e6SrSSKJr SSKJr SSKJr SSKJr Sr "SS\R5r "S S \R5r "S S \R5r "S S\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS \R5r"S!S"\R5r"S#S$\R5r"S%S&\R5r"S'S(\R5r"S)S*\R5r"S+S,\R5r"S-S.\R5r"S/S0\R5r"S1S2\R5r "S3S4\R5r!"S5S6\R5r""S7S8\R5r#"S9S:\R5r$"S;S<\R5r%"S=S>\R5r&"S?S@\R5r'"SASB\R5r("SCSD\R5r)"SESF\R5r*"SGSH\R5r+"SISJ\R5r,"SKSL\R5r-"SMSN\R5r."SOSP\R5r/"SQSR\R5r0"SSST\R5r1"SUSV\R5r2"SWSX\R5r3"SYSZ\R5r4"S[S\\R5r5"S]S^\R5r6"S_S`\R5r7"SaSb\R5r8"ScSd\R5r9"SeSf\R5r:"SgSh\R5r;"SiSj\R5r<"SkSl\R5r="SmSn\R5r>"SoSp\R5r?"SqSr\R5r@"SsSt\R5rA"SuSv\R5rB"SwSx\R5rC"SySz\R5rD"S{S|\R5rE"S}S~\R5rF"SS\R5rG"SS\R5rH"SS\R5rI"SS\R5rJ"SS\R5rK"SS\R5rL"SS\R5rM"SS\R5rN"SS\R5rO"SS\R5rP"SS\R5rQ"SS\R5rR"SS\R5rS"SS\R5rT"SS\R5rU"SS\R5rV"SS\R5rW"SS\R5rX"SS\R5rY"SS\R5rZ"SS\R5r["SS\R5r\"SS\R5r]"SS\R5r^"SS\R5r_"SS\R5r`"SS\R5ra"SS\R5rb"SS\R5rc"SS\R5rd"SS\R5re"SS\R5rf"SS\R5rg\R"\eSS5 \R"\eRSS5 \R"\eRSS5 \R"\SS5 \R"\SS5 \R"\SS5 \R"\SS5 \R"\SS5 \R"\SS5 \R"\SS5 g)zBGenerated message classes for artifactscanguard version v1alpha. )absolute_import)messages)encoding) extra_typesartifactscanguardc\rSrSrSr\R "SS5r\R"S5r \R"S5r Sr g) AffectedPackagezAffected package details. Fields: fixPackage: Output only. The package the issue was fixed in. name: Output only. The name of the package. version: Output only. The version of the package. FixPackageN) __name__ __module__ __qualname____firstlineno____doc__ _messages MessageField fixPackage StringFieldnameversion__static_attributes__rilib/googlecloudsdk/generated_clients/apis/artifactscanguard/v1alpha/artifactscanguard_v1alpha_messages.pyr r s;%%lA6*   q !$  ! !! $'rr c\rSrSrSr\R "S5r\R"SS5r \R"S5r \R"S5r \R"SS 5r \R"S S 5r\R"S 5r\R "S 5r\R"SSSS9r\R"S5rSrg)ArtifactEvaluationaArtifactEvaluation contains details about the evaluation. Fields: conformant: Output only. Boolean flag which captures whether the evaluation was conformant or not. The conformance result is calculated based on policyEvaluation against the image CVEs. context: Required. PipelineContext contains details about the evaluation. createTime: Output only. The time at which the evaluation was created. etag: Optional. The etag for this connector. If this is provided on update, it must match the server's etag. evaluationResponse: Output only. The comprehensive response details of this artifact evaluation. imageMetadata: Required. ArtifactMetadata contains details about the image. name: Output only. The name of the artifactEvaluation, in the format `orga nizations/{organization_id}/locations/global/artifactEvaluations/{artifa ct_evaluation_id}`. reconciling: Output only. Indicates if changes are in flight. Whether the connector is in the process of being updated. See https://google.aip.dev/128 for more details. severityGroups: Output only. Aggregated CVE information grouped by severity. This is derived from the data within evaluation_response.cves. updateTime: Output only. The time at which the evaluation was last updated. r PipelineContextr rEvaluationResponseArtifactMetadata SeverityGroup Trepeated rN)rrrrrr BooleanField conformantrcontextr createTimeetagevaluationResponse imageMetadatar reconcilingseverityGroups updateTimerrrrrrs4%%a(*  " "#4a 8'$$Q'*   q !$ --.BAF(();Q?-   q !$&&q)+))/1tL.$$R(*rrc<\rSrSrSr\R "S5rSrg)ArtifactEvaluationMetadataEzArtifactEvaluationMetadata contains metadata about the artifact evaluation. Fields: idempotentId: Output only. The idempotent ID for the artifact evaluation. r rN) rrrrrrr idempotentIdrrrrr9r9Es&&q),rr9c\rSrSrSr\R "S5r\R "S5r\R "S5r \R "S5r \R "SSS 9r \R "S 5r \R "S 5r S rg )r%Pa*ArtifactMetadata contains details to uniquely identify a built image. Fields: buildTime: Optional. The time at which the image was built. imageDigest: Required. SHA256 hash of the image. For eg.: sha256:3b4173355427fabc9e0ddf909b0a3b4a715a831470a9a548839f6e6caa3b7e87 Format: ^sha256:[a-f0-9]{64}$ imageId: Optional. Unique image_id generated for an image after each build. For eg.: 4ecb2f62fbbd Format: ^[a-f0-9]{12}$ imageName: Required. Name of docker image, usually of format [REGISTRY_HOST[:PORT]/][USERNAME/]REPOSITORY, for eg.: nginx myrepo/myapp gcr.io/my-project/myapp registry.example.com:5000/custom/image format: ^([a-z0-9]+(?:._-+)*)(/[a-z0-9]+(?:._-+)*)*$ imageTag: Required. A tag identifies a specific version of an image. For eg.: latest v1.0.0 release-2024 123abc_test Format: ^\w{0,127}$ purlUri: Optional. The unique GCS file name where purl is stored. Format: [BUCKET_NAME]/[OBJECT_NAME] sbomUri: Optional. The unique GCS file name where sbom is stored. Format: [BUCKET_NAME]/[OBJECT_NAME] r r rr"r$Tr+r&r'rN)rrrrrrr