From 983b6c414734d60fc8b1c2dd9d8240e90e31f58c Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 14 Feb 2026 03:02:50 +0000 Subject: [PATCH 1/2] feat: A new field `registry` is added to message `.grafeas.v1.BaseImage` feat: A new field `advisory_publish_time` is added to message `.grafeas.v1.VulnerabilityNote` PiperOrigin-RevId: 869922618 Source-Link: https://github.com/googleapis/googleapis/commit/67810511a5a40daa3402d796e44f77ccbcdd7d31 Source-Link: https://github.com/googleapis/googleapis-gen/commit/73d60f746adfb35717fe7cc607e95272d6ef16a2 Copy-Tag: eyJwIjoiZ29vZ2xlLWNsb3VkLWJpbmFyeV9hdXRob3JpemF0aW9uLXYxLy5Pd2xCb3QueWFtbCIsImgiOiI3M2Q2MGY3NDZhZGZiMzU3MTdmZTdjYzYwN2U5NTI3MmQ2ZWYxNmEyIn0= --- .../.gitignore | 22 + .../.repo-metadata.json | 19 + .../.rubocop.yml | 33 + .../.toys.rb | 28 + .../.yardopts | 12 + .../AUTHENTICATION.md | 122 ++ .../CHANGELOG.md | 2 + .../Gemfile | 11 + .../LICENSE.md | 201 +++ .../README.md | 154 +++ .../Rakefile | 168 +++ .../gapic_metadata.json | 81 ++ ...ogle-cloud-binary_authorization-v1.gemspec | 29 + .../google-cloud-binary_authorization-v1.rb | 21 + .../google/cloud/binary_authorization/v1.rb | 47 + .../v1/binauthz_management_service.rb | 61 + .../v1/binauthz_management_service/client.rb | 1108 +++++++++++++++++ .../credentials.rb | 51 + .../v1/binauthz_management_service/paths.rb | 97 ++ .../v1/binauthz_management_service/rest.rb | 58 + .../rest/client.rb | 1016 +++++++++++++++ .../rest/service_stub.rb | 511 ++++++++ .../cloud/binary_authorization/v1/rest.rb | 39 + .../binary_authorization/v1/system_policy.rb | 55 + .../v1/system_policy/client.rb | 475 +++++++ .../v1/system_policy/credentials.rb | 51 + .../v1/system_policy/paths.rb | 66 + .../v1/system_policy/rest.rb | 52 + .../v1/system_policy/rest/client.rb | 425 +++++++ .../v1/system_policy/rest/service_stub.rb | 142 +++ .../v1/validation_helper.rb | 54 + .../v1/validation_helper/client.rb | 486 ++++++++ .../v1/validation_helper/credentials.rb | 51 + .../v1/validation_helper/rest.rb | 51 + .../v1/validation_helper/rest/client.rb | 436 +++++++ .../v1/validation_helper/rest/service_stub.rb | 143 +++ .../cloud/binary_authorization/v1/version.rb | 28 + .../binaryauthorization/v1/resources_pb.rb | 57 + .../binaryauthorization/v1/service_pb.rb | 63 + .../v1/service_services_pb.rb | 115 ++ .../proto_docs/README.md | 4 + .../proto_docs/google/api/client.rb | 473 +++++++ .../proto_docs/google/api/field_behavior.rb | 85 ++ .../proto_docs/google/api/launch_stage.rb | 71 ++ .../proto_docs/google/api/resource.rb | 227 ++++ .../cloud/binaryauthorization/v1/resources.rb | 374 ++++++ .../cloud/binaryauthorization/v1/service.rb | 189 +++ .../proto_docs/google/protobuf/duration.rb | 98 ++ .../proto_docs/google/protobuf/empty.rb | 34 + .../proto_docs/google/protobuf/timestamp.rb | 127 ++ .../proto_docs/grafeas/v1/attestation.rb | 98 ++ .../proto_docs/grafeas/v1/common.rb | 239 ++++ .../snippets/Gemfile | 32 + .../create_attestor.rb | 47 + .../delete_attestor.rb | 47 + .../get_attestor.rb | 47 + .../binauthz_management_service/get_policy.rb | 47 + .../list_attestors.rb | 51 + .../update_attestor.rb | 47 + .../update_policy.rb | 47 + ...a_google.cloud.binaryauthorization.v1.json | 375 ++++++ .../system_policy/get_system_policy.rb | 47 + .../validate_attestation_occurrence.rb | 47 + .../binauthz_management_service_paths_test.rb | 82 ++ .../binauthz_management_service_rest_test.rb | 481 +++++++ .../v1/binauthz_management_service_test.rb | 523 ++++++++ .../v1/system_policy_paths_test.rb | 58 + .../v1/system_policy_rest_test.rb | 153 +++ .../v1/system_policy_test.rb | 162 +++ .../v1/validation_helper_rest_test.rb | 156 +++ .../v1/validation_helper_test.rb | 168 +++ .../test/helper.rb | 25 + 72 files changed, 11302 insertions(+) create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/README.md create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb create mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore b/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore new file mode 100644 index 000000000000..0135b6bc6cfc --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore @@ -0,0 +1,22 @@ +# Ignore bundler lockfiles +Gemfile.lock +gems.locked + +# Ignore documentation output +doc/* +.yardoc/* + +# Ignore test output +coverage/* + +# Ignore build artifacts +pkg/* + +# Ignore files commonly present in certain dev environments +.vagrant +.DS_STORE +.idea +*.iml + +# Ignore synth output +__pycache__ diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json b/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json new file mode 100644 index 000000000000..2f8790a17bc3 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json @@ -0,0 +1,19 @@ +{ + "api_id": "binaryauthorization.googleapis.com", + "api_shortname": "binaryauthorization", + "client_documentation": "https://cloud.google.com/ruby/docs/reference/google-cloud-binary_authorization-v1/latest", + "distribution_name": "google-cloud-binary_authorization-v1", + "is_cloud": true, + "language": "ruby", + "name": "binaryauthorization", + "name_pretty": "Binary Authorization V1 API", + "product_documentation": "https://cloud.google.com/binary-authorization/", + "release_level": "unreleased", + "repo": "googleapis/google-cloud-ruby", + "requires_billing": true, + "ruby-cloud-description": "Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. Note that google-cloud-binary_authorization-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-binary_authorization instead. See the readme for more details.", + "ruby-cloud-env-prefix": "BINARY_AUTHORIZATION", + "ruby-cloud-product-url": "https://cloud.google.com/binary-authorization/", + "ruby-cloud-service-override": "BinauthzManagementServiceV1=BinauthzManagementService;SystemPolicyV1=SystemPolicy;ValidationHelperV1=ValidationHelper", + "library_type": "GAPIC_AUTO" +} diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml b/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml new file mode 100644 index 000000000000..d50625d49551 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml @@ -0,0 +1,33 @@ +inherit_gem: + google-style: google-style.yml + +AllCops: + Exclude: + - "google-cloud-binary_authorization-v1.gemspec" + - "lib/**/*_pb.rb" + - "proto_docs/**/*" + - "test/**/*" + - "acceptance/**/*" + - "samples/acceptance/**/*" + - "Rakefile" + +Layout/LineLength: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +Naming/AccessorMethodName: + Exclude: + - "snippets/**/*.rb" +Naming/FileName: + Exclude: + - "lib/google-cloud-binary_authorization-v1.rb" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb new file mode 100644 index 000000000000..177e22456e8a --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +toys_version! ">= 0.15.3" + +if ENV["RUBY_COMMON_TOOLS"] + common_tools_dir = File.expand_path ENV["RUBY_COMMON_TOOLS"] + load File.join(common_tools_dir, "toys", "gapic") +else + load_git remote: "https://github.com/googleapis/ruby-common-tools.git", + path: "toys/gapic", + update: true +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts b/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts new file mode 100644 index 000000000000..a2253f9a1ac0 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts @@ -0,0 +1,12 @@ +--no-private +--title="Binary Authorization V1 API" +--exclude _pb\.rb$ +--markup markdown +--markup-provider redcarpet + +./lib/**/*.rb +./proto_docs/**/*.rb +- +README.md +LICENSE.md +AUTHENTICATION.md diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md b/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md new file mode 100644 index 000000000000..8279621c45ca --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md @@ -0,0 +1,122 @@ +# Authentication + +The recommended way to authenticate to the google-cloud-binary_authorization-v1 library is to use +[Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials). +To review all of your authentication options, see [Credentials lookup](#credential-lookup). + +## Quickstart + +The following example shows how to set up authentication for a local development +environment with your user credentials. + +**NOTE:** This method is _not_ recommended for running in production. User credentials +should be used only during development. + +1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk). +2. Set up a local ADC file with your user credentials: + +```sh +gcloud auth application-default login +``` + +3. Write code as if already authenticated. + +For more information about setting up authentication for a local development environment, see +[Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev). + +## Credential Lookup + +The google-cloud-binary_authorization-v1 library provides several mechanisms to configure your system. +Generally, using Application Default Credentials to facilitate automatic +credentials discovery is the easist method. But if you need to explicitly specify +credentials, there are several methods available to you. + +Credentials are accepted in the following ways, in the following order or precedence: + +1. Credentials specified in method arguments +2. Credentials specified in configuration +3. Credentials pointed to or included in environment variables +4. Credentials found in local ADC file +5. Credentials returned by the metadata server for the attached service account (GCP) + +### Configuration + +You can configure a path to a JSON credentials file, either for an individual client object or +globally, for all client objects. The JSON file can contain credentials created for +[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation), +[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a +[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key). + +Note: Service account keys are a security risk if not managed correctly. You should +[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree) +whenever possible. + +To configure a credentials file for an individual client initialization: + +```ruby +require "google/cloud/binary_authorization/v1" + +client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = "path/to/credentialfile.json" +end +``` + +To configure a credentials file globally for all clients: + +```ruby +require "google/cloud/binary_authorization/v1" + +::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| + config.credentials = "path/to/credentialfile.json" +end + +client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new +``` + +### Environment Variables + +You can also use an environment variable to provide a JSON credentials file. +The environment variable can contain a path to the credentials file or, for +environments such as Docker containers where writing files is not encouraged, +you can include the credentials file itself. + +The JSON file can contain credentials created for +[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation), +[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a +[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key). + +Note: Service account keys are a security risk if not managed correctly. You should +[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree) +whenever possible. + +The environment variables that google-cloud-binary_authorization-v1 +checks for credentials are: + +* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents +* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file + +```ruby +require "google/cloud/binary_authorization/v1" + +ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json" + +client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new +``` + +### Local ADC file + +You can set up a local ADC file with your user credentials for authentication during +development. If credentials are not provided in code or in environment variables, +then the local ADC credentials are discovered. + +Follow the steps in [Quickstart](#quickstart) to set up a local ADC file. + +### Google Cloud Platform environments + +When running on Google Cloud Platform (GCP), including Google Compute Engine +(GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud +Functions (GCF) and Cloud Run, credentials are retrieved from the attached +service account automatically. Code should be written as if already authenticated. + +For more information, see +[Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa). diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md b/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md new file mode 100644 index 000000000000..f88957a62ba2 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md @@ -0,0 +1,2 @@ +# Release History + diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile b/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile new file mode 100644 index 000000000000..6442df18fa2f --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile @@ -0,0 +1,11 @@ +source "https://rubygems.org" + +gemspec + +gem "google-style", "~> 1.31.1" +gem "minitest", "~> 5.22" +gem "minitest-focus", "~> 1.4" +gem "minitest-rg", "~> 5.3" +gem "rake", ">= 13.0" +gem "redcarpet", "~> 3.6" +gem "yard", "~> 0.9" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md b/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md new file mode 100644 index 000000000000..c261857ba6ad --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/README.md b/owl-bot-staging/google-cloud-binary_authorization-v1/README.md new file mode 100644 index 000000000000..1421b3d50521 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/README.md @@ -0,0 +1,154 @@ +# Ruby Client for the Binary Authorization V1 API + +The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters, Anthos clusters on VMware, and Cloud Run. + +Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. + +https://github.com/googleapis/google-cloud-ruby + +This gem is a _versioned_ client. It provides basic client classes for a +specific version of the Binary Authorization V1 API. Most users should consider using +the main client gem, +[google-cloud-binary_authorization](https://rubygems.org/gems/google-cloud-binary_authorization). +See the section below titled *Which client should I use?* for more information. + +## Installation + +``` +$ gem install google-cloud-binary_authorization-v1 +``` + +## Before You Begin + +In order to use this library, you first need to go through the following steps: + +1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project) +1. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project) +1. [Enable the API.](https://console.cloud.google.com/apis/library/binaryauthorization.googleapis.com) +1. [Set up authentication.](AUTHENTICATION.md) + +## Quick Start + +```ruby +require "google/cloud/binary_authorization/v1" + +client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new +request = ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new # (request fields as keyword arguments...) +response = client.get_policy request +``` + +View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-binary_authorization-v1/latest) +for class and method documentation. + +See also the [Product Documentation](https://cloud.google.com/binary-authorization/) +for general usage information. + +## Debug Logging + +This library comes with opt-in Debug Logging that can help you troubleshoot +your application's integration with the API. When logging is activated, key +events such as requests and responses, along with data payloads and metadata +such as headers and client configuration, are logged to the standard error +stream. + +**WARNING:** Client Library Debug Logging includes your data payloads in +plaintext, which could include sensitive data such as PII for yourself or your +customers, private keys, or other security data that could be compromising if +leaked. Always practice good data hygiene with your application logs, and follow +the principle of least access. Google also recommends that Client Library Debug +Logging be enabled only temporarily during active debugging, and not used +permanently in production. + +To enable logging, set the environment variable `GOOGLE_SDK_RUBY_LOGGING_GEMS` +to the value `all`. Alternatively, you can set the value to a comma-delimited +list of client library gem names. This will select the default logging behavior, +which writes logs to the standard error stream. On a local workstation, this may +result in logs appearing on the console. When running on a Google Cloud hosting +service such as [Google Cloud Run](https://cloud.google.com/run), this generally +results in logs appearing alongside your application logs in the +[Google Cloud Logging](https://cloud.google.com/logging/) service. + +You can customize logging by modifying the `logger` configuration when +constructing a client object. For example: + +```ruby +require "google/cloud/binary_authorization/v1" +require "logger" + +client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.logger = Logger.new "my-app.log" +end +``` + +## Google Cloud Samples + +To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples). + +## Supported Ruby Versions + +This library is supported on Ruby 3.0+. + +Google provides official support for Ruby versions that are actively supported +by Ruby Core—that is, Ruby versions that are either in normal maintenance or +in security maintenance, and not end of life. Older versions of Ruby _may_ +still work, but are unsupported and not recommended. See +https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby +support schedule. + +## Which client should I use? + +Most modern Ruby client libraries for Google APIs come in two flavors: the main +client library with a name such as `google-cloud-binary_authorization`, +and lower-level _versioned_ client libraries with names such as +`google-cloud-binary_authorization-v1`. +_In most cases, you should install the main client._ + +### What's the difference between the main client and a versioned client? + +A _versioned client_ provides a basic set of data types and client classes for +a _single version_ of a specific service. (That is, for a service with multiple +versions, there might be a separate versioned client for each service version.) +Most versioned clients are written and maintained by a code generator. + +The _main client_ is designed to provide you with the _recommended_ client +interfaces for the service. There will be only one main client for any given +service, even a service with multiple versions. The main client includes +factory methods for constructing the client objects we recommend for most +users. In some cases, those will be classes provided by an underlying versioned +client; in other cases, they will be handwritten higher-level client objects +with additional capabilities, convenience methods, or best practices built in. +Generally, the main client will default to a recommended service version, +although in some cases you can override this if you need to talk to a specific +service version. + +### Why would I want to use the main client? + +We recommend that most users install the main client gem for a service. You can +identify this gem as the one _without_ a version in its name, e.g. +`google-cloud-binary_authorization`. +The main client is recommended because it will embody the best practices for +accessing the service, and may also provide more convenient interfaces or +tighter integration into frameworks and third-party libraries. In addition, the +documentation and samples published by Google will generally demonstrate use of +the main client. + +### Why would I want to use a versioned client? + +You can use a versioned client if you are content with a possibly lower-level +class interface, you explicitly want to avoid features provided by the main +client, or you want to access a specific service version not be covered by the +main client. You can identify versioned client gems because the service version +is part of the name, e.g. `google-cloud-binary_authorization-v1`. + +### What about the google-apis- clients? + +Client library gems with names that begin with `google-apis-` are based on an +older code generation technology. They talk to a REST/JSON backend (whereas +most modern clients talk to a [gRPC](https://grpc.io/) backend) and they may +not offer the same performance, features, and ease of use provided by more +modern clients. + +The `google-apis-` clients have wide coverage across Google services, so you +might need to use one if there is no modern client available for the service. +However, if a modern client is available, we generally recommend it over the +older `google-apis-` clients. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile b/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile new file mode 100644 index 000000000000..ed9face33f1e --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile @@ -0,0 +1,168 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "bundler/setup" +require "bundler/gem_tasks" + +require "rubocop/rake_task" +RuboCop::RakeTask.new + +require "rake/testtask" +desc "Run tests." +Rake::TestTask.new do |t| + t.libs << "test" + t.test_files = FileList["test/**/*_test.rb"] + t.warning = false +end + +desc "Runs the smoke tests." +Rake::TestTask.new :smoke_test do |t| + t.test_files = FileList["acceptance/**/*smoke_test.rb"] + t.warning = false +end + +# Acceptance tests +desc "Run the google-cloud-binary_authorization-v1 acceptance tests." +task :acceptance, :project, :keyfile do |t, args| + project = args[:project] + project ||= + ENV["BINARY_AUTHORIZATION_TEST_PROJECT"] || + ENV["GCLOUD_TEST_PROJECT"] + keyfile = args[:keyfile] + keyfile ||= + ENV["BINARY_AUTHORIZATION_TEST_KEYFILE"] || + ENV["GCLOUD_TEST_KEYFILE"] + if keyfile + keyfile = File.read keyfile + else + keyfile ||= + ENV["BINARY_AUTHORIZATION_TEST_KEYFILE_JSON"] || + ENV["GCLOUD_TEST_KEYFILE_JSON"] + end + if project.nil? || keyfile.nil? + fail "You must provide a project and keyfile. e.g. rake acceptance[test123, /path/to/keyfile.json] or BINARY_AUTHORIZATION_TEST_PROJECT=test123 BINARY_AUTHORIZATION_TEST_KEYFILE=/path/to/keyfile.json rake acceptance" + end + require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Credentials.env_vars.each do |path| + ENV[path] = nil + end + ENV["BINARY_AUTHORIZATION_PROJECT"] = project + ENV["BINARY_AUTHORIZATION_TEST_PROJECT"] = project + ENV["BINARY_AUTHORIZATION_KEYFILE_JSON"] = keyfile + + Rake::Task["acceptance:run"].invoke +end + +namespace :acceptance do + task :run do + if File.directory? "acceptance" + Rake::Task[:smoke_test].invoke + else + puts "The google-cloud-binary_authorization-v1 gem has no acceptance tests." + end + end + + desc "Run acceptance cleanup." + task :cleanup do + end +end + +task :samples do + Rake::Task["samples:latest"].invoke +end + +namespace :samples do + task :latest do + if File.directory? "samples" + Dir.chdir "samples" do + Bundler.with_clean_env do + ENV["GOOGLE_CLOUD_SAMPLES_TEST"] = "not_master" + sh "bundle update" + sh "bundle exec rake test" + end + end + else + puts "The google-cloud-binary_authorization-v1 gem has no samples to test." + end + end + + task :master do + if File.directory? "samples" + Dir.chdir "samples" do + Bundler.with_clean_env do + ENV["GOOGLE_CLOUD_SAMPLES_TEST"] = "master" + sh "bundle update" + sh "bundle exec rake test" + end + end + else + puts "The google-cloud-binary_authorization-v1 gem has no samples to test." + end + end +end + +require "yard" +require "yard/rake/yardoc_task" +YARD::Rake::YardocTask.new do |y| +end + +desc "Run yard-doctest example tests." +task :doctest do + puts "The google-cloud-binary_authorization-v1 gem does not have doctest tests." +end + +desc "Run the CI build" +task :ci do + header "BUILDING google-cloud-binary_authorization-v1" + header "google-cloud-binary_authorization-v1 rubocop", "*" + Rake::Task[:rubocop].invoke + header "google-cloud-binary_authorization-v1 yard", "*" + Rake::Task[:yard].invoke + header "google-cloud-binary_authorization-v1 test", "*" + Rake::Task[:test].invoke +end + +namespace :ci do + desc "Run the CI build, with smoke tests." + task :smoke_test do + Rake::Task[:ci].invoke + header "google-cloud-binary_authorization-v1 smoke_test", "*" + Rake::Task[:smoke_test].invoke + end + desc "Run the CI build, with acceptance tests." + task :acceptance do + Rake::Task[:ci].invoke + header "google-cloud-binary_authorization-v1 acceptance", "*" + Rake::Task[:acceptance].invoke + end + task :a do + # This is a handy shortcut to save typing + Rake::Task["ci:acceptance"].invoke + end +end + +task default: :test + +def header str, token = "#" + line_length = str.length + 8 + puts "" + puts token * line_length + puts "#{token * 3} #{str} #{token * 3}" + puts token * line_length + puts "" +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json b/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json new file mode 100644 index 000000000000..62616714fd74 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json @@ -0,0 +1,81 @@ +{ + "schema": "1.0", + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "ruby", + "protoPackage": "google.cloud.binaryauthorization.v1", + "libraryPackage": "::Google::Cloud::BinaryAuthorization::V1", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client", + "rpcs": { + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + }, + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec b/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec new file mode 100644 index 000000000000..1a0663400e09 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec @@ -0,0 +1,29 @@ +# -*- ruby -*- +# encoding: utf-8 + +require File.expand_path("lib/google/cloud/binary_authorization/v1/version", __dir__) + +Gem::Specification.new do |gem| + gem.name = "google-cloud-binary_authorization-v1" + gem.version = Google::Cloud::BinaryAuthorization::V1::VERSION + + gem.authors = ["Google LLC"] + gem.email = "googleapis-packages@google.com" + gem.description = "Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. Note that google-cloud-binary_authorization-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-binary_authorization instead. See the readme for more details." + gem.summary = "The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters, Anthos clusters on VMware, and Cloud Run." + gem.homepage = "https://github.com/googleapis/google-cloud-ruby" + gem.license = "Apache-2.0" + + gem.platform = Gem::Platform::RUBY + + gem.files = `git ls-files -- lib/*`.split("\n") + + `git ls-files -- proto_docs/*`.split("\n") + + ["README.md", "LICENSE.md", "AUTHENTICATION.md", ".yardopts"] + gem.require_paths = ["lib"] + + gem.required_ruby_version = ">= 3.1" + + gem.add_dependency "gapic-common", "~> 1.2" + gem.add_dependency "google-cloud-errors", "~> 1.0" + gem.add_dependency "grafeas-v1", "> 0.0", "< 2.a" +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb new file mode 100644 index 000000000000..6fd39b3fb94a --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# This gem does not autoload during Bundler.require. To load this gem, +# issue explicit require statements for the packages desired, e.g.: +# require "google/cloud/binary_authorization/v1" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb new file mode 100644 index 000000000000..d797dafc8014 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/binary_authorization/v1/binauthz_management_service" +require "google/cloud/binary_authorization/v1/system_policy" +require "google/cloud/binary_authorization/v1/validation_helper" +require "google/cloud/binary_authorization/v1/version" + +module Google + module Cloud + module BinaryAuthorization + ## + # API client module. + # + # @example Load this package, including all its services, and instantiate a gRPC client + # + # require "google/cloud/binary_authorization/v1" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # @example Load this package, including all its services, and instantiate a REST client + # + # require "google/cloud/binary_authorization/v1" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + module V1 + end + end + end +end + +helper_path = ::File.join __dir__, "v1", "_helpers.rb" +require "google/cloud/binary_authorization/v1/_helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb new file mode 100644 index 000000000000..1efe07271436 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb @@ -0,0 +1,61 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/common" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" +require "google/cloud/binary_authorization/v1/binauthz_management_service/paths" +require "google/cloud/binary_authorization/v1/binauthz_management_service/client" +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # Google Cloud Management Service for Binary Authorization admission policies + # and attestation authorities. + # + # This API implements a REST model with the following objects: + # + # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} + # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} + # + # @example Load this service and instantiate a gRPC client + # + # require "google/cloud/binary_authorization/v1/binauthz_management_service" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # @example Load this service and instantiate a REST client + # + # require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + module BinauthzManagementService + end + end + end + end +end + +helper_path = ::File.join __dir__, "binauthz_management_service", "helpers.rb" +require "google/cloud/binary_authorization/v1/binauthz_management_service/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb new file mode 100644 index 000000000000..7f2a92bf4c5a --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb @@ -0,0 +1,1108 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementService + ## + # Client for the BinauthzManagementService service. + # + # Google Cloud Management Service for Binary Authorization admission policies + # and attestation authorities. + # + # This API implements a REST model with the following objects: + # + # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} + # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + include Paths + + # @private + attr_reader :binauthz_management_service_stub + + ## + # Configure the BinauthzManagementService Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all BinauthzManagementService clients + # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config.rpcs.get_policy.timeout = 600.0 + default_config.rpcs.get_policy.