_INTERACTION_NONE
- "USER_INTERACTION_REQUIRED"
- USER_INTERACTION_REQUIRED
Category, CategoryArgs
- Category
Id string - The identifier of the category.
- Name string
- The localized name of the category.
- Category
Id string - The identifier of the category.
- Name string
- The localized name of the category.
- category
Id String - The identifier of the category.
- name String
- The localized name of the category.
- category
Id string - The identifier of the category.
- name string
- The localized name of the category.
- category_
id str - The identifier of the category.
- name str
- The localized name of the category.
- category
Id String - The identifier of the category.
- name String
- The localized name of the category.
CategoryResponse, CategoryResponseArgs
- Category
Id string - The identifier of the category.
- Name string
- The localized name of the category.
- Category
Id string - The identifier of the category.
- Name string
- The localized name of the category.
- category
Id String - The identifier of the category.
- name String
- The localized name of the category.
- category
Id string - The identifier of the category.
- name string
- The localized name of the category.
- category_
id str - The identifier of the category.
- name str
- The localized name of the category.
- category
Id String - The identifier of the category.
- name String
- The localized name of the category.
CloudRepoSourceContext, CloudRepoSourceContextArgs
- Alias
Context Pulumi.Google Native. Container Analysis. V1. Inputs. Alias Context - An alias, which may be a branch or tag.
- Repo
Id Pulumi.Google Native. Container Analysis. V1. Inputs. Repo Id - The ID of the repo.
- Revision
Id string - A revision ID.
- Alias
Context AliasContext - An alias, which may be a branch or tag.
- Repo
Id RepoId - The ID of the repo.
- Revision
Id string - A revision ID.
- alias
Context AliasContext - An alias, which may be a branch or tag.
- repo
Id RepoId - The ID of the repo.
- revision
Id String - A revision ID.
- alias
Context AliasContext - An alias, which may be a branch or tag.
- repo
Id RepoId - The ID of the repo.
- revision
Id string - A revision ID.
- alias_
context AliasContext - An alias, which may be a branch or tag.
- repo_
id RepoId - The ID of the repo.
- revision_
id str - A revision ID.
- alias
Context Property Map - An alias, which may be a branch or tag.
- repo
Id Property Map - The ID of the repo.
- revision
Id String - A revision ID.
CloudRepoSourceContextResponse, CloudRepoSourceContextResponseArgs
- Alias
Context Pulumi.Google Native. Container Analysis. V1. Inputs. Alias Context Response - An alias, which may be a branch or tag.
- Repo
Id Pulumi.Google Native. Container Analysis. V1. Inputs. Repo Id Response - The ID of the repo.
- Revision
Id string - A revision ID.
- Alias
Context AliasContext Response - An alias, which may be a branch or tag.
- Repo
Id RepoId Response - The ID of the repo.
- Revision
Id string - A revision ID.
- alias
Context AliasContext Response - An alias, which may be a branch or tag.
- repo
Id RepoId Response - The ID of the repo.
- revision
Id String - A revision ID.
- alias
Context AliasContext Response - An alias, which may be a branch or tag.
- repo
Id RepoId Response - The ID of the repo.
- revision
Id string - A revision ID.
- alias_
context AliasContext Response - An alias, which may be a branch or tag.
- repo_
id RepoId Response - The ID of the repo.
- revision_
id str - A revision ID.
- alias
Context Property Map - An alias, which may be a branch or tag.
- repo
Id Property Map - The ID of the repo.
- revision
Id String - A revision ID.
Command, CommandArgs
- Name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - Args List<string>
- Command-line arguments used when executing this command.
- Dir string
- Working directory (relative to project source root) used when running this command.
- Env List<string>
- Environment variables set before running this command.
- Id string
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- Wait
For List<string> - The ID(s) of the command(s) that this command depends on.
- Name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - Args []string
- Command-line arguments used when executing this command.
- Dir string
- Working directory (relative to project source root) used when running this command.
- Env []string
- Environment variables set before running this command.
- Id string
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- Wait
For []string - The ID(s) of the command(s) that this command depends on.
- name String
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - args List<String>
- Command-line arguments used when executing this command.
- dir String
- Working directory (relative to project source root) used when running this command.
- env List<String>
- Environment variables set before running this command.
- id String
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- wait
For List<String> - The ID(s) of the command(s) that this command depends on.
- name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - args string[]
- Command-line arguments used when executing this command.
- dir string
- Working directory (relative to project source root) used when running this command.
- env string[]
- Environment variables set before running this command.
- id string
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- wait
For string[] - The ID(s) of the command(s) that this command depends on.
- name str
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - args Sequence[str]
- Command-line arguments used when executing this command.
- dir str
- Working directory (relative to project source root) used when running this command.
- env Sequence[str]
- Environment variables set before running this command.
- id str
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- wait_
for Sequence[str] - The ID(s) of the command(s) that this command depends on.
- name String
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - args List<String>
- Command-line arguments used when executing this command.
- dir String
- Working directory (relative to project source root) used when running this command.
- env List<String>
- Environment variables set before running this command.
- id String
- Optional unique identifier for this command, used in wait_for to reference this command as a dependency.
- wait
For List<String> - The ID(s) of the command(s) that this command depends on.
CommandResponse, CommandResponseArgs
- Args List<string>
- Command-line arguments used when executing this command.
- Dir string
- Working directory (relative to project source root) used when running this command.
- Env List<string>
- Environment variables set before running this command.
- Name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - Wait
For List<string> - The ID(s) of the command(s) that this command depends on.
- Args []string
- Command-line arguments used when executing this command.
- Dir string
- Working directory (relative to project source root) used when running this command.
- Env []string
- Environment variables set before running this command.
- Name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - Wait
For []string - The ID(s) of the command(s) that this command depends on.
- args List<String>
- Command-line arguments used when executing this command.
- dir String
- Working directory (relative to project source root) used when running this command.
- env List<String>
- Environment variables set before running this command.
- name String
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - wait
For List<String> - The ID(s) of the command(s) that this command depends on.
- args string[]
- Command-line arguments used when executing this command.
- dir string
- Working directory (relative to project source root) used when running this command.
- env string[]
- Environment variables set before running this command.
- name string
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - wait
For string[] - The ID(s) of the command(s) that this command depends on.
- args Sequence[str]
- Command-line arguments used when executing this command.
- dir str
- Working directory (relative to project source root) used when running this command.
- env Sequence[str]
- Environment variables set before running this command.
- name str
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - wait_
for Sequence[str] - The ID(s) of the command(s) that this command depends on.
- args List<String>
- Command-line arguments used when executing this command.
- dir String
- Working directory (relative to project source root) used when running this command.
- env List<String>
- Environment variables set before running this command.
- name String
- Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to
docker pull. - wait
For List<String> - The ID(s) of the command(s) that this command depends on.
Completeness, CompletenessArgs
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
CompletenessResponse, CompletenessResponseArgs
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
ComplianceOccurrence, ComplianceOccurrenceArgs
ComplianceOccurrenceResponse, ComplianceOccurrenceResponseArgs
DSSEAttestationOccurrence, DSSEAttestationOccurrenceArgs
- Envelope
Pulumi.
Google Native. Container Analysis. V1. Inputs. Envelope - If doing something security critical, make sure to verify the signatures in this metadata.
- Statement
Pulumi.
Google Native. Container Analysis. V1. Inputs. In Toto Statement
- Envelope Envelope
- If doing something security critical, make sure to verify the signatures in this metadata.
- Statement
In
Toto Statement
- envelope Envelope
- If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement
- envelope Envelope
- If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement
- envelope Envelope
- If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement
- envelope Property Map
- If doing something security critical, make sure to verify the signatures in this metadata.
- statement Property Map
DSSEAttestationOccurrenceResponse, DSSEAttestationOccurrenceResponseArgs
- Envelope
Pulumi.
Google Native. Container Analysis. V1. Inputs. Envelope Response - If doing something security critical, make sure to verify the signatures in this metadata.
- Statement
Pulumi.
Google Native. Container Analysis. V1. Inputs. In Toto Statement Response
- Envelope
Envelope
Response - If doing something security critical, make sure to verify the signatures in this metadata.
- Statement
In
Toto Statement Response
- envelope
Envelope
Response - If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement Response
- envelope
Envelope
Response - If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement Response
- envelope
Envelope
Response - If doing something security critical, make sure to verify the signatures in this metadata.
- statement
In
Toto Statement Response
- envelope Property Map
- If doing something security critical, make sure to verify the signatures in this metadata.
- statement Property Map
DeploymentOccurrence, DeploymentOccurrenceArgs
- Deploy
Time string - Beginning of the lifetime of this deployment.
- Address string
- Address of the runtime element hosting this deployment.
- Config string
- Configuration used to create this deployment.
- Platform
Pulumi.
Google Native. Container Analysis. V1. Deployment Occurrence Platform - Platform hosting this deployment.
- Undeploy
Time string - End of the lifetime of this deployment.
- User
Email string - Identity of the user that triggered this deployment.
- Deploy
Time string - Beginning of the lifetime of this deployment.
- Address string
- Address of the runtime element hosting this deployment.
- Config string
- Configuration used to create this deployment.
- Platform
Deployment
Occurrence Platform - Platform hosting this deployment.
- Undeploy
Time string - End of the lifetime of this deployment.
- User
Email string - Identity of the user that triggered this deployment.
- deploy
Time String - Beginning of the lifetime of this deployment.
- address String
- Address of the runtime element hosting this deployment.
- config String
- Configuration used to create this deployment.
- platform
Deployment
Occurrence Platform - Platform hosting this deployment.
- undeploy
Time String - End of the lifetime of this deployment.
- user
Email String - Identity of the user that triggered this deployment.
- deploy
Time string - Beginning of the lifetime of this deployment.
- address string
- Address of the runtime element hosting this deployment.
- config string
- Configuration used to create this deployment.
- platform
Deployment
Occurrence Platform - Platform hosting this deployment.
- undeploy
Time string - End of the lifetime of this deployment.
- user
Email string - Identity of the user that triggered this deployment.
- deploy_
time str - Beginning of the lifetime of this deployment.
- address str
- Address of the runtime element hosting this deployment.
- config str
- Configuration used to create this deployment.
- platform
Deployment
Occurrence Platform - Platform hosting this deployment.
- undeploy_
time str - End of the lifetime of this deployment.
- user_
email str - Identity of the user that triggered this deployment.
- deploy
Time String - Beginning of the lifetime of this deployment.
- address String
- Address of the runtime element hosting this deployment.
- config String
- Configuration used to create this deployment.
- platform "PLATFORM_UNSPECIFIED" | "GKE" | "FLEX" | "CUSTOM"
- Platform hosting this deployment.
- undeploy
Time String - End of the lifetime of this deployment.
- user
Email String - Identity of the user that triggered this deployment.
DeploymentOccurrencePlatform, DeploymentOccurrencePlatformArgs
- Platform
Unspecified - PLATFORM_UNSPECIFIEDUnknown.
- Gke
- GKEGoogle Container Engine.
- Flex
- FLEXGoogle App Engine: Flexible Environment.
- Custom
- CUSTOMCustom user-defined platform.
- Deployment
Occurrence Platform Platform Unspecified - PLATFORM_UNSPECIFIEDUnknown.
- Deployment
Occurrence Platform Gke - GKEGoogle Container Engine.
- Deployment
Occurrence Platform Flex - FLEXGoogle App Engine: Flexible Environment.
- Deployment
Occurrence Platform Custom - CUSTOMCustom user-defined platform.
- Platform
Unspecified - PLATFORM_UNSPECIFIEDUnknown.
- Gke
- GKEGoogle Container Engine.
- Flex
- FLEXGoogle App Engine: Flexible Environment.
- Custom
- CUSTOMCustom user-defined platform.
- Platform
Unspecified - PLATFORM_UNSPECIFIEDUnknown.
- Gke
- GKEGoogle Container Engine.
- Flex
- FLEXGoogle App Engine: Flexible Environment.
- Custom
- CUSTOMCustom user-defined platform.
- PLATFORM_UNSPECIFIED
- PLATFORM_UNSPECIFIEDUnknown.
- GKE
- GKEGoogle Container Engine.
- FLEX
- FLEXGoogle App Engine: Flexible Environment.
- CUSTOM
- CUSTOMCustom user-defined platform.
- "PLATFORM_UNSPECIFIED"
- PLATFORM_UNSPECIFIEDUnknown.
- "GKE"
- GKEGoogle Container Engine.
- "FLEX"
- FLEXGoogle App Engine: Flexible Environment.
- "CUSTOM"
- CUSTOMCustom user-defined platform.
DeploymentOccurrenceResponse, DeploymentOccurrenceResponseArgs
- Address string
- Address of the runtime element hosting this deployment.
- Config string
- Configuration used to create this deployment.
- Deploy
Time string - Beginning of the lifetime of this deployment.
- Platform string
- Platform hosting this deployment.
- Resource
Uri List<string> - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- Undeploy
Time string - End of the lifetime of this deployment.
- User
Email string - Identity of the user that triggered this deployment.
- Address string
- Address of the runtime element hosting this deployment.
- Config string
- Configuration used to create this deployment.
- Deploy
Time string - Beginning of the lifetime of this deployment.
- Platform string
- Platform hosting this deployment.
- Resource
Uri []string - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- Undeploy
Time string - End of the lifetime of this deployment.
- User
Email string - Identity of the user that triggered this deployment.
- address String
- Address of the runtime element hosting this deployment.
- config String
- Configuration used to create this deployment.
- deploy
Time String - Beginning of the lifetime of this deployment.
- platform String
- Platform hosting this deployment.
- resource
Uri List<String> - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- undeploy
Time String - End of the lifetime of this deployment.
- user
Email String - Identity of the user that triggered this deployment.
- address string
- Address of the runtime element hosting this deployment.
- config string
- Configuration used to create this deployment.
- deploy
Time string - Beginning of the lifetime of this deployment.
- platform string
- Platform hosting this deployment.
- resource
Uri string[] - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- undeploy
Time string - End of the lifetime of this deployment.
- user
Email string - Identity of the user that triggered this deployment.
- address str
- Address of the runtime element hosting this deployment.
- config str
- Configuration used to create this deployment.
- deploy_
time str - Beginning of the lifetime of this deployment.
- platform str
- Platform hosting this deployment.
- resource_
uri Sequence[str] - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- undeploy_
time str - End of the lifetime of this deployment.
- user_
email str - Identity of the user that triggered this deployment.
- address String
- Address of the runtime element hosting this deployment.
- config String
- Configuration used to create this deployment.
- deploy
Time String - Beginning of the lifetime of this deployment.
- platform String
- Platform hosting this deployment.
- resource
Uri List<String> - Resource URI for the artifact being deployed taken from the deployable field with the same name.
- undeploy
Time String - End of the lifetime of this deployment.
- user
Email String - Identity of the user that triggered this deployment.
DiscoveryOccurrence, DiscoveryOccurrenceArgs
- Analysis
Completed Pulumi.Google Native. Container Analysis. V1. Inputs. Analysis Completed - Analysis
Error List<Pulumi.Google Native. Container Analysis. V1. Inputs. Status> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- Analysis
Status Pulumi.Google Native. Container Analysis. V1. Discovery Occurrence Analysis Status - The status of discovery for the resource.
- Analysis
Status Pulumi.Error Google Native. Container Analysis. V1. Inputs. Status - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- Continuous
Analysis Pulumi.Google Native. Container Analysis. V1. Discovery Occurrence Continuous Analysis - Whether the resource is continuously analyzed.