buildTime imageDigestimageId imageNameimageTagpurlUrisbomUrirrrrr%r%Ps{,##A&)%%a(+  ! !! $'##A&)  " "1t 4(  ! !! $'  ! !! $'rr%c\rSrSrSr\R "S5r\R "S5r\R"SS5r \R "S5r \R "S5r S r g ) ArtifactPoliciesEvaluationpaPRepresents an artifact evaluation resource. This resource will be created by the RunArtifactPoliciesEvaluation RPC. Represents an artifact evaluation resource, detailing the outcome of scans and policy checks. Fields: artifactId: Immutable. The unique identifier for the artifact that was evaluated. connectorId: Immutable. The pipeline instance ID that this artifact evaluation applies to. evaluationResponse: Output only. The comprehensive response details of this artifact evaluation. name: Output only. Identifier. Resource name for the artifactPoliciesEvaluation, assigned by the server. Format: organization s/{organization_id}/locations/{location}/artifactPoliciesEvaluations/{ar tifact_policies_evaluation_id} scanTime: Output only. The timestamp when the artifact scan and evaluation were performed. r r r#rr"r$rN)rrrrrrr artifactId connectorIdrr3rscanTimerrrrrFrFps]&$$Q'*%%a(+ --.BAF   q !$  " "1 %(rrFc\rSrSrSr\R "SS5r\R"S5r \R"SSS9r S r g ) 8ArtifactscanguardFoldersLocationsConnectorsCreateRequestaA ArtifactscanguardFoldersLocationsConnectorsCreateRequest object. Fields: connector: A Connector resource to be passed as the request body. connectorId: Required. Id of the requesting object connector_id from the method_signature of Create RPC parent: Required. The parent resource where this connector will be created. Format: organizations/{organization_id}/locations/{location} Connectorr r rTrequiredrN rrrrrrr connectorrrIparentrrrrrLrL=$$[!4)%%a(+  T 2&rrLc:\rSrSrSr\R "SSS9rSrg)8ArtifactscanguardFoldersLocationsConnectorsDeleteRequestzsA ArtifactscanguardFoldersLocationsConnectorsDeleteRequest object. Fields: name: Required. Name of the resource r TrOrN rrrrrrrrrrrrrVrV   q4 0$rrVc:\rSrSrSr\R "SSS9rSrg)5ArtifactscanguardFoldersLocationsConnectorsGetRequestzA ArtifactscanguardFoldersLocationsConnectorsGetRequest object. Fields: name: Required. The name of the connector, in the format `organizations/{organization}/locations/global/connectors/{connector_id} ` r TrOrNrXrrrr[r[   q4 0$rr[c\rSrSrSr\R "S5r\R "S5r\R"S\RRS9r \R "S5r \R "SS S 9rS rg ) 6ArtifactscanguardFoldersLocationsConnectorsListRequestaA ArtifactscanguardFoldersLocationsConnectorsListRequest object. Fields: filter: Optional. Filtering results orderBy: Optional. Hint for how to order the results pageSize: Optional. Requested page size. Server may return fewer items than requested. If unspecified, server will pick an appropriate default. pageToken: Optional. A token identifying a page of results the server should return. parent: Required. Parent value for ListConnectorsRequest r r rvariantr"r$TrOrNrrrrrrrfilterorderBy IntegerFieldVariantINT32pageSize pageTokenrSrrrrr_r_i    #&  ! !! $'  # #Ay/@/@/F/F G(##A&)  T 2&rr_c\rSrSrSr\R "SS5r\R"SSS9r \R"S5r S r g ) 7ArtifactscanguardFoldersLocationsConnectorsPatchRequesta)A ArtifactscanguardFoldersLocationsConnectorsPatchRequest object. Fields: connector: A Connector resource to be passed as the request body. name: Optional. The name of the connector. Format: `organizations/{organiz ation}/locations/{location}/connectors/{connector_id}`, `folders/{folder}/locations/{location}/connectors/{connector_id}`, or `projects/{project}/locations/{location}/connectors/{connector_id}`. updateMask: Optional. Field mask is used to specify the fields to be overwritten in the Connector resource by the update. The fields specified in the update_mask are relative to the resource, not the full request. A field will be overwritten if it is in the mask. If the user does not provide a mask then all fields present in the request will be overwritten. rNr r TrOrrN rrrrrrrrRrr updateMaskrrrrrmrm= $$[!4)   q4 0$$$Q'*rrmc:\rSrSrSr\R "SSS9rSrg)+ArtifactscanguardFoldersLocationsGetRequestzgA ArtifactscanguardFoldersLocationsGetRequest object. Fields: name: Resource name for the location. r TrOrNrXrrrrsrsrYrrsc\rSrSrSr\R "SSS9r\R "S5r\R "SSS9r \R"S \RRS 9r \R "S 5rS rg ),ArtifactscanguardFoldersLocationsListRequestaA ArtifactscanguardFoldersLocationsListRequest object. Fields: extraLocationTypes: Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage. filter: A filter to narrow down results to a preferred subset. The filtering language accepts strings like `"displayName=tokyo"`, and is documented in more detail in [AIP-160](https://google.aip.dev/160). name: The resource that owns the locations collection, if