chore: Update discovery artifacts (#1477)
## Deleted keys were detected in the following stable discovery artifacts:
apigee v1 https://github.com/googleapis/google-api-python-client/commit/4485c5f3b32c9bda4f50a2a96c5870414f7d870f
sqladmin v1 https://github.com/googleapis/google-api-python-client/commit/41d51e34759b181692ed96d9d490a9cfc5a28459
## Deleted keys were detected in the following pre-stable discovery artifacts:
sqladmin v1beta4 https://github.com/googleapis/google-api-python-client/commit/41d51e34759b181692ed96d9d490a9cfc5a28459
transcoder v1beta1 https://github.com/googleapis/google-api-python-client/commit/1e0b0854e31f52013a8c5423efbd5e34c953e08c
## Discovery Artifact Change Summary:
feat(accesscontextmanager): update the api https://github.com/googleapis/google-api-python-client/commit/30216a669249442cac8f0fb8bb347b1352d8f087
feat(alertcenter): update the api https://github.com/googleapis/google-api-python-client/commit/39b084706537111e8403be6e69f0fc9d82b2f383
feat(apigee): update the api https://github.com/googleapis/google-api-python-client/commit/4485c5f3b32c9bda4f50a2a96c5870414f7d870f
feat(bigquery): update the api https://github.com/googleapis/google-api-python-client/commit/304bbde2360066caf55575e3be5a04fdc8bf8b09
feat(chromemanagement): update the api https://github.com/googleapis/google-api-python-client/commit/0ba28b47236a81a996a3607567b61ab38150617d
feat(cloudasset): update the api https://github.com/googleapis/google-api-python-client/commit/792aa5593ea64ceb4b565e950e153e396274b3b8
feat(cloudbuild): update the api https://github.com/googleapis/google-api-python-client/commit/6b06387ca29e76d26f257c7a4eb6864fe27e082e
feat(cloudchannel): update the api https://github.com/googleapis/google-api-python-client/commit/0b0444ea192f79c5564745be8b1d52b52a74d1fb
feat(cloudkms): update the api https://github.com/googleapis/google-api-python-client/commit/7dc278459cbd32bf15b39633327743cfa0beeea3
feat(composer): update the api https://github.com/googleapis/google-api-python-client/commit/92131bff38ab7644e549f3d71f9c0a84755455db
feat(container): update the api https://github.com/googleapis/google-api-python-client/commit/53d8b4b3e3c5d16ffd14ba1af1cf1769d9249067
feat(containeranalysis): update the api https://github.com/googleapis/google-api-python-client/commit/9ab94f3f4c2ccafdf8b298dad8c6a5c2aa61a606
feat(dialogflow): update the api https://github.com/googleapis/google-api-python-client/commit/b49bfdaedbed3378b061e85f937a36e97732fcd4
feat(iam): update the api https://github.com/googleapis/google-api-python-client/commit/0832247d126965b472a271167028499f015de1ae
feat(metastore): update the api https://github.com/googleapis/google-api-python-client/commit/dd83236343d603e964613b16e9afa25eff60f97c
feat(ondemandscanning): update the api https://github.com/googleapis/google-api-python-client/commit/6ffbe182425ec217230fc083e217676e915bb786
feat(osconfig): update the api https://github.com/googleapis/google-api-python-client/commit/e079d43be4291ca10be7caf432012c6553e0398e
feat(oslogin): update the api https://github.com/googleapis/google-api-python-client/commit/d3ec653bdd293a63ae0b3772ce83e1fda73d5de5
feat(pubsub): update the api https://github.com/googleapis/google-api-python-client/commit/06dfff22baec2551508b93e29e4c36fa442ab299
feat(pubsublite): update the api https://github.com/googleapis/google-api-python-client/commit/4287a7d537741391a9afe9e669b98010ed4fc0ab
feat(recaptchaenterprise): update the api https://github.com/googleapis/google-api-python-client/commit/ebfeb8fc00a1c6a8603b35640845c5cdacf53cb2
feat(recommender): update the api https://github.com/googleapis/google-api-python-client/commit/01f2d6cc989ce337537a51ead8ffd3d6fc7e6c5d
feat(speech): update the api https://github.com/googleapis/google-api-python-client/commit/601afcf08fd96421b64ef4c6f098f09f0748ce69
