Class v1.ContainerAnalysisClient (3.3.0)

Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the [Grafeas](https://grafeas.io) API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note. v1

Package

@google-cloud/containeranalysis

Constructors

(constructor)(opts)

constructor(opts?: ClientOptions);

Construct an instance of ContainerAnalysisClient.

Parameter
NameDescription
opts ClientOptions

Properties

apiEndpoint

static get apiEndpoint(): string;

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

auth

auth: gax.GoogleAuth;

containerAnalysisStub

containerAnalysisStub?: Promise<{
        [name: string]: Function;
    }>;

descriptors

descriptors: Descriptors;

innerApiCalls

innerApiCalls: {
        [name: string]: Function;
    };

pathTemplates

pathTemplates: {
        [name: string]: gax.PathTemplate;
    };

port

static get port(): number;

The port for this API service.

scopes

static get scopes(): string[];

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

static get servicePath(): string;

The DNS address for this API service.

warn

warn: (code: string, message: string, warnType?: string) => void;

Methods

close()

close(): Promise<void>;

Terminate the gRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

Returns
TypeDescription
Promise<void>

{Promise} A promise that resolves when the client is closed.

getGrafeasClient()

getGrafeasClient(): import("@google-cloud/grafeas/build/src/v1").GrafeasClient;

Returns an instance of a @google-cloud/grafeas client, configured to connect to Google Cloud's Container Analysis API. For documentation on this client, see: https://googleapis.dev/nodejs/grafeas/latest/index.html

Returns
TypeDescription
import("@google-cloud/grafeas/build/src/v1").GrafeasClient

{GrafeasClient} - An instance of a Grafeas client.

getIamPolicy(request, options)

getIamPolicy(request?: protos.google.iam.v1.IGetIamPolicyRequest, options?: CallOptions): Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | undefined, {} | undefined]>;

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
NameDescription
request protos.google.iam.v1.IGetIamPolicyRequest

The request object that will be sent.

options CallOptions

Call options. See CallOptions for more details.

Returns
TypeDescription
Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | undefined, {} | undefined]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing [Policy]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples.

Example

  /**
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  REQUIRED: The resource for which the policy is being requested.
   *  See the operation documentation for the appropriate value for this field.
   */
  // const resource = 'abc123'
  /**
   *  OPTIONAL: A `GetPolicyOptions` object for specifying options to
   *  `GetIamPolicy`. This field is only used by Cloud IAM.
   */
  // const options = {}

  // Imports the Containeranalysis library
  const {ContainerAnalysisClient} =
    require('@google-cloud/containeranalysis').v1;

  // Instantiates a client
  const containeranalysisClient = new ContainerAnalysisClient();

  async function callGetIamPolicy() {
    // Construct request
    const request = {
      resource,
    };

    // Run request
    const response = await containeranalysisClient.getIamPolicy(request);
    console.log(response);
  }

  callGetIamPolicy();

getIamPolicy(request, options, callback)

getIamPolicy(request: protos.google.iam.v1.IGetIamPolicyRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.IGetIamPolicyRequest
options CallOptions
callback Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

getIamPolicy(request, callback)

getIamPolicy(request: protos.google.iam.v1.IGetIamPolicyRequest, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.IGetIamPolicyRequest
callback Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

getProjectId()

getProjectId(): Promise<string>;
Returns
TypeDescription
Promise<string>

getProjectId(callback)

getProjectId(callback: Callback<string, undefined, undefined>): void;
Parameter
NameDescription
callback Callback<string, undefined, undefined>
Returns
TypeDescription
void

getVulnerabilityOccurrencesSummary(request, options)

getVulnerabilityOccurrencesSummary(request?: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, options?: CallOptions): Promise<[protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, (protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | undefined), {} | undefined]>;

Gets a summary of the number and severity of occurrences.

Parameters
NameDescription
request protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest

The request object that will be sent.

options CallOptions

Call options. See CallOptions for more details.

Returns
TypeDescription
Promise<[protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, (protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | undefined), {} | undefined]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing [VulnerabilityOccurrencesSummary]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples.

Example

  /**
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  The name of the project to get a vulnerability summary for in the form of
   *  `projects/[PROJECT_ID]`.
   */
  // const parent = 'abc123'
  /**
   *  The filter expression.
   */
  // const filter = 'abc123'

  // Imports the Containeranalysis library
  const {ContainerAnalysisClient} =
    require('@google-cloud/containeranalysis').v1;

  // Instantiates a client
  const containeranalysisClient = new ContainerAnalysisClient();

  async function callGetVulnerabilityOccurrencesSummary() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const response =
      await containeranalysisClient.getVulnerabilityOccurrencesSummary(request);
    console.log(response);
  }

  callGetVulnerabilityOccurrencesSummary();

getVulnerabilityOccurrencesSummary(request, options, callback)

getVulnerabilityOccurrencesSummary(request: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, options: CallOptions, callback: Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest
options CallOptions
callback Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

getVulnerabilityOccurrencesSummary(request, callback)

getVulnerabilityOccurrencesSummary(request: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, callback: Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest
callback Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

initialize()

initialize(): Promise<{
        [name: string]: Function;
    }>;

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

Returns
TypeDescription
Promise<{ [name: string]: Function; }>

{Promise} A promise that resolves to an authenticated service stub.

matchNoteFromNoteName(noteName)

matchNoteFromNoteName(noteName: string): string | number;

Parse the note from Note resource.

Parameter
NameDescription
noteName string

A fully-qualified path representing Note resource.

