SrSSKJr SSKJr SSKJr SSKrSSKrSSKrSSKrSSK J r SSK J r SSK Jr SS K Jr SS KJr SS KJr SS KJr SSKJ r SS KJr SSKJr SSKJ r SSKJ!r" SSK#J$r$ SSK#J%r% SSK&J'r' SSK&J!r( SSK&Jr SSK)Jr* SSK+J,r, SSK+J-r- SSK+J.r. SSK/J0r0 SSK!r!SSK1r1SSK2J3r3 Sr4Sr5Sr6Sr7Sr8Sr9Sr:S r;S!rS$r?S%r@S&rAS'rBS(rCS)rDS*rES+rFS,rGS-rHS.rIS/rJS0rKS1rLS2rMS3rNS4rOS5rPS6rQS7rRS8rSS9rTS:rUS;rVS<rWS=rXS>rYSNS?jrZS@r[SAr\SBr]SCr^SDr_SEr`SFraSGrb"SHSI\c5rd"SJSK\c5re"SLSM\c5rfg)Oz Utility for handling SBOM files.)absolute_import)division)unicode_literalsN)encoding) exceptions) docker_creds) docker_name) docker_http) docker_image)docker_image_list)base)util) filter_util)requests) storage_api) storage_util) docker_util)log) resources) transports)files)urllibspdx cyclonedxzRThe file is not in a supported SBOM format. Only spdx and cyclonedx are supported.zapplication/vnd.in-toto+jsonz!https://in-toto.io/Statement/v0.1z+https://bcid.corp.google.com/reference/v0.1zapplication/spdx+jsonzapplication/jsonzapplication/vnd.cyclonedx+jsonz>https://containeranalysis.googleapis.com/ArtifactAnalysis@v0.1z spdx.jsonjsonzbom.json$abcdefghijklmnopqrstuvwxyz0123456789zregistry.hub.docker.comlibraryhttphttpsartifactregistrygcrothercUSnSn[U[R5(a+[R"SU5nUbUR S5nU(d%[ R"SRU55e[[US9$)Retrieves version from the given SBOM dict. Args: data: Parsed json content of an SBOM file. Raises: ar_exceptions.InvalidInputValueError: If the sbom format is not supported. Returns: A SbomFile object with metadata of the given sbom. spdxVersionNz^SPDX-([0-9]+[.][0-9]+)$zUnable to read spdxVersion {0}. sbom_formatversion) isinstancesix string_typesrematchgroup ar_exceptionsInvalidInputValueErrorformatSbomFile_SBOM_FORMAT_SPDX)data spdx_versionr*rs 5lib/googlecloudsdk/command_lib/artifacts/sbom_util.py _ParseSpdxr:Ys}m$, ' c..// ,l;A} g   . .)00>  / AAcrSU;a[R"S5eSn[US[R5(a-[ R "SUS5nUbUR5nU(d6[R"SRUSR555e[[US9$)r% specVersionz1Unable to find specVersion in the CycloneDX file.Nz^[0-9]+[.][0-9]+$zUnable to read specVersion {0}.r() r1r2r+r,r-r.r/r0r3__str__r4_SBOM_FORMAT_CYCLONEDX)r6r*r8s r9_ParseCycloneDxr@ss$  . .;  ']#S%5%566 %tM':;A} g   . .)00m1D1L1L1NO  4g FFr;c4[R"U5n[R"U5nSU;a [U5nO;URS5S:Xa [U5nO[ R "[5e[R"[R"U55R!5nXTR"S'U$![an[ R "SU5eSnAf[Ran[ R "SU5eSnAff=f)aRetrieves information about a docker image based on the fully-qualified name. Args: file_path: str, The sbom file location. Raises: ar_exceptions.InvalidInputValueError: If the sbom format is not supported. Returns: An SbomFile object with metadata of the given sbom. z!The file is not a valid JSON fileNzFailed to read the sbom filer& bomFormat CycloneDXsha256)rReadFileContentsrloads ValueErrorr1r2Errorr:getr@_UNSUPPORTED_SBOM_FORMAT_ERRORhashlibrDr, ensure_binary hexdigestdigests) file_pathcontentr6eres sha256_digests r9 ParseJsonSbomrTs $$Y/G ::g Dd T C xx  + $ C  . ./M NN..!2!27!;<FFH-'++h *#   . .