- Cpe string
- The CPE of the resource being scanned.
- Last
Scan stringTime - The last time this resource was scanned.
- Sbom
Status Pulumi.Google Native. Container Analysis. V1. Inputs. SBOMStatus - The status of an SBOM generation.
- Analysis
Completed AnalysisCompleted - Analysis
Error []Status - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- Analysis
Status DiscoveryOccurrence Analysis Status - The status of discovery for the resource.
- Analysis
Status StatusError - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- Continuous
Analysis DiscoveryOccurrence Continuous Analysis - Whether the resource is continuously analyzed.
- Cpe string
- The CPE of the resource being scanned.
- Last
Scan stringTime - The last time this resource was scanned.
- Sbom
Status SBOMStatus - The status of an SBOM generation.
- analysis
Completed AnalysisCompleted - analysis
Error List<Status> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status DiscoveryOccurrence Analysis Status - The status of discovery for the resource.
- analysis
Status StatusError - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- continuous
Analysis DiscoveryOccurrence Continuous Analysis - Whether the resource is continuously analyzed.
- cpe String
- The CPE of the resource being scanned.
- last
Scan StringTime - The last time this resource was scanned.
- sbom
Status SBOMStatus - The status of an SBOM generation.
- analysis
Completed AnalysisCompleted - analysis
Error Status[] - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status DiscoveryOccurrence Analysis Status - The status of discovery for the resource.
- analysis
Status StatusError - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- continuous
Analysis DiscoveryOccurrence Continuous Analysis - Whether the resource is continuously analyzed.
- cpe string
- The CPE of the resource being scanned.
- last
Scan stringTime - The last time this resource was scanned.
- sbom
Status SBOMStatus - The status of an SBOM generation.
- analysis_
completed AnalysisCompleted - analysis_
error Sequence[Status] - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis_
status DiscoveryOccurrence Analysis Status - The status of discovery for the resource.
- analysis_
status_ Statuserror - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- continuous_
analysis DiscoveryOccurrence Continuous Analysis - Whether the resource is continuously analyzed.
- cpe str
- The CPE of the resource being scanned.
- last_
scan_ strtime - The last time this resource was scanned.
- sbom_
status SBOMStatus - The status of an SBOM generation.
- analysis
Completed Property Map - analysis
Error List<Property Map> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status "ANALYSIS_STATUS_UNSPECIFIED" | "PENDING" | "SCANNING" | "FINISHED_SUCCESS" | "COMPLETE" | "FINISHED_FAILED" | "FINISHED_UNSUPPORTED" - The status of discovery for the resource.
- analysis
Status Property MapError - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- continuous
Analysis "CONTINUOUS_ANALYSIS_UNSPECIFIED" | "ACTIVE" | "INACTIVE" - Whether the resource is continuously analyzed.
- cpe String
- The CPE of the resource being scanned.
- last
Scan StringTime - The last time this resource was scanned.
- sbom
Status Property Map - The status of an SBOM generation.
DiscoveryOccurrenceAnalysisStatus, DiscoveryOccurrenceAnalysisStatusArgs
- Analysis
Status Unspecified - ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- Pending
- PENDINGResource is known but no action has been taken yet.
- Scanning
- SCANNINGResource is being analyzed.
- Finished
Success - FINISHED_SUCCESSAnalysis has finished successfully.
- Complete
- COMPLETEAnalysis has completed.
- Finished
Failed - FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- Finished
Unsupported - FINISHED_UNSUPPORTEDThe resource is known not to be supported.
- Discovery
Occurrence Analysis Status Analysis Status Unspecified - ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- Discovery
Occurrence Analysis Status Pending - PENDINGResource is known but no action has been taken yet.
- Discovery
Occurrence Analysis Status Scanning - SCANNINGResource is being analyzed.
- Discovery
Occurrence Analysis Status Finished Success - FINISHED_SUCCESSAnalysis has finished successfully.
- Discovery
Occurrence Analysis Status Complete - COMPLETEAnalysis has completed.
- Discovery
Occurrence Analysis Status Finished Failed - FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- Discovery
Occurrence Analysis Status Finished Unsupported - FINISHED_UNSUPPORTEDThe resource is known not to be supported.
- Analysis
Status Unspecified - ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- Pending
- PENDINGResource is known but no action has been taken yet.
- Scanning
- SCANNINGResource is being analyzed.
- Finished
Success - FINISHED_SUCCESSAnalysis has finished successfully.
- Complete
- COMPLETEAnalysis has completed.
- Finished
Failed - FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- Finished
Unsupported - FINISHED_UNSUPPORTEDThe resource is known not to be supported.
- Analysis
Status Unspecified - ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- Pending
- PENDINGResource is known but no action has been taken yet.
- Scanning
- SCANNINGResource is being analyzed.
- Finished
Success - FINISHED_SUCCESSAnalysis has finished successfully.
- Complete
- COMPLETEAnalysis has completed.
- Finished
Failed - FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- Finished
Unsupported - FINISHED_UNSUPPORTEDThe resource is known not to be supported.
- ANALYSIS_STATUS_UNSPECIFIED
- ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- PENDING
- PENDINGResource is known but no action has been taken yet.
- SCANNING
- SCANNINGResource is being analyzed.
- FINISHED_SUCCESS
- FINISHED_SUCCESSAnalysis has finished successfully.
- COMPLETE
- COMPLETEAnalysis has completed.
- FINISHED_FAILED
- FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- FINISHED_UNSUPPORTED
- FINISHED_UNSUPPORTEDThe resource is known not to be supported.
- "ANALYSIS_STATUS_UNSPECIFIED"
- ANALYSIS_STATUS_UNSPECIFIEDUnknown.
- "PENDING"
- PENDINGResource is known but no action has been taken yet.
- "SCANNING"
- SCANNINGResource is being analyzed.
- "FINISHED_SUCCESS"
- FINISHED_SUCCESSAnalysis has finished successfully.
- "COMPLETE"
- COMPLETEAnalysis has completed.
- "FINISHED_FAILED"
- FINISHED_FAILEDAnalysis has finished unsuccessfully, the analysis itself is in a bad state.
- "FINISHED_UNSUPPORTED"
- FINISHED_UNSUPPORTEDThe resource is known not to be supported.
DiscoveryOccurrenceContinuousAnalysis, DiscoveryOccurrenceContinuousAnalysisArgs
- Continuous
Analysis Unspecified - CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- Active
- ACTIVEThe resource is continuously analyzed.
- Inactive
- INACTIVEThe resource is ignored for continuous analysis.
- Discovery
Occurrence Continuous Analysis Continuous Analysis Unspecified - CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- Discovery
Occurrence Continuous Analysis Active - ACTIVEThe resource is continuously analyzed.
- Discovery
Occurrence Continuous Analysis Inactive - INACTIVEThe resource is ignored for continuous analysis.
- Continuous
Analysis Unspecified - CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- Active
- ACTIVEThe resource is continuously analyzed.
- Inactive
- INACTIVEThe resource is ignored for continuous analysis.
- Continuous
Analysis Unspecified - CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- Active
- ACTIVEThe resource is continuously analyzed.
- Inactive
- INACTIVEThe resource is ignored for continuous analysis.
- CONTINUOUS_ANALYSIS_UNSPECIFIED
- CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- ACTIVE
- ACTIVEThe resource is continuously analyzed.
- INACTIVE
- INACTIVEThe resource is ignored for continuous analysis.
- "CONTINUOUS_ANALYSIS_UNSPECIFIED"
- CONTINUOUS_ANALYSIS_UNSPECIFIEDUnknown.
- "ACTIVE"
- ACTIVEThe resource is continuously analyzed.
- "INACTIVE"
- INACTIVEThe resource is ignored for continuous analysis.
DiscoveryOccurrenceResponse, DiscoveryOccurrenceResponseArgs
- Analysis
Completed Pulumi.Google Native. Container Analysis. V1. Inputs. Analysis Completed Response - Analysis
Error List<Pulumi.Google Native. Container Analysis. V1. Inputs. Status Response> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- Analysis
Status string - The status of discovery for the resource.
- Analysis
Status Pulumi.Error Google Native. Container Analysis. V1. Inputs. Status Response - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- Archive
Time string - The time occurrences related to this discovery occurrence were archived.
- Continuous
Analysis string - Whether the resource is continuously analyzed.
- Cpe string
- The CPE of the resource being scanned.
- Last
Scan stringTime - The last time this resource was scanned.
- Sbom
Status Pulumi.Google Native. Container Analysis. V1. Inputs. SBOMStatus Response - The status of an SBOM generation.
- Analysis
Completed AnalysisCompleted Response - Analysis
Error []StatusResponse - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- Analysis
Status string - The status of discovery for the resource.
- Analysis
Status StatusError Response - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- Archive
Time string - The time occurrences related to this discovery occurrence were archived.
- Continuous
Analysis string - Whether the resource is continuously analyzed.
- Cpe string
- The CPE of the resource being scanned.
- Last
Scan stringTime - The last time this resource was scanned.
- Sbom
Status SBOMStatusResponse - The status of an SBOM generation.
- analysis
Completed AnalysisCompleted Response - analysis
Error List<StatusResponse> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status String - The status of discovery for the resource.
- analysis
Status StatusError Response - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- archive
Time String - The time occurrences related to this discovery occurrence were archived.
- continuous
Analysis String - Whether the resource is continuously analyzed.
- cpe String
- The CPE of the resource being scanned.
- last
Scan StringTime - The last time this resource was scanned.
- sbom
Status SBOMStatusResponse - The status of an SBOM generation.
- analysis
Completed AnalysisCompleted Response - analysis
Error StatusResponse[] - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status string - The status of discovery for the resource.
- analysis
Status StatusError Response - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- archive
Time string - The time occurrences related to this discovery occurrence were archived.
- continuous
Analysis string - Whether the resource is continuously analyzed.
- cpe string
- The CPE of the resource being scanned.
- last
Scan stringTime - The last time this resource was scanned.
- sbom
Status SBOMStatusResponse - The status of an SBOM generation.
- analysis_
completed AnalysisCompleted Response - analysis_
error Sequence[StatusResponse] - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis_
status str - The status of discovery for the resource.
- analysis_
status_ Statuserror Response - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- archive_
time str - The time occurrences related to this discovery occurrence were archived.
- continuous_
analysis str - Whether the resource is continuously analyzed.
- cpe str
- The CPE of the resource being scanned.
- last_
scan_ strtime - The last time this resource was scanned.
- sbom_
status SBOMStatusResponse - The status of an SBOM generation.
- analysis
Completed Property Map - analysis
Error List<Property Map> - Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors.
- analysis
Status String - The status of discovery for the resource.
- analysis
Status Property MapError - When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API.
- archive
Time String - The time occurrences related to this discovery occurrence were archived.
- continuous
Analysis String - Whether the resource is continuously analyzed.
- cpe String
- The CPE of the resource being scanned.
- last
Scan StringTime - The last time this resource was scanned.
- sbom
Status Property Map - The status of an SBOM generation.
Envelope, EnvelopeArgs
- Payload string
- Payload
Type string - Signatures
[]Envelope
Signature
- payload String
- payload
Type String - signatures
List<Envelope
Signature>
- payload string
- payload
Type string - signatures
Envelope
Signature[]
- payload String
- payload
Type String - signatures List<Property Map>
EnvelopeResponse, EnvelopeResponseArgs
- Payload string
- Payload
Type string - Signatures
[]Envelope
Signature Response
- payload String
- payload
Type String - signatures
List<Envelope
Signature Response>
- payload string
- payload
Type string - signatures
Envelope
Signature Response[]
- payload String
- payload
Type String - signatures List<Property Map>
EnvelopeSignature, EnvelopeSignatureArgs
EnvelopeSignatureResponse, EnvelopeSignatureResponseArgs
Fingerprint, FingerprintArgs
FingerprintResponse, FingerprintResponseArgs
- V1Name string
- The layer ID of the final layer in the Docker image's v1 representation.
- V2Blob List<string>
- The ordered list of v2 blobs that represent a given image.
- V2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
- V1Name string
- The layer ID of the final layer in the Docker image's v1 representation.
- V2Blob []string
- The ordered list of v2 blobs that represent a given image.
- V2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
- v1Name String
- The layer ID of the final layer in the Docker image's v1 representation.
- v2Blob List<String>
- The ordered list of v2 blobs that represent a given image.
- v2Name String
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
- v1Name string
- The layer ID of the final layer in the Docker image's v1 representation.
- v2Blob string[]
- The ordered list of v2 blobs that represent a given image.
- v2Name string
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
- v1_
name str - The layer ID of the final layer in the Docker image's v1 representation.
- v2_
blob Sequence[str] - The ordered list of v2 blobs that represent a given image.
- v2_
name str - The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
- v1Name String
- The layer ID of the final layer in the Docker image's v1 representation.
- v2Blob List<String>
- The ordered list of v2 blobs that represent a given image.
- v2Name String
- The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + " " + v2_name[N+1]) Only the name of the final blob is kept.
GerritSourceContext, GerritSourceContextArgs
- Alias
Context Pulumi.Google Native. Container Analysis. V1. Inputs. Alias Context - An alias, which may be a branch or tag.
- Gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- Host
Uri string - The URI of a running Gerrit instance.
- Revision
Id string - A revision (commit) ID.
- Alias
Context AliasContext - An alias, which may be a branch or tag.
- Gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- Host
Uri string - The URI of a running Gerrit instance.
- Revision
Id string - A revision (commit) ID.
- alias
Context AliasContext - An alias, which may be a branch or tag.
- gerrit
Project String - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri String - The URI of a running Gerrit instance.
- revision
Id String - A revision (commit) ID.
- alias
Context AliasContext - An alias, which may be a branch or tag.
- gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri string - The URI of a running Gerrit instance.
- revision
Id string - A revision (commit) ID.
- alias_
context AliasContext - An alias, which may be a branch or tag.
- gerrit_
project str - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host_
uri str - The URI of a running Gerrit instance.
- revision_
id str - A revision (commit) ID.
- alias
Context Property Map - An alias, which may be a branch or tag.
- gerrit
Project String - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri String - The URI of a running Gerrit instance.
- revision
Id String - A revision (commit) ID.
GerritSourceContextResponse, GerritSourceContextResponseArgs
- Alias
Context Pulumi.Google Native. Container Analysis. V1. Inputs. Alias Context Response - An alias, which may be a branch or tag.
- Gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- Host
Uri string - The URI of a running Gerrit instance.
- Revision
Id string - A revision (commit) ID.
- Alias
Context AliasContext Response - An alias, which may be a branch or tag.
- Gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- Host
Uri string - The URI of a running Gerrit instance.
- Revision
Id string - A revision (commit) ID.
- alias
Context AliasContext Response - An alias, which may be a branch or tag.
- gerrit
Project String - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri String - The URI of a running Gerrit instance.
- revision
Id String - A revision (commit) ID.
- alias
Context AliasContext Response - An alias, which may be a branch or tag.
- gerrit
Project string - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri string - The URI of a running Gerrit instance.
- revision
Id string - A revision (commit) ID.
- alias_
context AliasContext Response - An alias, which may be a branch or tag.
- gerrit_
project str - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host_
uri str - The URI of a running Gerrit instance.
- revision_
id str - A revision (commit) ID.
- alias
Context Property Map - An alias, which may be a branch or tag.
