Package binaryauthorization is an auto-generated package for the Binary Authorization API.
The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters, Anthos clusters on VMware, and Cloud Run.
NOTE: This package is in beta. It is not stable, and may be subject to changes.
Example usage
To get started with this package, create a client.
ctx := context.Background() c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx) if err != nil { // TODO: Handle error. } defer c.Close()
The client will use your default application credentials. Clients should be reused instead of created as needed. The methods of Client are safe for concurrent use by multiple goroutines. The returned client must be Closed when it is done being used.
Using the Client
The following is an example of making an API call with the newly created client.
ctx := context.Background() c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &binaryauthorizationpb.GetPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#GetPolicyRequest. } resp, err := c.GetPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
Use of Context
The ctx passed to NewClient is used for authentication requests and for creating the underlying connection, but is not used for subsequent calls. Individual methods on the client use the ctx given to them.
To close the open connection, use the Close() method.
For information about setting deadlines, reusing contexts, and more please visit https://pkg.go.dev/cloud.google.com/go.
Functions
func DefaultAuthScopes
func DefaultAuthScopes() []string
DefaultAuthScopes reports the default set of authentication scopes to use with this package.
AttestorIterator
type AttestorIterator struct {
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*binaryauthorizationpb.Attestor, nextPageToken string, err error)
// contains filtered or unexported fields
}
AttestorIterator manages a stream of *binaryauthorizationpb.Attestor.
func (*AttestorIterator) Next
func (it *AttestorIterator) Next() (*binaryauthorizationpb.Attestor, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*AttestorIterator) PageInfo
func (it *AttestorIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
BinauthzManagementServiceV1Beta1CallOptions
type BinauthzManagementServiceV1Beta1CallOptions struct {
GetPolicy []gax.CallOption
UpdatePolicy []gax.CallOption
CreateAttestor []gax.CallOption
GetAttestor []gax.CallOption
UpdateAttestor []gax.CallOption
ListAttestors []gax.CallOption
DeleteAttestor []gax.CallOption
}
BinauthzManagementServiceV1Beta1CallOptions contains the retry settings for each method of BinauthzManagementServiceV1Beta1Client.
BinauthzManagementServiceV1Beta1Client
type BinauthzManagementServiceV1Beta1Client struct {
// The call options for this service.
CallOptions *BinauthzManagementServiceV1Beta1CallOptions
// contains filtered or unexported fields
}
BinauthzManagementServiceV1Beta1Client is a client for interacting with Binary Authorization API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.
This API implements a REST model with the following objects:
Policy
Attestor
func NewBinauthzManagementServiceV1Beta1Client
func NewBinauthzManagementServiceV1Beta1Client(ctx context.Context, opts ...option.ClientOption) (*BinauthzManagementServiceV1Beta1Client, error)
NewBinauthzManagementServiceV1Beta1Client creates a new binauthz management service v1 beta1 client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.
This API implements a REST model with the following objects:
Policy
Attestor
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
// TODO: Use client.
_ = c
}
func (*BinauthzManagementServiceV1Beta1Client) Close
func (c *BinauthzManagementServiceV1Beta1Client) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*BinauthzManagementServiceV1Beta1Client) Connection
func (c *BinauthzManagementServiceV1Beta1Client) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated.
func (*BinauthzManagementServiceV1Beta1Client) CreateAttestor
func (c *BinauthzManagementServiceV1Beta1Client) CreateAttestor(ctx context.Context, req *binaryauthorizationpb.CreateAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error)
CreateAttestor creates an attestor, and returns a copy of the new attestor. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.CreateAttestorRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#CreateAttestorRequest.
}
resp, err := c.CreateAttestor(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
func (*BinauthzManagementServiceV1Beta1Client) DeleteAttestor
func (c *BinauthzManagementServiceV1Beta1Client) DeleteAttestor(ctx context.Context, req *binaryauthorizationpb.DeleteAttestorRequest, opts ...gax.CallOption) error
DeleteAttestor deletes an attestor. Returns NOT_FOUND if the attestor does not exist.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.DeleteAttestorRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#DeleteAttestorRequest.
}
err = c.DeleteAttestor(ctx, req)
if err != nil {
// TODO: Handle error.