+Q    . .& s#,C D C$$D;DDc [R"U5upURnSURR SS50n[ UR 5URURU[[S9$)zRetrieves metadata from the given AR docker image. Args: uri: Uri of the AR docker image. Raises: ar_exceptions.InvalidInputValueError: If the uri is invalid. Returns: An Artifact object with metadata of the given artifact. rDsha256: resource_uriprojectlocationrN artifact_typescheme) rDockerUrlToVersion docker_repodigestreplaceArtifactGetDockerStringrZr[ARTIFACT_TYPE_AR_IMAGE_REGISTRY_SCHEME_HTTPS)uriimagedocker_versionreporNs r9_GetARDockerImagerjso&88=%   $ ~,,44YC D' !113ll}}* #  r;c SSSSS.n[R"U5nSnSn[ R"[RU5nU(a$XRS5nURS5n[ R"[RU5nU(a5XRS5nURS5RS S S 5nU(aU(d[R"S 5e[UR5UUS URRSS50[ ["S9$![Ra*n[R"SR U55eSnAff=f)zRetrieves information about the given GCR image. Args: uri: str, The artifact uri. Raises: ar_exceptions.InvalidInputValueError: If the uri is invalid. Returns: An Artifact object with metadata of the given artifact. useuropeasia)z us.gcr.iozgcr.ioz eu.gcr.ioz asia.gcr.ioz-Failed to resolve digest of the GCR image: {}NrirZ/:r'z8Failed to parse project and location from the GCR image.rDrVrWrX)gcr_utilGetDigestFromNameInvalidImageNameErrorr1r2r3r.r/rGCR_DOCKER_REPO_REGEXr0#GCR_DOCKER_DOMAIN_SCOPED_REPO_REGEXrarbr>r`ARTIFACT_TYPE_GCR_IMAGEre)rf location_map docker_digestrQrZr[matchess r9 _GetGCRImagerzsM ,..s3M ' ( HH[66 <' MM&12HmmI&G HH[DDc J' MM&12HmmI&..sC;G   . .B   ((*--55iDE+ #  %  ' '  . .7>>qA sD88E6 %E11E6c6[R"[R"5U[R "5S9nUR 5(aUR5sSSS5 $SSS5 [R"[R"5U[R "5[RS9nUR 5(aUR5sSSS5 $SSS5 g!,(df  N=f!,(df  g=f)zReturns Digest of the given Docker image. Lookup registry to get the manifest's digest. If it returns a list of manifests, will return the first one. Args: image: docker_name.Tag or docker_name.Digest, Docker image. Returns: An str for the digest. ) basic_credsname transportN)r|r}r~accepted_mimes) v2_2_image_list FromRegistryr AnonymousrGetApitoolsTransportexistsr` v2_2_imagev2_2_docker_httpSUPPORTED_MANIFEST_MIMES)rg manifest_listv2_2_imgs r9_ResolveDockerImageDigestrs##((* //1  ! ! #   ((* //1%>>   __  s%C9%D /D 9 D Dc [R"U5n[U[R5(a.[ USUR R SS50[SSSS9$UnSU;aUS-n[R"US 9n[R"UR 5n[#U5nU(d%[R"S RU55eS RUR UR.US 9n[ USUR SS50[SSUS9$![R4a4n[R"SRU[U555eSnAff=f![R$[&R(R*[R,4a4n[R"SRU[U555eSnAff=f) a*Retrieves information about the given docker image. Args: uri: str, The artifact uri. Raises: ar_exceptions.InvalidInputValueError: If the artifact is with tag, and it can not be resolved by querying the docker http APIs. Returns: An Artifact object with