- gerrit
Project String - The full project name within the host. Projects may be nested, so "project/subproject" is a valid project name. The "repo name" is the hostURI/project.
- host
Uri String - The URI of a running Gerrit instance.
- revision
Id String - A revision (commit) ID.
GitSourceContext, GitSourceContextArgs
- Revision
Id string - Git commit hash.
- Url string
- Git repository URL.
- Revision
Id string - Git commit hash.
- Url string
- Git repository URL.
- revision
Id String - Git commit hash.
- url String
- Git repository URL.
- revision
Id string - Git commit hash.
- url string
- Git repository URL.
- revision_
id str - Git commit hash.
- url str
- Git repository URL.
- revision
Id String - Git commit hash.
- url String
- Git repository URL.
GitSourceContextResponse, GitSourceContextResponseArgs
- Revision
Id string - Git commit hash.
- Url string
- Git repository URL.
- Revision
Id string - Git commit hash.
- Url string
- Git repository URL.
- revision
Id String - Git commit hash.
- url String
- Git repository URL.
- revision
Id string - Git commit hash.
- url string
- Git repository URL.
- revision_
id str - Git commit hash.
- url str
- Git repository URL.
- revision
Id String - Git commit hash.
- url String
- Git repository URL.
GrafeasV1FileLocation, GrafeasV1FileLocationArgs
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file_
path str - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
GrafeasV1FileLocationResponse, GrafeasV1FileLocationResponseArgs
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- File
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path string - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file_
path str - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
- file
Path String - For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder, GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderArgs
- Id string
- Id string
- id String
- id string
- id str
- id String
GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness, GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessArgs
- Environment bool
- Materials bool
- Parameters bool
- Environment bool
- Materials bool
- Parameters bool
- environment Boolean
- materials Boolean
- parameters Boolean
- environment boolean
- materials boolean
- parameters boolean
- environment bool
- materials bool
- parameters bool
- environment Boolean
- materials Boolean
- parameters Boolean
GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessResponse, GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessResponseArgs
- Environment bool
- Materials bool
- Parameters bool
- Environment bool
- Materials bool
- Parameters bool
- environment Boolean
- materials Boolean
- parameters Boolean
- environment boolean
- materials boolean
- parameters boolean
- environment bool
- materials bool
- parameters bool
- environment Boolean
- materials Boolean
- parameters Boolean
GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource, GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceArgs
- Digest Dictionary<string, string>
- Entry
Point string - Uri string
- Digest map[string]string
- Entry
Point string - Uri string
- digest Map<String,String>
- entry
Point String - uri String
- digest {[key: string]: string}
- entry
Point string - uri string
- digest Mapping[str, str]
- entry_
point str - uri str
- digest Map<String>
- entry
Point String - uri String
GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceResponse, GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceResponseArgs
- Digest Dictionary<string, string>
- Entry
Point string - Uri string
- Digest map[string]string
- Entry
Point string - Uri string
- digest Map<String,String>
- entry
Point String - uri String
- digest {[key: string]: string}
- entry
Point string - uri string
- digest Mapping[str, str]
- entry_
point str - uri str
- digest Map<String>
- entry
Point String - uri String
GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation, GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationArgs
- Config
Source Pulumi.Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Config Source - Environment Dictionary<string, string>
- Parameters Dictionary<string, string>
- Config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source - Environment map[string]string
- Parameters map[string]string
- config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source - environment Map<String,String>
- parameters Map<String,String>
- config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source - environment {[key: string]: string}
- parameters {[key: string]: string}
- config_
source GrafeasV1Slsa Provenance Zero Two Slsa Config Source - environment Mapping[str, str]
- parameters Mapping[str, str]
- config
Source Property Map - environment Map<String>
- parameters Map<String>
GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationResponse, GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationResponseArgs
- Config
Source Pulumi.Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Config Source Response - Environment Dictionary<string, string>
- Parameters Dictionary<string, string>
- Config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source Response - Environment map[string]string
- Parameters map[string]string
- config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source Response - environment Map<String,String>
- parameters Map<String,String>
- config
Source GrafeasV1Slsa Provenance Zero Two Slsa Config Source Response - environment {[key: string]: string}
- parameters {[key: string]: string}
- config_
source GrafeasV1Slsa Provenance Zero Two Slsa Config Source Response - environment Mapping[str, str]
- parameters Mapping[str, str]
- config
Source Property Map - environment Map<String>
- parameters Map<String>
GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial, GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialArgs
GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialResponse, GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialResponseArgs
GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata, GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataArgs
- build
Finished StringOn - build
Invocation StringId - build
Started StringOn - completeness
Grafeas
V1Slsa Provenance Zero Two Slsa Completeness - reproducible Boolean
- build
Finished stringOn - build
Invocation stringId - build
Started stringOn - completeness
Grafeas
V1Slsa Provenance Zero Two Slsa Completeness - reproducible boolean
- build
Finished StringOn - build
Invocation StringId - build
Started StringOn - completeness Property Map
- reproducible Boolean
GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataResponse, GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataResponseArgs
- build
Finished StringOn - build
Invocation StringId - build
Started StringOn - completeness Property Map
- reproducible Boolean
Identity, IdentityArgs
IdentityResponse, IdentityResponseArgs
ImageOccurrence, ImageOccurrenceArgs
- Fingerprint
Pulumi.
Google Native. Container Analysis. V1. Inputs. Fingerprint - The fingerprint of the derived image.
- Layer
Info List<Pulumi.Google Native. Container Analysis. V1. Inputs. Layer> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- Fingerprint Fingerprint
- The fingerprint of the derived image.
- Layer
Info []Layer - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- fingerprint Fingerprint
- The fingerprint of the derived image.
- layer
Info List<Layer> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- fingerprint Fingerprint
- The fingerprint of the derived image.
- layer
Info Layer[] - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- fingerprint Fingerprint
- The fingerprint of the derived image.
- layer_
info Sequence[Layer] - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- fingerprint Property Map
- The fingerprint of the derived image.
- layer
Info List<Property Map> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
ImageOccurrenceResponse, ImageOccurrenceResponseArgs
- Base
Resource stringUrl - This contains the base image URL for the derived image occurrence.
- Distance int
- The number of layers by which this image differs from the associated image basis.
- Fingerprint
Pulumi.
Google Native. Container Analysis. V1. Inputs. Fingerprint Response - The fingerprint of the derived image.
- Layer
Info List<Pulumi.Google Native. Container Analysis. V1. Inputs. Layer Response> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- Base
Resource stringUrl - This contains the base image URL for the derived image occurrence.
- Distance int
- The number of layers by which this image differs from the associated image basis.
- Fingerprint
Fingerprint
Response - The fingerprint of the derived image.
- Layer
Info []LayerResponse - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- base
Resource StringUrl - This contains the base image URL for the derived image occurrence.
- distance Integer
- The number of layers by which this image differs from the associated image basis.
- fingerprint
Fingerprint
Response - The fingerprint of the derived image.
- layer
Info List<LayerResponse> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- base
Resource stringUrl - This contains the base image URL for the derived image occurrence.
- distance number
- The number of layers by which this image differs from the associated image basis.
- fingerprint
Fingerprint
Response - The fingerprint of the derived image.
- layer
Info LayerResponse[] - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- base_
resource_ strurl - This contains the base image URL for the derived image occurrence.
- distance int
- The number of layers by which this image differs from the associated image basis.
- fingerprint
Fingerprint
Response - The fingerprint of the derived image.
- layer_
info Sequence[LayerResponse] - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
- base
Resource StringUrl - This contains the base image URL for the derived image occurrence.
- distance Number
- The number of layers by which this image differs from the associated image basis.
- fingerprint Property Map
- The fingerprint of the derived image.
- layer
Info List<Property Map> - This contains layer-specific metadata, if populated it has length "distance" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer.
InTotoProvenance, InTotoProvenanceArgs
- Builder
Config Pulumi.Google Native. Container Analysis. V1. Inputs. Builder Config - required
- Materials List<string>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Metadata - Recipe
Pulumi.
Google Native. Container Analysis. V1. Inputs. Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- Builder
Config BuilderConfig - required
- Materials []string
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata Metadata
- Recipe Recipe
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config BuilderConfig - required
- materials List<String>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Metadata
- recipe Recipe
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config BuilderConfig - required
- materials string[]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Metadata
- recipe Recipe
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder_
config BuilderConfig - required
- materials Sequence[str]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Metadata
- recipe Recipe
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config Property Map - required
- materials List<String>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Property Map
- recipe Property Map
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
InTotoProvenanceResponse, InTotoProvenanceResponseArgs
- Builder
Config Pulumi.Google Native. Container Analysis. V1. Inputs. Builder Config Response - required
- Materials List<string>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Metadata Response - Recipe
Pulumi.
Google Native. Container Analysis. V1. Inputs. Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- Builder
Config BuilderConfig Response - required
- Materials []string
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Metadata
Response - Recipe
Recipe
Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config BuilderConfig Response - required
- materials List<String>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Metadata
Response - recipe
Recipe
Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config BuilderConfig Response - required
- materials string[]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Metadata
Response - recipe
Recipe
Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder_
config BuilderConfig Response - required
- materials Sequence[str]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Metadata
Response - recipe
Recipe
Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Config Property Map - required
- materials List<String>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Property Map
- recipe Property Map
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
InTotoSlsaProvenanceV1, InTotoSlsaProvenanceV1Args
- Predicate
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Provenance V1 - Predicate
Type string - Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject> - Type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- Predicate
Slsa
Provenance V1 - Predicate
Type string - Subject []Subject
- Type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1 - predicate
Type String - subject List<Subject>
- type String
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1 - predicate
Type string - subject Subject[]
- type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1 - predicate_
type str - subject Sequence[Subject]
- type str
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate Property Map
- predicate
Type String - subject List<Property Map>
- type String
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
InTotoSlsaProvenanceV1Response, InTotoSlsaProvenanceV1ResponseArgs
- Predicate
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Provenance V1Response - Predicate
Type string - Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject Response> - Type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- Predicate
Slsa
Provenance V1Response - Predicate
Type string - Subject
[]Subject
Response - Type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1Response - predicate
Type String - subject
List<Subject
Response> - type String
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1Response - predicate
Type string - subject
Subject
Response[] - type string
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate
Slsa
Provenance V1Response - predicate_
type str - subject
Sequence[Subject
Response] - type str
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
- predicate Property Map
- predicate
Type String - subject List<Property Map>
- type String
- InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement
InTotoStatement, InTotoStatementArgs
- Predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- Provenance
Pulumi.
Google Native. Container Analysis. V1. Inputs. In Toto Provenance - Slsa
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. Slsa Provenance - Slsa
Provenance Pulumi.Zero Two Google Native. Container Analysis. V1. Inputs. Slsa Provenance Zero Two - Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject> - Type string
- Always
https://in-toto.io/Statement/v0.1.
- Predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- Provenance
In
Toto Provenance - Slsa
Provenance SlsaProvenance - Slsa
Provenance SlsaZero Two Provenance Zero Two - Subject []Subject
- Type string
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type String https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance - slsa
Provenance SlsaProvenance - slsa
Provenance SlsaZero Two Provenance Zero Two - subject List<Subject>
- type String
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance - slsa
Provenance SlsaProvenance - slsa
Provenance SlsaZero Two Provenance Zero Two - subject Subject[]
- type string
- Always
https://in-toto.io/Statement/v0.1.
- predicate_
type str https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance - slsa_
provenance SlsaProvenance - slsa_
provenance_ Slsazero_ two Provenance Zero Two - subject Sequence[Subject]
- type str
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type String https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance Property Map
- slsa
Provenance Property Map - slsa
Provenance Property MapZero Two - subject List<Property Map>
- type String
- Always
https://in-toto.io/Statement/v0.1.
InTotoStatementResponse, InTotoStatementResponseArgs
- Predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- Provenance
Pulumi.
Google Native. Container Analysis. V1. Inputs. In Toto Provenance Response - Slsa
Provenance Pulumi.Google Native. Container Analysis. V1. Inputs. Slsa Provenance Response - Slsa
Provenance Pulumi.Zero Two Google Native. Container Analysis. V1. Inputs. Slsa Provenance Zero Two Response - Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject Response> - Type string
- Always
https://in-toto.io/Statement/v0.1.
- Predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- Provenance
In
Toto Provenance Response - Slsa
Provenance SlsaProvenance Response - Slsa
Provenance SlsaZero Two Provenance Zero Two Response - Subject
[]Subject
Response - Type string
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type String https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance Response - slsa
Provenance SlsaProvenance Response - slsa
Provenance SlsaZero Two Provenance Zero Two Response - subject
List<Subject
Response> - type String
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type string https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance Response - slsa
Provenance SlsaProvenance Response - slsa
Provenance SlsaZero Two Provenance Zero Two Response - subject
Subject
Response[] - type string
- Always
https://in-toto.io/Statement/v0.1.
- predicate_
type str https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance
In
Toto Provenance Response - slsa_
provenance SlsaProvenance Response - slsa_
provenance_ Slsazero_ two Provenance Zero Two Response - subject
Sequence[Subject
Response] - type str
- Always
https://in-toto.io/Statement/v0.1.
- predicate
Type String https://slsa.dev/provenance/v0.1for SlsaProvenance.- provenance Property Map
- slsa
Provenance Property Map - slsa
Provenance Property MapZero Two - subject List<Property Map>
- type String
- Always
https://in-toto.io/Statement/v0.1.
Justification, JustificationArgs
- Details string
- Additional details on why this justification was chosen.
- Justification
Type Pulumi.Google Native. Container Analysis. V1. Justification Justification Type - The justification type for this vulnerability.
- Details string
- Additional details on why this justification was chosen.
- Justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details string
- Additional details on why this justification was chosen.
- justification
Type JustificationJustification Type - The justification type for this vulnerability.
- details str
- Additional details on why this justification was chosen.
- justification_
type JustificationJustification Type - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type "JUSTIFICATION_TYPE_UNSPECIFIED" | "COMPONENT_NOT_PRESENT" | "VULNERABLE_CODE_NOT_PRESENT" | "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH" | "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY" | "INLINE_MITIGATIONS_ALREADY_EXIST" - The justification type for this vulnerability.
JustificationJustificationType, JustificationJustificationTypeArgs
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Justification Type Justification Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Justification
Justification Type Component Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Justification
Justification Type Vulnerable Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Justification
Justification Type Vulnerable Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Justification
Justification Type Vulnerable Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Justification
Justification Type Inline Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- Justification
Type Unspecified - JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- Component
Not Present - COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- Vulnerable
Code Not Present - VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- Vulnerable
Code Not In Execute Path - VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- Vulnerable
Code Cannot Be Controlled By Adversary - VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- Inline
Mitigations Already Exist - INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- JUSTIFICATION_TYPE_UNSPECIFIED
- JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- COMPONENT_NOT_PRESENT
- COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- VULNERABLE_CODE_NOT_PRESENT
- VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATH
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- INLINE_MITIGATIONS_ALREADY_EXIST
- INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
- "JUSTIFICATION_TYPE_UNSPECIFIED"
- JUSTIFICATION_TYPE_UNSPECIFIEDJUSTIFICATION_TYPE_UNSPECIFIED.
- "COMPONENT_NOT_PRESENT"
- COMPONENT_NOT_PRESENTThe vulnerable component is not present in the product.