feat(sqladmin): update the api https://github.com/googleapis/google-api-python-client/commit/41d51e34759b181692ed96d9d490a9cfc5a28459
feat(tagmanager): update the api https://github.com/googleapis/google-api-python-client/commit/47a522aac79ae9283a0c7ee7a2d0716e605d8c21
feat(transcoder): update the api https://github.com/googleapis/google-api-python-client/commit/1e0b0854e31f52013a8c5423efbd5e34c953e08c
diff --git a/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json b/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
index 6346b4f..a57555d 100644
--- a/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json
@@ -339,7 +339,7 @@
}
}
},
- "revision": "20210723",
+ "revision": "20210731",
"rootUrl": "https://ondemandscanning.googleapis.com/",
"schemas": {
"AliasContext": {
@@ -493,6 +493,10 @@
"description": "Details of a build occurrence.",
"id": "BuildOccurrence",
"properties": {
+ "intotoProvenance": {
+ "$ref": "InTotoProvenance",
+ "description": "In-toto Provenance representation as defined in spec."
+ },
"provenance": {
"$ref": "BuildProvenance",
"description": "Required. The actual provenance for the build."
@@ -575,6 +579,15 @@
},
"type": "object"
},
+ "BuilderConfig": {
+ "id": "BuilderConfig",
+ "properties": {
+ "id": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"Category": {
"description": "The category to which the update belongs.",
"id": "Category",
@@ -649,6 +662,25 @@
},
"type": "object"
},
+ "Completeness": {
+ "description": "Indicates that the builder claims certain fields in this message to be complete.",
+ "id": "Completeness",
+ "properties": {
+ "arguments": {
+ "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.",
+ "type": "boolean"
+ },
+ "environment": {
+ "description": "If true, the builder claims that recipe.environment is claimed to be complete.",
+ "type": "boolean"
+ },
+ "materials": {
+ "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\".",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"ComplianceOccurrence": {
"description": "An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.",
"id": "ComplianceOccurrence",
@@ -665,6 +697,19 @@
},
"type": "object"
},
+ "DSSEAttestationOccurrence": {
+ "id": "DSSEAttestationOccurrence",
+ "properties": {
+ "envelope": {
+ "$ref": "Envelope",
+ "description": "If doing something security critical, make sure to verify the signatures in this metadata."
+ },
+ "statement": {
+ "$ref": "InTotoStatement"
+ }
+ },
+ "type": "object"
+ },
"DeploymentOccurrence": {
"description": "The period during which some deployable was active in a runtime.",
"id": "DeploymentOccurrence",
@@ -777,6 +822,39 @@
"properties": {},
"type": "object"
},
+ "Envelope": {
+ "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.",
+ "id": "Envelope",
+ "properties": {
+ "payload": {
+ "format": "byte",
+ "type": "string"
+ },
+ "payloadType": {
+ "type": "string"
+ },
+ "signatures": {
+ "items": {
+ "$ref": "EnvelopeSignature"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "EnvelopeSignature": {
+ "id": "EnvelopeSignature",
+ "properties": {
+ "keyid": {
+ "type": "string"
+ },
+ "sig": {
+ "format": "byte",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"FileHashes": {
"description": "Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.",
"id": "FileHashes",
@@ -910,6 +988,54 @@
},
"type": "object"
},
+ "InTotoProvenance": {
+ "id": "InTotoProvenance",
+ "properties": {
+ "builderConfig": {
+ "$ref": "BuilderConfig",
+ "description": "required"
+ },
+ "materials": {
+ "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.",
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "metadata": {
+ "$ref": "Metadata"
+ },
+ "recipe": {
+ "$ref": "Recipe",
+ "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required"
+ }