metadata of the given artifact. rDrVrWNrYrNr\rZr[r]zFailed to resolve {0}: {1}rpz:latestr}zFailed to resolve {0}.z{registry}/{repo}@{digest})registryrir`)r from_stringr+Digestrbr`raARTIFACT_TYPE_OTHERBadNameExceptionr1r2r3strTagrSchemerrV2DiagnosticExceptionrr InvalidURLBadStateException repository)rf image_digestrQ image_uri image_tagr]r`rYs r9_GetDockerImagers**3/L, 2 233 \0088BGH+ 4)^iIoo9-)  " "9#5#5 6&  &y 1F   . . '', .44!! (<(? +  s AB.-6B)#B.)B.cNURU5(aU[U5S$U$N) startswithlenvalueprefixs r9 _RemovePrefixr}s) f V  ,r;c:URU5(dX-nU$r)rrs r9 _EnsurePrefixrs   & ! ! NE ,r;cURnURnURnU(aU(dU(dU(aU(a[R"S5e[ R "5RS/5n[R"U5nU(a[ R "5RS/5RSRU55n[[R"XVR5S55nU(d/$[!SU55nUR#U5 U(a[%US5n SRU 5U /n ['U 5n XR(:wa*U SRU R(5U R(/-n U R*(a+[R,"U R*UR.5nUR#U 5 U(a.[%US5n UR;SRU 5U /5 U(a%[R<"XTR?55n O/[R"XTR5UR@5n U(a [CU 5$U Vs/sHn[EU05PM sn$![R[0R24a# [4R6R9S 5 GNf=fs snf) ztLists SBOM references in a given project. Args: args: User input arguments. Returns: List of SBOM references. zYCannot specify more than one of the flags --dependency, --resource and --resource-prefix.SBOM_REFERENCEPACKAGEz%ListSbomReferences..sP4AK;:K;cDUVs/sHn[U5PM sn$s snfr)_VerifyGCSObject)rrs r9rrs +/ 04C 3 4 00 0sc[R"5n[RR UR R RR5n0nURU5 SUS'[%X5$![Ra SUS'N&[Ra5n[R"UR5nUSSUS'SnANiSnAf[ an[#U5US'SnANSnAff=f)zVerify the existence and the content of a GCS SBOM file object. Args: occ: SBOM reference occurrence. Returns: An SbomReference object with the input occurrence and SBOM file information. TrFerrormessageerr_msgN)r StorageClientrObjectReferenceFromUrl sbomReferencepayload predicater[ GetObjectapitools_exceptionsHttpNotFoundError HttpErrorrrFrP Exceptionrr)r gcs_clientobj_ref file_inforQmsgs r9rrs((**  ( ( 0 0 ))22 ') !Ih s &&  . . Ih  & &3 **QYY Cw< 2Ii "q6Ii"s* BDD/+C D,C??Dc$SRX5$)Nzartifactanalysis-{0}-{1})r3) project_numr[s r9_DefaultGCSBucketNamers # * *8 AAr;c  [RRSU05SSnURR SS5nSR "S 0UR SS5R S5UUUR5S .D6$) Nrf.-z;gs://{storage_path}/{uri_encoded}/sbom/user-{version}.{ext}zgs://rWro) storage_path uri_encodedr*ext)rparse urlencoder*rar3rstrip GetExtension)rrYsbomrr*s r9_GetSbomGCSPathrs &&|'<=abA+ LL c *' G O O &..w;BB3G$""$   r;c V[R"5nURUS9nUGH5n[R"SR UR 55 UR RU5(dMUURR5S:Xa1[R"SR UR 55 MURR5UR5:waZ[R"SR UR URR5UR555 GM*UR s $ US-n[[5H nU[R"[5-nM" UR!UUUSSS9 UR#US 9nUR$(a [&R("UR$5O0nS US '[&R*"XR,R.R05UlUR,R3UUS 9n UR4R6R9U 5 U$![:a0n [R<"S R Xj55 Sn A U$Sn A ff=f)aFind an appropriate default bucket to store the SBOM file. Find a bucket with the same prefix same as the default bucket in the project. If no bucket could be found, will start to create a new bucket by concatenating the default bucket name and a random suffix. Args: default_bucket: str, targeting default bucket name for the resource. project_id: str, project we will use to store the SBOM. location: str, location we will use to store the SBOM. Returns: bucket_name: str, name of the prepared bucket. rZzVerifying bucket {}z dual-regionzSkipping dual region bucket {}z4The bucket {0} has location {1} is not matching {2}.rT)bucketrZr[check_ownershipenable_uniform_level_accessrartifact-analysisgoog-managed-byrbucketResource%Failed to add labels to bucket {}: {}N)rr ListBucketsrrr3r}r locationTypelowerr[range_BUCKET_SUFFIX_LENGTHrandomchoice_BUCKET_NAME_CHARSCreateBucketIfNotExists GetBucketlabelsr MessageToDict DictToMessagemessagesBucket LabelsValueStorageBucketsPatchRequestclientbucketsPatchrwarning) default_bucket project_idr[rrr bucket_name_ labels_dictrequestrQs r9_FindAvailableGCSBucketr%#s2((**  " ": " 6'fII#**6;;78 ;; ! !. 1 1   "m3 ii077 DE (.."22 ii @ G Gkk6??002HNN4D   ;;"$+ & 'a .@ AAK ( $$ "& %P  ! ! ! 5F;A==(((7bK%8K!"**((//;;FM!!<<=G##G,  PKK7>>{NOO Ps-B?I.. J(8%J##J(c[R"5nU(a[X1RU5nGOp[R "UR 5nUR nURnUS:XaSn[Xh5n U n Sn URU UUSS9 URU S9n U R(a [R"U R5O0n SU S'[R"XRR R"5U l URR%U U S 9nUR&R(R+U5 U (a [=XU5n [.R6"SR3U 55 [XRU5n[>R@RCU5nUREUU5 U$![,a/n[.R0"S R3X55 S nANS nAff=f![R4a [.R6"S 5 Sn N[8R:a [.R6"S 5 Sn GNf=f)aUpload an SBOM file onto the GCS bucket in the given project and location. Args: source: str, the SBOM file location. artifact: Artifact, the artifact metadata SBOM file generated from. sbom: SbomFile, metadata of the SBOM file. gcs_path: str, the GCS location for the SBOm file. If not provided, will use the default bucket path of the artifact. Returns: dest: str, the GCS storage path the file is copied to. rmeuFT)rrZr[rrrrrr Nz)The default bucket is in a wrong project.z&The default bucket cannot be accessed.zUsing bucket: {})#rrrrY project_utilGetProjectNumberrZr[rrrrrrrrrrrrrrrrrr3BucketInWrongProjectErrorrrHttpForbiddenErrorr%rrr CopyFileToGCS)sourcerrgcs_pathrdestrbucket_projectbucket_locationrr!use_backup_bucketrr#r$rQ target_refs r9UploadSbomToGCSr4as.((** 8%:%:D AD//0@0@AK%%N''O("o*;HN K%(( " )  %%[%95;]]H " "6== 1 *= %& .. ,,33??  %%@@!A  !!''0"+ /kII '' 45 ;(=(=t DD++33D9* 6:. +5  3 : :; J     0 0 ii;<  1 1 ii89 s=HB?G H"%H H HH,I1+I10I1c([R"5n[R"5n[URUR 5n[ RRSUUS9R5nURUS9nURRU5n[R "S R#U55 U$![Ra [R "SR#U55 UR%URUR S9nUR'UR&R(R*US9n UR-SR#US9UU S 9n URRU 5nNf=f) zCreate the SBOM reference note if not exists. Args: project_id: str, the project we will use to create the note. sbom: SbomFile, metadata of the SBOM file. Returns: A Note object for the targeting SBOM reference note. z containeranalysis.projects.notes) collection