- "VULNERABLE_CODE_NOT_PRESENT"
- VULNERABLE_CODE_NOT_PRESENTThe vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.
- "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH"
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATHThe vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.
- "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY"
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARYThe vulnerable code cannot be controlled by an attacker to exploit the vulnerability.
- "INLINE_MITIGATIONS_ALREADY_EXIST"
- INLINE_MITIGATIONS_ALREADY_EXISTThe product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.
JustificationResponse, JustificationResponseArgs
- Details string
- Additional details on why this justification was chosen.
- Justification
Type string - The justification type for this vulnerability.
- Details string
- Additional details on why this justification was chosen.
- Justification
Type string - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type String - The justification type for this vulnerability.
- details string
- Additional details on why this justification was chosen.
- justification
Type string - The justification type for this vulnerability.
- details str
- Additional details on why this justification was chosen.
- justification_
type str - The justification type for this vulnerability.
- details String
- Additional details on why this justification was chosen.
- justification
Type String - The justification type for this vulnerability.
Jwt, JwtArgs
- Compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- Compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt String - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact_
jwt str - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt String - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
JwtResponse, JwtResponseArgs
- Compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- Compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt String - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt string - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact_
jwt str - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
- compact
Jwt String - The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1
Layer, LayerArgs
LayerResponse, LayerResponseArgs
License, LicenseArgs
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments string
- Comments
- expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments str
- Comments
- expression str
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
LicenseResponse, LicenseResponseArgs
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- Comments string
- Comments
- Expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments string
- Comments
- expression string
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments str
- Comments
- expression str
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
- comments String
- Comments
- expression String
- Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", "GPL-2.0-or-later WITH Bison-exception-2.2".
Location, LocationArgs
- Cpe
Uri string - Deprecated. The CPE URI in CPE format
- Path string
- The path from which we gathered that this package/version is installed.
- Version
Pulumi.
Google Native. Container Analysis. V1. Inputs. Version - Deprecated. The version installed at this location.
- Cpe
Uri string - Deprecated. The CPE URI in CPE format
- Path string
- The path from which we gathered that this package/version is installed.
- Version Version
- Deprecated. The version installed at this location.
- cpe
Uri String - Deprecated. The CPE URI in CPE format
- path String
- The path from which we gathered that this package/version is installed.
- version Version
- Deprecated. The version installed at this location.
- cpe
Uri string - Deprecated. The CPE URI in CPE format
- path string
- The path from which we gathered that this package/version is installed.
- version Version
- Deprecated. The version installed at this location.
- cpe_
uri str - Deprecated. The CPE URI in CPE format
- path str
- The path from which we gathered that this package/version is installed.
- version Version
- Deprecated. The version installed at this location.
- cpe
Uri String - Deprecated. The CPE URI in CPE format
- path String
- The path from which we gathered that this package/version is installed.
- version Property Map
- Deprecated. The version installed at this location.
LocationResponse, LocationResponseArgs
- Cpe
Uri string - Deprecated. The CPE URI in CPE format
- Path string
- The path from which we gathered that this package/version is installed.
- Version
Pulumi.
Google Native. Container Analysis. V1. Inputs. Version Response - Deprecated. The version installed at this location.
- Cpe
Uri string - Deprecated. The CPE URI in CPE format
- Path string
- The path from which we gathered that this package/version is installed.
- Version
Version
Response - Deprecated. The version installed at this location.
- cpe
Uri String - Deprecated. The CPE URI in CPE format
- path String
- The path from which we gathered that this package/version is installed.
- version
Version
Response - Deprecated. The version installed at this location.
- cpe
Uri string - Deprecated. The CPE URI in CPE format
- path string
- The path from which we gathered that this package/version is installed.
- version
Version
Response - Deprecated. The version installed at this location.
- cpe_
uri str - Deprecated. The CPE URI in CPE format
- path str
- The path from which we gathered that this package/version is installed.
- version
Version
Response - Deprecated. The version installed at this location.
- cpe
Uri String - Deprecated. The CPE URI in CPE format
- path String
- The path from which we gathered that this package/version is installed.
- version Property Map
- Deprecated. The version installed at this location.
Material, MaterialArgs
MaterialResponse, MaterialResponseArgs
Metadata, MetadataArgs
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Pulumi.
Google Native. Container Analysis. V1. Inputs. Completeness - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness Completeness
- Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness Completeness
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished stringOn - The timestamp of when the build completed.
- build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started stringOn - The timestamp of when the build started.
- completeness Completeness
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build_
finished_ stron - The timestamp of when the build completed.
- build_
invocation_ strid - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build_
started_ stron - The timestamp of when the build started.
- completeness Completeness
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness Property Map
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
MetadataResponse, MetadataResponseArgs
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Pulumi.
Google Native. Container Analysis. V1. Inputs. Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Completeness
Response - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness
Completeness
Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished stringOn - The timestamp of when the build completed.
- build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started stringOn - The timestamp of when the build started.
- completeness
Completeness
Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build_
finished_ stron - The timestamp of when the build completed.
- build_
invocation_ strid - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build_
started_ stron - The timestamp of when the build started.
- completeness
Completeness
Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness Property Map
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
NonCompliantFile, NonCompliantFileArgs
- Display
Command string - Command to display the non-compliant files.
- Path string
- Empty if
display_commandis set. - Reason string
- Explains why a file is non compliant for a CIS check.
- Display
Command string - Command to display the non-compliant files.
- Path string
- Empty if
display_commandis set. - Reason string
- Explains why a file is non compliant for a CIS check.
- display
Command String - Command to display the non-compliant files.
- path String
- Empty if
display_commandis set. - reason String
- Explains why a file is non compliant for a CIS check.
- display
Command string - Command to display the non-compliant files.
- path string
- Empty if
display_commandis set. - reason string
- Explains why a file is non compliant for a CIS check.
- display_
command str - Command to display the non-compliant files.
- path str
- Empty if
display_commandis set. - reason str
- Explains why a file is non compliant for a CIS check.
- display
Command String - Command to display the non-compliant files.
- path String
- Empty if
display_commandis set. - reason String
- Explains why a file is non compliant for a CIS check.
NonCompliantFileResponse, NonCompliantFileResponseArgs
- Display
Command string - Command to display the non-compliant files.
- Path string
- Empty if
display_commandis set. - Reason string
- Explains why a file is non compliant for a CIS check.
- Display
Command string - Command to display the non-compliant files.
- Path string
- Empty if
display_commandis set. - Reason string
- Explains why a file is non compliant for a CIS check.
- display
Command String - Command to display the non-compliant files.
- path String
- Empty if
display_commandis set. - reason String
- Explains why a file is non compliant for a CIS check.
- display
Command string - Command to display the non-compliant files.
- path string
- Empty if
display_commandis set. - reason string
- Explains why a file is non compliant for a CIS check.
- display_
command str - Command to display the non-compliant files.
- path str
- Empty if
display_commandis set. - reason str
- Explains why a file is non compliant for a CIS check.
- display
Command String - Command to display the non-compliant files.
- path String
- Empty if
display_commandis set. - reason String
- Explains why a file is non compliant for a CIS check.
PackageIssue, PackageIssueArgs
- Affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- Affected
Package string - The package this vulnerability was found in.
- Affected
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version - The version of the package that is installed on the resource affected by this vulnerability.
- Fixed
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- File
Location List<Pulumi.Google Native. Container Analysis. V1. Inputs. Grafeas V1File Location> - The location at which this package was found.
- Fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- Fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- Package
Type string - The type of package (e.g. OS, MAVEN, GO).
- Affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- Affected
Package string - The package this vulnerability was found in.
- Affected
Version Version - The version of the package that is installed on the resource affected by this vulnerability.
- Fixed
Version Version - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- File
Location []GrafeasV1File Location - The location at which this package was found.
- Fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- Fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- Package
Type string - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe StringUri - The CPE URI this vulnerability was found in.
- affected
Package String - The package this vulnerability was found in.
- affected
Version Version - The version of the package that is installed on the resource affected by this vulnerability.
- fixed
Version Version - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- file
Location List<GrafeasV1File Location> - The location at which this package was found.
- fixed
Cpe StringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package String - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- package
Type String - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- affected
Package string - The package this vulnerability was found in.
- affected
Version Version - The version of the package that is installed on the resource affected by this vulnerability.
- fixed
Version Version - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- file
Location GrafeasV1File Location[] - The location at which this package was found.
- fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- package
Type string - The type of package (e.g. OS, MAVEN, GO).
- affected_
cpe_ struri - The CPE URI this vulnerability was found in.
- affected_
package str - The package this vulnerability was found in.
- affected_
version Version - The version of the package that is installed on the resource affected by this vulnerability.
- fixed_
version Version - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- file_
location Sequence[GrafeasV1File Location] - The location at which this package was found.
- fixed_
cpe_ struri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed_
package str - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- package_
type str - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe StringUri - The CPE URI this vulnerability was found in.
- affected
Package String - The package this vulnerability was found in.
- affected
Version Property Map - The version of the package that is installed on the resource affected by this vulnerability.
- fixed
Version Property Map - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- file
Location List<Property Map> - The location at which this package was found.
- fixed
Cpe StringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package String - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- package
Type String - The type of package (e.g. OS, MAVEN, GO).
PackageIssueResponse, PackageIssueResponseArgs
- Affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- Affected
Package string - The package this vulnerability was found in.
- Affected
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version Response - The version of the package that is installed on the resource affected by this vulnerability.
- Effective
Severity string - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- File
Location List<Pulumi.Google Native. Container Analysis. V1. Inputs. Grafeas V1File Location Response> - The location at which this package was found.
- Fix
Available bool - Whether a fix is available for this package.
- Fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- Fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- Fixed
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version Response - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- Package
Type string - The type of package (e.g. OS, MAVEN, GO).
- Affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- Affected
Package string - The package this vulnerability was found in.
- Affected
Version VersionResponse - The version of the package that is installed on the resource affected by this vulnerability.
- Effective
Severity string - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- File
Location []GrafeasV1File Location Response - The location at which this package was found.
- Fix
Available bool - Whether a fix is available for this package.
- Fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- Fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- Fixed
Version VersionResponse - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- Package
Type string - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe StringUri - The CPE URI this vulnerability was found in.
- affected
Package String - The package this vulnerability was found in.
- affected
Version VersionResponse - The version of the package that is installed on the resource affected by this vulnerability.
- effective
Severity String - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- file
Location List<GrafeasV1File Location Response> - The location at which this package was found.
- fix
Available Boolean - Whether a fix is available for this package.
- fixed
Cpe StringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package String - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- fixed
Version VersionResponse - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- package
Type String - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe stringUri - The CPE URI this vulnerability was found in.
- affected
Package string - The package this vulnerability was found in.
- affected
Version VersionResponse - The version of the package that is installed on the resource affected by this vulnerability.
- effective
Severity string - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- file
Location GrafeasV1File Location Response[] - The location at which this package was found.
- fix
Available boolean - Whether a fix is available for this package.
- fixed
Cpe stringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package string - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- fixed
Version VersionResponse - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- package
Type string - The type of package (e.g. OS, MAVEN, GO).
- affected_
cpe_ struri - The CPE URI this vulnerability was found in.
- affected_
package str - The package this vulnerability was found in.
- affected_
version VersionResponse - The version of the package that is installed on the resource affected by this vulnerability.
- effective_
severity str - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- file_
location Sequence[GrafeasV1File Location Response] - The location at which this package was found.
- fix_
available bool - Whether a fix is available for this package.
- fixed_
cpe_ struri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed_
package str - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- fixed_
version VersionResponse - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- package_
type str - The type of package (e.g. OS, MAVEN, GO).
- affected
Cpe StringUri - The CPE URI this vulnerability was found in.
- affected
Package String - The package this vulnerability was found in.
- affected
Version Property Map - The version of the package that is installed on the resource affected by this vulnerability.
- effective
Severity String - The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available.
- file
Location List<Property Map> - The location at which this package was found.
- fix
Available Boolean - Whether a fix is available for this package.
- fixed
Cpe StringUri - The CPE URI this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri.
- fixed
Package String - The package this vulnerability was fixed in. It is possible for this to be different from the affected_package.
- fixed
Version Property Map - The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available.
- package
Type String - The type of package (e.g. OS, MAVEN, GO).
PackageOccurrence, PackageOccurrenceArgs
- License
Pulumi.
Google Native. Container Analysis. V1. Inputs. License - Licenses that have been declared by the authors of the package.
- Location
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Location> - All of the places within the filesystem versions of this package have been found.
- License License
- Licenses that have been declared by the authors of the package.
- Location []Location
- All of the places within the filesystem versions of this package have been found.
- license License
- Licenses that have been declared by the authors of the package.
- location List<Location>
- All of the places within the filesystem versions of this package have been found.
- license License
- Licenses that have been declared by the authors of the package.
- location Location[]
- All of the places within the filesystem versions of this package have been found.
- license License
- Licenses that have been declared by the authors of the package.
- location Sequence[Location]
- All of the places within the filesystem versions of this package have been found.
- license Property Map
- Licenses that have been declared by the authors of the package.
- location List<Property Map>
- All of the places within the filesystem versions of this package have been found.
PackageOccurrenceResponse, PackageOccurrenceResponseArgs
- Architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- License
Pulumi.
Google Native. Container Analysis. V1. Inputs. License Response - Licenses that have been declared by the authors of the package.
- Location
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Location Response> - All of the places within the filesystem versions of this package have been found.
- Name string
- The name of the installed package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Version
Pulumi.
Google Native. Container Analysis. V1. Inputs. Version Response - The version of the package.
- Architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- Cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- License
License
Response - Licenses that have been declared by the authors of the package.
- Location
[]Location
Response - All of the places within the filesystem versions of this package have been found.
- Name string
- The name of the installed package.
- Package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Version
Version
Response - The version of the package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- license
License
Response - Licenses that have been declared by the authors of the package.
- location
List<Location
Response> - All of the places within the filesystem versions of this package have been found.
- name String
- The name of the installed package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- version
Version
Response - The version of the package.
- architecture string
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri string - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- license
License
Response - Licenses that have been declared by the authors of the package.
- location
Location
Response[] - All of the places within the filesystem versions of this package have been found.
- name string
- The name of the installed package.
- package
Type string - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- version
Version
Response - The version of the package.
- architecture str
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe_
uri str - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- license
License
Response - Licenses that have been declared by the authors of the package.
- location
Sequence[Location
Response] - All of the places within the filesystem versions of this package have been found.
- name str
- The name of the installed package.
- package_
type str - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- version
Version
Response - The version of the package.
- architecture String
- The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.
- cpe
Uri String - The cpe_uri in CPE format denoting the package manager version distributing a package. The cpe_uri will be blank for language packages.
- license Property Map
- Licenses that have been declared by the authors of the package.
- location List<Property Map>
- All of the places within the filesystem versions of this package have been found.
- name String
- The name of the installed package.
- package
Type String - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- version Property Map
- The version of the package.