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.update_policy.timeout = 600.0 + default_config.rpcs.update_policy.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.create_attestor.timeout = 600.0 + + default_config.rpcs.get_attestor.timeout = 600.0 + default_config.rpcs.get_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.update_attestor.timeout = 600.0 + default_config.rpcs.update_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.list_attestors.timeout = 600.0 + default_config.rpcs.list_attestors.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.delete_attestor.timeout = 600.0 + default_config.rpcs.delete_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the BinauthzManagementService Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @binauthz_management_service_stub.universe_domain + end + + ## + # Create a new BinauthzManagementService client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the BinauthzManagementService client. + # @yieldparam config [Client::Configuration] + # + def initialize + # These require statements are intentionally placed here to initialize + # the gRPC module only when it's required. + # See https://github.com/googleapis/toolkit/issues/446 + require "gapic/grpc" + require "google/cloud/binaryauthorization/v1/service_services_pb" + + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @binauthz_management_service_stub = ::Gapic::ServiceStub.new( + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementServiceV1::Stub, + credentials: credentials, + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + channel_args: @config.channel_args, + interceptors: @config.interceptors, + channel_pool_config: @config.channel_pool, + logger: @config.logger + ) + + @binauthz_management_service_stub.stub_logger&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @binauthz_management_service_stub.logger + end + + # Service calls + + ## + # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} specifies the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} that must attest to + # a container image, before the project is allowed to deploy that + # image. There is at most one policy per project. All image admission + # requests are permitted if a project has no policy. + # + # Gets the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for this project. Returns a default + # {::Google::Cloud::BinaryAuthorization::V1::Policy policy} if the project does not have one. + # + # @overload get_policy(request, options = nil) + # Pass arguments to `get_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload get_policy(name: nil) + # Pass arguments to `get_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, + # in the format `projects/*/policy`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new + # + # # Call the get_policy method. + # result = client.get_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def get_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.get_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.name + header_params["name"] = request.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.get_policy.timeout, + metadata: metadata, + retry_policy: @config.rpcs.get_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :get_policy, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Creates or updates a project's {::Google::Cloud::BinaryAuthorization::V1::Policy policy}, and returns a copy of the + # new {::Google::Cloud::BinaryAuthorization::V1::Policy policy}. A policy is always updated as a whole, to avoid race + # conditions with concurrent policy enforcement (or management!) + # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + # if the request is malformed. + # + # @overload update_policy(request, options = nil) + # Pass arguments to `update_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload update_policy(policy: nil) + # Pass arguments to `update_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param policy [::Google::Cloud::BinaryAuthorization::V1::Policy, ::Hash] + # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in + # the request URL, in the format `projects/*/policy`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new + # + # # Call the update_policy method. + # result = client.update_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def update_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.update_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.policy&.name + header_params["policy.name"] = request.policy.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.update_policy.timeout, + metadata: metadata, + retry_policy: @config.rpcs.update_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :update_policy, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Creates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}, and returns a copy of the new + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the project does not exist, + # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} already exists. + # + # @overload create_attestor(request, options = nil) + # Pass arguments to `create_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload create_attestor(parent: nil, attestor_id: nil, attestor: nil) + # Pass arguments to `create_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param parent [::String] + # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # @param attestor_id [::String] + # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. + # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] + # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, + # in the format `projects/*/attestors/*`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new + # + # # Call the create_attestor method. + # result = client.create_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def create_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.create_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.parent + header_params["parent"] = request.parent + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.create_attestor.timeout, + metadata: metadata, + retry_policy: @config.rpcs.create_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :create_attestor, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Gets an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload get_attestor(request, options = nil) + # Pass arguments to `get_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload get_attestor(name: nil) + # Pass arguments to `get_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format + # `projects/*/attestors/*`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new + # + # # Call the get_attestor method. + # result = client.get_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def get_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.get_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.name + header_params["name"] = request.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.get_attestor.timeout, + metadata: metadata, + retry_policy: @config.rpcs.get_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :get_attestor, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Updates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload update_attestor(request, options = nil) + # Pass arguments to `update_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload update_attestor(attestor: nil) + # Pass arguments to `update_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] + # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name + # in the request URL, in the format `projects/*/attestors/*`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new + # + # # Call the update_attestor method. + # result = client.update_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def update_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.update_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.attestor&.name + header_params["attestor.name"] = request.attestor.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.update_attestor.timeout, + metadata: metadata, + retry_policy: @config.rpcs.update_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :update_attestor, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Lists {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. + # Returns INVALID_ARGUMENT if the project does not exist. + # + # @overload list_attestors(request, options = nil) + # Pass arguments to `list_attestors` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload list_attestors(parent: nil, page_size: nil, page_token: nil) + # Pass arguments to `list_attestors` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param parent [::String] + # Required. The resource name of the project associated with the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. + # @param page_size [::Integer] + # Requested page size. The server may return fewer results than requested. If + # unspecified, the server will pick an appropriate default. + # @param page_token [::String] + # A token identifying a page of results the server should return. Typically, + # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned + # from the previous call to the `ListAttestors` method. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new + # + # # Call the list_attestors method. + # result = client.list_attestors request + # + # # The returned object is of type Gapic::PagedEnumerable. You can iterate + # # over elements, and API calls will be issued to fetch pages as needed. + # result.each do |item| + # # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. + # p item + # end + # + def list_attestors request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.list_attestors.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.parent + header_params["parent"] = request.parent + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.list_attestors.timeout, + metadata: metadata, + retry_policy: @config.rpcs.list_attestors.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :list_attestors, request, options: options do |response, operation| + response = ::Gapic::PagedEnumerable.new @binauthz_management_service_stub, :list_attestors, request, response, operation, options + yield response, operation if block_given? + throw :response, response + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Deletes an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload delete_attestor(request, options = nil) + # Pass arguments to `delete_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload delete_attestor(name: nil) + # Pass arguments to `delete_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format + # `projects/*/attestors/*`. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Protobuf::Empty] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Protobuf::Empty] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new + # + # # Call the delete_attestor method. + # result = client.delete_attestor request + # + # # The returned object is of type Google::Protobuf::Empty. + # p result + # + def delete_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.delete_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.name + header_params["name"] = request.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.delete_attestor.timeout, + metadata: metadata, + retry_policy: @config.rpcs.delete_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.call_rpc :delete_attestor, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the BinauthzManagementService API. + # + # This class represents the configuration for BinauthzManagementService, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # get_policy to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.get_policy.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.get_policy.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`GRPC::Core::Channel`) a gRPC channel with included credentials + # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object + # * (`nil`) indicating no credentials + # + # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials + # is deprecated. Providing an unvalidated credential configuration to + # Google APIs can compromise the security of your systems and data. + # + # @example + # + # # The recommended way to provide credentials is to use the `make_creds` method + # # on the appropriate credentials class for your environment. + # + # require "googleauth" + # + # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( + # json_key_io: ::File.open("/path/to/keyfile.json") + # ) + # + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + # config.credentials = credentials + # end + # + # @note Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] channel_args + # Extra parameters passed to the gRPC channel. Note: this is ignored if a + # `GRPC::Core::Channel` object is provided as the credential. + # @return [::Hash] + # @!attribute [rw] interceptors + # An array of interceptors that are run before calls are executed. + # @return [::Array<::GRPC::ClientInterceptor>] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional gRPC headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) + config_attr :interceptors, nil, ::Array, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration for the channel pool + # @return [::Gapic::ServiceStub::ChannelPool::Configuration] + # + def channel_pool + @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new + end + + ## + # Configuration RPC class for the BinauthzManagementService API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `get_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :get_policy + ## + # RPC-specific configuration for `update_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :update_policy + ## + # RPC-specific configuration for `create_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :create_attestor + ## + # RPC-specific configuration for `get_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :get_attestor + ## + # RPC-specific configuration for `update_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :update_attestor + ## + # RPC-specific configuration for `list_attestors` + # @return [::Gapic::Config::Method] + # + attr_reader :list_attestors + ## + # RPC-specific configuration for `delete_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :delete_attestor + + # @private + def initialize parent_rpcs = nil + get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy + @get_policy = ::Gapic::Config::Method.new get_policy_config + update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy + @update_policy = ::Gapic::Config::Method.new update_policy_config + create_attestor_config = parent_rpcs.create_attestor if parent_rpcs.respond_to? :create_attestor + @create_attestor = ::Gapic::Config::Method.new create_attestor_config + get_attestor_config = parent_rpcs.get_attestor if parent_rpcs.respond_to? :get_attestor + @get_attestor = ::Gapic::Config::Method.new get_attestor_config + update_attestor_config = parent_rpcs.update_attestor if parent_rpcs.respond_to? :update_attestor + @update_attestor = ::Gapic::Config::Method.new update_attestor_config + list_attestors_config = parent_rpcs.list_attestors if parent_rpcs.respond_to? :list_attestors + @list_attestors = ::Gapic::Config::Method.new list_attestors_config + delete_attestor_config = parent_rpcs.delete_attestor if parent_rpcs.respond_to? :delete_attestor + @delete_attestor = ::Gapic::Config::Method.new delete_attestor_config + + yield self if block_given? + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb new file mode 100644 index 000000000000..530400adb780 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "googleauth" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementService + # Credentials for the BinauthzManagementService API. + class Credentials < ::Google::Auth::Credentials + self.scope = [ + "https://www.googleapis.com/auth/cloud-platform" + ] + self.env_vars = [ + "BINARY_AUTHORIZATION_CREDENTIALS", + "BINARY_AUTHORIZATION_KEYFILE", + "GOOGLE_CLOUD_CREDENTIALS", + "GOOGLE_CLOUD_KEYFILE", + "GCLOUD_KEYFILE", + "BINARY_AUTHORIZATION_CREDENTIALS_JSON", + "BINARY_AUTHORIZATION_KEYFILE_JSON", + "GOOGLE_CLOUD_CREDENTIALS_JSON", + "GOOGLE_CLOUD_KEYFILE_JSON", + "GCLOUD_KEYFILE_JSON" + ] + self.paths = [ + "~/.config/google_cloud/application_default_credentials.json" + ] + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb new file mode 100644 index 000000000000..a4282d52ea46 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb @@ -0,0 +1,97 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementService + # Path helper methods for the BinauthzManagementService API. + module Paths + ## + # Create a fully-qualified Attestor resource string. + # + # The resource will be in the following format: + # + # `projects/{project}/attestors/{attestor}` + # + # @param project [String] + # @param attestor [String] + # + # @return [::String] + def attestor_path project:, attestor: + raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/" + + "projects/#{project}/attestors/#{attestor}" + end + + ## + # Create a fully-qualified Policy resource string. + # + # @overload policy_path(project:) + # The resource will be in the following format: + # + # `projects/{project}/policy` + # + # @param project [String] + # + # @overload policy_path(location:) + # The resource will be in the following format: + # + # `locations/{location}/policy` + # + # @param location [String] + # + # @return [::String] + def policy_path **args + resources = { + "project" => (proc do |project:| + "projects/#{project}/policy" + end), + "location" => (proc do |location:| + "locations/#{location}/policy" + end) + } + + resource = resources[args.keys.sort.join(":")] + raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil? + resource.call(**args) + end + + ## + # Create a fully-qualified Project resource string. + # + # The resource will be in the following format: + # + # `projects/{project}` + # + # @param project [String] + # + # @return [::String] + def project_path project: + "projects/#{project}" + end + + extend self + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb new file mode 100644 index 000000000000..6a6ed328774c --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb @@ -0,0 +1,58 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/rest" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" +require "google/cloud/binary_authorization/v1/binauthz_management_service/paths" +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/client" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # Google Cloud Management Service for Binary Authorization admission policies + # and attestation authorities. + # + # This API implements a REST model with the following objects: + # + # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} + # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} + # + # To load this service and instantiate a REST client: + # + # require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + module BinauthzManagementService + # Client for the REST transport + module Rest + end + end + end + end + end +end + +helper_path = ::File.join __dir__, "rest", "helpers.rb" +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb new file mode 100644 index 000000000000..5469431c70f2 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb @@ -0,0 +1,1016 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementService + module Rest + ## + # REST client for the BinauthzManagementService service. + # + # Google Cloud Management Service for Binary Authorization admission policies + # and attestation authorities. + # + # This API implements a REST model with the following objects: + # + # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} + # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + include Paths + + # @private + attr_reader :binauthz_management_service_stub + + ## + # Configure the BinauthzManagementService Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all BinauthzManagementService clients + # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config.rpcs.get_policy.timeout = 600.0 + default_config.rpcs.get_policy.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.update_policy.timeout = 600.0 + default_config.rpcs.update_policy.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.create_attestor.timeout = 600.0 + + default_config.rpcs.get_attestor.timeout = 600.0 + default_config.rpcs.get_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.update_attestor.timeout = 600.0 + default_config.rpcs.update_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.list_attestors.timeout = 600.0 + default_config.rpcs.list_attestors.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config.rpcs.delete_attestor.timeout = 600.0 + default_config.rpcs.delete_attestor.retry_policy = { + initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] + } + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the BinauthzManagementService Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @binauthz_management_service_stub.universe_domain + end + + ## + # Create a new BinauthzManagementService REST client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the BinauthzManagementService client. + # @yieldparam config [Client::Configuration] + # + def initialize + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @binauthz_management_service_stub = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.new( + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + credentials: credentials, + logger: @config.logger + ) + + @binauthz_management_service_stub.logger(stub: true)&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @binauthz_management_service_stub.logger + end + + # Service calls + + ## + # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} specifies the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} that must attest to + # a container image, before the project is allowed to deploy that + # image. There is at most one policy per project. All image admission + # requests are permitted if a project has no policy. + # + # Gets the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for this project. Returns a default + # {::Google::Cloud::BinaryAuthorization::V1::Policy policy} if the project does not have one. + # + # @overload get_policy(request, options = nil) + # Pass arguments to `get_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload get_policy(name: nil) + # Pass arguments to `get_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, + # in the format `projects/*/policy`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new + # + # # Call the get_policy method. + # result = client.get_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def get_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.get_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.get_policy.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.get_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.get_policy request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Creates or updates a project's {::Google::Cloud::BinaryAuthorization::V1::Policy policy}, and returns a copy of the + # new {::Google::Cloud::BinaryAuthorization::V1::Policy policy}. A policy is always updated as a whole, to avoid race + # conditions with concurrent policy enforcement (or management!) + # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + # if the request is malformed. + # + # @overload update_policy(request, options = nil) + # Pass arguments to `update_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload update_policy(policy: nil) + # Pass arguments to `update_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param policy [::Google::Cloud::BinaryAuthorization::V1::Policy, ::Hash] + # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in + # the request URL, in the format `projects/*/policy`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new + # + # # Call the update_policy method. + # result = client.update_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def update_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.update_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.update_policy.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.update_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.update_policy request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Creates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}, and returns a copy of the new + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the project does not exist, + # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} already exists. + # + # @overload create_attestor(request, options = nil) + # Pass arguments to `create_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload create_attestor(parent: nil, attestor_id: nil, attestor: nil) + # Pass arguments to `create_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param parent [::String] + # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # @param attestor_id [::String] + # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. + # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] + # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, + # in the format `projects/*/attestors/*`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new + # + # # Call the create_attestor method. + # result = client.create_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def create_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.create_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.create_attestor.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.create_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.create_attestor request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Gets an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload get_attestor(request, options = nil) + # Pass arguments to `get_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload get_attestor(name: nil) + # Pass arguments to `get_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format + # `projects/*/attestors/*`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new + # + # # Call the get_attestor method. + # result = client.get_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def get_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.get_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.get_attestor.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.get_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.get_attestor request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Updates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload update_attestor(request, options = nil) + # Pass arguments to `update_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload update_attestor(attestor: nil) + # Pass arguments to `update_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] + # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name + # in the request URL, in the format `projects/*/attestors/*`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new + # + # # Call the update_attestor method. + # result = client.update_attestor request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + # p result + # + def update_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.update_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.update_attestor.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.update_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.update_attestor request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Lists {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. + # Returns INVALID_ARGUMENT if the project does not exist. + # + # @overload list_attestors(request, options = nil) + # Pass arguments to `list_attestors` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload list_attestors(parent: nil, page_size: nil, page_token: nil) + # Pass arguments to `list_attestors` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param parent [::String] + # Required. The resource name of the project associated with the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. + # @param page_size [::Integer] + # Requested page size. The server may return fewer results than requested. If + # unspecified, the server will pick an appropriate default. + # @param page_token [::String] + # A token identifying a page of results the server should return. Typically, + # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned + # from the previous call to the `ListAttestors` method. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new + # + # # Call the list_attestors method. + # result = client.list_attestors request + # + # # The returned object is of type Gapic::PagedEnumerable. You can iterate + # # over elements, and API calls will be issued to fetch pages as needed. + # result.each do |item| + # # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. + # p item + # end + # + def list_attestors request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.list_attestors.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.list_attestors.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.list_attestors.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.list_attestors request, options do |result, operation| + result = ::Gapic::Rest::PagedEnumerable.new @binauthz_management_service_stub, :list_attestors, "attestors", request, result, options + yield result, operation if block_given? + throw :response, result + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Deletes an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. + # + # @overload delete_attestor(request, options = nil) + # Pass arguments to `delete_attestor` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload delete_attestor(name: nil) + # Pass arguments to `delete_attestor` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format + # `projects/*/attestors/*`. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Protobuf::Empty] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Protobuf::Empty] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new + # + # # Call the delete_attestor method. + # result = client.delete_attestor request + # + # # The returned object is of type Google::Protobuf::Empty. + # p result + # + def delete_attestor request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.delete_attestor.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.delete_attestor.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.delete_attestor.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @binauthz_management_service_stub.delete_attestor request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the BinauthzManagementService REST API. + # + # This class represents the configuration for BinauthzManagementService REST, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # get_policy to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.get_policy.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.get_policy.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`String`) The path to a service account key file in JSON format + # * (`Hash`) A service account key as a Hash + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`nil`) indicating no credentials + # + # Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration RPC class for the BinauthzManagementService API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `get_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :get_policy + ## + # RPC-specific configuration for `update_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :update_policy + ## + # RPC-specific configuration for `create_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :create_attestor + ## + # RPC-specific configuration for `get_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :get_attestor + ## + # RPC-specific configuration for `update_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :update_attestor + ## + # RPC-specific configuration for `list_attestors` + # @return [::Gapic::Config::Method] + # + attr_reader :list_attestors + ## + # RPC-specific configuration for `delete_attestor` + # @return [::Gapic::Config::Method] + # + attr_reader :delete_attestor + + # @private + def initialize parent_rpcs = nil + get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy + @get_policy = ::Gapic::Config::Method.new get_policy_config + update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy + @update_policy = ::Gapic::Config::Method.new update_policy_config + create_attestor_config = parent_rpcs.create_attestor if parent_rpcs.respond_to? :create_attestor + @create_attestor = ::Gapic::Config::Method.new create_attestor_config + get_attestor_config = parent_rpcs.get_attestor if parent_rpcs.respond_to? :get_attestor + @get_attestor = ::Gapic::Config::Method.new get_attestor_config + update_attestor_config = parent_rpcs.update_attestor if parent_rpcs.respond_to? :update_attestor + @update_attestor = ::Gapic::Config::Method.new update_attestor_config + list_attestors_config = parent_rpcs.list_attestors if parent_rpcs.respond_to? :list_attestors + @list_attestors = ::Gapic::Config::Method.new list_attestors_config + delete_attestor_config = parent_rpcs.delete_attestor if parent_rpcs.respond_to? :delete_attestor + @delete_attestor = ::Gapic::Config::Method.new delete_attestor_config + + yield self if block_given? + end + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb new file mode 100644 index 000000000000..7b1298ec749d --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb @@ -0,0 +1,511 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementService + module Rest + ## + # REST service stub for the BinauthzManagementService service. + # Service stub contains baseline method implementations + # including transcoding, making the REST call, and deserialing the response. + # + class ServiceStub + # @private + def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: + # These require statements are intentionally placed here to initialize + # the REST modules only when it's required. + require "gapic/rest" + + @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, + endpoint_template: endpoint_template, + universe_domain: universe_domain, + credentials: credentials, + numeric_enums: true, + service_name: self.class, + raise_faraday_errors: false, + logger: logger + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @client_stub.universe_domain + end + + ## + # The effective endpoint + # + # @return [String] + # + def endpoint + @client_stub.endpoint + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger stub: false + stub ? @client_stub.stub_logger : @client_stub.logger + end + + ## + # Baseline implementation for the get_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # A result object deserialized from the server's reply + def get_policy request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_get_policy_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "get_policy", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the update_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # A result object deserialized from the server's reply + def update_policy request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_update_policy_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "update_policy", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the create_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # A result object deserialized from the server's reply + def create_attestor request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_create_attestor_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "create_attestor", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the get_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # A result object deserialized from the server's reply + def get_attestor request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_get_attestor_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "get_attestor", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the update_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # A result object deserialized from the server's reply + def update_attestor request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_update_attestor_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "update_attestor", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the list_attestors REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse] + # A result object deserialized from the server's reply + def list_attestors request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_list_attestors_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "list_attestors", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # Baseline implementation for the delete_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Protobuf::Empty] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Protobuf::Empty] + # A result object deserialized from the server's reply + def delete_attestor request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_delete_attestor_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "delete_attestor", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Protobuf::Empty.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # @private + # + # GRPC transcoding helper method for the get_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_get_policy_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :get, + uri_template: "/v1/{name}", + matches: [ + ["name", %r{^projects/[^/]+/policy/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the update_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_update_policy_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :put, + uri_template: "/v1/{policy.name}", + body: "policy", + matches: [ + ["policy.name", %r{^projects/[^/]+/policy/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the create_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_create_attestor_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :post, + uri_template: "/v1/{parent}/attestors", + body: "attestor", + matches: [ + ["parent", %r{^projects/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the get_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_get_attestor_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :get, + uri_template: "/v1/{name}", + matches: [ + ["name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the update_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_update_attestor_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :put, + uri_template: "/v1/{attestor.name}", + body: "attestor", + matches: [ + ["attestor.name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the list_attestors REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_list_attestors_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :get, + uri_template: "/v1/{parent}/attestors", + matches: [ + ["parent", %r{^projects/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + + ## + # @private + # + # GRPC transcoding helper method for the delete_attestor REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_delete_attestor_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :delete, + uri_template: "/v1/{name}", + matches: [ + ["name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb new file mode 100644 index 000000000000..999349ce2371 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" +require "google/cloud/binary_authorization/v1/system_policy/rest" +require "google/cloud/binary_authorization/v1/validation_helper/rest" +require "google/cloud/binary_authorization/v1/version" + +module Google + module Cloud + module BinaryAuthorization + ## + # To load just the REST part of this package, including all its services, and instantiate a REST client: + # + # @example + # + # require "google/cloud/binary_authorization/v1/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new + # + module V1 + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb new file mode 100644 index 000000000000..1bd243e5d524 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb @@ -0,0 +1,55 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/common" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/system_policy/credentials" +require "google/cloud/binary_authorization/v1/system_policy/paths" +require "google/cloud/binary_authorization/v1/system_policy/client" +require "google/cloud/binary_authorization/v1/system_policy/rest" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # API for working with the system policy. + # + # @example Load this service and instantiate a gRPC client + # + # require "google/cloud/binary_authorization/v1/system_policy" + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new + # + # @example Load this service and instantiate a REST client + # + # require "google/cloud/binary_authorization/v1/system_policy/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new + # + module SystemPolicy + end + end + end + end +end + +helper_path = ::File.join __dir__, "system_policy", "helpers.rb" +require "google/cloud/binary_authorization/v1/system_policy/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb new file mode 100644 index 000000000000..8e7f2b36ad22 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb @@ -0,0 +1,475 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module SystemPolicy + ## + # Client for the SystemPolicy service. + # + # API for working with the system policy. + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + include Paths + + # @private + attr_reader :system_policy_stub + + ## + # Configure the SystemPolicy Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all SystemPolicy clients + # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the SystemPolicy Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @system_policy_stub.universe_domain + end + + ## + # Create a new SystemPolicy client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the SystemPolicy client. + # @yieldparam config [Client::Configuration] + # + def initialize + # These require statements are intentionally placed here to initialize + # the gRPC module only when it's required. + # See https://github.com/googleapis/toolkit/issues/446 + require "gapic/grpc" + require "google/cloud/binaryauthorization/v1/service_services_pb" + + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @system_policy_stub = ::Gapic::ServiceStub.new( + ::Google::Cloud::BinaryAuthorization::V1::SystemPolicyV1::Stub, + credentials: credentials, + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + channel_args: @config.channel_args, + interceptors: @config.interceptors, + channel_pool_config: @config.channel_pool, + logger: @config.logger + ) + + @system_policy_stub.stub_logger&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @system_policy_stub.logger + end + + # Service calls + + ## + # Gets the current system policy in the specified location. + # + # @overload get_system_policy(request, options = nil) + # Pass arguments to `get_system_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload get_system_policy(name: nil) + # Pass arguments to `get_system_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The resource name, in the format `locations/*/policy`. + # Note that the system policy is not associated with a project. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new + # + # # Call the get_system_policy method. + # result = client.get_system_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def get_system_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.get_system_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.name + header_params["name"] = request.name + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.get_system_policy.timeout, + metadata: metadata, + retry_policy: @config.rpcs.get_system_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @system_policy_stub.call_rpc :get_system_policy, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the SystemPolicy API. + # + # This class represents the configuration for SystemPolicy, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # get_system_policy to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.get_system_policy.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.get_system_policy.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`GRPC::Core::Channel`) a gRPC channel with included credentials + # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object + # * (`nil`) indicating no credentials + # + # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials + # is deprecated. Providing an unvalidated credential configuration to + # Google APIs can compromise the security of your systems and data. + # + # @example + # + # # The recommended way to provide credentials is to use the `make_creds` method + # # on the appropriate credentials class for your environment. + # + # require "googleauth" + # + # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( + # json_key_io: ::File.open("/path/to/keyfile.json") + # ) + # + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + # config.credentials = credentials + # end + # + # @note Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] channel_args + # Extra parameters passed to the gRPC channel. Note: this is ignored if a + # `GRPC::Core::Channel` object is provided as the credential. + # @return [::Hash] + # @!attribute [rw] interceptors + # An array of interceptors that are run before calls are executed. + # @return [::Array<::GRPC::ClientInterceptor>] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional gRPC headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) + config_attr :interceptors, nil, ::Array, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration for the channel pool + # @return [::Gapic::ServiceStub::ChannelPool::Configuration] + # + def channel_pool + @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new + end + + ## + # Configuration RPC class for the SystemPolicy API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `get_system_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :get_system_policy + + # @private + def initialize parent_rpcs = nil + get_system_policy_config = parent_rpcs.get_system_policy if parent_rpcs.respond_to? :get_system_policy + @get_system_policy = ::Gapic::Config::Method.new get_system_policy_config + + yield self if block_given? + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb new file mode 100644 index 000000000000..31966bc1a626 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "googleauth" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module SystemPolicy + # Credentials for the SystemPolicy API. + class Credentials < ::Google::Auth::Credentials + self.scope = [ + "https://www.googleapis.com/auth/cloud-platform" + ] + self.env_vars = [ + "BINARY_AUTHORIZATION_CREDENTIALS", + "BINARY_AUTHORIZATION_KEYFILE", + "GOOGLE_CLOUD_CREDENTIALS", + "GOOGLE_CLOUD_KEYFILE", + "GCLOUD_KEYFILE", + "BINARY_AUTHORIZATION_CREDENTIALS_JSON", + "BINARY_AUTHORIZATION_KEYFILE_JSON", + "GOOGLE_CLOUD_CREDENTIALS_JSON", + "GOOGLE_CLOUD_KEYFILE_JSON", + "GCLOUD_KEYFILE_JSON" + ] + self.paths = [ + "~/.config/google_cloud/application_default_credentials.json" + ] + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb new file mode 100644 index 000000000000..a34ddc6ef1de --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Cloud + module BinaryAuthorization + module V1 + module SystemPolicy + # Path helper methods for the SystemPolicy API. + module Paths + ## + # Create a fully-qualified Policy resource string. + # + # @overload policy_path(project:) + # The resource will be in the following format: + # + # `projects/{project}/policy` + # + # @param project [String] + # + # @overload policy_path(location:) + # The resource will be in the following format: + # + # `locations/{location}/policy` + # + # @param location [String] + # + # @return [::String] + def policy_path **args + resources = { + "project" => (proc do |project:| + "projects/#{project}/policy" + end), + "location" => (proc do |location:| + "locations/#{location}/policy" + end) + } + + resource = resources[args.keys.sort.join(":")] + raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil? + resource.call(**args) + end + + extend self + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb new file mode 100644 index 000000000000..2155f943b245 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb @@ -0,0 +1,52 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/rest" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/system_policy/credentials" +require "google/cloud/binary_authorization/v1/system_policy/paths" +require "google/cloud/binary_authorization/v1/system_policy/rest/client" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # API for working with the system policy. + # + # To load this service and instantiate a REST client: + # + # require "google/cloud/binary_authorization/v1/system_policy/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new + # + module SystemPolicy + # Client for the REST transport + module Rest + end + end + end + end + end +end + +helper_path = ::File.join __dir__, "rest", "helpers.rb" +require "google/cloud/binary_authorization/v1/system_policy/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb new file mode 100644 index 000000000000..bef7a2dd8fad --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb @@ -0,0 +1,425 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/system_policy/rest/service_stub" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module SystemPolicy + module Rest + ## + # REST client for the SystemPolicy service. + # + # API for working with the system policy. + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + include Paths + + # @private + attr_reader :system_policy_stub + + ## + # Configure the SystemPolicy Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all SystemPolicy clients + # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the SystemPolicy Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @system_policy_stub.universe_domain + end + + ## + # Create a new SystemPolicy REST client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the SystemPolicy client. + # @yieldparam config [Client::Configuration] + # + def initialize + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @system_policy_stub = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ServiceStub.new( + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + credentials: credentials, + logger: @config.logger + ) + + @system_policy_stub.logger(stub: true)&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @system_policy_stub.logger + end + + # Service calls + + ## + # Gets the current system policy in the specified location. + # + # @overload get_system_policy(request, options = nil) + # Pass arguments to `get_system_policy` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload get_system_policy(name: nil) + # Pass arguments to `get_system_policy` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param name [::String] + # Required. The resource name, in the format `locations/*/policy`. + # Note that the system policy is not associated with a project. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new + # + # # Call the get_system_policy method. + # result = client.get_system_policy request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + # p result + # + def get_system_policy request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.get_system_policy.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.get_system_policy.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.get_system_policy.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @system_policy_stub.get_system_policy request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the SystemPolicy REST API. + # + # This class represents the configuration for SystemPolicy REST, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # get_system_policy to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.get_system_policy.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.get_system_policy.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`String`) The path to a service account key file in JSON format + # * (`Hash`) A service account key as a Hash + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`nil`) indicating no credentials + # + # Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration RPC class for the SystemPolicy API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `get_system_policy` + # @return [::Gapic::Config::Method] + # + attr_reader :get_system_policy + + # @private + def initialize parent_rpcs = nil + get_system_policy_config = parent_rpcs.get_system_policy if parent_rpcs.respond_to? :get_system_policy + @get_system_policy = ::Gapic::Config::Method.new get_system_policy_config + + yield self if block_given? + end + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb new file mode 100644 index 000000000000..e2ae8689bfc2 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb @@ -0,0 +1,142 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module SystemPolicy + module Rest + ## + # REST service stub for the SystemPolicy service. + # Service stub contains baseline method implementations + # including transcoding, making the REST call, and deserialing the response. + # + class ServiceStub + # @private + def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: + # These require statements are intentionally placed here to initialize + # the REST modules only when it's required. + require "gapic/rest" + + @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, + endpoint_template: endpoint_template, + universe_domain: universe_domain, + credentials: credentials, + numeric_enums: true, + service_name: self.class, + raise_faraday_errors: false, + logger: logger + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @client_stub.universe_domain + end + + ## + # The effective endpoint + # + # @return [String] + # + def endpoint + @client_stub.endpoint + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger stub: false + stub ? @client_stub.stub_logger : @client_stub.logger + end + + ## + # Baseline implementation for the get_system_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # A result object deserialized from the server's reply + def get_system_policy request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_get_system_policy_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "get_system_policy", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # @private + # + # GRPC transcoding helper method for the get_system_policy REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_get_system_policy_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :get, + uri_template: "/v1/{name}", + matches: [ + ["name", %r{^locations/[^/]+/policy/?$}, false] + ] + ) + transcoder.transcode request_pb + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb new file mode 100644 index 000000000000..c0b4f435f7a7 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/common" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/validation_helper/credentials" +require "google/cloud/binary_authorization/v1/validation_helper/client" +require "google/cloud/binary_authorization/v1/validation_helper/rest" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # BinAuthz Attestor verification + # + # @example Load this service and instantiate a gRPC client + # + # require "google/cloud/binary_authorization/v1/validation_helper" + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new + # + # @example Load this service and instantiate a REST client + # + # require "google/cloud/binary_authorization/v1/validation_helper/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new + # + module ValidationHelper + end + end + end + end +end + +helper_path = ::File.join __dir__, "validation_helper", "helpers.rb" +require "google/cloud/binary_authorization/v1/validation_helper/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb new file mode 100644 index 000000000000..74c59831b8c1 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb @@ -0,0 +1,486 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module ValidationHelper + ## + # Client for the ValidationHelper service. + # + # BinAuthz Attestor verification + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + # @private + attr_reader :validation_helper_stub + + ## + # Configure the ValidationHelper Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all ValidationHelper clients + # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the ValidationHelper Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @validation_helper_stub.universe_domain + end + + ## + # Create a new ValidationHelper client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the ValidationHelper client. + # @yieldparam config [Client::Configuration] + # + def initialize + # These require statements are intentionally placed here to initialize + # the gRPC module only when it's required. + # See https://github.com/googleapis/toolkit/issues/446 + require "gapic/grpc" + require "google/cloud/binaryauthorization/v1/service_services_pb" + + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @validation_helper_stub = ::Gapic::ServiceStub.new( + ::Google::Cloud::BinaryAuthorization::V1::ValidationHelperV1::Stub, + credentials: credentials, + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + channel_args: @config.channel_args, + interceptors: @config.interceptors, + channel_pool_config: @config.channel_pool, + logger: @config.logger + ) + + @validation_helper_stub.stub_logger&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @validation_helper_stub.logger + end + + # Service calls + + ## + # Returns whether the given Attestation for the given image URI + # was signed by the given Attestor + # + # @overload validate_attestation_occurrence(request, options = nil) + # Pass arguments to `validate_attestation_occurrence` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. + # + # @overload validate_attestation_occurrence(attestor: nil, attestation: nil, occurrence_note: nil, occurrence_resource_uri: nil) + # Pass arguments to `validate_attestation_occurrence` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param attestor [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the + # [occurrence][grafeas.v1.Occurrence], in the format + # `projects/*/attestors/*`. + # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash] + # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to + # be checked that it can be verified by the Attestor. It does not have to be + # an existing entity in Container Analysis. It must otherwise be a valid + # AttestationOccurrence. + # @param occurrence_note [::String] + # Required. The resource name of the [Note][grafeas.v1.Note] to which the + # containing [Occurrence][grafeas.v1.Occurrence] is associated. + # @param occurrence_resource_uri [::String] + # Required. The URI of the artifact (e.g. container image) that is the + # subject of the containing [Occurrence][grafeas.v1.Occurrence]. + # + # @yield [response, operation] Access the result along with the RPC operation + # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # @yieldparam operation [::GRPC::ActiveCall::Operation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # + # @raise [::Google::Cloud::Error] if the RPC is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new + # + # # Call the validate_attestation_occurrence method. + # result = client.validate_attestation_occurrence request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. + # p result + # + def validate_attestation_occurrence request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + metadata = @config.rpcs.validate_attestation_occurrence.