projectsIdnotesIdrz"Note not found. Creating note {0}.)r3r*)kindrprojects/{project}r)parentnoteIdnotezget note results: {0})r GetClient GetMessages_GetReferenceNoteIDr)r*rREGISTRYCreate RelativeName(ContaineranalysisProjectsNotesGetRequestprojects_notesGetrrrrr3SBOMReferenceNoteNoteKindValueValuesEnumr+ContaineranalysisProjectsNotesCreateRequest) r rrrnote_idr} get_requestr=sbom_referencenew_notecreate_requests r9_CreateSbomRefNoteIfNotExistsrPsx  "&  $ $ &(  0 0$,, ?'    " "3 # LN  8CCCNK  $ $[ 1D")) # * *4 01 +#  . .8II299$?@//0N}} ]] . . = =$HII#**:*> JN  ' ' 7D8s9*C CFFct[R"5nURR5nURR 5HBupgUR RURRRUUS95 MD URUUUR5[S9nUR[[US9n URR5n URR 5HBupgU R RURRRUUS95 MD URXRS9n U R RU 5 UR#U [$S9n UR'U UR(UR+5S9n U $)aXCreate the SBOM reference note if not exists. Args: artifact: Artifact, the artifact metadata SBOM file generated from. sbom: SbomFile, metadata of the SBOM file. note: Note, the Note object we will use to attach occurrence. storage: str, the path that SBOM is stored remotely. Returns: An Occurrence object for the SBOM reference. )keyr)r`r[mimeType referrerId) predicateType_typer)r`r})r payloadType)rnoteNamer)rr?SbomReferenceIntotoPredicate DigestValuerNitemsadditionalPropertiesappendAdditionalProperty GetMimeType_SBOM_REFERENCE_REFERRERIDSbomReferenceIntotoPayload_SBOM_REFERENCE_PREDICATE_TYPE_SBOM_REFERENCE_TARGET_TYPESubjectrYsubjectSBOMReferenceOccurrence_SBOM_REFERENCE_PAYLOAD_TYPE Occurrencer}GetOccurrenceResourceUri)rrr=storager sbom_digsetskvrrartifact_digests sbom_subjectref_occrs r9_GenerateSbomRefOccurrencerqs $ $ &(66BBD,ll  "da%%,,--99LL M #33 !+ 4)  / /2 ' 0 ' %%113$$&da))00$$77 8 '!! $9$9", //&  , ,. - ' yy335  # *r;cHURSS5nSRX5$)Nrrz sbom-{0}-{1})rar3)r) sbom_versionsbom_version_encodeds r9r@r@s&%--c37   { AAr;c[R"5nURUR5/5 UR S/5 [ UR UR5n[URS55S:aURS5SnURSRXB55 UR5$)Nrror'rz$noteId="{0}" AND noteProjectId="{1}") rrrrirr@r)r*rsplitrr3r)rrr frKs r9$_GenerateSbomRefOccurrenceListFilterrxs))+!//844678++ !  0 0$,, ?'  # !#!!#&q)J,33GH r;cVS[U5URS5[U5U4-$)zCreates DSSEv1 Pre-Authentication encoding for given type and payload. Args: payload_type: str, the SBOM reference payload type. payload: bytes, the serialized SBOM reference payload. Returns: A bytes of DSSEv1 Pre-Authentication encoding. sDSSEv1 %d %b %d %bzutf-8)rencode) payload_typers r9_PAEr|,s6  ,'" 'l " r;c[R"[R"URR 55n[ URRU5n[R"5n[R"5nURUURUS9S9nURRU5n[R "5nUR#XR$S9n UR'UURRU /S9UlURR*R-U 5 U$)aAdd signatures in reference occurrence by using the given kms key. Args: occ: Occurrence, the SBOM reference occurrence object we want to sign. kms_key_version: str, a kms key used to sign the reference occurrence. Returns: An Occurrence