applicable. pageSize: The maximum number of results to return. If not set, the service selects a default. pageToken: A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page. r Tr+r rrOr"rar$rNrrrrrrrextraLocationTypesrdrrfrgrhrirjrrrrrvrvl !,,Q>   #&   q4 0$  # #Ay/@/@/F/F G(##A&)rrvc:\rSrSrSr\R "SSS9rSrg)8ArtifactscanguardFoldersLocationsOperationsCancelRequestzA ArtifactscanguardFoldersLocationsOperationsCancelRequest object. Fields: name: The name of the operation resource to be cancelled. r TrOrNrXrrrr|r|rYrr|c:\rSrSrSr\R "SSS9rSrg)8ArtifactscanguardFoldersLocationsOperationsDeleteRequestizA ArtifactscanguardFoldersLocationsOperationsDeleteRequest object. Fields: name: The name of the operation resource to be deleted. r TrOrNrXrrrrrrYrrc:\rSrSrSr\R "SSS9rSrg)5ArtifactscanguardFoldersLocationsOperationsGetRequestizuA ArtifactscanguardFoldersLocationsOperationsGetRequest object. Fields: name: The name of the operation resource. r TrOrNrXrrrrrrYrrc\rSrSrSr\R "S5r\R "SSS9r\R"S\RRS9r \R "S 5r \R"S 5rS rg ) 6ArtifactscanguardFoldersLocationsOperationsListRequestiaA ArtifactscanguardFoldersLocationsOperationsListRequest object. Fields: filter: The standard list filter. name: The name of the operation's parent resource. pageSize: The standard list page size. pageToken: The standard list page token. returnPartialSuccess: When set to `true`, operations that are reachable are returned as normal, and those that are unreachable are returned in the [ListOperationsResponse.unreachable] field. This can only be `true` when reading across collections e.g. when `parent` is set to `"projects/example/locations/-"`. This field is not by default supported and will result in an `UNIMPLEMENTED` error if set unless explicitly documented otherwise in service or product specific documentation. r r TrOrrar"r$rNrrrrrrrrdrrfrgrhrirjr.returnPartialSuccessrrrrrrj   #&   q4 0$  # #Ay/@/@/F/F G(##A&)"//2rrc4\rSrSrSr\R "S5r\R "S5r\R "S5r \R "S5r \R "SSS 9r \R "S 5r \R "S 5r \R "S SS 9rSrg)LArtifactscanguardOrganizationsLocationsArtifactEvaluationsDataGatewayRequesti3a+A ArtifactscanguardOrganizationsLocationsArtifactEvaluationsDataGatewayRequest object. Fields: artifactMetadata_buildTime: Optional. The time at which the image was built. artifactMetadata_imageDigest: Required. SHA256 hash of the image. For eg.: sha256:3b4173355427fabc9e0ddf909b0a3b4a715a831470a9a548839f6e6caa3b7e87 Format: ^sha256:[a-f0-9]{64}$ artifactMetadata_imageId: Optional. Unique image_id generated for an image after each build. For eg.: 4ecb2f62fbbd Format: ^[a-f0-9]{12}$ artifactMetadata_imageName: Required. Name of docker image, usually of format [REGISTRY_HOST[:PORT]/][USERNAME/]REPOSITORY, for eg.: nginx myrepo/myapp gcr.io/my-project/myapp registry.example.com:5000/custom/image format: ^([a-z0-9]+(?:._-+)*)(/[a-z0-9]+(?:._-+)*)*$ artifactMetadata_imageTag: Required. A tag identifies a specific version of an image. For eg.: latest v1.0.0 release-2024 123abc_test Format: ^\w{0,127}$ artifactMetadata_purlUri: Optional. The unique GCS file name where purl is stored. Format: [BUCKET_NAME]/[OBJECT_NAME] artifactMetadata_sbomUri: Optional. The unique GCS file name where sbom is stored. Format: [BUCKET_NAME]/[OBJECT_NAME] parent: Required. The parent resource name, in the format `organizations/{organization}/locations/global`. r r rr"r$Tr+r&r'r(rOrN)rrrrrrrartifactMetadata_buildTimeartifactMetadata_imageDigestartifactMetadata_imageIdartifactMetadata_imageNameartifactMetadata_imageTagartifactMetadata_purlUriartifactMetadata_sbomUrirSrrrrrr3s8 )44Q7!*!6!6q!9&2215(44Q7'33AE&2215&2215  T 2&rrc:\rSrSrSr\R "SSS9rSrg)DArtifactscanguardOrganizationsLocationsArtifactEvaluationsGetRequestiZaA ArtifactscanguardOrganizationsLocationsArtifactEvaluationsGetRequest object. Fields: name: Required. The name of the artifactEvaluation, in the format `organiz ations/{organization}/locations/global/artifactEvaluations/{artifact_eva luation_id}` r TrOrNrXrrrrrZs   q4 0$rrc`\rSrSrSr\R "SSS9r\R"SS5r Sr g ) DArtifactscanguardOrganizationsLocationsArtifactEvaluationsRunRequestiga:A ArtifactscanguardOrganizationsLocationsArtifactEvaluationsRunRequest object. Fields: parent: Required. The parent resource name, in the format `organizations/{organization_id}/locations/global`. runArtifactEvaluationRequest: A RunArtifactEvaluationRequest resource to be passed as the request body. r TrORunArtifactEvaluationRequestr rN) rrrrrrrrSrrunArtifactEvaluationRequestrrrrrrgs0  T 2&!