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION + metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + header_params = {} + if request.attestor + header_params["attestor"] = request.attestor + end + + request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") + metadata[:"x-goog-request-params"] ||= request_params_header + + options.apply_defaults timeout: @config.rpcs.validate_attestation_occurrence.timeout, + metadata: metadata, + retry_policy: @config.rpcs.validate_attestation_occurrence.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @validation_helper_stub.call_rpc :validate_attestation_occurrence, request, options: options do |response, operation| + yield response, operation if block_given? + end + rescue ::GRPC::BadStatus => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the ValidationHelper API. + # + # This class represents the configuration for ValidationHelper, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # validate_attestation_occurrence to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.validate_attestation_occurrence.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.validate_attestation_occurrence.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`GRPC::Core::Channel`) a gRPC channel with included credentials + # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object + # * (`nil`) indicating no credentials + # + # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials + # is deprecated. Providing an unvalidated credential configuration to + # Google APIs can compromise the security of your systems and data. + # + # @example + # + # # The recommended way to provide credentials is to use the `make_creds` method + # # on the appropriate credentials class for your environment. + # + # require "googleauth" + # + # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( + # json_key_io: ::File.open("/path/to/keyfile.json") + # ) + # + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + # config.credentials = credentials + # end + # + # @note Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] channel_args + # Extra parameters passed to the gRPC channel. Note: this is ignored if a + # `GRPC::Core::Channel` object is provided as the credential. + # @return [::Hash] + # @!attribute [rw] interceptors + # An array of interceptors that are run before calls are executed. + # @return [::Array<::GRPC::ClientInterceptor>] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional gRPC headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) + config_attr :interceptors, nil, ::Array, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration for the channel pool + # @return [::Gapic::ServiceStub::ChannelPool::Configuration] + # + def channel_pool + @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new + end + + ## + # Configuration RPC class for the ValidationHelper API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `validate_attestation_occurrence` + # @return [::Gapic::Config::Method] + # + attr_reader :validate_attestation_occurrence + + # @private + def initialize parent_rpcs = nil + validate_attestation_occurrence_config = parent_rpcs.validate_attestation_occurrence if parent_rpcs.respond_to? :validate_attestation_occurrence + @validate_attestation_occurrence = ::Gapic::Config::Method.new validate_attestation_occurrence_config + + yield self if block_given? + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb new file mode 100644 index 000000000000..bec24ad23cd8 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "googleauth" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module ValidationHelper + # Credentials for the ValidationHelper API. + class Credentials < ::Google::Auth::Credentials + self.scope = [ + "https://www.googleapis.com/auth/cloud-platform" + ] + self.env_vars = [ + "BINARY_AUTHORIZATION_CREDENTIALS", + "BINARY_AUTHORIZATION_KEYFILE", + "GOOGLE_CLOUD_CREDENTIALS", + "GOOGLE_CLOUD_KEYFILE", + "GCLOUD_KEYFILE", + "BINARY_AUTHORIZATION_CREDENTIALS_JSON", + "BINARY_AUTHORIZATION_KEYFILE_JSON", + "GOOGLE_CLOUD_CREDENTIALS_JSON", + "GOOGLE_CLOUD_KEYFILE_JSON", + "GCLOUD_KEYFILE_JSON" + ] + self.paths = [ + "~/.config/google_cloud/application_default_credentials.json" + ] + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb new file mode 100644 index 000000000000..33b694b610be --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "gapic/rest" +require "gapic/config" +require "gapic/config/method" + +require "google/cloud/binary_authorization/v1/version" + +require "google/cloud/binary_authorization/v1/validation_helper/credentials" +require "google/cloud/binary_authorization/v1/validation_helper/rest/client" + +module Google + module Cloud + module BinaryAuthorization + module V1 + ## + # BinAuthz Attestor verification + # + # To load this service and instantiate a REST client: + # + # require "google/cloud/binary_authorization/v1/validation_helper/rest" + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new + # + module ValidationHelper + # Client for the REST transport + module Rest + end + end + end + end + end +end + +helper_path = ::File.join __dir__, "rest", "helpers.rb" +require "google/cloud/binary_authorization/v1/validation_helper/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb new file mode 100644 index 000000000000..ac1888ead4ab --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb @@ -0,0 +1,436 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/errors" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/validation_helper/rest/service_stub" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module ValidationHelper + module Rest + ## + # REST client for the ValidationHelper service. + # + # BinAuthz Attestor verification + # + class Client + # @private + API_VERSION = "" + + # @private + DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" + + # @private + attr_reader :validation_helper_stub + + ## + # Configure the ValidationHelper Client class. + # + # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @example + # + # # Modify the configuration for all ValidationHelper clients + # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.configure do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def self.configure + @configure ||= begin + namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] + parent_config = while namespace.any? + parent_name = namespace.join "::" + parent_const = const_get parent_name + break parent_const.configure if parent_const.respond_to? :configure + namespace.pop + end + default_config = Client::Configuration.new parent_config + + default_config + end + yield @configure if block_given? + @configure + end + + ## + # Configure the ValidationHelper Client instance. + # + # The configuration is set to the derived mode, meaning that values can be changed, + # but structural changes (adding new fields, etc.) are not allowed. Structural changes + # should be made on {Client.configure}. + # + # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration} + # for a description of the configuration fields. + # + # @yield [config] Configure the Client client. + # @yieldparam config [Client::Configuration] + # + # @return [Client::Configuration] + # + def configure + yield @config if block_given? + @config + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @validation_helper_stub.universe_domain + end + + ## + # Create a new ValidationHelper REST client object. + # + # @example + # + # # Create a client using the default configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new + # + # # Create a client using a custom configuration + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| + # config.timeout = 10.0 + # end + # + # @yield [config] Configure the ValidationHelper client. + # @yieldparam config [Client::Configuration] + # + def initialize + # Create the configuration object + @config = Configuration.new Client.configure + + # Yield the configuration if needed + yield @config if block_given? + + # Create credentials + credentials = @config.credentials + # Use self-signed JWT if the endpoint is unchanged from default, + # but only if the default endpoint does not have a region prefix. + enable_self_signed_jwt = @config.endpoint.nil? || + (@config.endpoint == Configuration::DEFAULT_ENDPOINT && + !@config.endpoint.split(".").first.include?("-")) + credentials ||= Credentials.default scope: @config.scope, + enable_self_signed_jwt: enable_self_signed_jwt + if credentials.is_a?(::String) || credentials.is_a?(::Hash) + credentials = Credentials.new credentials, scope: @config.scope + end + + @quota_project_id = @config.quota_project + @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id + + @validation_helper_stub = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ServiceStub.new( + endpoint: @config.endpoint, + endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, + universe_domain: @config.universe_domain, + credentials: credentials, + logger: @config.logger + ) + + @validation_helper_stub.logger(stub: true)&.info do |entry| + entry.set_system_name + entry.set_service + entry.message = "Created client for #{entry.service}" + entry.set_credentials_fields credentials + entry.set "customEndpoint", @config.endpoint if @config.endpoint + entry.set "defaultTimeout", @config.timeout if @config.timeout + entry.set "quotaProject", @quota_project_id if @quota_project_id + end + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger + @validation_helper_stub.logger + end + + # Service calls + + ## + # Returns whether the given Attestation for the given image URI + # was signed by the given Attestor + # + # @overload validate_attestation_occurrence(request, options = nil) + # Pass arguments to `validate_attestation_occurrence` via a request object, either of type + # {::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest} or an equivalent Hash. + # + # @param request [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Hash] + # A request object representing the call parameters. Required. To specify no + # parameters, or to keep all the default parameter values, pass an empty Hash. + # @param options [::Gapic::CallOptions, ::Hash] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @overload validate_attestation_occurrence(attestor: nil, attestation: nil, occurrence_note: nil, occurrence_resource_uri: nil) + # Pass arguments to `validate_attestation_occurrence` via keyword arguments. Note that at + # least one keyword argument is required. To specify no parameters, or to keep all + # the default parameter values, pass an empty Hash as a request object (see above). + # + # @param attestor [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the + # [occurrence][grafeas.v1.Occurrence], in the format + # `projects/*/attestors/*`. + # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash] + # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to + # be checked that it can be verified by the Attestor. It does not have to be + # an existing entity in Container Analysis. It must otherwise be a valid + # AttestationOccurrence. + # @param occurrence_note [::String] + # Required. The resource name of the [Note][grafeas.v1.Note] to which the + # containing [Occurrence][grafeas.v1.Occurrence] is associated. + # @param occurrence_resource_uri [::String] + # Required. The URI of the artifact (e.g. container image) that is the + # subject of the containing [Occurrence][grafeas.v1.Occurrence]. + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # + # @raise [::Google::Cloud::Error] if the REST call is aborted. + # + # @example Basic example + # require "google/cloud/binary_authorization/v1" + # + # # Create a client object. The client can be reused for multiple calls. + # client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new + # + # # Create a request. To set request fields, pass in keyword arguments. + # request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new + # + # # Call the validate_attestation_occurrence method. + # result = client.validate_attestation_occurrence request + # + # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. + # p result + # + def validate_attestation_occurrence request, options = nil + raise ::ArgumentError, "request must be provided" if request.nil? + + request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest + + # Converts hash and nil to an options object + options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h + + # Customize the options with defaults + call_metadata = @config.rpcs.validate_attestation_occurrence.metadata.to_h + + # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers + call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ + lib_name: @config.lib_name, lib_version: @config.lib_version, + gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, + transports_version_send: [:rest] + + call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? + call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id + + options.apply_defaults timeout: @config.rpcs.validate_attestation_occurrence.timeout, + metadata: call_metadata, + retry_policy: @config.rpcs.validate_attestation_occurrence.retry_policy + + options.apply_defaults timeout: @config.timeout, + metadata: @config.metadata, + retry_policy: @config.retry_policy + + @validation_helper_stub.validate_attestation_occurrence request, options do |result, operation| + yield result, operation if block_given? + end + rescue ::Gapic::Rest::Error => e + raise ::Google::Cloud::Error.from_error(e) + end + + ## + # Configuration class for the ValidationHelper REST API. + # + # This class represents the configuration for ValidationHelper REST, + # providing control over timeouts, retry behavior, logging, transport + # parameters, and other low-level controls. Certain parameters can also be + # applied individually to specific RPCs. See + # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration::Rpcs} + # for a list of RPCs that can be configured independently. + # + # Configuration can be applied globally to all clients, or to a single client + # on construction. + # + # @example + # + # # Modify the global config, setting the timeout for + # # validate_attestation_occurrence to 20 seconds, + # # and all remaining timeouts to 10 seconds. + # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.configure do |config| + # config.timeout = 10.0 + # config.rpcs.validate_attestation_occurrence.timeout = 20.0 + # end + # + # # Apply the above configuration only to a new client. + # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| + # config.timeout = 10.0 + # config.rpcs.validate_attestation_occurrence.timeout = 20.0 + # end + # + # @!attribute [rw] endpoint + # A custom service endpoint, as a hostname or hostname:port. The default is + # nil, indicating to use the default endpoint in the current universe domain. + # @return [::String,nil] + # @!attribute [rw] credentials + # Credentials to send with calls. You may provide any of the following types: + # * (`String`) The path to a service account key file in JSON format + # * (`Hash`) A service account key as a Hash + # * (`Google::Auth::Credentials`) A googleauth credentials object + # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) + # * (`Signet::OAuth2::Client`) A signet oauth2 client object + # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) + # * (`nil`) indicating no credentials + # + # Warning: If you accept a credential configuration (JSON file or Hash) from an + # external source for authentication to Google Cloud, you must validate it before + # providing it to a Google API client library. Providing an unvalidated credential + # configuration to Google APIs can compromise the security of your systems and data. + # For more information, refer to [Validate credential configurations from external + # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). + # @return [::Object] + # @!attribute [rw] scope + # The OAuth scopes + # @return [::Array<::String>] + # @!attribute [rw] lib_name + # The library name as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] lib_version + # The library version as recorded in instrumentation and logging + # @return [::String] + # @!attribute [rw] timeout + # The call timeout in seconds. + # @return [::Numeric] + # @!attribute [rw] metadata + # Additional headers to be sent with the call. + # @return [::Hash{::Symbol=>::String}] + # @!attribute [rw] retry_policy + # The retry policy. The value is a hash with the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # @return [::Hash] + # @!attribute [rw] quota_project + # A separate project against which to charge quota. + # @return [::String] + # @!attribute [rw] universe_domain + # The universe domain within which to make requests. This determines the + # default endpoint URL. The default value of nil uses the environment + # universe (usually the default "googleapis.com" universe). + # @return [::String,nil] + # @!attribute [rw] logger + # A custom logger to use for request/response debug logging, or the value + # `:default` (the default) to construct a default logger, or `nil` to + # explicitly disable logging. + # @return [::Logger,:default,nil] + # + class Configuration + extend ::Gapic::Config + + # @private + # The endpoint specific to the default "googleapis.com" universe. Deprecated. + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + + config_attr :endpoint, nil, ::String, nil + config_attr :credentials, nil do |value| + allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] + allowed.any? { |klass| klass === value } + end + config_attr :scope, nil, ::String, ::Array, nil + config_attr :lib_name, nil, ::String, nil + config_attr :lib_version, nil, ::String, nil + config_attr :timeout, nil, ::Numeric, nil + config_attr :metadata, nil, ::Hash, nil + config_attr :retry_policy, nil, ::Hash, ::Proc, nil + config_attr :quota_project, nil, ::String, nil + config_attr :universe_domain, nil, ::String, nil + config_attr :logger, :default, ::Logger, nil, :default + + # @private + def initialize parent_config = nil + @parent_config = parent_config unless parent_config.nil? + + yield self if block_given? + end + + ## + # Configurations for individual RPCs + # @return [Rpcs] + # + def rpcs + @rpcs ||= begin + parent_rpcs = nil + parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) + Rpcs.new parent_rpcs + end + end + + ## + # Configuration RPC class for the ValidationHelper API. + # + # Includes fields providing the configuration for each RPC in this service. + # Each configuration object is of type `Gapic::Config::Method` and includes + # the following configuration fields: + # + # * `timeout` (*type:* `Numeric`) - The call timeout in seconds + # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers + # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields + # include the following keys: + # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. + # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. + # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. + # * `:retry_codes` (*type:* `Array`) - The error codes that should + # trigger a retry. + # + class Rpcs + ## + # RPC-specific configuration for `validate_attestation_occurrence` + # @return [::Gapic::Config::Method] + # + attr_reader :validate_attestation_occurrence + + # @private + def initialize parent_rpcs = nil + validate_attestation_occurrence_config = parent_rpcs.validate_attestation_occurrence if parent_rpcs.respond_to? :validate_attestation_occurrence + @validate_attestation_occurrence = ::Gapic::Config::Method.new validate_attestation_occurrence_config + + yield self if block_given? + end + end + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb new file mode 100644 index 000000000000..c67a95fd8ea5 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb @@ -0,0 +1,143 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "google/cloud/binaryauthorization/v1/service_pb" + +module Google + module Cloud + module BinaryAuthorization + module V1 + module ValidationHelper + module Rest + ## + # REST service stub for the ValidationHelper service. + # Service stub contains baseline method implementations + # including transcoding, making the REST call, and deserialing the response. + # + class ServiceStub + # @private + def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: + # These require statements are intentionally placed here to initialize + # the REST modules only when it's required. + require "gapic/rest" + + @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, + endpoint_template: endpoint_template, + universe_domain: universe_domain, + credentials: credentials, + numeric_enums: true, + service_name: self.class, + raise_faraday_errors: false, + logger: logger + end + + ## + # The effective universe domain + # + # @return [String] + # + def universe_domain + @client_stub.universe_domain + end + + ## + # The effective endpoint + # + # @return [String] + # + def endpoint + @client_stub.endpoint + end + + ## + # The logger used for request/response debug logging. + # + # @return [Logger] + # + def logger stub: false + stub ? @client_stub.stub_logger : @client_stub.logger + end + + ## + # Baseline implementation for the validate_attestation_occurrence REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest] + # A request object representing the call parameters. Required. + # @param options [::Gapic::CallOptions] + # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. + # + # @yield [result, operation] Access the result along with the TransportOperation object + # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # @yieldparam operation [::Gapic::Rest::TransportOperation] + # + # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] + # A result object deserialized from the server's reply + def validate_attestation_occurrence request_pb, options = nil + raise ::ArgumentError, "request must be provided" if request_pb.nil? + + verb, uri, query_string_params, body = ServiceStub.transcode_validate_attestation_occurrence_request request_pb + query_string_params = if query_string_params.any? + query_string_params.to_h { |p| p.split "=", 2 } + else + {} + end + + response = @client_stub.make_http_request( + verb, + uri: uri, + body: body || "", + params: query_string_params, + method_name: "validate_attestation_occurrence", + options: options + ) + operation = ::Gapic::Rest::TransportOperation.new response + result = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.decode_json response.body, ignore_unknown_fields: true + catch :response do + yield result, operation if block_given? + result + end + end + + ## + # @private + # + # GRPC transcoding helper method for the validate_attestation_occurrence REST call + # + # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest] + # A request object representing the call parameters. Required. + # @return [Array(String, [String, nil], Hash{String => String})] + # Uri, Body, Query string parameters + def self.transcode_validate_attestation_occurrence_request request_pb + transcoder = Gapic::Rest::GrpcTranscoder.new + .with_bindings( + uri_method: :post, + uri_template: "/v1/{attestor}:validateAttestationOccurrence", + body: "*", + matches: [ + ["attestor", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] + ] + ) + transcoder.transcode request_pb + end + end + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb new file mode 100644 index 000000000000..d95ffedb69c8 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Cloud + module BinaryAuthorization + module V1 + VERSION = "0.0.1" + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb new file mode 100644 index 000000000000..d23c4a65a778 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb @@ -0,0 +1,57 @@ +# frozen_string_literal: true +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/binaryauthorization/v1/resources.proto + +require 'google/protobuf' + +require 'google/api/field_behavior_pb' +require 'google/api/resource_pb' +require 'google/protobuf/timestamp_pb' + + +descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xf8\x0c\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12r\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12i\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32>.google.cloud.binaryauthorization.v1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12l\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32\x46.google.cloud.binaryauthorization.v1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x85\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32R.google.cloud.binaryauthorization.v1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x90\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32W.google.cloud.binaryauthorization.v1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x88\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32S.google.cloud.binaryauthorization.v1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12W\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x1ap\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a|\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a}\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xda\x03\n\rAdmissionRule\x12_\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x41.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32\x42.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xb7\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\\\n\x17user_owned_grafeas_note\x18\x03 \x01(\x0b\x32\x39.google.cloud.binaryauthorization.v1.UserOwnedGrafeasNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb4\x01\n\x14UserOwnedGrafeasNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12P\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32\x36.google.cloud.binaryauthorization.v1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xbf\x04\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12\x62\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32\x45.google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm\"\xb1\x03\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x1a\x02\x10\x01\"\xba\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12M\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3" + +pool = Google::Protobuf::DescriptorPool.generated_pool + +begin + pool.add_serialized_file(descriptor_data) +rescue TypeError + # Compatibility code: will be removed in the next major version. + require 'google/protobuf/descriptor_pb' + parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data) + parsed.clear_dependency + serialized = parsed.class.encode(parsed) + file = pool.add_serialized_file(serialized) + warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}" + imports = [ + ["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"], + ] + imports.each do |type_name, expected_filename| + import_file = pool.lookup(type_name).file_descriptor + if import_file.name != expected_filename + warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}" + end + end + warn "Each proto file must use a consistent fully-qualified name." + warn "This will become an error in the next major version." +end + +module Google + module Cloud + module BinaryAuthorization + module V1 + Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy").msgclass + Policy::GlobalPolicyEvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode").enummodule + AdmissionWhitelistPattern = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern").msgclass + AdmissionRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule").msgclass + AdmissionRule::EvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode").enummodule + AdmissionRule::EnforcementMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode").enummodule + Attestor = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Attestor").msgclass + UserOwnedGrafeasNote = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote").msgclass + PkixPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey").msgclass + PkixPublicKey::SignatureAlgorithm = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm").enummodule + AttestorPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AttestorPublicKey").msgclass + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb new file mode 100644 index 000000000000..88ffd3cdec13 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/binaryauthorization/v1/service.proto + +require 'google/protobuf' + +require 'google/api/annotations_pb' +require 'google/api/client_pb' +require 'google/api/field_behavior_pb' +require 'google/api/resource_pb' +require 'google/cloud/binaryauthorization/v1/resources_pb' +require 'google/protobuf/empty_pb' +require 'grafeas/v1/attestation_pb' + + +descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3" + +pool = Google::Protobuf::DescriptorPool.generated_pool + +begin + pool.add_serialized_file(descriptor_data) +rescue TypeError + # Compatibility code: will be removed in the next major version. + require 'google/protobuf/descriptor_pb' + parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data) + parsed.clear_dependency + serialized = parsed.class.encode(parsed) + file = pool.add_serialized_file(serialized) + warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}" + imports = [ + ["google.cloud.binaryauthorization.v1.Policy", "google/cloud/binaryauthorization/v1/resources.proto"], + ["grafeas.v1.AttestationOccurrence", "grafeas/v1/attestation.proto"], + ] + imports.each do |type_name, expected_filename| + import_file = pool.lookup(type_name).file_descriptor + if import_file.name != expected_filename + warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}" + end + end + warn "Each proto file must use a consistent fully-qualified name." + warn "This will become an error in the next major version." +end + +module Google + module Cloud + module BinaryAuthorization + module V1 + GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetPolicyRequest").msgclass + UpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdatePolicyRequest").msgclass + CreateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.CreateAttestorRequest").msgclass + GetAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetAttestorRequest").msgclass + UpdateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdateAttestorRequest").msgclass + ListAttestorsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsRequest").msgclass + ListAttestorsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsResponse").msgclass + DeleteAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.DeleteAttestorRequest").msgclass + GetSystemPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetSystemPolicyRequest").msgclass + ValidateAttestationOccurrenceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest").msgclass + ValidateAttestationOccurrenceResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse").msgclass + ValidateAttestationOccurrenceResponse::Result = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result").enummodule + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb new file mode 100644 index 000000000000..8e3e1b2e4ff5 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb @@ -0,0 +1,115 @@ +# Generated by the protocol buffer compiler. DO NOT EDIT! +# Source: google/cloud/binaryauthorization/v1/service.proto for package 'Google.Cloud.BinaryAuthorization.V1' +# Original file comments: +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require 'grpc' +require 'google/cloud/binaryauthorization/v1/service_pb' + +module Google + module Cloud + module BinaryAuthorization + module V1 + module BinauthzManagementServiceV1 + # Customer-facing API for Cloud Binary Authorization. + # + # Google Cloud Management Service for Binary Authorization admission policies + # and attestation authorities. + # + # This API implements a REST model with the following objects: + # + # * [Policy][google.cloud.binaryauthorization.v1.Policy] + # * [Attestor][google.cloud.binaryauthorization.v1.Attestor] + class Service + + include ::GRPC::GenericService + + self.marshal_class_method = :encode + self.unmarshal_class_method = :decode + self.service_name = 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1' + + # A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to + # a container image, before the project is allowed to deploy that + # image. There is at most one policy per project. All image admission + # requests are permitted if a project has no policy. + # + # Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default + # [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one. + rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy + # Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the + # new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race + # conditions with concurrent policy enforcement (or management!) + # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT + # if the request is malformed. + rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy + # Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new + # [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, + # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the + # [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists. + rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor + # Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. + # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor + # Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. + # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor + # Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + # Returns INVALID_ARGUMENT if the project does not exist. + rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse + # Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the + # [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. + rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Google::Protobuf::Empty + end + + Stub = Service.rpc_stub_class + end + module SystemPolicyV1 + # API for working with the system policy. + class Service + + include ::GRPC::GenericService + + self.marshal_class_method = :encode + self.unmarshal_class_method = :decode + self.service_name = 'google.cloud.binaryauthorization.v1.SystemPolicyV1' + + # Gets the current system policy in the specified location. + rpc :GetSystemPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy + end + + Stub = Service.rpc_stub_class + end + module ValidationHelperV1 + # BinAuthz Attestor verification + class Service + + include ::GRPC::GenericService + + self.marshal_class_method = :encode + self.unmarshal_class_method = :decode + self.service_name = 'google.cloud.binaryauthorization.v1.ValidationHelperV1' + + # Returns whether the given Attestation for the given image URI + # was signed by the given Attestor + rpc :ValidateAttestationOccurrence, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse + end + + Stub = Service.rpc_stub_class + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md new file mode 100644 index 000000000000..f3a8af37824d --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md @@ -0,0 +1,4 @@ +# Binary Authorization V1 Protocol Buffer Documentation + +These files are for the YARD documentation of the generated protobuf files. +They are not intended to be required or loaded at runtime. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb new file mode 100644 index 000000000000..d59ba51a5612 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb @@ -0,0 +1,473 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Api + # Required information for every language. + # @!attribute [rw] reference_docs_uri + # @deprecated This field is deprecated and may be removed in the next major version update. + # @return [::String] + # Link to automatically generated reference documentation. Example: + # https://cloud.google.com/nodejs/docs/reference/asset/latest + # @!attribute [rw] destinations + # @return [::Array<::Google::Api::ClientLibraryDestination>] + # The destination where API teams want this client library to be published. + # @!attribute [rw] selective_gapic_generation + # @return [::Google::Api::SelectiveGapicGeneration] + # Configuration for which RPCs should be generated in the GAPIC client. + class CommonLanguageSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Details about how and where to publish client libraries. + # @!attribute [rw] version + # @return [::String] + # Version of the API to apply these settings to. This is the full protobuf + # package for the API, ending in the version element. + # Examples: "google.cloud.speech.v1" and "google.spanner.admin.database.v1". + # @!attribute [rw] launch_stage + # @return [::Google::Api::LaunchStage] + # Launch stage of this version of the API. + # @!attribute [rw] rest_numeric_enums + # @return [::Boolean] + # When using transport=rest, the client request will encode enums as + # numbers rather than strings. + # @!attribute [rw] java_settings + # @return [::Google::Api::JavaSettings] + # Settings for legacy Java features, supported in the Service YAML. + # @!attribute [rw] cpp_settings + # @return [::Google::Api::CppSettings] + # Settings for C++ client libraries. + # @!attribute [rw] php_settings + # @return [::Google::Api::PhpSettings] + # Settings for PHP client libraries. + # @!attribute [rw] python_settings + # @return [::Google::Api::PythonSettings] + # Settings for Python client libraries. + # @!attribute [rw] node_settings + # @return [::Google::Api::NodeSettings] + # Settings for Node client libraries. + # @!attribute [rw] dotnet_settings + # @return [::Google::Api::DotnetSettings] + # Settings for .NET client libraries. + # @!attribute [rw] ruby_settings + # @return [::Google::Api::RubySettings] + # Settings for Ruby client libraries. + # @!attribute [rw] go_settings + # @return [::Google::Api::GoSettings] + # Settings for Go client libraries. + class ClientLibrarySettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # This message configures the settings for publishing [Google Cloud Client + # libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) + # generated from the service config. + # @!attribute [rw] method_settings + # @return [::Array<::Google::Api::MethodSettings>] + # A list of API method settings, e.g. the behavior for methods that use the + # long-running operation pattern. + # @!attribute [rw] new_issue_uri + # @return [::String] + # Link to a *public* URI where users can report issues. Example: + # https://issuetracker.google.com/issues/new?component=190865&template=1161103 + # @!attribute [rw] documentation_uri + # @return [::String] + # Link to product home page. Example: + # https://cloud.google.com/asset-inventory/docs/overview + # @!attribute [rw] api_short_name + # @return [::String] + # Used as a tracking tag when collecting data about the APIs developer + # relations artifacts like docs, packages delivered to package managers, + # etc. Example: "speech". + # @!attribute [rw] github_label + # @return [::String] + # GitHub label to apply to issues and pull requests opened for this API. + # @!attribute [rw] codeowner_github_teams + # @return [::Array<::String>] + # GitHub teams to be added to CODEOWNERS in the directory in GitHub + # containing source code for the client libraries for this API. + # @!attribute [rw] doc_tag_prefix + # @return [::String] + # A prefix used in sample code when demarking regions to be included in + # documentation. + # @!attribute [rw] organization + # @return [::Google::Api::ClientLibraryOrganization] + # For whom the client library is being published. + # @!attribute [rw] library_settings + # @return [::Array<::Google::Api::ClientLibrarySettings>] + # Client library settings. If the same version string appears multiple + # times in this list, then the last one wins. Settings from earlier + # settings with the same version string are discarded. + # @!attribute [rw] proto_reference_documentation_uri + # @return [::String] + # Optional link to proto reference documentation. Example: + # https://cloud.google.com/pubsub/lite/docs/reference/rpc + # @!attribute [rw] rest_reference_documentation_uri + # @return [::String] + # Optional link to REST reference documentation. Example: + # https://cloud.google.com/pubsub/lite/docs/reference/rest + class Publishing + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Settings for Java client libraries. + # @!attribute [rw] library_package + # @return [::String] + # The package name to use in Java. Clobbers the java_package option + # set in the protobuf. This should be used **only** by APIs + # who have already set the language_settings.java.package_name" field + # in gapic.yaml. API teams should use the protobuf java_package option + # where possible. + # + # Example of a YAML configuration:: + # + # publishing: + # java_settings: + # library_package: com.google.cloud.pubsub.v1 + # @!attribute [rw] service_class_names + # @return [::Google::Protobuf::Map{::String => ::String}] + # Configure the Java class name to use instead of the service's for its + # corresponding generated GAPIC client. Keys are fully-qualified + # service names as they appear in the protobuf (including the full + # the language_settings.java.interface_names" field in gapic.yaml. API + # teams should otherwise use the service name as it appears in the + # protobuf. + # + # Example of a YAML configuration:: + # + # publishing: + # java_settings: + # service_class_names: + # - google.pubsub.v1.Publisher: TopicAdmin + # - google.pubsub.v1.Subscriber: SubscriptionAdmin + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + class JavaSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::String] + class ServiceClassNamesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # Settings for C++ client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + class CppSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Settings for Php client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + class PhpSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Settings for Python client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + # @!attribute [rw] experimental_features + # @return [::Google::Api::PythonSettings::ExperimentalFeatures] + # Experimental features to be included during client library generation. + class PythonSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # Experimental features to be included during client library generation. + # These fields will be deprecated once the feature graduates and is enabled + # by default. + # @!attribute [rw] rest_async_io_enabled + # @return [::Boolean] + # Enables generation of asynchronous REST clients if `rest` transport is + # enabled. By default, asynchronous REST clients will not be generated. + # This feature will be enabled by default 1 month after launching the + # feature in preview packages. + # @!attribute [rw] protobuf_pythonic_types_enabled + # @return [::Boolean] + # Enables generation of protobuf code using new types that are more + # Pythonic which are included in `protobuf>=5.29.x`. This feature will be + # enabled by default 1 month after launching the feature in preview + # packages. + # @!attribute [rw] unversioned_package_disabled + # @return [::Boolean] + # Disables generation of an unversioned Python package for this client + # library. This means that the module names will need to be versioned in + # import statements. For example `import google.cloud.library_v2` instead + # of `import google.cloud.library`. + class ExperimentalFeatures + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # Settings for Node client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + class NodeSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Settings for Dotnet client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + # @!attribute [rw] renamed_services + # @return [::Google::Protobuf::Map{::String => ::String}] + # Map from original service names to renamed versions. + # This is used when the default generated types + # would cause a naming conflict. (Neither name is + # fully-qualified.) + # Example: Subscriber to SubscriberServiceApi. + # @!attribute [rw] renamed_resources + # @return [::Google::Protobuf::Map{::String => ::String}] + # Map from full resource types to the effective short name + # for the resource. This is used when otherwise resource + # named from different services would cause naming collisions. + # Example entry: + # "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" + # @!attribute [rw] ignored_resources + # @return [::Array<::String>] + # List of full resource types to ignore during generation. + # This is typically used for API-specific Location resources, + # which should be handled by the generator as if they were actually + # the common Location resources. + # Example entry: "documentai.googleapis.com/Location" + # @!attribute [rw] forced_namespace_aliases + # @return [::Array<::String>] + # Namespaces which must be aliased in snippets due to + # a known (but non-generator-predictable) naming collision + # @!attribute [rw] handwritten_signatures + # @return [::Array<::String>] + # Method signatures (in the form "service.method(signature)") + # which are provided separately, so shouldn't be generated. + # Snippets *calling* these methods are still generated, however. + class DotnetSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::String] + class RenamedServicesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::String] + class RenamedResourcesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # Settings for Ruby client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + class RubySettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Settings for Go client libraries. + # @!attribute [rw] common + # @return [::Google::Api::CommonLanguageSettings] + # Some settings. + # @!attribute [rw] renamed_services + # @return [::Google::Protobuf::Map{::String => ::String}] + # Map of service names to renamed services. Keys are the package relative + # service names and values are the name to be used for the service client + # and call options. + # + # publishing: + # go_settings: + # renamed_services: + # Publisher: TopicAdmin + class GoSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::String] + class RenamedServicesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # Describes the generator configuration for a method. + # @!attribute [rw] selector + # @return [::String] + # The fully qualified name of the method, for which the options below apply. + # This is used to find the method to apply the options. + # + # Example: + # + # publishing: + # method_settings: + # - selector: google.storage.control.v2.StorageControl.CreateFolder + # # method settings for CreateFolder... + # @!attribute [rw] long_running + # @return [::Google::Api::MethodSettings::LongRunning] + # Describes settings to use for long-running operations when generating + # API methods for RPCs. Complements RPCs that use the annotations in + # google/longrunning/operations.proto. + # + # Example of a YAML configuration:: + # + # publishing: + # method_settings: + # - selector: google.cloud.speech.v2.Speech.BatchRecognize + # long_running: + # initial_poll_delay: 60s # 1 minute + # poll_delay_multiplier: 1.5 + # max_poll_delay: 360s # 6 minutes + # total_poll_timeout: 54000s # 90 minutes + # @!attribute [rw] auto_populated_fields + # @return [::Array<::String>] + # List of top-level fields of the request message, that should be + # automatically populated by the client libraries based on their + # (google.api.field_info).format. Currently supported format: UUID4. + # + # Example of a YAML configuration: + # + # publishing: + # method_settings: + # - selector: google.example.v1.ExampleService.CreateExample + # auto_populated_fields: + # - request_id + class MethodSettings + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # Describes settings to use when generating API methods that use the + # long-running operation pattern. + # All default values below are from those used in the client library + # generators (e.g. + # [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). + # @!attribute [rw] initial_poll_delay + # @return [::Google::Protobuf::Duration] + # Initial delay after which the first poll request will be made. + # Default value: 5 seconds. + # @!attribute [rw] poll_delay_multiplier + # @return [::Float] + # Multiplier to gradually increase delay between subsequent polls until it + # reaches max_poll_delay. + # Default value: 1.5. + # @!attribute [rw] max_poll_delay + # @return [::Google::Protobuf::Duration] + # Maximum time between two subsequent poll requests. + # Default value: 45 seconds. + # @!attribute [rw] total_poll_timeout + # @return [::Google::Protobuf::Duration] + # Total polling timeout. + # Default value: 5 minutes. + class LongRunning + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # This message is used to configure the generation of a subset of the RPCs in + # a service for client libraries. + # @!attribute [rw] methods + # @return [::Array<::String>] + # An allowlist of the fully qualified names of RPCs that should be included + # on public client surfaces. + # @!attribute [rw] generate_omitted_as_internal + # @return [::Boolean] + # Setting this to true indicates to the client generators that methods + # that would be excluded from the generation should instead be generated + # in a way that indicates these methods should not be consumed by + # end users. How this is expressed is up to individual language + # implementations to decide. Some examples may be: added annotations, + # obfuscated identifiers, or other language idiomatic patterns. + class SelectiveGapicGeneration + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # The organization for which the client libraries are being published. + # Affects the url where generated docs are published, etc. + module ClientLibraryOrganization + # Not useful. + CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED = 0 + + # Google Cloud Platform Org. + CLOUD = 1 + + # Ads (Advertising) Org. + ADS = 2 + + # Photos Org. + PHOTOS = 3 + + # Street View Org. + STREET_VIEW = 4 + + # Shopping Org. + SHOPPING = 5 + + # Geo Org. + GEO = 6 + + # Generative AI - https://developers.generativeai.google + GENERATIVE_AI = 7 + end + + # To where should client libraries be published? + module ClientLibraryDestination + # Client libraries will neither be generated nor published to package + # managers. + CLIENT_LIBRARY_DESTINATION_UNSPECIFIED = 0 + + # Generate the client library in a repo under github.com/googleapis, + # but don't publish it to package managers. + GITHUB = 10 + + # Publish the library to package managers like nuget.org and npmjs.com. + PACKAGE_MANAGER = 20 + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb new file mode 100644 index 000000000000..582be187d115 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb @@ -0,0 +1,85 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Api + # An indicator of the behavior of a given field (for example, that a field + # is required in requests, or given as output but ignored as input). + # This **does not** change the behavior in protocol buffers itself; it only + # denotes the behavior and may affect how API tooling handles the field. + # + # Note: This enum **may** receive new values in the future. + module FieldBehavior + # Conventional default for enums. Do not use this. + FIELD_BEHAVIOR_UNSPECIFIED = 0 + + # Specifically denotes a field as optional. + # While all fields in protocol buffers are optional, this may be specified + # for emphasis if appropriate. + OPTIONAL = 1 + + # Denotes a field as required. + # This indicates that the field **must** be provided as part of the request, + # and failure to do so will cause an error (usually `INVALID_ARGUMENT`). + REQUIRED = 2 + + # Denotes a field as output only. + # This indicates that the field is provided in responses, but including the + # field in a request does nothing (the server *must* ignore it and + # *must not* throw an error as a result of the field's presence). + OUTPUT_ONLY = 3 + + # Denotes a field as input only. + # This indicates that the field is provided in requests, and the + # corresponding field is not included in output. + INPUT_ONLY = 4 + + # Denotes a field as immutable. + # This indicates that the field may be set once in a request to create a + # resource, but may not be changed thereafter. + IMMUTABLE = 5 + + # Denotes that a (repeated) field is an unordered list. + # This indicates that the service may provide the elements of the list + # in any arbitrary order, rather than the order the user originally + # provided. Additionally, the list's order may or may not be stable. + UNORDERED_LIST = 6 + + # Denotes that this field returns a non-empty default value if not set. + # This indicates that if the user provides the empty value in a request, + # a non-empty value will be returned. The user will not be aware of what + # non-empty value to expect. + NON_EMPTY_DEFAULT = 7 + + # Denotes that the field in a resource (a message annotated with + # google.api.resource) is used in the resource name to uniquely identify the + # resource. For AIP-compliant APIs, this should only be applied to the + # `name` field on the resource. + # + # This behavior should not be applied to references to other resources within + # the message. + # + # The identifier field of resources often have different field behavior + # depending on the request it is embedded in (e.g. for Create methods name + # is optional and unused, while for Update methods it is required). Instead + # of method-specific annotations, only `IDENTIFIER` is required. + IDENTIFIER = 8 + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb new file mode 100644 index 000000000000..9392a413fb1b --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Api + # The launch stage as defined by [Google Cloud Platform + # Launch Stages](https://cloud.google.com/terms/launch-stages). + module LaunchStage + # Do not use this default value. + LAUNCH_STAGE_UNSPECIFIED = 0 + + # The feature is not yet implemented. Users can not use it. + UNIMPLEMENTED = 6 + + # Prelaunch features are hidden from users and are only visible internally. + PRELAUNCH = 7 + + # Early Access features are limited to a closed group of testers. To use + # these features, you must sign up in advance and sign a Trusted Tester + # agreement (which includes confidentiality provisions). These features may + # be unstable, changed in backward-incompatible ways, and are not + # guaranteed to be released. + EARLY_ACCESS = 1 + + # Alpha is a limited availability test for releases before they are cleared + # for widespread use. By Alpha, all significant design issues are resolved + # and we are in the process of verifying functionality. Alpha customers + # need to apply for access, agree to applicable terms, and have their + # projects allowlisted. Alpha releases don't have to be feature complete, + # no SLAs are provided, and there are no technical support obligations, but + # they will be far enough along that customers can actually use them in + # test environments or for limited-use tests -- just like they would in + # normal production cases. + ALPHA = 2 + + # Beta is the point at which we are ready to open a release for any + # customer to use. There are no SLA or technical support obligations in a + # Beta release. Products will be complete from a feature perspective, but + # may have some open outstanding issues. Beta releases are suitable for + # limited production use cases. + BETA = 3 + + # GA features are open to all developers and are considered stable and + # fully qualified for production use. + GA = 4 + + # Deprecated features are scheduled to be shut down and removed. For more + # information, see the "Deprecation Policy" section of our [Terms of + # Service](https://cloud.google.com/terms/) + # and the [Google Cloud Platform Subject to the Deprecation + # Policy](https://cloud.google.com/terms/deprecation) documentation. + DEPRECATED = 5 + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb new file mode 100644 index 000000000000..25dec4847ac1 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb @@ -0,0 +1,227 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Api + # A simple descriptor of a resource type. + # + # ResourceDescriptor annotates a resource message (either by means of a + # protobuf annotation or use in the service config), and associates the + # resource's schema, the resource type, and the pattern of the resource name. + # + # Example: + # + # message Topic { + # // Indicates this message defines a resource schema. + # // Declares the resource type in the format of {service}/{kind}. + # // For Kubernetes resources, the format is {api group}/{kind}. + # option (google.api.resource) = { + # type: "pubsub.googleapis.com/Topic" + # pattern: "projects/{project}/topics/{topic}" + # }; + # } + # + # The ResourceDescriptor Yaml config will look like: + # + # resources: + # - type: "pubsub.googleapis.com/Topic" + # pattern: "projects/{project}/topics/{topic}" + # + # Sometimes, resources have multiple patterns, typically because they can + # live under multiple parents. + # + # Example: + # + # message LogEntry { + # option (google.api.resource) = { + # type: "logging.googleapis.com/LogEntry" + # pattern: "projects/{project}/logs/{log}" + # pattern: "folders/{folder}/logs/{log}" + # pattern: "organizations/{organization}/logs/{log}" + # pattern: "billingAccounts/{billing_account}/logs/{log}" + # }; + # } + # + # The ResourceDescriptor Yaml config will look like: + # + # resources: + # - type: 'logging.googleapis.com/LogEntry' + # pattern: "projects/{project}/logs/{log}" + # pattern: "folders/{folder}/logs/{log}" + # pattern: "organizations/{organization}/logs/{log}" + # pattern: "billingAccounts/{billing_account}/logs/{log}" + # @!attribute [rw] type + # @return [::String] + # The resource type. It must be in the format of + # \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be + # singular and must not include version numbers. + # + # Example: `storage.googleapis.com/Bucket` + # + # The value of the resource_type_kind must follow the regular expression + # /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and + # should use PascalCase (UpperCamelCase). The maximum number of + # characters allowed for the `resource_type_kind` is 100. + # @!attribute [rw] pattern + # @return [::Array<::String>] + # Optional. The relative resource name pattern associated with this resource + # type. The DNS prefix of the full resource name shouldn't be specified here. + # + # The path pattern must follow the syntax, which aligns with HTTP binding + # syntax: + # + # Template = Segment { "/" Segment } ; + # Segment = LITERAL | Variable ; + # Variable = "{" LITERAL "}" ; + # + # Examples: + # + # - "projects/\\{project}/topics/\\{topic}" + # - "projects/\\{project}/knowledgeBases/\\{knowledge_base}" + # + # The components in braces correspond to the IDs for each resource in the + # hierarchy. It is expected that, if multiple patterns are provided, + # the same component name (e.g. "project") refers to IDs of the same + # type of resource. + # @!attribute [rw] name_field + # @return [::String] + # Optional. The field on the resource that designates the resource name + # field. If omitted, this is assumed to be "name". + # @!attribute [rw] history + # @return [::Google::Api::ResourceDescriptor::History] + # Optional. The historical or future-looking state of the resource pattern. + # + # Example: + # + # // The InspectTemplate message originally only supported resource + # // names with organization, and project was added later. + # message InspectTemplate { + # option (google.api.resource) = { + # type: "dlp.googleapis.com/InspectTemplate" + # pattern: + # "organizations/{organization}/inspectTemplates/{inspect_template}" + # pattern: "projects/{project}/inspectTemplates/{inspect_template}" + # history: ORIGINALLY_SINGLE_PATTERN + # }; + # } + # @!attribute [rw] plural + # @return [::String] + # The plural name used in