object with signatures added. )r6)r}asymmetricSignRequest)keyidsig)rrW signatures)r,rLr MessageToJsonrrr|rW cloudkms_baseGetClientInstanceGetMessagesModuleQCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsAsymmetricSignRequestAsymmetricSignRequest8projects_locations_keyRings_cryptoKeys_cryptoKeyVersionsAsymmetricSignrr?EnvelopeSignature signatureEnvelopeenveloperr]) rkms_key_version payload_bytesr6 kms_client kms_messagesreqresprevelope_signatures r9_SignSbomRefOccurrencePayloadr?s)##S..667- c++] ;$..0*002,ff (>>D>I g #  L L [ [  $ $ $ &(00 1""##//#$##, %%&78 *r;cH[X5n[XXR5nU(a [Xd5n[XU5n[R "SR U55 [R"5n[R"5n [R"XS5n [R "SR U 55 Sn U Hn U n O U (af[R "SR U R55 U RU RUSS9n URRU 5nO8U RUSR US9S 9n URR!U 5n[R "S R U55 UR$) aWrite the reference occurrence to link the artifact and the SBOM. Args: artifact: Artifact, the artifact metadata SBOM file generated from. project_id: str, the project_id where we will use to store the Occurrence. storage: str, the path that SBOM is stored remotely. sbom: SbomFile, metadata of the SBOM file. kms_key_version: str, the kms key to sign the reference occurrence payload. Returns: A str for occurrence ID. z#listing occurrence with filter {0}.Nzlist successfully: {}zupdating occurrence {0}.zsbom_reference,envelope)r} occurrence updateMaskr:r)rr;zUsed occurrence: {0}.)rPrqrrxrrr3rr>r?rr}0ContaineranalysisProjectsOccurrencesPatchRequestprojects_occurrencesr1ContaineranalysisProjectsOccurrencesCreateRequestrB)rr rjrrr=rrwrrrold_occrr$s r9WriteReferenceOccurrencergsk 'z 8$ #84A# ' =C+8:F!)) 1 8 8 ;<  "&  $ $ &(  $ $ZD 9$)) # * *4 01 ' aG    II(// =>GG \\,HG  % % + +G 4CHH#**:*>IG  % % , ,W 5C)) # * *3 /0 /r;cUR(d[R"S5e[URS5n[R "U5(a [ U5nO[R"U5(a[U5n[R"5n[R"UR5nURURRR :wa[R"S5eO%[R"SR#U55e[$R&"U5nUR(a URn[$R("XPR*5n[,R."USR#UR055n[2R4R7SR#UR0UR855 g)zMExport SBOM files for a given AR image. Args: args: User input arguments. z--uri is required.rzyThis command only supports Artifact Registry. You can enable redirection to use gcr.io repositories in Artifact Registry.z%{} is not an Artifact Registry image.rzDExporting the SBOM file for resource {}. Discovery occurrence ID: {}N)rfr1r2rrrrjrrz ar_requestsr?GetProjectSettingsrZlegacyRedirectionStateProjectSettings%LegacyRedirectionStateValueValuesEnumREDIRECTION_FROM_GCR_IO_ENABLEDr3rrrr[rExportSbomV1beta1rYrrrdiscoveryOccurrenceId)rrfrrsettingsrZr;rs r9 ExportSbomrs   . .  dhh +#  %% %Hc""C H&&(H--h.>.>?H''  # # I I i i j  0 0 J  j  . ./66s;  OOD !' G >>'== 1&  & & l!!("7"78 $**L v     $ $r;c>\rSrSrSrSr\S5r\S5rSr g)riz|Holder for SBOM reference. Properties: occ: SBOM reference occurrence. file_info: Information of GCS object SBOM file. cXlX lgr)_occ _file_info)selfrrs r9__init__SbomReference.