Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the [Grafeas](https://grafeas.io) API.
Analysis results are stored as a series of occurrences. An Occurrence
contains information about a specific analysis instance on a resource. An occurrence refers to a Note
. A note contains details describing the analysis and is generally stored in a separate project, called a Provider
. Multiple occurrences can refer to the same note.
For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note. v1
Package
@google-cloud/containeranalysisConstructors
(constructor)(opts)
constructor(opts?: ClientOptions);
Construct an instance of ContainerAnalysisClient.
Name | Description |
opts |
ClientOptions
|
Properties
apiEndpoint
static get apiEndpoint(): string;
The DNS address for this API service - same as servicePath(), exists for compatibility reasons.
auth
auth: gax.GoogleAuth;
containerAnalysisStub
containerAnalysisStub?: Promise<{
[name: string]: Function;
}>;
descriptors
descriptors: Descriptors;
innerApiCalls
innerApiCalls: {
[name: string]: Function;
};
pathTemplates
pathTemplates: {
[name: string]: gax.PathTemplate;
};
port
static get port(): number;
The port for this API service.
scopes
static get scopes(): string[];
The scopes needed to make gRPC calls for every method defined in this service.
servicePath
static get servicePath(): string;
The DNS address for this API service.
warn
warn: (code: string, message: string, warnType?: string) => void;
Methods
close()
close(): Promise<void>;
Terminate the gRPC channel and close the client.
The client will no longer be usable and all future behavior is undefined.
Type | Description |
Promise<void> | {Promise} A promise that resolves when the client is closed. |
getGrafeasClient()
getGrafeasClient(): import("@google-cloud/grafeas/build/src/v1").GrafeasClient;
Returns an instance of a @google-cloud/grafeas client, configured to connect to Google Cloud's Container Analysis API. For documentation on this client, see: https://googleapis.dev/nodejs/grafeas/latest/index.html
Type | Description |
import("@google-cloud/grafeas/build/src/v1").GrafeasClient | {GrafeasClient} - An instance of a Grafeas client. |
getIamPolicy(request, options)
getIamPolicy(request?: protos.google.iam.v1.IGetIamPolicyRequest, options?: CallOptions): Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | undefined, {} | undefined]>;
Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy
or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.
Name | Description |
request |
protos.google.iam.v1.IGetIamPolicyRequest
The request object that will be sent. |
options |
CallOptions
Call options. See CallOptions for more details. |
Type | Description |
Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | undefined, {} | undefined]> | {Promise} - The promise which resolves to an array. The first element of the array is an object representing [Policy]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples. |
/**
* TODO(developer): Uncomment these variables before running the sample.
*/
/**
* REQUIRED: The resource for which the policy is being requested.
* See the operation documentation for the appropriate value for this field.
*/
// const resource = 'abc123'
/**
* OPTIONAL: A `GetPolicyOptions` object for specifying options to
* `GetIamPolicy`.
*/
// const options = {}
// Imports the Containeranalysis library
const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis').v1;
// Instantiates a client
const containeranalysisClient = new ContainerAnalysisClient();
async function callGetIamPolicy() {
// Construct request
const request = {
resource,
};
// Run request
const response = await containeranalysisClient.getIamPolicy(request);
console.log(response);
}
callGetIamPolicy();
getIamPolicy(request, options, callback)
getIamPolicy(request: protos.google.iam.v1.IGetIamPolicyRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.IGetIamPolicyRequest
|
options |
CallOptions
|
callback |
Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
getIamPolicy(request, callback)
getIamPolicy(request: protos.google.iam.v1.IGetIamPolicyRequest, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.IGetIamPolicyRequest
|
callback |
Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.IGetIamPolicyRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
getProjectId()
getProjectId(): Promise<string>;
Type | Description |
Promise<string> |
getProjectId(callback)
getProjectId(callback: Callback<string, undefined, undefined>): void;
Name | Description |
callback |
Callback<string, undefined, undefined>
|
Type | Description |
void |
getVulnerabilityOccurrencesSummary(request, options)
getVulnerabilityOccurrencesSummary(request?: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, options?: CallOptions): Promise<[protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, (protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | undefined), {} | undefined]>;
Gets a summary of the number and severity of occurrences.