*!7!78VXY!Zrrc:\rSrSrSr\R "SSS9rSrg)LArtifactscanguardOrganizationsLocationsArtifactPoliciesEvaluationsGetRequestiva*A ArtifactscanguardOrganizationsLocationsArtifactPoliciesEvaluationsGetRequest object. Fields: name: Required. The full resource name of the policy to retrieve. Format: organizations/{organization_id}/locations/{location_id}/artifactPolicies Evaluation/{artifact_policies_evaluation_id} r TrOrNrXrrrrrvs   q4 0$rrc`\rSrSrSr\R "SSS9r\R"SS5r Sr g ) LArtifactscanguardOrganizationsLocationsArtifactPoliciesEvaluationsRunRequestiayA ArtifactscanguardOrganizationsLocationsArtifactPoliciesEvaluationsRunRequest object. Fields: parent: Required. The parent resource where this policy evaluation will be created. Format: organizations/{organization_id}/locations/{location} runArtifactPoliciesEvaluationRequest: A RunArtifactPoliciesEvaluationRequest resource to be passed as the request body. r TrO$RunArtifactPoliciesEvaluationRequestr rN) rrrrrrrrSr$runArtifactPoliciesEvaluationRequestrrrrrrs0   T 2&)2)?)?@fhi)j&rrc\rSrSrSr\R "SS5r\R"S5r \R"SSS9r S r g ) >ArtifactscanguardOrganizationsLocationsConnectorsCreateRequestiaA ArtifactscanguardOrganizationsLocationsConnectorsCreateRequest object. Fields: connector: A Connector resource to be passed as the request body. connectorId: Required. Id of the requesting object connector_id from the method_signature of Create RPC parent: Required. The parent resource where this connector will be created. Format: organizations/{organization_id}/locations/{location} rNr r rTrOrNrQrrrrrrTrrc:\rSrSrSr\R "SSS9rSrg)>ArtifactscanguardOrganizationsLocationsConnectorsDeleteRequestizyA ArtifactscanguardOrganizationsLocationsConnectorsDeleteRequest object. Fields: name: Required. Name of the resource r TrOrNrXrrrrrrYrrc:\rSrSrSr\R "SSS9rSrg);ArtifactscanguardOrganizationsLocationsConnectorsGetRequestizA ArtifactscanguardOrganizationsLocationsConnectorsGetRequest object. Fields: name: Required. The name of the connector, in the format `organizations/{organization}/locations/global/connectors/{connector_id} ` r TrOrNrXrrrrrr]rrc\rSrSrSr\R "S5r\R "S5r\R"S\RRS9r \R "S5r \R "SS S 9rS rg ) ArtifactscanguardOrganizationsLocationsOperationsCancelRequestizA ArtifactscanguardOrganizationsLocationsOperationsCancelRequest object. Fields: name: The name of the operation resource to be cancelled. r TrOrNrXrrrrrrYrrc:\rSrSrSr\R "SSS9rSrg)>ArtifactscanguardOrganizationsLocationsOperationsDeleteRequestizA ArtifactscanguardOrganizationsLocationsOperationsDeleteRequest object. Fields: name: The name of the operation resource to be deleted. r TrOrNrXrrrrrrYrrc:\rSrSrSr\R "SSS9rSrg);ArtifactscanguardOrganizationsLocationsOperationsGetRequestiz{A ArtifactscanguardOrganizationsLocationsOperationsGetRequest object. Fields: name: The name of the operation resource. r TrOrNrXrrrrrrYrrc\rSrSrSr\R "S5r\R "SSS9r\R"S\RRS9r \R "S 5r \R"S 5rS rg ) (rrc\rSrSrSrSrg)riz3The request message for Operations.CancelOperation.rNrrrrrrrrrrrsaRequired. The enforcement action to take when this policy is violated in the runtime scope. Values: RUNTIME_ENFORCEMENT_ACTION_UNSPECIFIED: The enforcement action is unspecified. AUDIT_ONLY: The policy is evaluated but not enforced. The policy violation is only logged and not reported. BLOCK_DEPLOYMENT: The policy is evaluated and enforced. The policy violation is reported and the resource is blocked. The deployment will be blocked based on policy evaluation in registry. rr r rN rrrrr&RUNTIME_ENFORCEMENT_ACTION_UNSPECIFIED AUDIT_ONLYBLOCK_DEPLOYMENTrrrr EnforcementActionValueValuesEnumr> ./*Jrrr rN) rrrrrrrrrenforcementActionrrrrrr1s- " ))*LaPrrc\rSrSrSr"SS\R 5r\R"SSSS9r \R"S 5r \R"S 5r \R"SS 5rS rg )EvaluatedPolicyiRaNested message for policy details specific to EvaluationResponse. Enums: PolicyEnforcementActionValueValuesEnum: Output only. The enforcement action to take when this policy is violated. This is populated only if the policy is violated. Fields: cves: Output only. List of CVEs that passed or failed the evaluation, as per the evaluation result. failureReason: Output only. The reason why the policy evaluation failed. Eg: "Maximum severity found: CRITICAL, Allowed maximum severity: MEDIUM." name: Output only. The name of the policy. policyEnforcementAction: Output only. The enforcement action to take when this policy is violated. This is populated only if the policy is violated. c$\rSrSrSrSrSrSrSrg)6EvaluatedPolicy.PolicyEnforcementActionValueValuesEnumifaOutput only. The enforcement action to take when this policy is violated. This is populated only if the policy is violated. Values: ENFORCEMENT_ACTION_UNSPECIFIED: The enforcement action is unspecified. AUDIT_ONLY: The policy is evaluated but not enforced. The policy violation is only logged and not reported. BLOCK: The policy is evaluated and enforced. The policy violation is reported and the resource is blocked. rr r rN rrrrrENFORCEMENT_ACTION_UNSPECIFIEDrBLOCKrrrr&PolicyEnforcementActionValueValuesEnumr$fs &'"J Err(rr Tr+r rr"rN)rrrrrrrr(rcvesr failureReasonrrpolicyEnforcementActionrrrrr"r"Rsb& y~~    q4 8$''*-   q !