__init__s IOr;cUR$r)rrs r9rSbomReference.occs 99r;cUR$r)rrs r9rSbomReference.file_infos ??r;)rrN) __name__ __module__ __qualname____firstlineno____doc__rpropertyrr__static_attributes__rr;r9rrs4     r;rcZ\rSrSrSrSrSrSr\S5r \S5r \S5r S r g ) r4izHolder for SBOM file's metadata. Properties: sbom_format: Data format of the SBOM file. version: Version of the SBOM format. digests: A dictionary of digests, where key is the algorithm. c:XlX l[5Ulgr) _sbom_format_versiondict_digests)rr)r*s r9rSbomFile.__init__s#MFDMr;cvUR[:Xa[$UR[:Xa[$[ $r)rr5_SBOM_REFERENCE_SPDX_MIME_TYPEr?#_SBOM_REFERENCE_CYCLONEDX_MIME_TYPE!_SBOM_REFERENCE_DEFAULT_MIME_TYPErs r9r_SbomFile.GetMimeType2 -- ++ 22 00 ,,r;cvUR[:Xa[$UR[:Xa[$[ $r)rr5_SBOM_REFERENCE_SPDX_EXTENSIONr?#_SBOM_REFERENCE_CYCLONEDX_EXTENSION!_SBOM_REFERENCE_DEFAULT_EXTENSIONrs r9rSbomFile.GetExtensionrr;cUR$rrrs r9rNSbomFile.digests ==r;cUR$r)rrs r9r)SbomFile.sbom_formats   r;cUR$r)rrs r9r*SbomFile.versionrr;)rrrN) rrrrrrr_rrrNr)r*rrr;r9r4r4sR --      r;r4ct\rSrSrSrSr\S5r\S5r\S5r \S5r \S5r S r S r g ) rbi akHolder for Artifact's metadata. Properties: resource_uri: str, Uri will be used when storing as a reference occurrence. project: str, Project of the artifact. location: str, Location of the artifact. digests: A dictionary of digests, where key is the algorithm. artifact_type: str, Type of the provided artifact. scheme: str, Scheme of the registry. cLXlX lX0lX@lXPlX`lgr) _resource_uri_project _locationr_artifact_type_scheme)rrYrZr[rNr\r]s r9rArtifact.__init__s$&MNM'Lr;cUR$r)rrs r9rYArtifact.resource_uri s   r;cUR$r)rrs r9rZArtifact.project$rr;cUR$r)rrs r9r[Artifact.location(s >>r;cUR$rrrs r9rNArtifact.digests,rr;cUR$r)rrs r9r\Artifact.artifact_type0s   r;c|URc UR$SRURURS9$)Nz{scheme}://{uri})r]rf)rrYr3rs r9ri!Artifact.GetOccurrenceResourceUri4s8 ||     $ $DLLd>O>O $ PPr;)rrrrrrN)rrrrrrrrYrZr[rNr\rirrr;r9rbrb sv           Qr;rbr)gr __future__rrrrKrrr.apitools.base.pyrrrcontainerregistry.clientrr containerregistry.client.v2_2r rr rr r googlecloudsdk.api_lib.artifactsr1googlecloudsdk.api_lib.cloudkmsr r'googlecloudsdk.api_lib.container.imagesrrq(googlecloudsdk.api_lib.containeranalysisrrrgooglecloudsdk.api_lib.storagerr$googlecloudsdk.command_lib.artifactsrr#googlecloudsdk.command_lib.projectsr(googlecloudsdk.corerrrgooglecloudsdk.core.utilrr, six.movesrr5r?rJrgrcrbrrrr`rrrrr_DEFAULT_DOCKER_REGISTRY_DEFAULT_DOCKER_REPOSITORY_REGISTRY_SCHEME_HTTPrerdrvrr:r@rTrjrzrrrrrrrrrrr%r4rPrqr@rxr|rrrobjectrr4rbrr;r9rs'&' %>10IDNHAD@L67<H5D#)** $/ >A6"9$6!&F#D"-$*!&0#;4& +B4G:zB  `2F1'DB ;|M`(V: zB &% P5p*ZF*&v&R-Qv-Qr;