Name | Description |
request |
protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest
The request object that will be sent. |
options |
CallOptions
Call options. See CallOptions for more details. |
Type | Description |
Promise<[protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, (protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | undefined), {} | undefined]> | {Promise} - The promise which resolves to an array. The first element of the array is an object representing [VulnerabilityOccurrencesSummary]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples. |
/**
* TODO(developer): Uncomment these variables before running the sample.
*/
/**
* Required. The name of the project to get a vulnerability summary for in the form of
* `projects/[PROJECT_ID]`.
*/
// const parent = 'abc123'
/**
* The filter expression.
*/
// const filter = 'abc123'
// Imports the Containeranalysis library
const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis').v1;
// Instantiates a client
const containeranalysisClient = new ContainerAnalysisClient();
async function callGetVulnerabilityOccurrencesSummary() {
// Construct request
const request = {
parent,
};
// Run request
const response = await containeranalysisClient.getVulnerabilityOccurrencesSummary(request);
console.log(response);
}
callGetVulnerabilityOccurrencesSummary();
getVulnerabilityOccurrencesSummary(request, options, callback)
getVulnerabilityOccurrencesSummary(request: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, options: CallOptions, callback: Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest
|
options |
CallOptions
|
callback |
Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
getVulnerabilityOccurrencesSummary(request, callback)
getVulnerabilityOccurrencesSummary(request: protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest, callback: Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest
|
callback |
Callback<protos.google.devtools.containeranalysis.v1.IVulnerabilityOccurrencesSummary, protos.google.devtools.containeranalysis.v1.IGetVulnerabilityOccurrencesSummaryRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
initialize()
initialize(): Promise<{
[name: string]: Function;
}>;
Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.
You can await on this method if you want to make sure the client is initialized.
Type | Description |
Promise<{ [name: string]: Function; }> | {Promise} A promise that resolves to an authenticated service stub. |
matchNoteFromNoteName(noteName)
matchNoteFromNoteName(noteName: string): string | number;
Parse the note from Note resource.
Name | Description |
noteName |
string
A fully-qualified path representing Note resource. |
Type | Description |
string | number | {string} A string representing the note. |
matchOccurrenceFromOccurrenceName(occurrenceName)
matchOccurrenceFromOccurrenceName(occurrenceName: string): string | number;
Parse the occurrence from Occurrence resource.
Name | Description |
occurrenceName |
string
A fully-qualified path representing Occurrence resource. |
Type | Description |
string | number | {string} A string representing the occurrence. |
matchProjectFromNoteName(noteName)
matchProjectFromNoteName(noteName: string): string | number;
Parse the project from Note resource.
Name | Description |
noteName |
string
A fully-qualified path representing Note resource. |
Type | Description |
string | number | {string} A string representing the project. |
matchProjectFromOccurrenceName(occurrenceName)
matchProjectFromOccurrenceName(occurrenceName: string): string | number;
Parse the project from Occurrence resource.
Name | Description |
occurrenceName |
string
A fully-qualified path representing Occurrence resource. |
Type | Description |
string | number | {string} A string representing the project. |
matchProjectFromProjectName(projectName)
matchProjectFromProjectName(projectName: string): string | number;
Parse the project from Project resource.
Name | Description |
projectName |
string
A fully-qualified path representing Project resource. |
Type | Description |
string | number | {string} A string representing the project. |
notePath(project, note)
notePath(project: string, note: string): string;
Return a fully-qualified note resource name string.
Name | Description |
project |
string
|
note |
string
|
Type | Description |
string | {string} Resource name string. |
occurrencePath(project, occurrence)
occurrencePath(project: string, occurrence: string): string;
Return a fully-qualified occurrence resource name string.
Name | Description |
project |
string
|
occurrence |
string
|
Type | Description |
string | {string} Resource name string. |
projectPath(project)
projectPath(project: string): string;
Return a fully-qualified project resource name string.
Name | Description |
project |
string
|
Type | Description |
string | {string} Resource name string. |
setIamPolicy(request, options)
setIamPolicy(request?: protos.google.iam.v1.ISetIamPolicyRequest, options?: CallOptions): Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | undefined, {} | undefined]>;
Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy
or containeranalysis.occurrences.setIamPolicy
permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.
Name | Description |
request |
protos.google.iam.v1.ISetIamPolicyRequest
The request object that will be sent. |
options |
CallOptions
Call options. See CallOptions for more details. |
Type | Description |
Promise<[protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | undefined, {} | undefined]> | {Promise} - The promise which resolves to an array. The first element of the array is an object representing [Policy]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples. |
/**
* TODO(developer): Uncomment these variables before running the sample.
*/
/**
* REQUIRED: The resource for which the policy is being specified.
* See the operation documentation for the appropriate value for this field.
*/
// const resource = 'abc123'
/**
* REQUIRED: The complete policy to be applied to the `resource`. The size of
* the policy is limited to a few 10s of KB. An empty policy is a
* valid policy but certain Cloud Platform services (such as Projects)
* might reject them.
*/
// const policy = {}
/**
* OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
* the fields in the mask will be modified. If no mask is provided, the
* following default mask is used:
* `paths: "bindings, etag"`
*/
// const updateMask = {}
// Imports the Containeranalysis library
const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis').v1;
// Instantiates a client
const containeranalysisClient = new ContainerAnalysisClient();
async function callSetIamPolicy() {
// Construct request
const request = {
resource,
policy,
};
// Run request
const response = await containeranalysisClient.setIamPolicy(request);
console.log(response);
}
callSetIamPolicy();
setIamPolicy(request, options, callback)
setIamPolicy(request: protos.google.iam.v1.ISetIamPolicyRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.ISetIamPolicyRequest
|
options |
CallOptions
|
callback |
Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
setIamPolicy(request, callback)
setIamPolicy(request: protos.google.iam.v1.ISetIamPolicyRequest, callback: Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.ISetIamPolicyRequest
|
callback |
Callback<protos.google.iam.v1.IPolicy, protos.google.iam.v1.ISetIamPolicyRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
testIamPermissions(request, options)
testIamPermissions(request?: protos.google.iam.v1.ITestIamPermissionsRequest, options?: CallOptions): Promise<[protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | undefined, {} | undefined]>;
Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list
).
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID]
for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]
for occurrences.
Name | Description |
request |
protos.google.iam.v1.ITestIamPermissionsRequest
The request object that will be sent. |
options |
CallOptions
Call options. See CallOptions for more details. |
Type | Description |
Promise<[protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | undefined, {} | undefined]> | {Promise} - The promise which resolves to an array. The first element of the array is an object representing [TestIamPermissionsResponse]. Please see the [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) for more details and examples. |
/**
* TODO(developer): Uncomment these variables before running the sample.
*/
/**
* REQUIRED: The resource for which the policy detail is being requested.
* See the operation documentation for the appropriate value for this field.
*/
// const resource = 'abc123'
/**
* The set of permissions to check for the `resource`. Permissions with
* wildcards (such as '*' or 'storage.*') are not allowed. For more
* information see
* IAM Overview (https://cloud.google.com/iam/docs/overview#permissions).
*/
// const permissions = 'abc123'
// Imports the Containeranalysis library
const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis').v1;
// Instantiates a client
const containeranalysisClient = new ContainerAnalysisClient();
async function callTestIamPermissions() {
// Construct request
const request = {
resource,
permissions,
};
// Run request
const response = await containeranalysisClient.testIamPermissions(request);
console.log(response);
}
callTestIamPermissions();
testIamPermissions(request, options, callback)
testIamPermissions(request: protos.google.iam.v1.ITestIamPermissionsRequest, options: CallOptions, callback: Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.ITestIamPermissionsRequest
|
options |
CallOptions
|
callback |
Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |
testIamPermissions(request, callback)
testIamPermissions(request: protos.google.iam.v1.ITestIamPermissionsRequest, callback: Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>): void;
Name | Description |
request |
protos.google.iam.v1.ITestIamPermissionsRequest
|
callback |
Callback<protos.google.iam.v1.ITestIamPermissionsResponse, protos.google.iam.v1.ITestIamPermissionsRequest | null | undefined, {} | null | undefined>
|
Type | Description |
void |