ProjectRepoId, ProjectRepoIdArgs
ProjectRepoIdResponse, ProjectRepoIdResponseArgs
ProvenanceBuilder, ProvenanceBuilderArgs
- Builder
Dependencies List<Pulumi.Google Native. Container Analysis. V1. Inputs. Resource Descriptor> - Id string
- Version Dictionary<string, string>
- Builder
Dependencies []ResourceDescriptor - Id string
- Version map[string]string
- builder
Dependencies List<ResourceDescriptor> - id String
- version Map<String,String>
- builder
Dependencies ResourceDescriptor[] - id string
- version {[key: string]: string}
- builder_
dependencies Sequence[ResourceDescriptor] - id str
- version Mapping[str, str]
- builder
Dependencies List<Property Map> - id String
- version Map<String>
ProvenanceBuilderResponse, ProvenanceBuilderResponseArgs
- Builder
Dependencies List<Pulumi.Google Native. Container Analysis. V1. Inputs. Resource Descriptor Response> - Version Dictionary<string, string>
- Builder
Dependencies []ResourceDescriptor Response - Version map[string]string
- builder
Dependencies List<ResourceDescriptor Response> - version Map<String,String>
- builder
Dependencies ResourceDescriptor Response[] - version {[key: string]: string}
- builder_
dependencies Sequence[ResourceDescriptor Response] - version Mapping[str, str]
- builder
Dependencies List<Property Map> - version Map<String>
Recipe, RecipeArgs
- Arguments
List<Immutable
Dictionary<string, string>> - Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment
List<Immutable
Dictionary<string, string>> - Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- Arguments []map[string]string
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment []map[string]string
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments List<Map<String,String>>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment List<Map<String,String>>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments {[key: string]: string}[]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment {[key: string]: string}[]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Sequence[Mapping[str, str]]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined_
in_ strmaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry_
point str - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Sequence[Mapping[str, str]]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type str
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments List<Map<String>>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment List<Map<String>>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
RecipeResponse, RecipeResponseArgs
- Arguments
List<Immutable
Dictionary<string, string>> - Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment
List<Immutable
Dictionary<string, string>> - Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- Arguments []map[string]string
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment []map[string]string
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments List<Map<String,String>>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment List<Map<String,String>>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments {[key: string]: string}[]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment {[key: string]: string}[]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Sequence[Mapping[str, str]]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined_
in_ strmaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry_
point str - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Sequence[Mapping[str, str]]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type str
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments List<Map<String>>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment List<Map<String>>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
RelatedUrl, RelatedUrlArgs
RelatedUrlResponse, RelatedUrlResponseArgs
Remediation, RemediationArgs
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type Pulumi.Google Native. Container Analysis. V1. Remediation Remediation Type - The type of remediation that can be applied.
- Remediation
Uri Pulumi.Google Native. Container Analysis. V1. Inputs. Related Url - Contains the URL where to obtain the remediation.
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- Remediation
Uri RelatedUrl - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- remediation
Uri RelatedUrl - Contains the URL where to obtain the remediation.
- details string
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type RemediationRemediation Type - The type of remediation that can be applied.
- remediation
Uri RelatedUrl - Contains the URL where to obtain the remediation.
- details str
- Contains a comprehensive human-readable discussion of the remediation.
- remediation_
type RemediationRemediation Type - The type of remediation that can be applied.
- remediation_
uri RelatedUrl - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type "REMEDIATION_TYPE_UNSPECIFIED" | "MITIGATION" | "NO_FIX_PLANNED" | "NONE_AVAILABLE" | "VENDOR_FIX" | "WORKAROUND" - The type of remediation that can be applied.
- remediation
Uri Property Map - Contains the URL where to obtain the remediation.
RemediationRemediationType, RemediationRemediationTypeArgs
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- Remediation
Remediation Type Remediation Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Remediation
Remediation Type Mitigation - MITIGATIONA MITIGATION is available.
- Remediation
Remediation Type No Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- Remediation
Remediation Type None Available - NONE_AVAILABLENot available.
- Remediation
Remediation Type Vendor Fix - VENDOR_FIXA vendor fix is available.
- Remediation
Remediation Type Workaround - WORKAROUNDA workaround is available.
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- Remediation
Type Unspecified - REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- Mitigation
- MITIGATIONA MITIGATION is available.
- No
Fix Planned - NO_FIX_PLANNEDNo fix is planned.
- None
Available - NONE_AVAILABLENot available.
- Vendor
Fix - VENDOR_FIXA vendor fix is available.
- Workaround
- WORKAROUNDA workaround is available.
- REMEDIATION_TYPE_UNSPECIFIED
- REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- MITIGATION
- MITIGATIONA MITIGATION is available.
- NO_FIX_PLANNED
- NO_FIX_PLANNEDNo fix is planned.
- NONE_AVAILABLE
- NONE_AVAILABLENot available.
- VENDOR_FIX
- VENDOR_FIXA vendor fix is available.
- WORKAROUND
- WORKAROUNDA workaround is available.
- "REMEDIATION_TYPE_UNSPECIFIED"
- REMEDIATION_TYPE_UNSPECIFIEDNo remediation type specified.
- "MITIGATION"
- MITIGATIONA MITIGATION is available.
- "NO_FIX_PLANNED"
- NO_FIX_PLANNEDNo fix is planned.
- "NONE_AVAILABLE"
- NONE_AVAILABLENot available.
- "VENDOR_FIX"
- VENDOR_FIXA vendor fix is available.
- "WORKAROUND"
- WORKAROUNDA workaround is available.
RemediationResponse, RemediationResponseArgs
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type string - The type of remediation that can be applied.
- Remediation
Uri Pulumi.Google Native. Container Analysis. V1. Inputs. Related Url Response - Contains the URL where to obtain the remediation.
- Details string
- Contains a comprehensive human-readable discussion of the remediation.
- Remediation
Type string - The type of remediation that can be applied.
- Remediation
Uri RelatedUrl Response - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type String - The type of remediation that can be applied.
- remediation
Uri RelatedUrl Response - Contains the URL where to obtain the remediation.
- details string
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type string - The type of remediation that can be applied.
- remediation
Uri RelatedUrl Response - Contains the URL where to obtain the remediation.
- details str
- Contains a comprehensive human-readable discussion of the remediation.
- remediation_
type str - The type of remediation that can be applied.
- remediation_
uri RelatedUrl Response - Contains the URL where to obtain the remediation.
- details String
- Contains a comprehensive human-readable discussion of the remediation.
- remediation
Type String - The type of remediation that can be applied.
- remediation
Uri Property Map - Contains the URL where to obtain the remediation.
RepoId, RepoIdArgs
- Project
Repo Pulumi.Id Google Native. Container Analysis. V1. Inputs. Project Repo Id - A combination of a project ID and a repo name.
- Uid string
- A server-assigned, globally unique identifier.
- Project
Repo ProjectId Repo Id - A combination of a project ID and a repo name.
- Uid string
- A server-assigned, globally unique identifier.
- project
Repo ProjectId Repo Id - A combination of a project ID and a repo name.
- uid String
- A server-assigned, globally unique identifier.
- project
Repo ProjectId Repo Id - A combination of a project ID and a repo name.
- uid string
- A server-assigned, globally unique identifier.
- project_
repo_ Projectid Repo Id - A combination of a project ID and a repo name.
- uid str
- A server-assigned, globally unique identifier.
- project
Repo Property MapId - A combination of a project ID and a repo name.
- uid String
- A server-assigned, globally unique identifier.
RepoIdResponse, RepoIdResponseArgs
- Project
Repo Pulumi.Id Google Native. Container Analysis. V1. Inputs. Project Repo Id Response - A combination of a project ID and a repo name.
- Uid string
- A server-assigned, globally unique identifier.
- Project
Repo ProjectId Repo Id Response - A combination of a project ID and a repo name.
- Uid string
- A server-assigned, globally unique identifier.
- project
Repo ProjectId Repo Id Response - A combination of a project ID and a repo name.
- uid String
- A server-assigned, globally unique identifier.
- project
Repo ProjectId Repo Id Response - A combination of a project ID and a repo name.
- uid string
- A server-assigned, globally unique identifier.
- project_
repo_ Projectid Repo Id Response - A combination of a project ID and a repo name.
- uid str
- A server-assigned, globally unique identifier.
- project
Repo Property MapId - A combination of a project ID and a repo name.
- uid String
- A server-assigned, globally unique identifier.
ResourceDescriptor, ResourceDescriptorArgs
- Annotations Dictionary<string, string>
- Content string
- Digest Dictionary<string, string>
- Download
Location string - Media
Type string - Name string
- Uri string
- Annotations map[string]string
- Content string
- Digest map[string]string
- Download
Location string - Media
Type string - Name string
- Uri string
- annotations Map<String,String>
- content String
- digest Map<String,String>
- download
Location String - media
Type String - name String
- uri String
- annotations {[key: string]: string}
- content string
- digest {[key: string]: string}
- download
Location string - media
Type string - name string
- uri string
- annotations Mapping[str, str]
- content str
- digest Mapping[str, str]
- download_
location str - media_
type str - name str
- uri str
- annotations Map<String>
- content String
- digest Map<String>
- download
Location String - media
Type String - name String
- uri String
ResourceDescriptorResponse, ResourceDescriptorResponseArgs
- Annotations Dictionary<string, string>
- Content string
- Digest Dictionary<string, string>
- Download
Location string - Media
Type string - Name string
- Uri string
- Annotations map[string]string
- Content string
- Digest map[string]string
- Download
Location string - Media
Type string - Name string
- Uri string
- annotations Map<String,String>
- content String
- digest Map<String,String>
- download
Location String - media
Type String - name String
- uri String
- annotations {[key: string]: string}
- content string
- digest {[key: string]: string}
- download
Location string - media
Type string - name string
- uri string
- annotations Mapping[str, str]
- content str
- digest Mapping[str, str]
- download_
location str - media_
type str - name str
- uri str
- annotations Map<String>
- content String
- digest Map<String>
- download
Location String - media
Type String - name String
- uri String
RunDetails, RunDetailsArgs
RunDetailsResponse, RunDetailsResponseArgs
SBOMReferenceOccurrence, SBOMReferenceOccurrenceArgs
- Payload
Pulumi.
Google Native. Container Analysis. V1. Inputs. Sbom Reference Intoto Payload - The actual payload that contains the SBOM reference data.
- Payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- Signatures
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Envelope Signature> - The signatures over the payload.
- Payload
Sbom
Reference Intoto Payload - The actual payload that contains the SBOM reference data.
- Payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- Signatures
[]Envelope
Signature - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload - The actual payload that contains the SBOM reference data.
- payload
Type String - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
List<Envelope
Signature> - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload - The actual payload that contains the SBOM reference data.
- payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
Envelope
Signature[] - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload - The actual payload that contains the SBOM reference data.
- payload_
type str - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
Sequence[Envelope
Signature] - The signatures over the payload.
- payload Property Map
- The actual payload that contains the SBOM reference data.
- payload
Type String - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures List<Property Map>
- The signatures over the payload.
SBOMReferenceOccurrenceResponse, SBOMReferenceOccurrenceResponseArgs
- Payload
Pulumi.
Google Native. Container Analysis. V1. Inputs. Sbom Reference Intoto Payload Response - The actual payload that contains the SBOM reference data.
- Payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- Signatures
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Envelope Signature Response> - The signatures over the payload.
- Payload
Sbom
Reference Intoto Payload Response - The actual payload that contains the SBOM reference data.
- Payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- Signatures
[]Envelope
Signature Response - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload Response - The actual payload that contains the SBOM reference data.
- payload
Type String - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
List<Envelope
Signature Response> - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload Response - The actual payload that contains the SBOM reference data.
- payload
Type string - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
Envelope
Signature Response[] - The signatures over the payload.
- payload
Sbom
Reference Intoto Payload Response - The actual payload that contains the SBOM reference data.
- payload_
type str - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures
Sequence[Envelope
Signature Response] - The signatures over the payload.
- payload Property Map
- The actual payload that contains the SBOM reference data.
- payload
Type String - The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
- signatures List<Property Map>
- The signatures over the payload.
SBOMStatus, SBOMStatusArgs
- Error string
- If there was an error generating an SBOM, this will indicate what that error was.
- Sbom
State Pulumi.Google Native. Container Analysis. V1. SBOMStatus Sbom State - The progress of the SBOM generation.
- Error string
- If there was an error generating an SBOM, this will indicate what that error was.
- Sbom
State SBOMStatusSbom State - The progress of the SBOM generation.
- error String
- If there was an error generating an SBOM, this will indicate what that error was.
- sbom
State SBOMStatusSbom State - The progress of the SBOM generation.
- error string
- If there was an error generating an SBOM, this will indicate what that error was.
- sbom
State SBOMStatusSbom State - The progress of the SBOM generation.
- error str
- If there was an error generating an SBOM, this will indicate what that error was.
- sbom_
state SBOMStatusSbom State - The progress of the SBOM generation.
- error String
- If there was an error generating an SBOM, this will indicate what that error was.
- sbom
State "SBOM_STATE_UNSPECIFIED" | "PENDING" | "COMPLETE" - The progress of the SBOM generation.
SBOMStatusResponse, SBOMStatusResponseArgs
- error str
- If there was an error generating an SBOM, this will indicate what that error was.
- sbom_
state str - The progress of the SBOM generation.
SBOMStatusSbomState, SBOMStatusSbomStateArgs
- Sbom
State Unspecified - SBOM_STATE_UNSPECIFIEDDefault unknown state.
- Pending
- PENDINGSBOM scanning is pending.
- Complete
- COMPLETESBOM scanning has completed.
- SBOMStatus
Sbom State Sbom State Unspecified - SBOM_STATE_UNSPECIFIEDDefault unknown state.
- SBOMStatus
Sbom State Pending - PENDINGSBOM scanning is pending.
- SBOMStatus
Sbom State Complete - COMPLETESBOM scanning has completed.
- Sbom
State Unspecified - SBOM_STATE_UNSPECIFIEDDefault unknown state.
- Pending
- PENDINGSBOM scanning is pending.
- Complete
- COMPLETESBOM scanning has completed.
- Sbom
State Unspecified - SBOM_STATE_UNSPECIFIEDDefault unknown state.
- Pending
- PENDINGSBOM scanning is pending.
- Complete
- COMPLETESBOM scanning has completed.
- SBOM_STATE_UNSPECIFIED
- SBOM_STATE_UNSPECIFIEDDefault unknown state.
- PENDING
- PENDINGSBOM scanning is pending.
- COMPLETE
- COMPLETESBOM scanning has completed.
- "SBOM_STATE_UNSPECIFIED"
- SBOM_STATE_UNSPECIFIEDDefault unknown state.
- "PENDING"
- PENDINGSBOM scanning is pending.
- "COMPLETE"
- COMPLETESBOM scanning has completed.
SbomReferenceIntotoPayload, SbomReferenceIntotoPayloadArgs
- Predicate
Pulumi.
Google Native. Container Analysis. V1. Inputs. Sbom Reference Intoto Predicate - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- Predicate
Type string - URI identifying the type of the Predicate.
- Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject> - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- Type string
- Identifier for the schema of the Statement.
- Predicate
Sbom
Reference Intoto Predicate - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- Predicate
Type string - URI identifying the type of the Predicate.
- Subject []Subject
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- Type string
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type String - URI identifying the type of the Predicate.
- subject List<Subject>
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type String
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type string - URI identifying the type of the Predicate.
- subject Subject[]
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type string
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate_
type str - URI identifying the type of the Predicate.
- subject Sequence[Subject]
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type str
- Identifier for the schema of the Statement.
- predicate Property Map
- Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type String - URI identifying the type of the Predicate.
- subject List<Property Map>
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type String
- Identifier for the schema of the Statement.