$%//0XZ[\rr"c$\rSrSrSr"SS\R 5r"SS\R 5r\R"SSS S 9r \R"SS 5r \R"SS 5r \R"S SS S 9r\R"S SS S 9rSrg)r#i{aThe comprehensive response structure for a policy evaluation. Enums: EnforcementActionValueValuesEnum: Output only. The recommended enforcement action in case the policy evaluation fails. It is populated only if the policy evaluation fails. If any one of the failed policies has a BLOCK enforcement action, then the overall enforcement action will be BLOCK. Otherwise, it will be AUDIT_ONLY. EvaluationStatusValueValuesEnum: Output only. The overall result of the evaluation. Fields: cves: Output only. List of CVEs found during the evaluation with detailed information. enforcementAction: Output only. The recommended enforcement action in case the policy evaluation fails. It is populated only if the policy evaluation fails. If any one of the failed policies has a BLOCK enforcement action, then the overall enforcement action will be BLOCK. Otherwise, it will be AUDIT_ONLY. evaluationStatus: Output only. The overall result of the evaluation. failedPolicies: Output only. List of policies that failed the evaluation. passedPolicies: Output only. List of policy IDs that passed the evaluation. c$\rSrSrSrSrSrSrSrg)3EvaluationResponse.EnforcementActionValueValuesEnumiaVOutput only. The recommended enforcement action in case the policy evaluation fails. It is populated only if the policy evaluation fails. If any one of the failed policies has a BLOCK enforcement action, then the overall enforcement action will be BLOCK. Otherwise, it will be AUDIT_ONLY. Values: ENFORCEMENT_ACTION_UNSPECIFIED: The enforcement action is unspecified. AUDIT_ONLY: The policy is evaluated but not enforced. The policy violation is only logged and not reported. BLOCK: The policy is evaluated and enforced. The policy violation is reported and the resource is blocked. rr r rNr%rrrrr.s &'"J Errc,\rSrSrSrSrSrSrSrSr Sr g ) 2EvaluationResponse.EvaluationStatusValueValuesEnumia!Output only. The overall result of the evaluation. Values: EVALUATION_STATUS_UNSPECIFIED: The evaluation status is unspecified. IN_PROGRESS: The evaluation is in progress. PASSED: The evaluation passed. FAILED: The evaluation failed. ERROR: The evaluation encountered an error. rr r rr"rN) rrrrrEVALUATION_STATUS_UNSPECIFIED IN_PROGRESSPASSEDFAILEDERRORrrrrEvaluationStatusValueValuesEnumr0s#%&!K F F Err6rr Tr+r rr"r"r$rN)rrrrrrrrr6rr)rr evaluationStatusfailedPoliciespassedPoliciesrrrrr#r#{s2$    q4 8$))*LaP(()JAN))*;QN.))*;QN.rr#c`\rSrSrSr\R "S5r\R "S5rSr g) ExemptedCVEizDefines a CVE and its exemption details. Fields: gracePeriodExpirationTime: Optional. The grace period at which the CVE exemption expires. id: Required. The CVE ID to be exempted. Example: CVE-2024-12345 r r rN) rrrrrrrgracePeriodExpirationTimeidrrrrr;r;s*(33A6Q"rr;c`\rSrSrSr\R "S5r\R "S5rSr g)r izThe fix package details. Fields: name: Output only. The name of the package. version: Output only. The version of the package. r r rN rrrrrrrrrrrrrr r s)   q !$  ! !! $'rr c\rSrSrSr\R "S5r\R "S5r\R "S5r Sr g) GithubActioniaGithubAction contains details about the GitHub workflow. https://docs.github.com/en/actions/writing-workflows/choosing-what-your- workflow-does/store-information-in-variables#default-environment-variables Fields: repository: Optional. The github repository name. eg.: octocat/hello-world my-org/my_repo-1 user.name/project.test format: ^[a-zA-Z0-9_.-]+\/[a-zA-Z0-9_.-]+$ runId: Required. Globally unique identifier for each run of the workflow. This value does not change when the workflow is re-run. eg.: 6437182741 format: ^\d{6,}$ workflow: Optional. Identifies the name of the workflow. eg.: CI Pipeline - Build & Test format: ^.*$ r r rrN) rrrrrrr repositoryrunIdworkflowrrrrrArAs9 $$Q'*    "%  " "1 %(rrAc`\rSrSrSr\R "S5r\R "S5rSr g)JenkinsiaSJenkins contains details about the Jenkins job. https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#using-environment- variables Fields: buildId: Required. A unique build id for a specific Jekins pipeline. Captures run time, for eg.: 2025-06-12_14-05-38 format: ^\d{4}-\d{2}-\d{2}_\d{2}-\d{2}-\d{2}$ (YYYY-MM-DD_hh-mm-ss) buildTag: Required. Uniquely identifies each jenkins run. It is generated by combining the jenkins-${JOB_NAME}-${BUILD_NUMBER} eg.: jenkins- MyPipeline-14 jenkins-Folder1/SubFolder2/MyJob-123 format: ^(?