the resource name and permission names, such as + # 'projects' for the resource name of 'projects/\\{project}' and the permission + # name of 'cloudresourcemanager.googleapis.com/projects.get'. One exception + # to this is for Nested Collections that have stuttering names, as defined + # in [AIP-122](https://google.aip.dev/122#nested-collections), where the + # collection ID in the resource name pattern does not necessarily directly + # match the `plural` value. + # + # It is the same concept of the `plural` field in k8s CRD spec + # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ + # + # Note: The plural form is required even for singleton resources. See + # https://aip.dev/156 + # @!attribute [rw] singular + # @return [::String] + # The same concept of the `singular` field in k8s CRD spec + # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ + # Such as "project" for the `resourcemanager.googleapis.com/Project` type. + # @!attribute [rw] style + # @return [::Array<::Google::Api::ResourceDescriptor::Style>] + # Style flag(s) for this resource. + # These indicate that a resource is expected to conform to a given + # style. See the specific style flags for additional information. + class ResourceDescriptor + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # A description of the historical or future-looking state of the + # resource pattern. + module History + # The "unset" value. + HISTORY_UNSPECIFIED = 0 + + # The resource originally had one pattern and launched as such, and + # additional patterns were added later. + ORIGINALLY_SINGLE_PATTERN = 1 + + # The resource has one pattern, but the API owner expects to add more + # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents + # that from being necessary once there are multiple patterns.) + FUTURE_MULTI_PATTERN = 2 + end + + # A flag representing a specific style that a resource claims to conform to. + module Style + # The unspecified value. Do not use. + STYLE_UNSPECIFIED = 0 + + # This resource is intended to be "declarative-friendly". + # + # Declarative-friendly resources must be more strictly consistent, and + # setting this to true communicates to tools that this resource should + # adhere to declarative-friendly expectations. + # + # Note: This is used by the API linter (linter.aip.dev) to enable + # additional checks. + DECLARATIVE_FRIENDLY = 1 + end + end + + # Defines a proto annotation that describes a string field that refers to + # an API resource. + # @!attribute [rw] type + # @return [::String] + # The resource type that the annotated field references. + # + # Example: + # + # message Subscription { + # string topic = 2 [(google.api.resource_reference) = { + # type: "pubsub.googleapis.com/Topic" + # }]; + # } + # + # Occasionally, a field may reference an arbitrary resource. In this case, + # APIs use the special value * in their resource reference. + # + # Example: + # + # message GetIamPolicyRequest { + # string resource = 2 [(google.api.resource_reference) = { + # type: "*" + # }]; + # } + # @!attribute [rw] child_type + # @return [::String] + # The resource type of a child collection that the annotated field + # references. This is useful for annotating the `parent` field that + # doesn't have a fixed resource type. + # + # Example: + # + # message ListLogEntriesRequest { + # string parent = 1 [(google.api.resource_reference) = { + # child_type: "logging.googleapis.com/LogEntry" + # }; + # } + class ResourceReference + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb new file mode 100644 index 000000000000..810eb1c1a992 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb @@ -0,0 +1,374 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Cloud + module BinaryAuthorization + module V1 + # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for container image binary authorization. + # @!attribute [r] name + # @return [::String] + # Output only. The resource name, in the format `projects/*/policy`. There is + # at most one policy per project. + # @!attribute [rw] description + # @return [::String] + # Optional. A descriptive comment. + # @!attribute [rw] global_policy_evaluation_mode + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy::GlobalPolicyEvaluationMode] + # Optional. Controls the evaluation of a Google-maintained global admission + # policy for common system-level images. Images not covered by the global + # policy will be subject to the project admission policy. This setting + # has no effect when specified inside a global admission policy. + # @!attribute [rw] admission_whitelist_patterns + # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern>] + # Optional. Admission policy allowlisting. A matching admission request will + # always be permitted. This feature is typically used to exclude Google or + # third-party infrastructure images from Binary Authorization policies. + # @!attribute [rw] cluster_admission_rules + # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] + # Optional. Per-cluster admission rules. Cluster spec format: + # `location.clusterId`. There can be at most one admission rule per cluster + # spec. + # A `location` is either a compute zone (e.g. us-central1-a) or a region + # (e.g. us-central1). + # For `clusterId` syntax restrictions see + # https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + # @!attribute [rw] kubernetes_namespace_admission_rules + # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] + # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: + # [a-z.-]+, e.g. 'some-namespace' + # @!attribute [rw] kubernetes_service_account_admission_rules + # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] + # Optional. Per-kubernetes-service-account admission rules. Service account + # spec format: `namespace:serviceaccount`. e.g. 'test-ns:default' + # @!attribute [rw] istio_service_identity_admission_rules + # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] + # Optional. Per-istio-service-identity admission rules. Istio service + # identity spec format: + # spiffe:///ns//sa/ or + # /ns//sa/ + # e.g. spiffe://example.com/ns/test-ns/sa/default + # @!attribute [rw] default_admission_rule + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] + # Required. Default admission rule for a cluster without a per-cluster, per- + # kubernetes-service-account, or per-istio-service-identity admission rule. + # @!attribute [r] update_time + # @return [::Google::Protobuf::Timestamp] + # Output only. Time when the policy was last updated. + class Policy + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] + class ClusterAdmissionRulesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] + class KubernetesNamespaceAdmissionRulesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] + class KubernetesServiceAccountAdmissionRulesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # @!attribute [rw] key + # @return [::String] + # @!attribute [rw] value + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] + class IstioServiceIdentityAdmissionRulesEntry + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + module GlobalPolicyEvaluationMode + # Not specified: DISABLE is assumed. + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + + # Enables system policy evaluation. + ENABLE = 1 + + # Disables system policy evaluation. + DISABLE = 2 + end + end + + # An {::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern admission allowlist pattern} exempts images + # from checks by {::Google::Cloud::BinaryAuthorization::V1::AdmissionRule admission rules}. + # @!attribute [rw] name_pattern + # @return [::String] + # An image name pattern to allowlist, in the form `registry/path/to/image`. + # This supports a trailing `*` wildcard, but this is allowed only in + # text after the `registry/` part. This also supports a trailing `**` + # wildcard which matches subdirectories of a given entry. + class AdmissionWhitelistPattern + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # An {::Google::Cloud::BinaryAuthorization::V1::AdmissionRule admission rule} specifies either that all container images + # used in a pod creation request must be attested to by one or more + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, that all pod creations will be allowed, or that all + # pod creations will be denied. + # + # Images matching an {::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern admission allowlist pattern} + # are exempted from admission rules and will never block a pod creation. + # @!attribute [rw] evaluation_mode + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule::EvaluationMode] + # Required. How this admission rule will be evaluated. + # @!attribute [rw] require_attestations_by + # @return [::Array<::String>] + # Optional. The resource names of the attestors that must attest to + # a container image, in the format `projects/*/attestors/*`. Each + # attestor must exist before a policy can reference it. To add an attestor + # to a policy the principal issuing the policy change request must be able + # to read the attestor resource. + # + # Note: this field must be non-empty when the evaluation_mode field specifies + # REQUIRE_ATTESTATION, otherwise it must be empty. + # @!attribute [rw] enforcement_mode + # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule::EnforcementMode] + # Required. The action when a pod creation is denied by the admission rule. + class AdmissionRule + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + module EvaluationMode + # Do not use. + EVALUATION_MODE_UNSPECIFIED = 0 + + # This rule allows all all pod creations. + ALWAYS_ALLOW = 1 + + # This rule allows a pod creation if all the attestors listed in + # 'require_attestations_by' have valid attestations for all of the + # images in the pod spec. + REQUIRE_ATTESTATION = 2 + + # This rule denies all pod creations. + ALWAYS_DENY = 3 + end + + # Defines the possible actions when a pod creation is denied by an admission + # rule. + module EnforcementMode + # Do not use. + ENFORCEMENT_MODE_UNSPECIFIED = 0 + + # Enforce the admission rule by blocking the pod creation. + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + + # Dryrun mode: Audit logging only. This will allow the pod creation as if + # the admission request had specified break-glass. + DRYRUN_AUDIT_LOG_ONLY = 2 + end + end + + # An {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} that attests to container image + # artifacts. An existing attestor cannot be modified except where + # indicated. + # @!attribute [rw] name + # @return [::String] + # Required. The resource name, in the format: + # `projects/*/attestors/*`. This field may not be updated. + # @!attribute [rw] description + # @return [::String] + # Optional. A descriptive comment. This field may be updated. + # The field may be displayed in chooser dialogs. + # @!attribute [rw] user_owned_grafeas_note + # @return [::Google::Cloud::BinaryAuthorization::V1::UserOwnedGrafeasNote] + # This specifies how an attestation will be read, and how it will be used + # during policy enforcement. + # @!attribute [r] update_time + # @return [::Google::Protobuf::Timestamp] + # Output only. Time when the attestor was last updated. + class Attestor + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # An {::Google::Cloud::BinaryAuthorization::V1::UserOwnedGrafeasNote user owned Grafeas note} references a Grafeas + # Attestation.Authority Note created by the user. + # @!attribute [rw] note_reference + # @return [::String] + # Required. The Grafeas resource name of a Attestation.Authority Note, + # created by the user, in the format: `projects/*/notes/*`. This field may + # not be updated. + # + # An attestation by this attestor is stored as a Grafeas + # Attestation.Authority Occurrence that names a container image and that + # links to this Note. Grafeas is an external dependency. + # @!attribute [rw] public_keys + # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::AttestorPublicKey>] + # Optional. Public keys that verify attestations signed by this + # attestor. This field may be updated. + # + # If this field is non-empty, one of the specified public keys must + # verify that an attestation was signed by this attestor for the + # image specified in the admission request. + # + # If this field is empty, this attestor always returns that no + # valid attestations exist. + # @!attribute [r] delegation_service_account_email + # @return [::String] + # Output only. This field will contain the service account email address + # that this Attestor will use as the principal when querying Container + # Analysis. Attestor administrators must grant this service account the + # IAM role needed to read attestations from the [note_reference][Note] in + # Container Analysis (`containeranalysis.notes.occurrences.viewer`). + # + # This email address is fixed for the lifetime of the Attestor, but callers + # should not make any other assumptions about the service account email; + # future versions may use an email based on a different naming pattern. + class UserOwnedGrafeasNote + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # A public key in the PkixPublicKey format (see + # https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). + # Public keys of this type are typically textually encoded using the PEM + # format. + # @!attribute [rw] public_key_pem + # @return [::String] + # A PEM-encoded public key, as described in + # https://tools.ietf.org/html/rfc7468#section-13 + # @!attribute [rw] signature_algorithm + # @return [::Google::Cloud::BinaryAuthorization::V1::PkixPublicKey::SignatureAlgorithm] + # The signature algorithm used to verify a message against a signature using + # this key. + # These signature algorithm must match the structure and any object + # identifiers encoded in `public_key_pem` (i.e. this algorithm must match + # that of the public key). + class PkixPublicKey + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # Represents a signature algorithm and other information necessary to verify + # signatures with a given public key. + # This is based primarily on the public key types supported by Tink's + # PemKeyType, which is in turn based on KMS's supported signing algorithms. + # See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz + # might support additional public key types independently of Tink and/or KMS. + module SignatureAlgorithm + # Not specified. + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + + # RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_PSS_2048_SHA256 = 1 + + # RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_PSS_3072_SHA256 = 2 + + # RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_PSS_4096_SHA256 = 3 + + # RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_PSS_4096_SHA512 = 4 + + # RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_2048_SHA256 = 5 + + # RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 = 6 + + # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 = 7 + + # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + RSA_SIGN_PKCS1_4096_SHA512 = 8 + + # ECDSA on the NIST P-256 curve with a SHA256 digest. + ECDSA_P256_SHA256 = 9 + + # ECDSA on the NIST P-256 curve with a SHA256 digest. + EC_SIGN_P256_SHA256 = 9 + + # ECDSA on the NIST P-384 curve with a SHA384 digest. + ECDSA_P384_SHA384 = 10 + + # ECDSA on the NIST P-384 curve with a SHA384 digest. + EC_SIGN_P384_SHA384 = 10 + + # ECDSA on the NIST P-521 curve with a SHA512 digest. + ECDSA_P521_SHA512 = 11 + + # ECDSA on the NIST P-521 curve with a SHA512 digest. + EC_SIGN_P521_SHA512 = 11 + end + end + + # An {::Google::Cloud::BinaryAuthorization::V1::AttestorPublicKey attestor public key} that will be used to verify + # attestations signed by this attestor. + # @!attribute [rw] comment + # @return [::String] + # Optional. A descriptive comment. This field may be updated. + # @!attribute [rw] id + # @return [::String] + # The ID of this public key. + # Signatures verified by BinAuthz must include the ID of the public key that + # can be used to verify them, and that ID must match the contents of this + # field exactly. + # Additional restrictions on this field can be imposed based on which public + # key type is encapsulated. See the documentation on `public_key` cases below + # for details. + # @!attribute [rw] ascii_armored_pgp_public_key + # @return [::String] + # ASCII-armored representation of a PGP public key, as the entire output by + # the command `gpg --export --armor foo@example.com` (either LF or CRLF + # line endings). + # When using this field, `id` should be left blank. The BinAuthz API + # handlers will calculate the ID and fill it in automatically. BinAuthz + # computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as + # upper-case hex. If `id` is provided by the caller, it will be + # overwritten by the API-calculated ID. + # + # Note: The following fields are mutually exclusive: `ascii_armored_pgp_public_key`, `pkix_public_key`. If a field in that set is populated, all other fields in the set will automatically be cleared. + # @!attribute [rw] pkix_public_key + # @return [::Google::Cloud::BinaryAuthorization::V1::PkixPublicKey] + # A raw PKIX SubjectPublicKeyInfo format public key. + # + # NOTE: `id` may be explicitly provided by the caller when using this + # type of public key, but it MUST be a valid RFC3986 URI. If `id` is left + # blank, a default one will be computed based on the digest of the DER + # encoding of the public key. + # + # Note: The following fields are mutually exclusive: `pkix_public_key`, `ascii_armored_pgp_public_key`. If a field in that set is populated, all other fields in the set will automatically be cleared. + class AttestorPublicKey + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb new file mode 100644 index 000000000000..995b068a0e85 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb @@ -0,0 +1,189 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Cloud + module BinaryAuthorization + module V1 + # Request message for [BinauthzManagementService.GetPolicy][]. + # @!attribute [rw] name + # @return [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, + # in the format `projects/*/policy`. + class GetPolicyRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.UpdatePolicy][]. + # @!attribute [rw] policy + # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] + # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in + # the request URL, in the format `projects/*/policy`. + class UpdatePolicyRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.CreateAttestor][]. + # @!attribute [rw] parent + # @return [::String] + # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. + # @!attribute [rw] attestor_id + # @return [::String] + # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. + # @!attribute [rw] attestor + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, + # in the format `projects/*/attestors/*`. + class CreateAttestorRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.GetAttestor][]. + # @!attribute [rw] name + # @return [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format + # `projects/*/attestors/*`. + class GetAttestorRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.UpdateAttestor][]. + # @!attribute [rw] attestor + # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] + # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will + # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name + # in the request URL, in the format `projects/*/attestors/*`. + class UpdateAttestorRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.ListAttestors][]. + # @!attribute [rw] parent + # @return [::String] + # Required. The resource name of the project associated with the + # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. + # @!attribute [rw] page_size + # @return [::Integer] + # Requested page size. The server may return fewer results than requested. If + # unspecified, the server will pick an appropriate default. + # @!attribute [rw] page_token + # @return [::String] + # A token identifying a page of results the server should return. Typically, + # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned + # from the previous call to the `ListAttestors` method. + class ListAttestorsRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Response message for [BinauthzManagementService.ListAttestors][]. + # @!attribute [rw] attestors + # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::Attestor>] + # The list of {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. + # @!attribute [rw] next_page_token + # @return [::String] + # A token to retrieve the next page of results. Pass this value in the + # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token} field in the subsequent call to the + # `ListAttestors` method to retrieve the next page of results. + class ListAttestorsResponse + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for [BinauthzManagementService.DeleteAttestor][]. + # @!attribute [rw] name + # @return [::String] + # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format + # `projects/*/attestors/*`. + class DeleteAttestorRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request to read the current system policy. + # @!attribute [rw] name + # @return [::String] + # Required. The resource name, in the format `locations/*/policy`. + # Note that the system policy is not associated with a project. + class GetSystemPolicyRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Request message for + # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}. + # @!attribute [rw] attestor + # @return [::String] + # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the + # [occurrence][grafeas.v1.Occurrence], in the format + # `projects/*/attestors/*`. + # @!attribute [rw] attestation + # @return [::Grafeas::V1::AttestationOccurrence] + # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to + # be checked that it can be verified by the Attestor. It does not have to be + # an existing entity in Container Analysis. It must otherwise be a valid + # AttestationOccurrence. + # @!attribute [rw] occurrence_note + # @return [::String] + # Required. The resource name of the [Note][grafeas.v1.Note] to which the + # containing [Occurrence][grafeas.v1.Occurrence] is associated. + # @!attribute [rw] occurrence_resource_uri + # @return [::String] + # Required. The URI of the artifact (e.g. container image) that is the + # subject of the containing [Occurrence][grafeas.v1.Occurrence]. + class ValidateAttestationOccurrenceRequest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Response message for + # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}. + # @!attribute [rw] result + # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse::Result] + # The result of the Attestation validation. + # @!attribute [rw] denial_reason + # @return [::String] + # The reason for denial if the Attestation couldn't be validated. + class ValidateAttestationOccurrenceResponse + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # The enum returned in the "result" field. + module Result + # Unspecified. + RESULT_UNSPECIFIED = 0 + + # The Attestation was able to verified by the Attestor. + VERIFIED = 1 + + # The Attestation was not able to verified by the Attestor. + ATTESTATION_NOT_VERIFIABLE = 2 + end + end + end + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb new file mode 100644 index 000000000000..ea59f1f91daf --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb @@ -0,0 +1,98 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Protobuf + # A Duration represents a signed, fixed-length span of time represented + # as a count of seconds and fractions of seconds at nanosecond + # resolution. It is independent of any calendar and concepts like "day" + # or "month". It is related to Timestamp in that the difference between + # two Timestamp values is a Duration and it can be added or subtracted + # from a Timestamp. Range is approximately +-10,000 years. + # + # # Examples + # + # Example 1: Compute Duration from two Timestamps in pseudo code. + # + # Timestamp start = ...; + # Timestamp end = ...; + # Duration duration = ...; + # + # duration.seconds = end.seconds - start.seconds; + # duration.nanos = end.nanos - start.nanos; + # + # if (duration.seconds < 0 && duration.nanos > 0) { + # duration.seconds += 1; + # duration.nanos -= 1000000000; + # } else if (duration.seconds > 0 && duration.nanos < 0) { + # duration.seconds -= 1; + # duration.nanos += 1000000000; + # } + # + # Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. + # + # Timestamp start = ...; + # Duration duration = ...; + # Timestamp end = ...; + # + # end.seconds = start.seconds + duration.seconds; + # end.nanos = start.nanos + duration.nanos; + # + # if (end.nanos < 0) { + # end.seconds -= 1; + # end.nanos += 1000000000; + # } else if (end.nanos >= 1000000000) { + # end.seconds += 1; + # end.nanos -= 1000000000; + # } + # + # Example 3: Compute Duration from datetime.timedelta in Python. + # + # td = datetime.timedelta(days=3, minutes=10) + # duration = Duration() + # duration.FromTimedelta(td) + # + # # JSON Mapping + # + # In JSON format, the Duration type is encoded as a string rather than an + # object, where the string ends in the suffix "s" (indicating seconds) and + # is preceded by the number of seconds, with nanoseconds expressed as + # fractional seconds. For example, 3 seconds with 0 nanoseconds should be + # encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should + # be expressed in JSON format as "3.000000001s", and 3 seconds and 1 + # microsecond should be expressed in JSON format as "3.000001s". + # @!attribute [rw] seconds + # @return [::Integer] + # Signed seconds of the span of time. Must be from -315,576,000,000 + # to +315,576,000,000 inclusive. Note: these bounds are computed from: + # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + # @!attribute [rw] nanos + # @return [::Integer] + # Signed fractions of a second at nanosecond resolution of the span + # of time. Durations less than one second are represented with a 0 + # `seconds` field and a positive or negative `nanos` field. For durations + # of one second or more, a non-zero value for the `nanos` field must be + # of the same sign as the `seconds` field. Must be from -999,999,999 + # to +999,999,999 inclusive. + class Duration + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb new file mode 100644 index 000000000000..83e4481834a6 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Protobuf + # A generic empty message that you can re-use to avoid defining duplicated + # empty messages in your APIs. A typical example is to use it as the request + # or the response type of an API method. For instance: + # + # service Foo { + # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); + # } + class Empty + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb new file mode 100644 index 000000000000..74352be9c58c --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb @@ -0,0 +1,127 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Google + module Protobuf + # A Timestamp represents a point in time independent of any time zone or local + # calendar, encoded as a count of seconds and fractions of seconds at + # nanosecond resolution. The count is relative to an epoch at UTC midnight on + # January 1, 1970, in the proleptic Gregorian calendar which extends the + # Gregorian calendar backwards to year one. + # + # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap + # second table is needed for interpretation, using a [24-hour linear + # smear](https://developers.google.com/time/smear). + # + # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By + # restricting to that range, we ensure that we can convert to and from [RFC + # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings. + # + # # Examples + # + # Example 1: Compute Timestamp from POSIX `time()`. + # + # Timestamp timestamp; + # timestamp.set_seconds(time(NULL)); + # timestamp.set_nanos(0); + # + # Example 2: Compute Timestamp from POSIX `gettimeofday()`. + # + # struct timeval tv; + # gettimeofday(&tv, NULL); + # + # Timestamp timestamp; + # timestamp.set_seconds(tv.tv_sec); + # timestamp.set_nanos(tv.tv_usec * 1000); + # + # Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. + # + # FILETIME ft; + # GetSystemTimeAsFileTime(&ft); + # UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; + # + # // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z + # // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. + # Timestamp timestamp; + # timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); + # timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); + # + # Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. + # + # long millis = System.currentTimeMillis(); + # + # Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) + # .setNanos((int) ((millis % 1000) * 1000000)).build(); + # + # Example 5: Compute Timestamp from Java `Instant.now()`. + # + # Instant now = Instant.now(); + # + # Timestamp timestamp = + # Timestamp.newBuilder().setSeconds(now.getEpochSecond()) + # .setNanos(now.getNano()).build(); + # + # Example 6: Compute Timestamp from current time in Python. + # + # timestamp = Timestamp() + # timestamp.GetCurrentTime() + # + # # JSON Mapping + # + # In JSON format, the Timestamp type is encoded as a string in the + # [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the + # format is "\\{year}-\\{month}-\\{day}T\\{hour}:\\{min}:\\{sec}[.\\{frac_sec}]Z" + # where \\{year} is always expressed using four digits while \\{month}, \\{day}, + # \\{hour}, \\{min}, and \\{sec} are zero-padded to two digits each. The fractional + # seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), + # are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone + # is required. A proto3 JSON serializer should always use UTC (as indicated by + # "Z") when printing the Timestamp type and a proto3 JSON parser should be + # able to accept both UTC and other timezones (as indicated by an offset). + # + # For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past + # 01:30 UTC on January 15, 2017. + # + # In JavaScript, one can convert a Date object to this format using the + # standard + # [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString) + # method. In Python, a standard `datetime.datetime` object can be converted + # to this format using + # [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with + # the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use + # the Joda Time's [`ISODateTimeFormat.dateTime()`]( + # http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime() + # ) to obtain a formatter capable of generating timestamps in this format. + # @!attribute [rw] seconds + # @return [::Integer] + # Represents seconds of UTC time since Unix epoch + # 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to + # 9999-12-31T23:59:59Z inclusive. + # @!attribute [rw] nanos + # @return [::Integer] + # Non-negative fractions of a second at nanosecond resolution. Negative + # second values with fractions must still have non-negative nanos values + # that count forward in time. Must be from 0 to 999,999,999 + # inclusive. + class Timestamp + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb new file mode 100644 index 000000000000..23895f01f033 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb @@ -0,0 +1,98 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Grafeas + module V1 + # Note kind that represents a logical attestation "role" or "authority". For + # example, an organization might have one `Authority` for "QA" and one for + # "build". This note is intended to act strictly as a grouping mechanism for + # the attached occurrences (Attestations). This grouping mechanism also + # provides a security boundary, since IAM ACLs gate the ability for a principle + # to attach an occurrence to a given note. It also provides a single point of + # lookup to find all attached attestation occurrences, even if they don't all + # live in the same project. + # @!attribute [rw] hint + # @return [::Grafeas::V1::AttestationNote::Hint] + # Hint hints at the purpose of the attestation authority. + class AttestationNote + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + + # This submessage provides human-readable hints about the purpose of the + # authority. Because the name of a note acts as its resource reference, it is + # important to disambiguate the canonical name of the Note (which might be a + # UUID for security purposes) from "readable" names more suitable for debug + # output. Note that these hints should not be used to look up authorities in + # security sensitive contexts, such as when looking up attestations to + # verify. + # @!attribute [rw] human_readable_name + # @return [::String] + # Required. The human readable name of this attestation authority, for + # example "qa". + class Hint + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end + + # @!attribute [rw] compact_jwt + # @return [::String] + # The compact encoding of a JWS, which is always three base64 encoded strings + # joined by periods. For details, see: + # https://tools.ietf.org/html/rfc7515.html#section-3.1 + class Jwt + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Occurrence that represents a single "attestation". The authenticity of an + # attestation can be verified using the attached signature. If the verifier + # trusts the public key of the signer, then verifying the signature is + # sufficient to establish trust. In this circumstance, the authority to which + # this attestation is attached is primarily useful for lookup (how to find + # this attestation if you already know the authority and artifact to be + # verified) and intent (for which authority this attestation was intended to + # sign. + # @!attribute [rw] serialized_payload + # @return [::String] + # Required. The serialized payload that is verified by one or more + # `signatures`. + # @!attribute [rw] signatures + # @return [::Array<::Grafeas::V1::Signature>] + # One or more signatures over `serialized_payload`. Verifier implementations + # should consider this attestation message verified if at least one + # `signature` verifies `serialized_payload`. See `Signature` in common.proto + # for more details on signature structure and verification. + # @!attribute [rw] jwts + # @return [::Array<::Grafeas::V1::Jwt>] + # One or more JWTs encoding a self-contained attestation. + # Each JWT encodes the payload that it verifies within the JWT itself. + # Verifier implementation SHOULD ignore the `serialized_payload` field + # when verifying these JWTs. + # If only JWTs are present on this AttestationOccurrence, then the + # `serialized_payload` SHOULD be left empty. + # Each JWT SHOULD encode a claim specific to the `resource_uri` of this + # Occurrence, but this is not validated by Grafeas metadata API + # implementations. The JWT itself is opaque to Grafeas. + class AttestationOccurrence + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb new file mode 100644 index 000000000000..75da254c18f2 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb @@ -0,0 +1,239 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + + +module Grafeas + module V1 + # Metadata for any related URL information. + # @!attribute [rw] url + # @return [::String] + # Specific URL associated with the resource. + # @!attribute [rw] label + # @return [::String] + # Label to describe usage of the URL. + class RelatedUrl + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Verifiers (e.g. Kritis implementations) MUST verify signatures + # with respect to the trust anchors defined in policy (e.g. a Kritis policy). + # Typically this means that the verifier has been configured with a map from + # `public_key_id` to public key material (and any required parameters, e.g. + # signing algorithm). + # + # In particular, verification implementations MUST NOT treat the signature + # `public_key_id` as anything more than a key lookup hint. The `public_key_id` + # DOES NOT validate or authenticate a public key; it only provides a mechanism + # for quickly selecting a public key ALREADY CONFIGURED on the verifier through + # a trusted channel. Verification implementations MUST reject signatures in any + # of the following circumstances: + # * The `public_key_id` is not recognized by the verifier. + # * The public key that `public_key_id` refers to does not verify the + # signature with respect to the payload. + # + # The `signature` contents SHOULD NOT be "attached" (where the payload is + # included with the serialized `signature` bytes). Verifiers MUST ignore any + # "attached" payload and only verify signatures with respect to explicitly + # provided payload (e.g. a `payload` field on the proto message that holds + # this Signature, or the canonical serialization of the proto message that + # holds this signature). + # @!attribute [rw] signature + # @return [::String] + # The content of the signature, an opaque bytestring. + # The payload that this signature verifies MUST be unambiguously provided + # with the Signature during verification. A wrapper message might provide + # the payload explicitly. Alternatively, a message might have a canonical + # serialization that can always be unambiguously computed to derive the + # payload. + # @!attribute [rw] public_key_id + # @return [::String] + # The identifier for the public key that verifies this signature. + # * The `public_key_id` is required. + # * The `public_key_id` SHOULD be an RFC3986 conformant URI. + # * When possible, the `public_key_id` SHOULD be an immutable reference, + # such as a cryptographic digest. + # + # Examples of valid `public_key_id`s: + # + # OpenPGP V4 public key fingerprint: + # * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" + # See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more + # details on this scheme. + # + # RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER + # serialization): + # * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" + # * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" + class Signature + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # MUST match + # https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An + # authenticated message of arbitrary type. + # @!attribute [rw] payload + # @return [::String] + # @!attribute [rw] payload_type + # @return [::String] + # @!attribute [rw] signatures + # @return [::Array<::Grafeas::V1::EnvelopeSignature>] + class Envelope + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # @!attribute [rw] sig + # @return [::String] + # @!attribute [rw] keyid + # @return [::String] + class EnvelopeSignature + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Indicates the location at which a package was found. + # @!attribute [rw] file_path + # @return [::String] + # For jars that are contained inside .war files, this filepath + # can indicate the path to war file combined with the path to jar file. + # @!attribute [rw] layer_details + # @return [::Grafeas::V1::LayerDetails] + # Each package found in a file should have its own layer metadata (that is, + # information from the origin layer of the package). + class FileLocation + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # BaseImage describes a base image of a container image. + # @!attribute [rw] name + # @return [::String] + # The name of the base image. + # @!attribute [rw] repository + # @return [::String] + # The repository name in which the base image is from. + # @!attribute [rw] layer_count + # @return [::Integer] + # The number of layers that the base image is composed of. + # @!attribute [rw] registry + # @return [::String] + # The registry in which the base image is from. + class BaseImage + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Details about the layer a package was found in. + # @!attribute [rw] index + # @return [::Integer] + # The index of the layer in the container image. + # @!attribute [rw] diff_id + # @return [::String] + # The diff ID (typically a sha256 hash) of the layer in the container image. + # @!attribute [rw] chain_id + # @return [::String] + # The layer chain ID (sha256 hash) of the layer in the container image. + # https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid + # @!attribute [rw] command + # @return [::String] + # The layer build command that was used to build the layer. This may not be + # found in all layers depending on how the container image is built. + # @!attribute [rw] base_images + # @return [::Array<::Grafeas::V1::BaseImage>] + # The base images the layer is found within. + class LayerDetails + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # License information. + # @!attribute [rw] expression + # @return [::String] + # Often a single license can be used to represent the licensing terms. + # Sometimes it is necessary to include a choice of one or more licenses + # or some combination of license identifiers. + # Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", + # "GPL-2.0-or-later WITH Bison-exception-2.2". + # @!attribute [rw] comments + # @return [::String] + # Comments + class License + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Digest information. + # @!attribute [rw] algo + # @return [::String] + # `SHA1`, `SHA512` etc. + # @!attribute [rw] digest_bytes + # @return [::String] + # Value of the digest. + class Digest + include ::Google::Protobuf::MessageExts + extend ::Google::Protobuf::MessageExts::ClassMethods + end + + # Kind represents the kinds of notes supported. + module NoteKind + # Default value. This value is unused. + NOTE_KIND_UNSPECIFIED = 0 + + # The note and occurrence represent a package vulnerability. + VULNERABILITY = 1 + + # The note and occurrence assert build provenance. + BUILD = 2 + + # This represents an image basis relationship. + IMAGE = 3 + + # This represents a package installed via a package manager. + PACKAGE = 4 + + # The note and occurrence track deployment events. + DEPLOYMENT = 5 + + # The note and occurrence track the initial discovery status of a resource. + DISCOVERY = 6 + + # This represents a logical "role" that can attest to artifacts. + ATTESTATION = 7 + + # This represents an available package upgrade. + UPGRADE = 8 + + # This represents a Compliance Note + COMPLIANCE = 9 + + # This represents a DSSE attestation Note + DSSE_ATTESTATION = 10 + + # This represents a Vulnerability Assessment. + VULNERABILITY_ASSESSMENT = 11 + + # This represents an SBOM Reference. + SBOM_REFERENCE = 12 + + # This represents a secret. + SECRET = 13 + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile new file mode 100644 index 000000000000..b15f486811b4 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +source "https://rubygems.org" + +if ENV["GOOGLE_CLOUD_SAMPLES_TEST"] == "master" + gem "google-cloud-binary_authorization-v1", path: "../" +else + gem "google-cloud-binary_authorization-v1" +end + +group :test do + gem "google-style", "~> 1.26.1" + gem "minitest", "~> 5.16" + gem "minitest-focus", "~> 1.1" + gem "minitest-hooks", "~> 1.5" +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb new file mode 100644 index 000000000000..d3d3d9cfbd30 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the create_attestor call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor. +# +def create_attestor + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new + + # Call the create_attestor method. + result = client.create_attestor request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb new file mode 100644 index 000000000000..3746ae61fee1 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the delete_attestor call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor. +# +def delete_attestor + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new + + # Call the delete_attestor method. + result = client.delete_attestor request + + # The returned object is of type Google::Protobuf::Empty. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb new file mode 100644 index 000000000000..fc121e0e7a05 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the get_attestor call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor. +# +def get_attestor + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new + + # Call the get_attestor method. + result = client.get_attestor request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb new file mode 100644 index 000000000000..db65dadfc232 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the get_policy call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy. +# +def get_policy + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new + + # Call the get_policy method. + result = client.get_policy request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb new file mode 100644 index 000000000000..50bf5c28142b --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the list_attestors call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors. +# +def list_attestors + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new + + # Call the list_attestors method. + result = client.list_attestors request + + # The returned object is of type Gapic::PagedEnumerable. You can iterate + # over elements, and API calls will be issued to fetch pages as needed. + result.each do |item| + # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. + p item + end +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb new file mode 100644 index 000000000000..a4228606d221 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the update_attestor call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor. +# +def update_attestor + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new + + # Call the update_attestor method. + result = client.update_attestor request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb new file mode 100644 index 000000000000..c27d96a7f3ce --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the update_policy call in the BinauthzManagementService service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy. +# +def update_policy + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new + + # Call the update_policy method. + result = client.update_policy request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + p result +end +# [END binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json new file mode 100644 index 000000000000..b74cbd346028 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -0,0 +1,375 @@ +{ + "client_library": { + "name": "google-cloud-binary_authorization-v1", + "version": "", + "language": "RUBY", + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ] + }, + "snippets": [ + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync", + "title": "Snippet for the get_policy call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy.", + "file": "binauthz_management_service/get_policy.rb", + "language": "RUBY", + "client_method": { + "short_name": "get_policy", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "GetPolicy", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync", + "title": "Snippet for the update_policy call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy.", + "file": "binauthz_management_service/update_policy.rb", + "language": "RUBY", + "client_method": { + "short_name": "update_policy", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "UpdatePolicy", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync", + "title": "Snippet for the create_attestor call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor.", + "file": "binauthz_management_service/create_attestor.rb", + "language": "RUBY", + "client_method": { + "short_name": "create_attestor", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "CreateAttestor", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync", + "title": "Snippet for the get_attestor call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor.", + "file": "binauthz_management_service/get_attestor.rb", + "language": "RUBY", + "client_method": { + "short_name": "get_attestor", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "GetAttestor", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync", + "title": "Snippet for the update_attestor call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor.", + "file": "binauthz_management_service/update_attestor.rb", + "language": "RUBY", + "client_method": { + "short_name": "update_attestor", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "UpdateAttestor", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync", + "title": "Snippet for the list_attestors call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors.", + "file": "binauthz_management_service/list_attestors.rb", + "language": "RUBY", + "client_method": { + "short_name": "list_attestors", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "ListAttestors", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 50, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync", + "title": "Snippet for the delete_attestor call in the BinauthzManagementService service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor.", + "file": "binauthz_management_service/delete_attestor.rb", + "language": "RUBY", + "client_method": { + "short_name": "delete_attestor", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest", + "name": "request" + } + ], + "result_type": "::Google::Protobuf::Empty", + "client": { + "short_name": "BinauthzManagementService::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" + }, + "method": { + "short_name": "DeleteAttestor", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "short_name": "BinauthzManagementService", + "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync", + "title": "Snippet for the get_system_policy call in the SystemPolicy service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy.", + "file": "system_policy/get_system_policy.rb", + "language": "RUBY", + "client_method": { + "short_name": "get_system_policy", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", + "client": { + "short_name": "SystemPolicy::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client" + }, + "method": { + "short_name": "GetSystemPolicy", + "full_name": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "short_name": "SystemPolicy", + "full_name": "google.cloud.binaryauthorization.v1.SystemPolicyV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + }, + { + "region_tag": "binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync", + "title": "Snippet for the validate_attestation_occurrence call in the ValidationHelper service", + "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence.", + "file": "validation_helper/validate_attestation_occurrence.rb", + "language": "RUBY", + "client_method": { + "short_name": "validate_attestation_occurrence", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence", + "async": false, + "parameters": [ + { + "type": "::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest", + "name": "request" + } + ], + "result_type": "::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse", + "client": { + "short_name": "ValidationHelper::Client", + "full_name": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client" + }, + "method": { + "short_name": "ValidateAttestationOccurrence", + "full_name": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "short_name": "ValidationHelper", + "full_name": "google.cloud.binaryauthorization.v1.ValidationHelperV1" + } + } + }, + "canonical": true, + "origin": "API_DEFINITION", + "segments": [ + { + "start": 20, + "end": 46, + "type": "FULL" + } + ] + } + ] +} \ No newline at end of file diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb new file mode 100644 index 000000000000..03c084a5d4a3 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the get_system_policy call in the SystemPolicy service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy. +# +def get_system_policy + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new + + # Call the get_system_policy method. + result = client.get_system_policy request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. + p result +end +# [END binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb new file mode 100644 index 000000000000..ce37ef22ca28 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +# [START binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync] +require "google/cloud/binary_authorization/v1" + +## +# Snippet for the validate_attestation_occurrence call in the ValidationHelper service +# +# This snippet has been automatically generated and should be regarded as a code +# template only. It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in https://cloud.google.com/ruby/docs/reference. +# +# This is an auto-generated example demonstrating basic usage of +# Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence. +# +def validate_attestation_occurrence + # Create a client object. The client can be reused for multiple calls. + client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new + + # Create a request. To set request fields, pass in keyword arguments. + request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new + + # Call the validate_attestation_occurrence method. + result = client.validate_attestation_occurrence request + + # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. + p result +end +# [END binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb new file mode 100644 index 000000000000..021b9dc22a4c --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb @@ -0,0 +1,82 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" + +require "gapic/grpc/service_stub" + +require "google/cloud/binary_authorization/v1/binauthz_management_service" + +class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::ClientPathsTest < Minitest::Test + class DummyStub + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_attestor_path + grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + ::Gapic::ServiceStub.stub :new, DummyStub.new do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + path = client.attestor_path project: "value0", attestor: "value1" + assert_equal "projects/value0/attestors/value1", path + end + end + + def test_policy_path + grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + ::Gapic::ServiceStub.stub :new, DummyStub.new do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + path = client.policy_path project: "value0" + assert_equal "projects/value0/policy", path + + path = client.policy_path location: "value0" + assert_equal "locations/value0/policy", path + end + end + + def test_project_path + grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + ::Gapic::ServiceStub.stub :new, DummyStub.new do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + path = client.project_path project: "value0" + assert_equal "projects/value0", path + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb new file mode 100644 index 000000000000..b02727df0d99 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb @@ -0,0 +1,481 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" +require "gapic/rest" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" + + +class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_count, :requests + + def initialize response, &block + @response = response + @block = block + @call_count = 0 + @requests = [] + end + + def make_get_request uri:, params: {}, options: {}, method_name: nil + make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_delete_request uri:, params: {}, options: {}, method_name: nil + make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil + make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_put_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_http_request *args, **kwargs + @call_count += 1 + + @requests << @block&.call(*args, **kwargs) + + @response + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_get_policy + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_get_policy_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, get_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.get_policy({ name: name }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.get_policy name: name do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.get_policy ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.get_policy({ name: name }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.get_policy(::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, get_policy_client_stub.call_count + end + end + end + + def test_update_policy + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + policy = {} + + update_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_update_policy_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, update_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.update_policy({ policy: policy }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.update_policy policy: policy do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.update_policy ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.update_policy({ policy: policy }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.update_policy(::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, update_policy_client_stub.call_count + end + end + end + + def test_create_attestor + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + parent = "hello world" + attestor_id = "hello world" + attestor = {} + + create_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_create_attestor_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, create_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.create_attestor parent: parent, attestor_id: attestor_id, attestor: attestor do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.create_attestor ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.create_attestor(::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, create_attestor_client_stub.call_count + end + end + end + + def test_get_attestor + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_get_attestor_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, get_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.get_attestor({ name: name }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.get_attestor name: name do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.get_attestor ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.get_attestor({ name: name }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.get_attestor(::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, get_attestor_client_stub.call_count + end + end + end + + def test_update_attestor + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + attestor = {} + + update_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_update_attestor_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, update_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.update_attestor({ attestor: attestor }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.update_attestor attestor: attestor do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.update_attestor ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.update_attestor({ attestor: attestor }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.update_attestor(::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, update_attestor_client_stub.call_count + end + end + end + + def test_list_attestors + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + parent = "hello world" + page_size = 42 + page_token = "hello world" + + list_attestors_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_list_attestors_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, list_attestors_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.list_attestors parent: parent, page_size: page_size, page_token: page_token do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.list_attestors ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.list_attestors(::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, list_attestors_client_stub.call_count + end + end + end + + def test_delete_attestor + # Create test objects. + client_result = ::Google::Protobuf::Empty.