SbomReferenceIntotoPayloadResponse, SbomReferenceIntotoPayloadResponseArgs
- Predicate
Pulumi.
Google Native. Container Analysis. V1. Inputs. Sbom Reference Intoto Predicate Response - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- Predicate
Type string - URI identifying the type of the Predicate.
- Subject
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Subject Response> - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- Type string
- Identifier for the schema of the Statement.
- Predicate
Sbom
Reference Intoto Predicate Response - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- Predicate
Type string - URI identifying the type of the Predicate.
- Subject
[]Subject
Response - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- Type string
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate Response - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type String - URI identifying the type of the Predicate.
- subject
List<Subject
Response> - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type String
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate Response - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type string - URI identifying the type of the Predicate.
- subject
Subject
Response[] - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type string
- Identifier for the schema of the Statement.
- predicate
Sbom
Reference Intoto Predicate Response - Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate_
type str - URI identifying the type of the Predicate.
- subject
Sequence[Subject
Response] - Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type str
- Identifier for the schema of the Statement.
- predicate Property Map
- Additional parameters of the Predicate. Includes the actual data about the SBOM.
- predicate
Type String - URI identifying the type of the Predicate.
- subject List<Property Map>
- Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
- type String
- Identifier for the schema of the Statement.
SbomReferenceIntotoPredicate, SbomReferenceIntotoPredicateArgs
- Digest Dictionary<string, string>
- A map of algorithm to digest of the contents of the SBOM.
- Location string
- The location of the SBOM.
- Mime
Type string - The mime type of the SBOM.
- Referrer
Id string - The person or system referring this predicate to the consumer.
- Digest map[string]string
- A map of algorithm to digest of the contents of the SBOM.
- Location string
- The location of the SBOM.
- Mime
Type string - The mime type of the SBOM.
- Referrer
Id string - The person or system referring this predicate to the consumer.
- digest Map<String,String>
- A map of algorithm to digest of the contents of the SBOM.
- location String
- The location of the SBOM.
- mime
Type String - The mime type of the SBOM.
- referrer
Id String - The person or system referring this predicate to the consumer.
- digest {[key: string]: string}
- A map of algorithm to digest of the contents of the SBOM.
- location string
- The location of the SBOM.
- mime
Type string - The mime type of the SBOM.
- referrer
Id string - The person or system referring this predicate to the consumer.
- digest Mapping[str, str]
- A map of algorithm to digest of the contents of the SBOM.
- location str
- The location of the SBOM.
- mime_
type str - The mime type of the SBOM.
- referrer_
id str - The person or system referring this predicate to the consumer.
- digest Map<String>
- A map of algorithm to digest of the contents of the SBOM.
- location String
- The location of the SBOM.
- mime
Type String - The mime type of the SBOM.
- referrer
Id String - The person or system referring this predicate to the consumer.
SbomReferenceIntotoPredicateResponse, SbomReferenceIntotoPredicateResponseArgs
- Digest Dictionary<string, string>
- A map of algorithm to digest of the contents of the SBOM.
- Location string
- The location of the SBOM.
- Mime
Type string - The mime type of the SBOM.
- Referrer
Id string - The person or system referring this predicate to the consumer.
- Digest map[string]string
- A map of algorithm to digest of the contents of the SBOM.
- Location string
- The location of the SBOM.
- Mime
Type string - The mime type of the SBOM.
- Referrer
Id string - The person or system referring this predicate to the consumer.
- digest Map<String,String>
- A map of algorithm to digest of the contents of the SBOM.
- location String
- The location of the SBOM.
- mime
Type String - The mime type of the SBOM.
- referrer
Id String - The person or system referring this predicate to the consumer.
- digest {[key: string]: string}
- A map of algorithm to digest of the contents of the SBOM.
- location string
- The location of the SBOM.
- mime
Type string - The mime type of the SBOM.
- referrer
Id string - The person or system referring this predicate to the consumer.
- digest Mapping[str, str]
- A map of algorithm to digest of the contents of the SBOM.
- location str
- The location of the SBOM.
- mime_
type str - The mime type of the SBOM.
- referrer_
id str - The person or system referring this predicate to the consumer.
- digest Map<String>
- A map of algorithm to digest of the contents of the SBOM.
- location String
- The location of the SBOM.
- mime
Type String - The mime type of the SBOM.
- referrer
Id String - The person or system referring this predicate to the consumer.
Signature, SignatureArgs
- Public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- Public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public_
key_ strid - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature str
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
SignatureResponse, SignatureResponseArgs
- Public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- Public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key stringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public_
key_ strid - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature str
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this signature. * The
public_key_idis required. * Thepublic_key_idSHOULD be an RFC3986 conformant URI. * When possible, thepublic_key_idSHOULD be an immutable reference, such as a cryptographic digest. Examples of validpublic_key_ids: OpenPGP V4 public key fingerprint: * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
SlsaBuilder, SlsaBuilderArgs
- Id string
- Id string
- id String
- id string
- id str
- id String
SlsaCompleteness, SlsaCompletenessArgs
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
SlsaCompletenessResponse, SlsaCompletenessResponseArgs
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- Arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- Environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- Materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments bool
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment bool
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials bool
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
- arguments Boolean
- If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
- environment Boolean
- If true, the builder claims that recipe.environment is claimed to be complete.
- materials Boolean
- If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
SlsaMetadata, SlsaMetadataArgs
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Completeness - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Slsa
Completeness - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness
Slsa
Completeness - Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished stringOn - The timestamp of when the build completed.
- build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started stringOn - The timestamp of when the build started.
- completeness
Slsa
Completeness - Indicates that the builder claims certain fields in this message to be complete.
- reproducible boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build_
finished_ stron - The timestamp of when the build completed.
- build_
invocation_ strid - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build_
started_ stron - The timestamp of when the build started.
- completeness
Slsa
Completeness - Indicates that the builder claims certain fields in this message to be complete.
- reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness Property Map
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
SlsaMetadataResponse, SlsaMetadataResponseArgs
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- Build
Finished stringOn - The timestamp of when the build completed.
- Build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- Build
Started stringOn - The timestamp of when the build started.
- Completeness
Slsa
Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- Reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness
Slsa
Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished stringOn - The timestamp of when the build completed.
- build
Invocation stringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started stringOn - The timestamp of when the build started.
- completeness
Slsa
Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build_
finished_ stron - The timestamp of when the build completed.
- build_
invocation_ strid - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build_
started_ stron - The timestamp of when the build started.
- completeness
Slsa
Completeness Response - Indicates that the builder claims certain fields in this message to be complete.
- reproducible bool
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
- build
Finished StringOn - The timestamp of when the build completed.
- build
Invocation StringId - Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
- build
Started StringOn - The timestamp of when the build started.
- completeness Property Map
- Indicates that the builder claims certain fields in this message to be complete.
- reproducible Boolean
- If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
SlsaProvenance, SlsaProvenanceArgs
- Builder
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Builder - required
- Materials
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Material> - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Metadata - Recipe
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- Builder
Slsa
Builder - required
- Materials []Material
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Slsa
Metadata - Recipe
Slsa
Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder_
Slsa
Builder - required
- materials List<Material>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata - recipe
Slsa
Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Slsa
Builder - required
- materials Material[]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata - recipe
Slsa
Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Slsa
Builder - required
- materials Sequence[Material]
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata - recipe
Slsa
Recipe - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder Property Map
- required
- materials List<Property Map>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Property Map
- recipe Property Map
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
SlsaProvenanceResponse, SlsaProvenanceResponseArgs
- Builder
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Builder Response - required
- Materials
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Material Response> - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Metadata Response - Recipe
Pulumi.
Google Native. Container Analysis. V1. Inputs. Slsa Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- Builder
Slsa
Builder Response - required
- Materials
[]Material
Response - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- Metadata
Slsa
Metadata Response - Recipe
Slsa
Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder_
Slsa
Builder Response - required
- materials
List<Material
Response> - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata Response - recipe
Slsa
Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Slsa
Builder Response - required
- materials
Material
Response[] - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata Response - recipe
Slsa
Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder
Slsa
Builder Response - required
- materials
Sequence[Material
Response] - The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata
Slsa
Metadata Response - recipe
Slsa
Recipe Response - Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
- builder Property Map
- required
- materials List<Property Map>
- The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
- metadata Property Map
- recipe Property Map
- Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
SlsaProvenanceV1, SlsaProvenanceV1Args
SlsaProvenanceV1Response, SlsaProvenanceV1ResponseArgs
SlsaProvenanceZeroTwo, SlsaProvenanceZeroTwoArgs
- Build
Config Dictionary<string, string> - Build
Type string - Builder
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Builder - Invocation
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Invocation - Materials
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Material> - Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Metadata
SlsaProvenanceZeroTwoResponse, SlsaProvenanceZeroTwoResponseArgs
- Build
Config Dictionary<string, string> - Build
Type string - Builder
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Builder Response - Invocation
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Invocation Response - Materials
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Material Response> - Metadata
Pulumi.
Google Native. Container Analysis. V1. Inputs. Grafeas V1Slsa Provenance Zero Two Slsa Metadata Response
SlsaRecipe, SlsaRecipeArgs
- Arguments Dictionary<string, string>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment Dictionary<string, string>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- Arguments map[string]string
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment map[string]string
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Map<String,String>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Map<String,String>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments {[key: string]: string}
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment {[key: string]: string}
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Mapping[str, str]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined_
in_ strmaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry_
point str - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Mapping[str, str]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type str
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Map<String>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Map<String>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
SlsaRecipeResponse, SlsaRecipeResponseArgs
- Arguments Dictionary<string, string>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment Dictionary<string, string>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- Arguments map[string]string
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- Defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- Entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- Environment map[string]string
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- Type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Map<String,String>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Map<String,String>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments {[key: string]: string}
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In stringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point string - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment {[key: string]: string}
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type string
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Mapping[str, str]
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined_
in_ strmaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry_
point str - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Mapping[str, str]
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type str
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
- arguments Map<String>
- Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
- defined
In StringMaterial - Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
- entry
Point String - String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
- environment Map<String>
- Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
- type String
- URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
Source, SourceArgs
- Additional
Contexts List<Pulumi.Google Native. Container Analysis. V1. Inputs. Source Context> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- Artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- Context
Pulumi.
Google Native. Container Analysis. V1. Inputs. Source Context - If provided, the source code used for the build came from this location.
- File
Hashes Dictionary<string, string> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- Additional
Contexts []SourceContext - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- Artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- Context
Source
Context - If provided, the source code used for the build came from this location.
- File
Hashes map[string]string - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts List<SourceContext> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage StringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context - If provided, the source code used for the build came from this location.
- file
Hashes Map<String,String> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts SourceContext[] - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context - If provided, the source code used for the build came from this location.
- file
Hashes {[key: string]: string} - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional_
contexts Sequence[SourceContext] - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact_
storage_ strsource_ uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context - If provided, the source code used for the build came from this location.
- file_
hashes Mapping[str, str] - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts List<Property Map> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage StringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context Property Map
- If provided, the source code used for the build came from this location.
- file
Hashes Map<String> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
SourceContext, SourceContextArgs
- Cloud
Repo Pulumi.Google Native. Container Analysis. V1. Inputs. Cloud Repo Source Context - A SourceContext referring to a revision in a Google Cloud Source Repo.
- Gerrit
Pulumi.
Google Native. Container Analysis. V1. Inputs. Gerrit Source Context - A SourceContext referring to a Gerrit project.
- Git
Pulumi.
Google Native. Container Analysis. V1. Inputs. Git Source Context - A SourceContext referring to any third party Git repo (e.g., GitHub).
- Labels Dictionary<string, string>
- Labels with user defined metadata.
- Cloud
Repo CloudRepo Source Context - A SourceContext referring to a revision in a Google Cloud Source Repo.
- Gerrit
Gerrit
Source Context - A SourceContext referring to a Gerrit project.
- Git
Git
Source Context - A SourceContext referring to any third party Git repo (e.g., GitHub).
- Labels map[string]string
- Labels with user defined metadata.
- cloud
Repo CloudRepo Source Context - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context - A SourceContext referring to a Gerrit project.
- git
Git
Source Context - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Map<String,String>
- Labels with user defined metadata.
- cloud
Repo CloudRepo Source Context - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context - A SourceContext referring to a Gerrit project.
- git
Git
Source Context - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels {[key: string]: string}
- Labels with user defined metadata.
- cloud_
repo CloudRepo Source Context - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context - A SourceContext referring to a Gerrit project.
- git
Git
Source Context - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Mapping[str, str]
- Labels with user defined metadata.
- cloud
Repo Property Map - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit Property Map
- A SourceContext referring to a Gerrit project.
- git Property Map
- A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Map<String>
- Labels with user defined metadata.
SourceContextResponse, SourceContextResponseArgs
- Cloud
Repo Pulumi.Google Native. Container Analysis. V1. Inputs. Cloud Repo Source Context Response - A SourceContext referring to a revision in a Google Cloud Source Repo.
- Gerrit
Pulumi.
Google Native. Container Analysis. V1. Inputs. Gerrit Source Context Response - A SourceContext referring to a Gerrit project.
- Git
Pulumi.
Google Native. Container Analysis. V1. Inputs. Git Source Context Response - A SourceContext referring to any third party Git repo (e.g., GitHub).
- Labels Dictionary<string, string>
- Labels with user defined metadata.
- Cloud
Repo CloudRepo Source Context Response - A SourceContext referring to a revision in a Google Cloud Source Repo.
- Gerrit
Gerrit
Source Context Response - A SourceContext referring to a Gerrit project.
- Git
Git
Source Context Response - A SourceContext referring to any third party Git repo (e.g., GitHub).
- Labels map[string]string
- Labels with user defined metadata.
- cloud
Repo CloudRepo Source Context Response - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context Response - A SourceContext referring to a Gerrit project.
- git
Git
Source Context Response - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Map<String,String>
- Labels with user defined metadata.
- cloud
Repo CloudRepo Source Context Response - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context Response - A SourceContext referring to a Gerrit project.
- git
Git
Source Context Response - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels {[key: string]: string}
- Labels with user defined metadata.
- cloud_
repo CloudRepo Source Context Response - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit
Gerrit
Source Context Response - A SourceContext referring to a Gerrit project.
- git
Git
Source Context Response - A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Mapping[str, str]
- Labels with user defined metadata.
- cloud
Repo Property Map - A SourceContext referring to a revision in a Google Cloud Source Repo.
- gerrit Property Map
- A SourceContext referring to a Gerrit project.
- git Property Map
- A SourceContext referring to any third party Git repo (e.g., GitHub).
- labels Map<String>
- Labels with user defined metadata.
SourceResponse, SourceResponseArgs
- Additional
Contexts List<Pulumi.Google Native. Container Analysis. V1. Inputs. Source Context Response> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- Artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- Context
Pulumi.
Google Native. Container Analysis. V1. Inputs. Source Context Response - If provided, the source code used for the build came from this location.
- File
Hashes Dictionary<string, string> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- Additional
Contexts []SourceContext Response - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- Artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- Context
Source
Context Response - If provided, the source code used for the build came from this location.
- File
Hashes map[string]string - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts List<SourceContext Response> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage StringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context Response - If provided, the source code used for the build came from this location.
- file
Hashes Map<String,String> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts SourceContext Response[] - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage stringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context Response - If provided, the source code used for the build came from this location.
- file
Hashes {[key: string]: string} - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional_
contexts Sequence[SourceContext Response] - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact_
storage_ strsource_ uri - If provided, the input binary artifacts for the build came from this location.