=.{1,256}$)jenkins-[a-zA-Z0-9._\-\/]+-\d+$ r r rN) rrrrrrrrbuildTagrrrrrFrFs)   ! !! $'  " "1 %(rrFc`\rSrSrSr\R "SSSS9r\R"S5r Sr g ) ListConnectorEvaluationsResponseia*Response message for the ListConnectorEvaluations RPC. Disable the rule for the message's overall structure. Fields: connectorEvaluationSummaries: A list of connector evaluation summaries. Disable the rule for the field's name. nextPageToken: A token to retrieve the next page of results. rr Tr+r rN) rrrrrrrconnectorEvaluationSummariesr nextPageTokenrrrrrIrIs1"+!7!78TVWbf!g''*-rrIc\rSrSrSr\R "SSSS9r\R"S5r \R"SSS9r S r g ) ListConnectorsResponsei zMessage for response to listing Connectors Fields: connectors: The list of Connector nextPageToken: A token identifying a page of results the server should return. unreachable: Unordered list. Locations that could not be reached. rNr Tr+r rrN) rrrrrrr connectorsrrK unreachablerrrrrMrM s?%%k1tD*''*-%%a$7+rrMc`\rSrSrSr\R "SSSS9r\R"S5r Sr g ) ListLocationsResponseizThe response message for Locations.ListLocations. Fields: locations: A list of locations that matches the specified filter in the request. nextPageToken: The standard List next-page token. Locationr Tr+r rN) rrrrrrr locationsrrKrrrrrQrQs-$$ZTB)''*-rrQc\rSrSrSr\R "S5r\R"SSSS9r \R "SSS9r S r g ) ListOperationsResponsei)aThe response message for Operations.ListOperations. Fields: nextPageToken: The standard List next-page token. operations: A list of operations that matches the specified filter in the request. unreachable: Unordered list. Unreachable resources. Populated when the request sets `ListOperationsRequest.return_partial_success` and reads across collections e.g. when attempting to list all resources across all supported locations. r Operationr Tr+rrN) rrrrrrrrKr operationsrOrrrrrUrU)s? ''*-%%k1tD*%%a$7+rrUc`\rSrSrSr\R "S5r\R"SSSS9r Sr g ) ListPoliciesResponsei;zResponse message for the ListPolicies RPC. Fields: nextPageToken: A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. policies: The policies found. r rr Tr+rN) rrrrrrrrKrpoliciesrrrrrYrY;s-''*-  # #Ha$ ?(rrYc`\rSrSrSr\R "S5r\R"SSSS9r Sr g ) %ListPolicyEvaluationSummariesResponseiHa~Response message for the ListPolicyEvaluationSummaries RPC. Disable the rule for the message's overall structure. Fields: nextPageToken: A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. policyEvaluationSummaries: The list of policy evaluation summaries. Disable the rule for the field's name. r PolicyEvaluationSummaryr Tr+rN) rrrrrrrrKrpolicyEvaluationSummariesrrrrr\r\Hs1''*-'445NPQ\`arr\cx\rSrSrSr\R "S5"SS\R55r \R "S5"SS\R55r \R"S5r \R"SS 5r\R"S 5r\R"SS 5r\R"S 5rS rg)rRiWaMA resource that represents a Google Cloud location. Messages: LabelsValue: Cross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"} MetadataValue: Service-specific metadata. For example the available capacity at the given location. Fields: displayName: The friendly name for this location, typically a nearby city name. For example, "Tokyo". labels: Cross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"} locationId: The canonical id for this location. For example: `"us-east1"`. metadata: Service-specific metadata. For example the available capacity at the given location. name: Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us- east1"` additionalPropertiescf\rSrSrSr"SS\R 5r\R"SSSS9r Sr g ) Location.LabelsValueimaCross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"} Messages: AdditionalProperty: An additional property for a LabelsValue object. Fields: additionalProperties: Additional properties of type LabelsValue c`\rSrSrSr\R "S5r\R "S5rSr g)'Location.LabelsValue.AdditionalPropertyiyzAn additional property for a LabelsValue object. Fields: key: Name of the additional property. value: A string attribute. r r rN rrrrrrrkeyvaluerrrrAdditionalPropertyrdy)   ! !! $c##A&errhr Tr+rN rrrrrrMessagerhrr`rrrr LabelsValuerbm2 'Y.. '%112FTXYrrlcf\rSrSrSr"SS\R 5r\R"SSSS9r Sr g ) Location.MetadataValueia Service-specific metadata. For example the available capacity at the given location. Messages: AdditionalProperty: An additional property for a MetadataValue object. Fields: additionalProperties: Properties of the object. Contains field @type with type URL. cb\rSrSrSr\R "S5r\R"SS5r Sr g))Location.MetadataValue.AdditionalPropertyiAn additional property for a MetadataValue object. Fields: key: Name of the additional property. value: A extra_types.JsonValue attribute. r extra_types.JsonValuer rN rrrrrrrrfrrgrrrrrhrq,   ! !! $c$$%O>O>U>UVrr]c\rSrSrSr\R "SS5r\R "SS5r\R "SS5r S r g ) ri9aDefines the scope of a policy. A policy is applicable to a set of images that are scanned by a pipeline. Fields: pipeline: Optional. The pipelines that this policy is associated with. A pipeline connector could be associated with maximum 100 policies. registry: Optional. The registry scopes that this policy is associated with. runtime: Optional. The runtime scopes that this policy is associated with. rr RegistryScoper RuntimeScoperrN) rrrrrrrpipelineregistryruntimerrrrrr9s?  # #J 2(  # #OQ 7(  " ">1 5'rrc`\rSrSrSr\R "S5r\R "S5rSr g)RegistryEvaluationScopeiJaThe registry scope that this artifact evaluation is associated with. Fields: garRepository: Optional. The gar repository that this artifact evaluation is associated with. Format: {location}-[pkg_type].pkg.dev/{project_id}/REPOSITORY_PATTERN or {us|eu|asia}.gcr.io/{project_id} or gcr.io/{project_id} projectId: Optional. The project that is associated with the registry. Format: projects/{project_id} r r rN) rrrrrrr garRepositoryrrrrrrrJs) ''*-##A&)rrc~\rSrSrSr\R "SSS9r\R "SSS9r\R "SSS9r Sr g ) riZaRegistryScope contains the repositories and the projects that are associated with the registry. Fields: garRepositoryNamePatterns: Optional. At least one of the gar_repositories or projects must be set. The gar repositories that this policy is associated with. Format: {location}-[pkg_type].pkg.dev/{project_id}/REPOSITORY_PATTERN or {us|eu|asia}.gcr.io/{project_id} or gcr.io/{project_id} imageNamePatterns: Optional. The image name patterns that this policy is associated with. This will be a fully qualified image name. Format: full_repo_name/{image_name_pattern} where image_name_pattern is a regex. projectIds: Optional. The projects that are associated with the registry. Format: projects/{project_id} r Tr+r rrN) rrrrrrrgarRepositoryNamePatternsr projectIdsrrrrrrZsA (33AE++A=$$Q6*rrc`\rSrSrSr\R "S5r\R "S5rSr g)ripzAdditional information about the CVE. Fields: source: Source of the reference e.g. NVD uri: Uri for the mentioned source e.g. https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2021-34527. r r rN) rrrrrrrsourceurirrrrrrps)   #&a #rrc\rSrSrSr\R "S5r\R"SS5r \R "S5r \R"SS5r \R"S 5r S rg ) ri}aRunArtifactEvaluationRequest is the request message for RunArtifactEvaluation. Fields: artifactEvaluationId: Optional. The unique identifier for the artifact evaluation. artifactMetadata: Required. ArtifactMetadata contains details about the artifact. pipelineConnector: Immutable. ID of the pipeline instance that triggered the evaluation. Format: {connector_id} or organizations/{organization}/l ocations/{location}/connectors/{connector_id} pipelineContext: Required. PipelineContext contains details about the source which triggered the evaluation. verbose: Optional. Indicates if the evaluation should be verbose. r r%r rr!r"r$rN)rrrrrrrartifactEvaluationIdrartifactMetadatapipelineConnectorpipelineContextr.verboserrrrrr}sb #..q1++,>B++A.**+    " "1t 4(  !:A >(rr)c\rSrSrSr"SS\R 5r"SS\R 5r\R"SS5r \R"S5r \R"SS S S 9r \R"S 5r\R"S 5r\R"S5r\R"S5r\R$"SSS 9r\R"S5r\R"S5r\R"S5r\R"S5rSrg)StandardQueryParametersi3aQuery parameters accepted by all methods. Enums: FXgafvValueValuesEnum: V1 error format. AltValueValuesEnum: Data format for response. Fields: f__xgafv: V1 error format. access_token: OAuth access token. alt: Data format for response. callback: JSONP fields: Selector specifying which fields to include in a partial response. key: API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. oauth_token: OAuth 2.0 token for the current user. prettyPrint: Returns response with indentations and line breaks. quotaUser: Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. trace: A tracing token of the form "token:" to include in api requests. uploadType: Legacy upload protocol for media (e.g. "media", "multipart"). upload_protocol: Upload protocol for media (e.g. "raw", "multipart"). c$\rSrSrSrSrSrSrSrg)*StandardQueryParameters.AltValueValuesEnumiNzData format for response. Values: json: Responses with Content-Type of application/json media: Media download with context-dependent Content-Type proto: Responses with Content-Type of application/x-protobuf rr r rN) rrrrrjsonmediaprotorrrrAltValueValuesEnumrNs D E Err c \rSrSrSrSrSrSrg)-StandardQueryParameters.FXgafvValueValuesEnumiZzFV1 error format. Values: _1: v1 error format _2: v2 error format rr rN)rrrrr_1_2rrrrFXgafvValueValuesEnumrZs B Brrr r rr )defaultr"r$r&r'r(Tr*r-rrrN)rrrrrrrr