Returns
TypeDescription
string | number

{string} A string representing the note.

matchOccurrenceFromOccurrenceName(occurrenceName)

matchOccurrenceFromOccurrenceName(occurrenceName: string): string | number;

Parse the occurrence from Occurrence resource.

Parameter
NameDescription
occurrenceName string

A fully-qualified path representing Occurrence resource.

Returns
TypeDescription
string | number

{string} A string representing the occurrence.

matchProjectFromNoteName(noteName)

matchProjectFromNoteName(noteName: string): string | number;

Parse the project from Note resource.

Parameter
NameDescription
noteName string

A fully-qualified path representing Note resource.

Returns
TypeDescription
string | number

{string} A string representing the project.

matchProjectFromOccurrenceName(occurrenceName)

matchProjectFromOccurrenceName(occurrenceName: string): string | number;

Parse the project from Occurrence resource.

Parameter
NameDescription
occurrenceName string

A fully-qualified path representing Occurrence resource.

Returns
TypeDescription
string | number

{string} A string representing the project.

matchProjectFromProjectName(projectName)

matchProjectFromProjectName(projectName: string): string | number;

Parse the project from Project resource.

Parameter
NameDescription
projectName string

A fully-qualified path representing Project resource.

Returns
TypeDescription
string | number

{string} A string representing the project.

notePath(project, note)

notePath(project: string, note: string): string;

Return a fully-qualified note resource name string.

Parameters
NameDescription
project string
note string
Returns
TypeDescription
string

{string} Resource name string.

occurrencePath(project, occurrence)

occurrencePath(project: string, occurrence: string): string;

Return a fully-qualified occurrence resource name string.

Parameters
NameDescription
project string
occurrence string
Returns
TypeDescription
string

{string} Resource name string.

projectPath(project)

projectPath(project: string): string;

Return a fully-qualified project resource name string.

Parameter
NameDescription
project string
Returns
TypeDescription
string

{string} Resource name string.

setIamPolicy(request, options)

setIamPolicy(request?: protos.google.iam.v1.ISetIamPolicyRequest, options?: CallOptions): Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | undefined, {} | undefined]>;

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
NameDescription
request protos.google.iam.v1.ISetIamPolicyRequest

The request object that will be sent.

options CallOptions

Call options. See CallOptions for more details.

Returns
TypeDescription
Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | undefined, {} | undefined]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing [Policy]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples.

Example

  /**
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  REQUIRED: The resource for which the policy is being specified.
   *  See the operation documentation for the appropriate value for this field.
   */
  // const resource = 'abc123'
  /**
   *  REQUIRED: The complete policy to be applied to the `resource`. The size of
   *  the policy is limited to a few 10s of KB. An empty policy is a
   *  valid policy but certain Cloud Platform services (such as Projects)
   *  might reject them.
   */
  // const policy = {}

  // Imports the Containeranalysis library
  const {ContainerAnalysisClient} =
    require('@google-cloud/containeranalysis').v1;

  // Instantiates a client
  const containeranalysisClient = new ContainerAnalysisClient();

  async function callSetIamPolicy() {
    // Construct request
    const request = {
      resource,
      policy,
    };

    // Run request
    const response = await containeranalysisClient.setIamPolicy(request);
    console.log(response);
  }

  callSetIamPolicy();

setIamPolicy(request, options, callback)

setIamPolicy(request: protos.google.iam.v1.ISetIamPolicyRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.ISetIamPolicyRequest
options CallOptions
callback Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

setIamPolicy(request, callback)

setIamPolicy(request: protos.google.iam.v1.ISetIamPolicyRequest, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.ISetIamPolicyRequest
callback Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

testIamPermissions(request, options)

testIamPermissions(request?: protos.google.iam.v1.ITestIamPermissionsRequest, options?: CallOptions): Promise<[protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | undefined, {} | undefined]>;

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Parameters
NameDescription
request protos.google.iam.v1.ITestIamPermissionsRequest

The request object that will be sent.

options CallOptions

Call options. See CallOptions for more details.

Returns
TypeDescription
Promise<[protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | undefined, {} | undefined]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing [TestIamPermissionsResponse]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples.

Example

  /**
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  REQUIRED: The resource for which the policy detail is being requested.
   *  See the operation documentation for the appropriate value for this field.
   */
  // const resource = 'abc123'
  /**
   *  The set of permissions to check for the `resource`. Permissions with
   *  wildcards (such as '*' or 'storage.*') are not allowed. For more
   *  information see
   *  IAM Overview (https://cloud.google.com/iam/docs/overview#permissions).
   */
  // const permissions = 'abc123'

  // Imports the Containeranalysis library
  const {ContainerAnalysisClient} =
    require('@google-cloud/containeranalysis').v1;

  // Instantiates a client
  const containeranalysisClient = new ContainerAnalysisClient();

  async function callTestIamPermissions() {
    // Construct request
    const request = {
      resource,
      permissions,
    };

    // Run request
    const response = await containeranalysisClient.testIamPermissions(request);
    console.log(response);
  }

  callTestIamPermissions();

testIamPermissions(request, options, callback)

testIamPermissions(request: protos.google.iam.v1.ITestIamPermissionsRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.ITestIamPermissionsRequest
options CallOptions
callback Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void

testIamPermissions(request, callback)

testIamPermissions(request: protos.google.iam.v1.ITestIamPermissionsRequest, callback: Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>): void;
Parameters
NameDescription
request protos.google.iam.v1.ITestIamPermissionsRequest
callback Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>
Returns
TypeDescription
void