- context
Source
Context Response - If provided, the source code used for the build came from this location.
- file_
hashes Mapping[str, str] - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
- additional
Contexts List<Property Map> - If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field.
- artifact
Storage StringSource Uri - If provided, the input binary artifacts for the build came from this location.
- context Property Map
- If provided, the source code used for the build came from this location.
- file
Hashes Map<String> - Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file.
Status, StatusArgs
- Code int
- The status code, which should be an enum value of google.rpc.Code.
- Details
List<Immutable
Dictionary<string, string>> - A list of messages that carry the error details. There is a common set of message types for APIs to use.
- Message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- Code int
- The status code, which should be an enum value of google.rpc.Code.
- Details []map[string]string
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- Message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code Integer
- The status code, which should be an enum value of google.rpc.Code.
- details List<Map<String,String>>
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message String
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code number
- The status code, which should be an enum value of google.rpc.Code.
- details {[key: string]: string}[]
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code int
- The status code, which should be an enum value of google.rpc.Code.
- details Sequence[Mapping[str, str]]
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message str
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code Number
- The status code, which should be an enum value of google.rpc.Code.
- details List<Map<String>>
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message String
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
StatusResponse, StatusResponseArgs
- Code int
- The status code, which should be an enum value of google.rpc.Code.
- Details
List<Immutable
Dictionary<string, string>> - A list of messages that carry the error details. There is a common set of message types for APIs to use.
- Message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- Code int
- The status code, which should be an enum value of google.rpc.Code.
- Details []map[string]string
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- Message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code Integer
- The status code, which should be an enum value of google.rpc.Code.
- details List<Map<String,String>>
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message String
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code number
- The status code, which should be an enum value of google.rpc.Code.
- details {[key: string]: string}[]
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message string
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code int
- The status code, which should be an enum value of google.rpc.Code.
- details Sequence[Mapping[str, str]]
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message str
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
- code Number
- The status code, which should be an enum value of google.rpc.Code.
- details List<Map<String>>
- A list of messages that carry the error details. There is a common set of message types for APIs to use.
- message String
- A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
Subject, SubjectArgs
SubjectResponse, SubjectResponseArgs
UpgradeDistribution, UpgradeDistributionArgs
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve List<string>
- The cve tied to this Upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve []string
- The cve tied to this Upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve tied to this Upgrade.
- severity String
- The severity as specified by the upstream operating system.
- classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve string[]
- The cve tied to this Upgrade.
- severity string
- The severity as specified by the upstream operating system.
- classification str
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe_
uri str - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve Sequence[str]
- The cve tied to this Upgrade.
- severity str
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve tied to this Upgrade.
- severity String
- The severity as specified by the upstream operating system.
UpgradeDistributionResponse, UpgradeDistributionResponseArgs
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve List<string>
- The cve tied to this Upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- Classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- Cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- Cve []string
- The cve tied to this Upgrade.
- Severity string
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve tied to this Upgrade.
- severity String
- The severity as specified by the upstream operating system.
- classification string
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri string - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve string[]
- The cve tied to this Upgrade.
- severity string
- The severity as specified by the upstream operating system.
- classification str
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe_
uri str - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve Sequence[str]
- The cve tied to this Upgrade.
- severity str
- The severity as specified by the upstream operating system.
- classification String
- The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
- cpe
Uri String - Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/.
- cve List<String>
- The cve tied to this Upgrade.
- severity String
- The severity as specified by the upstream operating system.
UpgradeOccurrence, UpgradeOccurrenceArgs
- Distribution
Pulumi.
Google Native. Container Analysis. V1. Inputs. Upgrade Distribution - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- Package string
- Required for non-Windows OS. The package this Upgrade is for.
- Parsed
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version - Required for non-Windows OS. The version of the package in a machine + human readable form.
- Windows
Update Pulumi.Google Native. Container Analysis. V1. Inputs. Windows Update - Required for Windows OS. Represents the metadata about the Windows update.
- Distribution
Upgrade
Distribution - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- Package string
- Required for non-Windows OS. The package this Upgrade is for.
- Parsed
Version Version - Required for non-Windows OS. The version of the package in a machine + human readable form.
- Windows
Update WindowsUpdate - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package_ String
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version Version - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update WindowsUpdate - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package string
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version Version - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update WindowsUpdate - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package str
- Required for non-Windows OS. The package this Upgrade is for.
- parsed_
version Version - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows_
update WindowsUpdate - Required for Windows OS. Represents the metadata about the Windows update.
- distribution Property Map
- Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package String
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version Property Map - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update Property Map - Required for Windows OS. Represents the metadata about the Windows update.
UpgradeOccurrenceResponse, UpgradeOccurrenceResponseArgs
- Distribution
Pulumi.
Google Native. Container Analysis. V1. Inputs. Upgrade Distribution Response - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- Package string
- Required for non-Windows OS. The package this Upgrade is for.
- Parsed
Version Pulumi.Google Native. Container Analysis. V1. Inputs. Version Response - Required for non-Windows OS. The version of the package in a machine + human readable form.
- Windows
Update Pulumi.Google Native. Container Analysis. V1. Inputs. Windows Update Response - Required for Windows OS. Represents the metadata about the Windows update.
- Distribution
Upgrade
Distribution Response - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- Package string
- Required for non-Windows OS. The package this Upgrade is for.
- Parsed
Version VersionResponse - Required for non-Windows OS. The version of the package in a machine + human readable form.
- Windows
Update WindowsUpdate Response - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution Response - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package_ String
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version VersionResponse - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update WindowsUpdate Response - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution Response - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package string
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version VersionResponse - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update WindowsUpdate Response - Required for Windows OS. Represents the metadata about the Windows update.
- distribution
Upgrade
Distribution Response - Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package str
- Required for non-Windows OS. The package this Upgrade is for.
- parsed_
version VersionResponse - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows_
update WindowsUpdate Response - Required for Windows OS. Represents the metadata about the Windows update.
- distribution Property Map
- Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
- package String
- Required for non-Windows OS. The package this Upgrade is for.
- parsed
Version Property Map - Required for non-Windows OS. The version of the package in a machine + human readable form.
- windows
Update Property Map - Required for Windows OS. Represents the metadata about the Windows update.
Version, VersionArgs
- Kind
Pulumi.
Google Native. Container Analysis. V1. Version Kind - Distinguishes between sentinel MIN/MAX versions and normal versions.
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- Inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- Name string
- Required only when version kind is NORMAL. The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- Kind
Version
Kind - Distinguishes between sentinel MIN/MAX versions and normal versions.
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- Inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- Name string
- Required only when version kind is NORMAL. The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- kind
Version
Kind - Distinguishes between sentinel MIN/MAX versions and normal versions.
- epoch Integer
- Used to correct mistakes in the version numbering scheme.
- full
Name String - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive Boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- name String
- Required only when version kind is NORMAL. The main part of the version name.
- revision String
- The iteration of the package build from the above version.
- kind
Version
Kind - Distinguishes between sentinel MIN/MAX versions and normal versions.
- epoch number
- Used to correct mistakes in the version numbering scheme.
- full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- name string
- Required only when version kind is NORMAL. The main part of the version name.
- revision string
- The iteration of the package build from the above version.
- kind
Version
Kind - Distinguishes between sentinel MIN/MAX versions and normal versions.
- epoch int
- Used to correct mistakes in the version numbering scheme.
- full_
name str - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- name str
- Required only when version kind is NORMAL. The main part of the version name.
- revision str
- The iteration of the package build from the above version.
- kind "VERSION_KIND_UNSPECIFIED" | "NORMAL" | "MINIMUM" | "MAXIMUM"
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- epoch Number
- Used to correct mistakes in the version numbering scheme.
- full
Name String - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive Boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- name String
- Required only when version kind is NORMAL. The main part of the version name.
- revision String
- The iteration of the package build from the above version.
VersionKind, VersionKindArgs
- Version
Kind Unspecified - VERSION_KIND_UNSPECIFIEDUnknown.
- Normal
- NORMALA standard package version.
- Minimum
- MINIMUMA special version representing negative infinity.
- Maximum
- MAXIMUMA special version representing positive infinity.
- Version
Kind Version Kind Unspecified - VERSION_KIND_UNSPECIFIEDUnknown.
- Version
Kind Normal - NORMALA standard package version.
- Version
Kind Minimum - MINIMUMA special version representing negative infinity.
- Version
Kind Maximum - MAXIMUMA special version representing positive infinity.
- Version
Kind Unspecified - VERSION_KIND_UNSPECIFIEDUnknown.
- Normal
- NORMALA standard package version.
- Minimum
- MINIMUMA special version representing negative infinity.
- Maximum
- MAXIMUMA special version representing positive infinity.
- Version
Kind Unspecified - VERSION_KIND_UNSPECIFIEDUnknown.
- Normal
- NORMALA standard package version.
- Minimum
- MINIMUMA special version representing negative infinity.
- Maximum
- MAXIMUMA special version representing positive infinity.
- VERSION_KIND_UNSPECIFIED
- VERSION_KIND_UNSPECIFIEDUnknown.
- NORMAL
- NORMALA standard package version.
- MINIMUM
- MINIMUMA special version representing negative infinity.
- MAXIMUM
- MAXIMUMA special version representing positive infinity.
- "VERSION_KIND_UNSPECIFIED"
- VERSION_KIND_UNSPECIFIEDUnknown.
- "NORMAL"
- NORMALA standard package version.
- "MINIMUM"
- MINIMUMA special version representing negative infinity.
- "MAXIMUM"
- MAXIMUMA special version representing positive infinity.
VersionResponse, VersionResponseArgs
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- Inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- Kind string
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- Name string
- Required only when version kind is NORMAL. The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- Epoch int
- Used to correct mistakes in the version numbering scheme.
- Full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- Inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- Kind string
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- Name string
- Required only when version kind is NORMAL. The main part of the version name.
- Revision string
- The iteration of the package build from the above version.
- epoch Integer
- Used to correct mistakes in the version numbering scheme.
- full
Name String - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive Boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- kind String
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- name String
- Required only when version kind is NORMAL. The main part of the version name.
- revision String
- The iteration of the package build from the above version.
- epoch number
- Used to correct mistakes in the version numbering scheme.
- full
Name string - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- kind string
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- name string
- Required only when version kind is NORMAL. The main part of the version name.
- revision string
- The iteration of the package build from the above version.
- epoch int
- Used to correct mistakes in the version numbering scheme.
- full_
name str - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive bool
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- kind str
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- name str
- Required only when version kind is NORMAL. The main part of the version name.
- revision str
- The iteration of the package build from the above version.
- epoch Number
- Used to correct mistakes in the version numbering scheme.
- full
Name String - Human readable version string. This string is of the form :- and is only set when kind is NORMAL.
- inclusive Boolean
- Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range.
- kind String
- Distinguishes between sentinel MIN/MAX versions and normal versions.
- name String
- Required only when version kind is NORMAL. The main part of the version name.
- revision String
- The iteration of the package build from the above version.
VexAssessment, VexAssessmentArgs
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- Impacts List<string>
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Pulumi.
Google Native. Container Analysis. V1. Inputs. Justification - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Related Url> - Holds a list of references associated with this vulnerability item and assessment.
- Remediations
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Remediation> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- State
Pulumi.
Google Native. Container Analysis. V1. Vex Assessment State - Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- Impacts []string
- Contains information about the impact of this vulnerability, this will change with time.
- Justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
[]Related
Url - Holds a list of references associated with this vulnerability item and assessment.
- Remediations []Remediation
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- State
Vex
Assessment State - Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name String - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
List<Related
Url> - Holds a list of references associated with this vulnerability item and assessment.
- remediations List<Remediation>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- state
Vex
Assessment State - Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts string[]
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
Related
Url[] - Holds a list of references associated with this vulnerability item and assessment.
- remediations Remediation[]
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- state
Vex
Assessment State - Provides the state of this Vulnerability assessment.
- vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve str
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts Sequence[str]
- Contains information about the impact of this vulnerability, this will change with time.
- justification Justification
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note_
name str - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
Sequence[Related
Url] - Holds a list of references associated with this vulnerability item and assessment.
- remediations Sequence[Remediation]
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- state
Vex
Assessment State - Provides the state of this Vulnerability assessment.
- vulnerability_
id str - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Property Map
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name String - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. - List<Property Map>
- Holds a list of references associated with this vulnerability item and assessment.
- remediations List<Property Map>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- state "STATE_UNSPECIFIED" | "AFFECTED" | "NOT_AFFECTED" | "FIXED" | "UNDER_INVESTIGATION"
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
VexAssessmentResponse, VexAssessmentResponseArgs
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- Impacts List<string>
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Pulumi.
Google Native. Container Analysis. V1. Inputs. Justification Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Related Url Response> - Holds a list of references associated with this vulnerability item and assessment.
- Remediations
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Remediation Response> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- State string
- Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- Cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- Impacts []string
- Contains information about the impact of this vulnerability, this will change with time.
- Justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- Note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
[]Related
Url Response - Holds a list of references associated with this vulnerability item and assessment.
- Remediations
[]Remediation
Response - Specifies details on how to handle (and presumably, fix) a vulnerability.
- State string
- Provides the state of this Vulnerability assessment.
- Vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name String - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
List<Related
Url Response> - Holds a list of references associated with this vulnerability item and assessment.
- remediations
List<Remediation
Response> - Specifies details on how to handle (and presumably, fix) a vulnerability.
- state String
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve string
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts string[]
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name string - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
Related
Url Response[] - Holds a list of references associated with this vulnerability item and assessment.
- remediations
Remediation
Response[] - Specifies details on how to handle (and presumably, fix) a vulnerability.
- state string
- Provides the state of this Vulnerability assessment.
- vulnerability
Id string - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve str
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts Sequence[str]
- Contains information about the impact of this vulnerability, this will change with time.
- justification
Justification
Response - Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note_
name str - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. -
Sequence[Related
Url Response] - Holds a list of references associated with this vulnerability item and assessment.
- remediations
Sequence[Remediation
Response] - Specifies details on how to handle (and presumably, fix) a vulnerability.
- state str
- Provides the state of this Vulnerability assessment.
- vulnerability_
id str - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
- cve String
- Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.
- impacts List<String>
- Contains information about the impact of this vulnerability, this will change with time.
- justification Property Map
- Justification provides the justification when the state of the assessment if NOT_AFFECTED.
- note
Name String - The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form:
projects/[PROJECT_ID]/notes/[NOTE_ID]. - List<Property Map>
- Holds a list of references associated with this vulnerability item and assessment.
- remediations List<Property Map>
- Specifies details on how to handle (and presumably, fix) a vulnerability.
- state String
- Provides the state of this Vulnerability assessment.
- vulnerability
Id String - The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc.
VexAssessmentState, VexAssessmentStateArgs
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- Vex
Assessment State State Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Vex
Assessment State Affected - AFFECTEDThis product is known to be affected by this vulnerability.
- Vex
Assessment State Not Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Vex
Assessment State Fixed - FIXEDThis product contains a fix for this vulnerability.
- Vex
Assessment State Under Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- State
Unspecified - STATE_UNSPECIFIEDNo state is specified.
- Affected
- AFFECTEDThis product is known to be affected by this vulnerability.
- Not
Affected - NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- Fixed
- FIXEDThis product contains a fix for this vulnerability.