rrf__xgafvr access_tokenaltcallbackfieldsrf oauth_tokenr. prettyPrint quotaUsertrace uploadTypeupload_protocolrrrrrr3s4 9>>  inn  !8! <(&&q),0!VD#  " "1 %(   #&a #%%a(+&&q$7+##A&)    #%$$R(*))"-/rrc\rSrSrSr\R "S5"SS\R55r \R"S\RRS9r \R"SSS S 9r\R "S 5rS rg )riraThe `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). Messages: DetailsValueListEntry: A DetailsValueListEntry object. Fields: code: The status code, which should be an enum value of google.rpc.Code. details: A list of messages that carry the error details. There is a common set of message types for APIs to use. message: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. r`cf\rSrSrSr"SS\R 5r\R"SSSS9r Sr g ) Status.DetailsValueListEntryizA DetailsValueListEntry object. Messages: AdditionalProperty: An additional property for a DetailsValueListEntry object. Fields: additionalProperties: Properties of the object. Contains field @type with type URL. cb\rSrSrSr\R "S5r\R"SS5r Sr g)/Status.DetailsValueListEntry.AdditionalPropertyizAn additional property for a DetailsValueListEntry object. Fields: key: Name of the additional property. value: A extra_types.JsonValue attribute. r rsr rNrtrrrrhr"rurrhr Tr+rNrjrrrDetailsValueListEntryr rwrr#r rar Tr+rrN)rrrrrrrxrrkr#rfrgrhcoderdetailsrmessagerrrrrrrs|& !!"89Zi//Z:Z2   9+<+<+B+B C$  " "#:A M'  ! !! $'rrc\rSrSrSr"SS\R 5r\R"SSSS9r \R"S 5r \R"S S SS9r \R"S \RRS 9r\R""SS5r\R"S\RRS 9r\R("SSS9r\R"SSSS9rSrg)riaDefines a policy for managing software vulnerabilities. Enums: MaxAllowedSeverityValueValuesEnum: Optional. The maximum severity level allowed for vulnerabilities. Any vulnerability above this severity will violate the policy. Fields: allowedPackages: Optional. A list of package names that are always allowed, overriding any vulnerability findings or other denial rules for these packages. excludeUnfixable: Optional. If true, vulnerabilities for which no fix is currently available will be excluded from policy evaluation. exemptedCves: Optional. List of CVEs that are temporarily exempted from policy evaluation. These vulnerabilities might be allowed for a specific grace period. exemptionDaysPostDisclosure: Optional. The number of days, since its disclosure date, that a CVE exemption is granted for. maxAllowedSeverity: Optional. The maximum severity level allowed for vulnerabilities. Any vulnerability above this severity will violate the policy. maximumAllowedVulnerabilities: Optional. The maximum total number of vulnerabilities allowed across all severities. If exceeded, the policy is violated. restrictedCves: Optional. A list of specific CVE IDs that are explicitly denied and will always cause a policy violation, regardless of other criteria. restrictedPackages: Optional. A list of packages that are always denied, regardless of their vulnerability status or other allowlisting rules. c,\rSrSrSrSrSrSrSrSr Sr g ) 5VulnerabilityPolicy.MaxAllowedSeverityValueValuesEnumiaIOptional. The maximum severity level allowed for vulnerabilities. Any vulnerability above this severity will violate the policy. Values: SEVERITY_UNSPECIFIED: The severity is unspecified. LOW: Low severity. MEDIUM: Medium severity. HIGH: High severity. CRITICAL: Critical severity. This is the maximum severity level. rr r rr"rNrrrr!MaxAllowedSeverityValueValuesEnumr)s#  C F DHrr*rr Tr+r r;rr"rar$r&r'r(rN)rrrrrrrr*rallowedPackagesr.excludeUnfixable exemptedCvesrfrgrhexemptionDaysPostDisclosurermaxAllowedSeveritymaximumAllowedVulnerabilitiesrrestrictedCvesrestrictedPackagesrrrrrrs>).."**9a$G/++A.'' q4H, ) 6 6q)BSBSBYBY Z **+NPQR"+"8"8IDUDUD[D["\((T:. --iTJrrrz$.xgafvr1r2rzartifactMetadata.buildTimerzartifactMetadata.imageDigestrzartifactMetadata.imageIdrzartifactMetadata.imageNamerzartifactMetadata.imageTagrzartifactMetadata.purlUrirzartifactMetadata.sbomUriN)kr __future__rapitools.base.protorpcliterrapitools.base.pyrrpackagerkr rr9r%rFrLrVr[r_rmrsrvr|rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrNrrrr"r#r;r rArFrIrMrQrUrYr\rRrVrrrr!rrrr]rrrrrrrrrr)rrrAddCustomJsonFieldMappingAddCustomJsonEnumMappingrrrrr;s '<%(  %i'' %$)**$)N*!2!2*%y((%@&!2!2&6 3y?P?P 3 1y?P?P1 1IO>O(,1)2C2C1'93D3D'01y?P?P11y?P?P11IO>O3((y?P?P(,193D3D1'I4E4E'0 1 @Q@Q 11 @Q@Q11Y=N=N13i>O>O30#y00#"'?)  '?T=Y..='""',0( !!0(f*J!2!2*JZI  QY..QB&]i''&]R@O**@OF  )##   %"" %&9$$&*&i&& +y'8'8 + 8Y.. 8 +I-- +8Y..8$ @9,, @ bI,=,= bM"y  M"`i8 !!i8X" ))"> %i %%>y  %>P 1i'' 1 )i// )^JY  ^JB '9,, 'DWi//DWN6)##6" 'i// ' 7I%%7, !y(( !&9#4#4&0(&9+<+<(&V 'Y.. ' 279$$27j E9$$ E?I%%?@<.i//<.~0%Y  0%f8K)++8Kv ""Z4!!114>!!114>""PRnqMN""PRpsQR""PRloIJ""PRnqMN""PRmpKL""PRloIJ""PRloIJr