}
}
func (*BinauthzManagementServiceV1Beta1Client) GetAttestor
func (c *BinauthzManagementServiceV1Beta1Client) GetAttestor(ctx context.Context, req *binaryauthorizationpb.GetAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error)
GetAttestor gets an attestor. Returns NOT_FOUND if the attestor does not exist.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.GetAttestorRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#GetAttestorRequest.
}
resp, err := c.GetAttestor(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
func (*BinauthzManagementServiceV1Beta1Client) GetPolicy
func (c *BinauthzManagementServiceV1Beta1Client) GetPolicy(ctx context.Context, req *binaryauthorizationpb.GetPolicyRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Policy, error)
GetPolicy a policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy.
Gets the policy for this project. Returns a default policy if the project does not have one.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.GetPolicyRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#GetPolicyRequest.
}
resp, err := c.GetPolicy(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
func (*BinauthzManagementServiceV1Beta1Client) ListAttestors
func (c *BinauthzManagementServiceV1Beta1Client) ListAttestors(ctx context.Context, req *binaryauthorizationpb.ListAttestorsRequest, opts ...gax.CallOption) *AttestorIterator
ListAttestors lists attestors. Returns INVALID_ARGUMENT if the project does not exist.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
"google.golang.org/api/iterator"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.ListAttestorsRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#ListAttestorsRequest.
}
it := c.ListAttestors(ctx, req)
for {
resp, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
}
func (*BinauthzManagementServiceV1Beta1Client) UpdateAttestor
func (c *BinauthzManagementServiceV1Beta1Client) UpdateAttestor(ctx context.Context, req *binaryauthorizationpb.UpdateAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error)
UpdateAttestor updates an attestor. Returns NOT_FOUND if the attestor does not exist.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.UpdateAttestorRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#UpdateAttestorRequest.
}
resp, err := c.UpdateAttestor(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
func (*BinauthzManagementServiceV1Beta1Client) UpdatePolicy
func (c *BinauthzManagementServiceV1Beta1Client) UpdatePolicy(ctx context.Context, req *binaryauthorizationpb.UpdatePolicyRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Policy, error)
UpdatePolicy creates or updates a project’s policy, and returns a copy of the new policy. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewBinauthzManagementServiceV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.UpdatePolicyRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#UpdatePolicyRequest.
}
resp, err := c.UpdatePolicy(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}
SystemPolicyV1Beta1CallOptions
type SystemPolicyV1Beta1CallOptions struct {
GetSystemPolicy []gax.CallOption
}
SystemPolicyV1Beta1CallOptions contains the retry settings for each method of SystemPolicyV1Beta1Client.
SystemPolicyV1Beta1Client
type SystemPolicyV1Beta1Client struct {
// The call options for this service.
CallOptions *SystemPolicyV1Beta1CallOptions
// contains filtered or unexported fields
}
SystemPolicyV1Beta1Client is a client for interacting with Binary Authorization API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
API for working with the system policy.
func NewSystemPolicyV1Beta1Client
func NewSystemPolicyV1Beta1Client(ctx context.Context, opts ...option.ClientOption) (*SystemPolicyV1Beta1Client, error)
NewSystemPolicyV1Beta1Client creates a new system policy v1 beta1 client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
API for working with the system policy.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewSystemPolicyV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
// TODO: Use client.
_ = c
}
func (*SystemPolicyV1Beta1Client) Close
func (c *SystemPolicyV1Beta1Client) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*SystemPolicyV1Beta1Client) Connection
func (c *SystemPolicyV1Beta1Client) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated.
func (*SystemPolicyV1Beta1Client) GetSystemPolicy
func (c *SystemPolicyV1Beta1Client) GetSystemPolicy(ctx context.Context, req *binaryauthorizationpb.GetSystemPolicyRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Policy, error)
GetSystemPolicy gets the current system policy in the specified location.
Example
package main
import (
"context"
binaryauthorization "cloud.google.com/go/binaryauthorization/apiv1beta1"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
)
func main() {
ctx := context.Background()
c, err := binaryauthorization.NewSystemPolicyV1Beta1Client(ctx)
if err != nil {
// TODO: Handle error.
}
defer c.Close()
req := &binaryauthorizationpb.GetSystemPolicyRequest{
// TODO: Fill request struct fields.
// See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1#GetSystemPolicyRequest.
}
resp, err := c.GetSystemPolicy(ctx, req)
if err != nil {
// TODO: Handle error.
}
// TODO: Use resp.
_ = resp
}