- Under
Investigation - UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- STATE_UNSPECIFIED
- STATE_UNSPECIFIEDNo state is specified.
- AFFECTED
- AFFECTEDThis product is known to be affected by this vulnerability.
- NOT_AFFECTED
- NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- FIXED
- FIXEDThis product contains a fix for this vulnerability.
- UNDER_INVESTIGATION
- UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
- "STATE_UNSPECIFIED"
- STATE_UNSPECIFIEDNo state is specified.
- "AFFECTED"
- AFFECTEDThis product is known to be affected by this vulnerability.
- "NOT_AFFECTED"
- NOT_AFFECTEDThis product is known to be not affected by this vulnerability.
- "FIXED"
- FIXEDThis product contains a fix for this vulnerability.
- "UNDER_INVESTIGATION"
- UNDER_INVESTIGATIONIt is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.
VulnerabilityOccurrence, VulnerabilityOccurrenceArgs
- Package
Issue List<Pulumi.Google Native. Container Analysis. V1. Inputs. Package Issue> - The set of affected locations and their fixes (if available) within the associated resource.
- Cvss
V2 Pulumi.Google Native. Container Analysis. V1. Inputs. CVSS - The cvss v2 score for the vulnerability.
- Cvssv3
Pulumi.
Google Native. Container Analysis. V1. Inputs. CVSS - The cvss v3 score for the vulnerability.
- Effective
Severity Pulumi.Google Native. Container Analysis. V1. Vulnerability Occurrence Effective Severity - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- Extra
Details string - Occurrence-specific extra details about the vulnerability.
- Type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Vex
Assessment Pulumi.Google Native. Container Analysis. V1. Inputs. Vex Assessment
- Package
Issue []PackageIssue - The set of affected locations and their fixes (if available) within the associated resource.
- Cvss
V2 CVSS - The cvss v2 score for the vulnerability.
- Cvssv3 CVSS
- The cvss v3 score for the vulnerability.
- Effective
Severity VulnerabilityOccurrence Effective Severity - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- Extra
Details string - Occurrence-specific extra details about the vulnerability.
- Type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Vex
Assessment VexAssessment
- package
Issue List<PackageIssue> - The set of affected locations and their fixes (if available) within the associated resource.
- cvss
V2 CVSS - The cvss v2 score for the vulnerability.
- cvssv3 CVSS
- The cvss v3 score for the vulnerability.
- effective
Severity VulnerabilityOccurrence Effective Severity - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details String - Occurrence-specific extra details about the vulnerability.
- type String
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment VexAssessment
- package
Issue PackageIssue[] - The set of affected locations and their fixes (if available) within the associated resource.
- cvss
V2 CVSS - The cvss v2 score for the vulnerability.
- cvssv3 CVSS
- The cvss v3 score for the vulnerability.
- effective
Severity VulnerabilityOccurrence Effective Severity - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details string - Occurrence-specific extra details about the vulnerability.
- type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment VexAssessment
- package_
issue Sequence[PackageIssue] - The set of affected locations and their fixes (if available) within the associated resource.
- cvss_
v2 CVSS - The cvss v2 score for the vulnerability.
- cvssv3 CVSS
- The cvss v3 score for the vulnerability.
- effective_
severity VulnerabilityOccurrence Effective Severity - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra_
details str - Occurrence-specific extra details about the vulnerability.
- type str
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex_
assessment VexAssessment
- package
Issue List<Property Map> - The set of affected locations and their fixes (if available) within the associated resource.
- cvss
V2 Property Map - The cvss v2 score for the vulnerability.
- cvssv3 Property Map
- The cvss v3 score for the vulnerability.
- effective
Severity "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL" - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details String - Occurrence-specific extra details about the vulnerability.
- type String
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment Property Map
VulnerabilityOccurrenceEffectiveSeverity, VulnerabilityOccurrenceEffectiveSeverityArgs
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown.
- Minimal
- MINIMALMinimal severity.
- Low
- LOWLow severity.
- Medium
- MEDIUMMedium severity.
- High
- HIGHHigh severity.
- Critical
- CRITICALCritical severity.
- Vulnerability
Occurrence Effective Severity Severity Unspecified - SEVERITY_UNSPECIFIEDUnknown.
- Vulnerability
Occurrence Effective Severity Minimal - MINIMALMinimal severity.
- Vulnerability
Occurrence Effective Severity Low - LOWLow severity.
- Vulnerability
Occurrence Effective Severity Medium - MEDIUMMedium severity.
- Vulnerability
Occurrence Effective Severity High - HIGHHigh severity.
- Vulnerability
Occurrence Effective Severity Critical - CRITICALCritical severity.
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown.
- Minimal
- MINIMALMinimal severity.
- Low
- LOWLow severity.
- Medium
- MEDIUMMedium severity.
- High
- HIGHHigh severity.
- Critical
- CRITICALCritical severity.
- Severity
Unspecified - SEVERITY_UNSPECIFIEDUnknown.
- Minimal
- MINIMALMinimal severity.
- Low
- LOWLow severity.
- Medium
- MEDIUMMedium severity.
- High
- HIGHHigh severity.
- Critical
- CRITICALCritical severity.
- SEVERITY_UNSPECIFIED
- SEVERITY_UNSPECIFIEDUnknown.
- MINIMAL
- MINIMALMinimal severity.
- LOW
- LOWLow severity.
- MEDIUM
- MEDIUMMedium severity.
- HIGH
- HIGHHigh severity.
- CRITICAL
- CRITICALCritical severity.
- "SEVERITY_UNSPECIFIED"
- SEVERITY_UNSPECIFIEDUnknown.
- "MINIMAL"
- MINIMALMinimal severity.
- "LOW"
- LOWLow severity.
- "MEDIUM"
- MEDIUMMedium severity.
- "HIGH"
- HIGHHigh severity.
- "CRITICAL"
- CRITICALCritical severity.
VulnerabilityOccurrenceResponse, VulnerabilityOccurrenceResponseArgs
- Cvss
Score double - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- Cvss
V2 Pulumi.Google Native. Container Analysis. V1. Inputs. CVSSResponse - The cvss v2 score for the vulnerability.
- Cvss
Version string - CVSS version used to populate cvss_score and severity.
- Cvssv3
Pulumi.
Google Native. Container Analysis. V1. Inputs. CVSSResponse - The cvss v3 score for the vulnerability.
- Effective
Severity string - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- Extra
Details string - Occurrence-specific extra details about the vulnerability.
- Fix
Available bool - Whether at least one of the affected packages has a fix available.
- Long
Description string - A detailed description of this vulnerability.
- Package
Issue List<Pulumi.Google Native. Container Analysis. V1. Inputs. Package Issue Response> - The set of affected locations and their fixes (if available) within the associated resource.
-
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Related Url Response> - URLs related to this vulnerability.
- Severity string
- The note provider assigned severity of this vulnerability.
- Short
Description string - A one sentence description of this vulnerability.
- Type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Vex
Assessment Pulumi.Google Native. Container Analysis. V1. Inputs. Vex Assessment Response
- Cvss
Score float64 - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- Cvss
V2 CVSSResponse - The cvss v2 score for the vulnerability.
- Cvss
Version string - CVSS version used to populate cvss_score and severity.
- Cvssv3 CVSSResponse
- The cvss v3 score for the vulnerability.
- Effective
Severity string - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- Extra
Details string - Occurrence-specific extra details about the vulnerability.
- Fix
Available bool - Whether at least one of the affected packages has a fix available.
- Long
Description string - A detailed description of this vulnerability.
- Package
Issue []PackageIssue Response - The set of affected locations and their fixes (if available) within the associated resource.
-
[]Related
Url Response - URLs related to this vulnerability.
- Severity string
- The note provider assigned severity of this vulnerability.
- Short
Description string - A one sentence description of this vulnerability.
- Type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- Vex
Assessment VexAssessment Response
- cvss
Score Double - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- cvss
V2 CVSSResponse - The cvss v2 score for the vulnerability.
- cvss
Version String - CVSS version used to populate cvss_score and severity.
- cvssv3 CVSSResponse
- The cvss v3 score for the vulnerability.
- effective
Severity String - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details String - Occurrence-specific extra details about the vulnerability.
- fix
Available Boolean - Whether at least one of the affected packages has a fix available.
- long
Description String - A detailed description of this vulnerability.
- package
Issue List<PackageIssue Response> - The set of affected locations and their fixes (if available) within the associated resource.
-
List<Related
Url Response> - URLs related to this vulnerability.
- severity String
- The note provider assigned severity of this vulnerability.
- short
Description String - A one sentence description of this vulnerability.
- type String
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment VexAssessment Response
- cvss
Score number - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- cvss
V2 CVSSResponse - The cvss v2 score for the vulnerability.
- cvss
Version string - CVSS version used to populate cvss_score and severity.
- cvssv3 CVSSResponse
- The cvss v3 score for the vulnerability.
- effective
Severity string - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details string - Occurrence-specific extra details about the vulnerability.
- fix
Available boolean - Whether at least one of the affected packages has a fix available.
- long
Description string - A detailed description of this vulnerability.
- package
Issue PackageIssue Response[] - The set of affected locations and their fixes (if available) within the associated resource.
-
Related
Url Response[] - URLs related to this vulnerability.
- severity string
- The note provider assigned severity of this vulnerability.
- short
Description string - A one sentence description of this vulnerability.
- type string
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment VexAssessment Response
- cvss_
score float - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- cvss_
v2 CVSSResponse - The cvss v2 score for the vulnerability.
- cvss_
version str - CVSS version used to populate cvss_score and severity.
- cvssv3 CVSSResponse
- The cvss v3 score for the vulnerability.
- effective_
severity str - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra_
details str - Occurrence-specific extra details about the vulnerability.
- fix_
available bool - Whether at least one of the affected packages has a fix available.
- long_
description str - A detailed description of this vulnerability.
- package_
issue Sequence[PackageIssue Response] - The set of affected locations and their fixes (if available) within the associated resource.
-
Sequence[Related
Url Response] - URLs related to this vulnerability.
- severity str
- The note provider assigned severity of this vulnerability.
- short_
description str - A one sentence description of this vulnerability.
- type str
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex_
assessment VexAssessment Response
- cvss
Score Number - The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
- cvss
V2 Property Map - The cvss v2 score for the vulnerability.
- cvss
Version String - CVSS version used to populate cvss_score and severity.
- cvssv3 Property Map
- The cvss v3 score for the vulnerability.
- effective
Severity String - The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
- extra
Details String - Occurrence-specific extra details about the vulnerability.
- fix
Available Boolean - Whether at least one of the affected packages has a fix available.
- long
Description String - A detailed description of this vulnerability.
- package
Issue List<Property Map> - The set of affected locations and their fixes (if available) within the associated resource.
- List<Property Map>
- URLs related to this vulnerability.
- severity String
- The note provider assigned severity of this vulnerability.
- short
Description String - A one sentence description of this vulnerability.
- type String
- The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
- vex
Assessment Property Map
WindowsUpdate, WindowsUpdateArgs
- Categories
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Category> - The list of categories to which the update belongs.
- Description string
- The localized description of the update.
- Identity
Pulumi.
Google Native. Container Analysis. V1. Inputs. Identity - Required - The unique identifier for the update.
- Kb
Article List<string>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- Last
Published stringTimestamp - The last published timestamp of the update.
- Support
Url string - The hyperlink to the support information for the update.
- Title string
- The localized title of the update.
- Categories []Category
- The list of categories to which the update belongs.
- Description string
- The localized description of the update.
- Identity Identity
- Required - The unique identifier for the update.
- Kb
Article []stringIds - The Microsoft Knowledge Base article IDs that are associated with the update.
- Last
Published stringTimestamp - The last published timestamp of the update.
- Support
Url string - The hyperlink to the support information for the update.
- Title string
- The localized title of the update.
- categories List<Category>
- The list of categories to which the update belongs.
- description String
- The localized description of the update.
- identity Identity
- Required - The unique identifier for the update.
- kb
Article List<String>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published StringTimestamp - The last published timestamp of the update.
- support
Url String - The hyperlink to the support information for the update.
- title String
- The localized title of the update.
- categories Category[]
- The list of categories to which the update belongs.
- description string
- The localized description of the update.
- identity Identity
- Required - The unique identifier for the update.
- kb
Article string[]Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published stringTimestamp - The last published timestamp of the update.
- support
Url string - The hyperlink to the support information for the update.
- title string
- The localized title of the update.
- categories Sequence[Category]
- The list of categories to which the update belongs.
- description str
- The localized description of the update.
- identity Identity
- Required - The unique identifier for the update.
- kb_
article_ Sequence[str]ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last_
published_ strtimestamp - The last published timestamp of the update.
- support_
url str - The hyperlink to the support information for the update.
- title str
- The localized title of the update.
- categories List<Property Map>
- The list of categories to which the update belongs.
- description String
- The localized description of the update.
- identity Property Map
- Required - The unique identifier for the update.
- kb
Article List<String>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published StringTimestamp - The last published timestamp of the update.
- support
Url String - The hyperlink to the support information for the update.
- title String
- The localized title of the update.
WindowsUpdateResponse, WindowsUpdateResponseArgs
- Categories
List<Pulumi.
Google Native. Container Analysis. V1. Inputs. Category Response> - The list of categories to which the update belongs.
- Description string
- The localized description of the update.
- Identity
Pulumi.
Google Native. Container Analysis. V1. Inputs. Identity Response - Required - The unique identifier for the update.
- Kb
Article List<string>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- Last
Published stringTimestamp - The last published timestamp of the update.
- Support
Url string - The hyperlink to the support information for the update.
- Title string
- The localized title of the update.
- Categories
[]Category
Response - The list of categories to which the update belongs.
- Description string
- The localized description of the update.
- Identity
Identity
Response - Required - The unique identifier for the update.
- Kb
Article []stringIds - The Microsoft Knowledge Base article IDs that are associated with the update.
- Last
Published stringTimestamp - The last published timestamp of the update.
- Support
Url string - The hyperlink to the support information for the update.
- Title string
- The localized title of the update.
- categories
List<Category
Response> - The list of categories to which the update belongs.
- description String
- The localized description of the update.
- identity
Identity
Response - Required - The unique identifier for the update.
- kb
Article List<String>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published StringTimestamp - The last published timestamp of the update.
- support
Url String - The hyperlink to the support information for the update.
- title String
- The localized title of the update.
- categories
Category
Response[] - The list of categories to which the update belongs.
- description string
- The localized description of the update.
- identity
Identity
Response - Required - The unique identifier for the update.
- kb
Article string[]Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published stringTimestamp - The last published timestamp of the update.
- support
Url string - The hyperlink to the support information for the update.
- title string
- The localized title of the update.
- categories
Sequence[Category
Response] - The list of categories to which the update belongs.
- description str
- The localized description of the update.
- identity
Identity
Response - Required - The unique identifier for the update.
- kb_
article_ Sequence[str]ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last_
published_ strtimestamp - The last published timestamp of the update.
- support_
url str - The hyperlink to the support information for the update.
- title str
- The localized title of the update.
- categories List<Property Map>
- The list of categories to which the update belongs.
- description String
- The localized description of the update.
- identity Property Map
- Required - The unique identifier for the update.
- kb
Article List<String>Ids - The Microsoft Knowledge Base article IDs that are associated with the update.
- last
Published StringTimestamp - The last published timestamp of the update.
- support
Url String - The hyperlink to the support information for the update.
- title String
- The localized title of the update.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi