/
ondemandscanning_v1.projects.locations.scans.html
188 lines (165 loc) 路 9.15 KB
/
ondemandscanning_v1.projects.locations.scans.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
<html><body>
<style>
body, h1, h2, h3, div, span, p, pre, a {
margin: 0;
padding: 0;
border: 0;
font-weight: inherit;
font-style: inherit;
font-size: 100%;
font-family: inherit;
vertical-align: baseline;
}
body {
font-size: 13px;
padding: 1em;
}
h1 {
font-size: 26px;
margin-bottom: 1em;
}
h2 {
font-size: 24px;
margin-bottom: 1em;
}
h3 {
font-size: 20px;
margin-bottom: 1em;
margin-top: 1em;
}
pre, code {
line-height: 1.5;
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}
pre {
margin-top: 0.5em;
}
h1, h2, h3, p {
font-family: Arial, sans serif;
}
h1, h2, h3 {
border-bottom: solid #CCC 1px;
}
.toc_element {
margin-top: 0.5em;
}
.firstline {
margin-left: 2 em;
}
.method {
margin-top: 1em;
border: solid 1px #CCC;
padding: 1em;
background: #EEE;
}
.details {
font-weight: bold;
font-size: 14px;
}
</style>
<h1><a href="ondemandscanning_v1.html">On-Demand Scanning API</a> . <a href="ondemandscanning_v1.projects.html">projects</a> . <a href="ondemandscanning_v1.projects.locations.html">locations</a> . <a href="ondemandscanning_v1.projects.locations.scans.html">scans</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="ondemandscanning_v1.projects.locations.scans.vulnerabilities.html">vulnerabilities()</a></code>
</p>
<p class="firstline">Returns the vulnerabilities Resource.</p>
<p class="toc_element">
<code><a href="#analyzePackages">analyzePackages(parent, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Initiates an analysis of the provided packages.</p>
<p class="toc_element">
<code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<h3>Method Details</h3>
<div class="method">
<code class="details" id="analyzePackages">analyzePackages(parent, body=None, x__xgafv=None)</code>
<pre>Initiates an analysis of the provided packages.
Args:
parent: string, Required. The parent of the resource for which analysis is requested. Format: projects/[project_name]/locations/[location] (required)
body: object, The request body.
The object takes the form of:
{ # AnalyzePackagesRequest is the request to analyze a list of packages and create Vulnerability Occurrences for it.
"includeOsvData": True or False, # [DEPRECATED] Whether to include OSV data in the scan. For backwards compatibility reasons, this field can be neither removed nor renamed.
"packages": [ # The packages to analyze.
{
"architecture": "A String", # The architecture of the package.
"binarySourceInfo": [ # A bundle containing the binary and source information.
{
"binaryVersion": { # The binary package. This is significant when the source is different than the binary itself. Historically if they've differed, we've stored the name of the source and its version in the package/version fields, but we should also store the binary package info, as that's what's actually installed. See b/175908657#comment15.
"name": "A String",
"version": "A String",
},
"sourceVersion": { # The source package. Similar to the above, this is significant when the source is different than the binary itself. Since the top-level package/version fields are based on an if/else, we need a separate field for both binary and source if we want to know definitively where the data is coming from.
"name": "A String",
"version": "A String",
},
},
],
"binaryVersion": { # DEPRECATED
"name": "A String",
"version": "A String",
},
"cpeUri": "A String", # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability may manifest. Examples include distro or storage location for vulnerable jar.
"dependencyChain": [ # The dependency chain between this package and the user's artifact. List in order from the customer's package under review first, to the current package last. Inclusive of the original package and the current package.
{ # Indicates a language package available between this package and the customer's resource artifact.
"package": "A String",
"version": "A String",
},
],
"fileLocation": [ # The path to the jar file / go binary file.
{ # Indicates the location at which a package was found.
"filePath": "A String", # For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file.
},
],
"hashDigest": "A String", # HashDigest stores the SHA512 hash digest of the jar file if the package is of type Maven. This field will be unset for non Maven packages.
"maintainer": { # The maintainer of the package.
"kind": "A String",
"name": "A String",
},
"os": "A String", # The OS affected by a vulnerability Used to generate the cpe_uri for OS packages
"osVersion": "A String", # The version of the OS Used to generate the cpe_uri for OS packages
"package": "A String", # The package being analysed for vulnerabilities
"packageType": "A String", # The type of package: os, maven, go, etc.
"patchedCve": [ # CVEs that this package is no longer vulnerable to go/drydock-dd-custom-binary-scanning
"A String",
],
"sourceVersion": { # DEPRECATED
"name": "A String",
"version": "A String",
},
"unused": "A String",
"version": "A String", # The version of the package being analysed
},
],
"resourceUri": "A String", # Required. The resource URI of the container image being scanned.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # This resource represents a long-running operation that is the result of a network API call.
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
},
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
}</pre>
</div>
<div class="method">
<code class="details" id="close">close()</code>
<pre>Close httplib2 connections.</pre>
</div>
</body></html>