+ },
+ "type": "object"
+ },
+ "InTotoStatement": {
+ "description": "Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always \"application/vnd.in-toto+json\".",
+ "id": "InTotoStatement",
+ "properties": {
+ "predicateType": {
+ "description": "\"https://in-toto.io/Provenance/v0.1\" for InTotoProvenance.",
+ "type": "string"
+ },
+ "provenance": {
+ "$ref": "InTotoProvenance"
+ },
+ "subject": {
+ "items": {
+ "$ref": "Subject"
+ },
+ "type": "array"
+ },
+ "type": {
+ "description": "Always \"https://in-toto.io/Statement/v0.1\".",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"Jwt": {
"id": "Jwt",
"properties": {
@@ -990,6 +1116,35 @@
},
"type": "object"
},
+ "Metadata": {
+ "description": "Other properties of the build.",
+ "id": "Metadata",
+ "properties": {
+ "buildFinishedOn": {
+ "description": "The timestamp of when the build completed.",
+ "format": "google-datetime",
+ "type": "string"
+ },
+ "buildInvocationId": {
+ "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.",
+ "type": "string"
+ },
+ "buildStartedOn": {
+ "description": "The timestamp of when the build started.",
+ "format": "google-datetime",
+ "type": "string"
+ },
+ "completeness": {
+ "$ref": "Completeness",
+ "description": "Indicates that the builder claims certain fields in this message to be complete."
+ },
+ "reproducible": {
+ "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"NonCompliantFile": {
"description": "Details about files that caused a compliance check to fail.",
"id": "NonCompliantFile",
@@ -1038,6 +1193,14 @@
"$ref": "DiscoveryOccurrence",
"description": "Describes when a resource was discovered."
},
+ "dsseAttestation": {
+ "$ref": "DSSEAttestationOccurrence",
+ "description": "Describes an attestation of an artifact using dsse."
+ },
+ "envelope": {
+ "$ref": "Envelope",
+ "description": "https://github.com/secure-systems-lab/dsse"
+ },
"image": {
"$ref": "ImageOccurrence",
"description": "Describes how this resource derives from the basis in the associated note."
@@ -1054,7 +1217,8 @@
"DISCOVERY",
"ATTESTATION",
"UPGRADE",
- "COMPLIANCE"
+ "COMPLIANCE",
+ "DSSE_ATTESTATION"
],
"enumDescriptions": [
"Default value. This value is unused.",
@@ -1066,7 +1230,8 @@
"The note and occurrence track the initial discovery status of a resource.",
"This represents a logical \"role\" that can attest to artifacts.",
"This represents an available package upgrade.",
- "This represents a Compliance Note"
+ "This represents a Compliance Note",
+ "This represents a DSSE attestation Note"
],
"type": "string"
},
@@ -1256,6 +1421,40 @@
},
"type": "object"
},
+ "Recipe": {
+ "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.",
+ "id": "Recipe",
+ "properties": {
+ "arguments": {
+ "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint.",
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "definedInMaterial": {
+ "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.",
+ "format": "int64",
+ "type": "string"
+ },
+ "entryPoint": {
+ "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use.",
+ "type": "string"
+ },
+ "environment": {
+ "additionalProperties": {
+ "type": "string"
+ },
+ "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy.",
+ "type": "object"
+ },
+ "type": {
+ "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"RelatedUrl": {
"description": "Metadata for any related URL information.",
"id": "RelatedUrl",
@@ -1384,6 +1583,22 @@
},
"type": "object"
},
+ "Subject": {
+ "id": "Subject",
+ "properties": {
+ "digest": {
+ "additionalProperties": {
+ "type": "string"
+ },
+ "description": "\"\": \"\"",
+ "type": "object"
+ },
+ "name": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"UpgradeDistribution": {
"description": "The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities.",
"id": "UpgradeDistribution",