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + delete_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_delete_attestor_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, delete_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.delete_attestor({ name: name }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.delete_attestor name: name do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.delete_attestor ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.delete_attestor({ name: name }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.delete_attestor(::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, delete_attestor_client_stub.call_count + end + end + end + + def test_configure + credentials_token = :dummy_value + + client = block_config = config = nil + dummy_stub = ClientStub.new nil + Gapic::Rest::ClientStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| + config.credentials = credentials_token + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration, config + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb new file mode 100644 index 000000000000..9c8502cacacf --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb @@ -0,0 +1,523 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" + +require "gapic/grpc/service_stub" + +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/binauthz_management_service" + +class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_rpc_count, :requests + + def initialize response, operation, &block + @response = response + @operation = operation + @block = block + @call_rpc_count = 0 + @requests = [] + end + + def call_rpc *args, **kwargs + @call_rpc_count += 1 + + @requests << @block&.call(*args, **kwargs) + + catch :response do + yield @response, @operation if block_given? + @response + end + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_get_policy + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :get_policy, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, request + assert_equal "hello world", request["name"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, get_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.get_policy({ name: name }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.get_policy name: name do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.get_policy ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.get_policy({ name: name }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.get_policy(::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, get_policy_client_stub.call_rpc_count + end + end + + def test_update_policy + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + policy = {} + + update_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :update_policy, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, request + assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Policy), request["policy"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, update_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.update_policy({ policy: policy }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.update_policy policy: policy do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.update_policy ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.update_policy({ policy: policy }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.update_policy(::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, update_policy_client_stub.call_rpc_count + end + end + + def test_create_attestor + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + parent = "hello world" + attestor_id = "hello world" + attestor = {} + + create_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :create_attestor, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, request + assert_equal "hello world", request["parent"] + assert_equal "hello world", request["attestor_id"] + assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Attestor), request["attestor"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, create_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.create_attestor parent: parent, attestor_id: attestor_id, attestor: attestor do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.create_attestor ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.create_attestor(::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, create_attestor_client_stub.call_rpc_count + end + end + + def test_get_attestor + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :get_attestor, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, request + assert_equal "hello world", request["name"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, get_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.get_attestor({ name: name }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.get_attestor name: name do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.get_attestor ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.get_attestor({ name: name }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.get_attestor(::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, get_attestor_client_stub.call_rpc_count + end + end + + def test_update_attestor + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + attestor = {} + + update_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :update_attestor, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, request + assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Attestor), request["attestor"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, update_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.update_attestor({ attestor: attestor }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.update_attestor attestor: attestor do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.update_attestor ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.update_attestor({ attestor: attestor }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.update_attestor(::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, update_attestor_client_stub.call_rpc_count + end + end + + def test_list_attestors + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + parent = "hello world" + page_size = 42 + page_token = "hello world" + + list_attestors_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :list_attestors, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, request + assert_equal "hello world", request["parent"] + assert_equal 42, request["page_size"] + assert_equal "hello world", request["page_token"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, list_attestors_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }) do |response, operation| + assert_kind_of Gapic::PagedEnumerable, response + assert_equal grpc_response, response.response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.list_attestors parent: parent, page_size: page_size, page_token: page_token do |response, operation| + assert_kind_of Gapic::PagedEnumerable, response + assert_equal grpc_response, response.response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.list_attestors ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token) do |response, operation| + assert_kind_of Gapic::PagedEnumerable, response + assert_equal grpc_response, response.response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }, grpc_options) do |response, operation| + assert_kind_of Gapic::PagedEnumerable, response + assert_equal grpc_response, response.response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.list_attestors(::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token), grpc_options) do |response, operation| + assert_kind_of Gapic::PagedEnumerable, response + assert_equal grpc_response, response.response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, list_attestors_client_stub.call_rpc_count + end + end + + def test_delete_attestor + # Create GRPC objects. + grpc_response = ::Google::Protobuf::Empty.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + delete_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :delete_attestor, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, request + assert_equal "hello world", request["name"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, delete_attestor_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.delete_attestor({ name: name }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.delete_attestor name: name do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.delete_attestor ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.delete_attestor({ name: name }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.delete_attestor(::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, delete_attestor_client_stub.call_rpc_count + end + end + + def test_configure + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + + client = block_config = config = nil + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = grpc_channel + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration, config + end + + def test_credentials + key = OpenSSL::PKey::RSA.new 2048 + cred_json = { + "private_key" => key.to_pem, + "client_email" => "app@developer.gserviceaccount.com", + "type" => "service_account" + } + key_file = StringIO.new cred_json.to_json + creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) + + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| + config.credentials = creds + end + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client, client + assert_equal creds, client.configure.credentials + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb new file mode 100644 index 000000000000..627c53badd9f --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb @@ -0,0 +1,58 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" + +require "gapic/grpc/service_stub" + +require "google/cloud/binary_authorization/v1/system_policy" + +class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::ClientPathsTest < Minitest::Test + class DummyStub + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_policy_path + grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + ::Gapic::ServiceStub.stub :new, DummyStub.new do + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + config.credentials = grpc_channel + end + + path = client.policy_path project: "value0" + assert_equal "projects/value0/policy", path + + path = client.policy_path location: "value0" + assert_equal "locations/value0/policy", path + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb new file mode 100644 index 000000000000..c945256e19b5 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb @@ -0,0 +1,153 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" +require "gapic/rest" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/system_policy/rest" + + +class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_count, :requests + + def initialize response, &block + @response = response + @block = block + @call_count = 0 + @requests = [] + end + + def make_get_request uri:, params: {}, options: {}, method_name: nil + make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_delete_request uri:, params: {}, options: {}, method_name: nil + make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil + make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_put_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_http_request *args, **kwargs + @call_count += 1 + + @requests << @block&.call(*args, **kwargs) + + @response + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_get_system_policy + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_system_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ServiceStub.stub :transcode_get_system_policy_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, get_system_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.get_system_policy({ name: name }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.get_system_policy name: name do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.get_system_policy ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.get_system_policy({ name: name }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.get_system_policy(::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, get_system_policy_client_stub.call_count + end + end + end + + def test_configure + credentials_token = :dummy_value + + client = block_config = config = nil + dummy_stub = ClientStub.new nil + Gapic::Rest::ClientStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| + config.credentials = credentials_token + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration, config + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb new file mode 100644 index 000000000000..bc615fe2637c --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb @@ -0,0 +1,162 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" + +require "gapic/grpc/service_stub" + +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/system_policy" + +class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_rpc_count, :requests + + def initialize response, operation, &block + @response = response + @operation = operation + @block = block + @call_rpc_count = 0 + @requests = [] + end + + def call_rpc *args, **kwargs + @call_rpc_count += 1 + + @requests << @block&.call(*args, **kwargs) + + catch :response do + yield @response, @operation if block_given? + @response + end + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_get_system_policy + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + name = "hello world" + + get_system_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :get_system_policy, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, request + assert_equal "hello world", request["name"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, get_system_policy_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.get_system_policy({ name: name }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.get_system_policy name: name do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.get_system_policy ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.get_system_policy({ name: name }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.get_system_policy(::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, get_system_policy_client_stub.call_rpc_count + end + end + + def test_configure + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + + client = block_config = config = nil + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + config.credentials = grpc_channel + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration, config + end + + def test_credentials + key = OpenSSL::PKey::RSA.new 2048 + cred_json = { + "private_key" => key.to_pem, + "client_email" => "app@developer.gserviceaccount.com", + "type" => "service_account" + } + key_file = StringIO.new cred_json.to_json + creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) + + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| + config.credentials = creds + end + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client, client + assert_equal creds, client.configure.credentials + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb new file mode 100644 index 000000000000..bd7846c5fb28 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb @@ -0,0 +1,156 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" +require "gapic/rest" +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/validation_helper/rest" + + +class ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_count, :requests + + def initialize response, &block + @response = response + @block = block + @call_count = 0 + @requests = [] + end + + def make_get_request uri:, params: {}, options: {}, method_name: nil + make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_delete_request uri:, params: {}, options: {}, method_name: nil + make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name + end + + def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil + make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_put_request uri:, body:, params: {}, options: {}, method_name: nil + make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name + end + + def make_http_request *args, **kwargs + @call_count += 1 + + @requests << @block&.call(*args, **kwargs) + + @response + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_validate_attestation_occurrence + # Create test objects. + client_result = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.new + http_response = OpenStruct.new body: client_result.to_json + + call_options = {} + + # Create request parameters for a unary method. + attestor = "hello world" + attestation = {} + occurrence_note = "hello world" + occurrence_resource_uri = "hello world" + + validate_attestation_occurrence_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| + assert options.metadata.key? :"x-goog-api-client" + assert options.metadata[:"x-goog-api-client"].include? "rest" + refute options.metadata[:"x-goog-api-client"].include? "grpc" + end + + ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ServiceStub.stub :transcode_validate_attestation_occurrence_request, ["", "", {}] do + Gapic::Rest::ClientStub.stub :new, validate_attestation_occurrence_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| + config.credentials = :dummy_value + end + + # Use hash object + client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use named arguments + client.validate_attestation_occurrence attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object + client.validate_attestation_occurrence ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use hash object with options + client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }, call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Use protobuf object with options + client.validate_attestation_occurrence(::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri), call_options) do |_result, response| + assert_equal http_response, response.underlying_op + end + + # Verify method calls + assert_equal 5, validate_attestation_occurrence_client_stub.call_count + end + end + end + + def test_configure + credentials_token = :dummy_value + + client = block_config = config = nil + dummy_stub = ClientStub.new nil + Gapic::Rest::ClientStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| + config.credentials = credentials_token + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration, config + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb new file mode 100644 index 000000000000..1beca9828985 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb @@ -0,0 +1,168 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "helper" + +require "gapic/grpc/service_stub" + +require "google/cloud/binaryauthorization/v1/service_pb" +require "google/cloud/binary_authorization/v1/validation_helper" + +class ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::ClientTest < Minitest::Test + class ClientStub + attr_accessor :call_rpc_count, :requests + + def initialize response, operation, &block + @response = response + @operation = operation + @block = block + @call_rpc_count = 0 + @requests = [] + end + + def call_rpc *args, **kwargs + @call_rpc_count += 1 + + @requests << @block&.call(*args, **kwargs) + + catch :response do + yield @response, @operation if block_given? + @response + end + end + + def endpoint + "endpoint.example.com" + end + + def universe_domain + "example.com" + end + + def stub_logger + nil + end + + def logger + nil + end + end + + def test_validate_attestation_occurrence + # Create GRPC objects. + grpc_response = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.new + grpc_operation = GRPC::ActiveCall::Operation.new nil + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + grpc_options = {} + + # Create request parameters for a unary method. + attestor = "hello world" + attestation = {} + occurrence_note = "hello world" + occurrence_resource_uri = "hello world" + + validate_attestation_occurrence_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| + assert_equal :validate_attestation_occurrence, name + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, request + assert_equal "hello world", request["attestor"] + assert_equal Gapic::Protobuf.coerce({}, to: ::Grafeas::V1::AttestationOccurrence), request["attestation"] + assert_equal "hello world", request["occurrence_note"] + assert_equal "hello world", request["occurrence_resource_uri"] + refute_nil options + end + + Gapic::ServiceStub.stub :new, validate_attestation_occurrence_client_stub do + # Create client + client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + config.credentials = grpc_channel + end + + # Use hash object + client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use named arguments + client.validate_attestation_occurrence attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object + client.validate_attestation_occurrence ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use hash object with options + client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }, grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Use protobuf object with options + client.validate_attestation_occurrence(::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri), grpc_options) do |response, operation| + assert_equal grpc_response, response + assert_equal grpc_operation, operation + end + + # Verify method calls + assert_equal 5, validate_attestation_occurrence_client_stub.call_rpc_count + end + end + + def test_configure + grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure + + client = block_config = config = nil + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + config.credentials = grpc_channel + end + end + + config = client.configure do |c| + block_config = c + end + + assert_same block_config, config + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration, config + end + + def test_credentials + key = OpenSSL::PKey::RSA.new 2048 + cred_json = { + "private_key" => key.to_pem, + "client_email" => "app@developer.gserviceaccount.com", + "type" => "service_account" + } + key_file = StringIO.new cred_json.to_json + creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) + + dummy_stub = ClientStub.new nil, nil + Gapic::ServiceStub.stub :new, dummy_stub do + client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| + config.credentials = creds + end + assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client, client + assert_equal creds, client.configure.credentials + end + end +end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb new file mode 100644 index 000000000000..f0e715458fa2 --- /dev/null +++ b/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Auto-generated by gapic-generator-ruby. DO NOT EDIT! + +require "minitest/autorun" +require "minitest/focus" +require "minitest/rg" + +require "grpc" + +require "ostruct" From dc33f6a527dca2a547fe188f63583d57b9190a32 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 14 Feb 2026 03:05:43 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20po?= =?UTF-8?q?st-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- .../proto_docs/grafeas/v1/common.rb | 3 + .../.gitignore | 22 - .../.repo-metadata.json | 19 - .../.rubocop.yml | 33 - .../.toys.rb | 28 - .../.yardopts | 12 - .../AUTHENTICATION.md | 122 -- .../CHANGELOG.md | 2 - .../Gemfile | 11 - .../LICENSE.md | 201 --- .../README.md | 154 --- .../Rakefile | 168 --- .../gapic_metadata.json | 81 -- ...ogle-cloud-binary_authorization-v1.gemspec | 29 - .../google-cloud-binary_authorization-v1.rb | 21 - .../google/cloud/binary_authorization/v1.rb | 47 - .../v1/binauthz_management_service.rb | 61 - .../v1/binauthz_management_service/client.rb | 1108 ----------------- .../credentials.rb | 51 - .../v1/binauthz_management_service/paths.rb | 97 -- .../v1/binauthz_management_service/rest.rb | 58 - .../rest/client.rb | 1016 --------------- .../rest/service_stub.rb | 511 -------- .../cloud/binary_authorization/v1/rest.rb | 39 - .../binary_authorization/v1/system_policy.rb | 55 - .../v1/system_policy/client.rb | 475 ------- .../v1/system_policy/credentials.rb | 51 - .../v1/system_policy/paths.rb | 66 - .../v1/system_policy/rest.rb | 52 - .../v1/system_policy/rest/client.rb | 425 ------- .../v1/system_policy/rest/service_stub.rb | 142 --- .../v1/validation_helper.rb | 54 - .../v1/validation_helper/client.rb | 486 -------- .../v1/validation_helper/credentials.rb | 51 - .../v1/validation_helper/rest.rb | 51 - .../v1/validation_helper/rest/client.rb | 436 ------- .../v1/validation_helper/rest/service_stub.rb | 143 --- .../cloud/binary_authorization/v1/version.rb | 28 - .../binaryauthorization/v1/resources_pb.rb | 57 - .../binaryauthorization/v1/service_pb.rb | 63 - .../v1/service_services_pb.rb | 115 -- .../proto_docs/README.md | 4 - .../proto_docs/google/api/client.rb | 473 ------- .../proto_docs/google/api/field_behavior.rb | 85 -- .../proto_docs/google/api/launch_stage.rb | 71 -- .../proto_docs/google/api/resource.rb | 227 ---- .../cloud/binaryauthorization/v1/resources.rb | 374 ------ .../cloud/binaryauthorization/v1/service.rb | 189 --- .../proto_docs/google/protobuf/duration.rb | 98 -- .../proto_docs/google/protobuf/empty.rb | 34 - .../proto_docs/google/protobuf/timestamp.rb | 127 -- .../proto_docs/grafeas/v1/attestation.rb | 98 -- .../proto_docs/grafeas/v1/common.rb | 239 ---- .../snippets/Gemfile | 32 - .../create_attestor.rb | 47 - .../delete_attestor.rb | 47 - .../get_attestor.rb | 47 - .../binauthz_management_service/get_policy.rb | 47 - .../list_attestors.rb | 51 - .../update_attestor.rb | 47 - .../update_policy.rb | 47 - ...a_google.cloud.binaryauthorization.v1.json | 375 ------ .../system_policy/get_system_policy.rb | 47 - .../validate_attestation_occurrence.rb | 47 - .../binauthz_management_service_paths_test.rb | 82 -- .../binauthz_management_service_rest_test.rb | 481 ------- .../v1/binauthz_management_service_test.rb | 523 -------- .../v1/system_policy_paths_test.rb | 58 - .../v1/system_policy_rest_test.rb | 153 --- .../v1/system_policy_test.rb | 162 --- .../v1/validation_helper_rest_test.rb | 156 --- .../v1/validation_helper_test.rb | 168 --- .../test/helper.rb | 25 - 73 files changed, 3 insertions(+), 11302 deletions(-) delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/README.md delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb delete mode 100644 owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb diff --git a/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb b/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb index a927fe1b156a..228888927bd9 100644 --- a/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb +++ b/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb @@ -132,6 +132,9 @@ class FileLocation # @!attribute [rw] layer_count # @return [::Integer] # The number of layers that the base image is composed of. + # @!attribute [rw] registry + # @return [::String] + # The registry in which the base image is from. class BaseImage include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore b/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore deleted file mode 100644 index 0135b6bc6cfc..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/.gitignore +++ /dev/null @@ -1,22 +0,0 @@ -# Ignore bundler lockfiles -Gemfile.lock -gems.locked - -# Ignore documentation output -doc/* -.yardoc/* - -# Ignore test output -coverage/* - -# Ignore build artifacts -pkg/* - -# Ignore files commonly present in certain dev environments -.vagrant -.DS_STORE -.idea -*.iml - -# Ignore synth output -__pycache__ diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json b/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json deleted file mode 100644 index 2f8790a17bc3..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/.repo-metadata.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "api_id": "binaryauthorization.googleapis.com", - "api_shortname": "binaryauthorization", - "client_documentation": "https://cloud.google.com/ruby/docs/reference/google-cloud-binary_authorization-v1/latest", - "distribution_name": "google-cloud-binary_authorization-v1", - "is_cloud": true, - "language": "ruby", - "name": "binaryauthorization", - "name_pretty": "Binary Authorization V1 API", - "product_documentation": "https://cloud.google.com/binary-authorization/", - "release_level": "unreleased", - "repo": "googleapis/google-cloud-ruby", - "requires_billing": true, - "ruby-cloud-description": "Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. Note that google-cloud-binary_authorization-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-binary_authorization instead. See the readme for more details.", - "ruby-cloud-env-prefix": "BINARY_AUTHORIZATION", - "ruby-cloud-product-url": "https://cloud.google.com/binary-authorization/", - "ruby-cloud-service-override": "BinauthzManagementServiceV1=BinauthzManagementService;SystemPolicyV1=SystemPolicy;ValidationHelperV1=ValidationHelper", - "library_type": "GAPIC_AUTO" -} diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml b/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml deleted file mode 100644 index d50625d49551..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/.rubocop.yml +++ /dev/null @@ -1,33 +0,0 @@ -inherit_gem: - google-style: google-style.yml - -AllCops: - Exclude: - - "google-cloud-binary_authorization-v1.gemspec" - - "lib/**/*_pb.rb" - - "proto_docs/**/*" - - "test/**/*" - - "acceptance/**/*" - - "samples/acceptance/**/*" - - "Rakefile" - -Layout/LineLength: - Enabled: false -Metrics/AbcSize: - Enabled: false -Metrics/ClassLength: - Enabled: false -Metrics/CyclomaticComplexity: - Enabled: false -Metrics/MethodLength: - Enabled: false -Metrics/ModuleLength: - Enabled: false -Metrics/PerceivedComplexity: - Enabled: false -Naming/AccessorMethodName: - Exclude: - - "snippets/**/*.rb" -Naming/FileName: - Exclude: - - "lib/google-cloud-binary_authorization-v1.rb" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb deleted file mode 100644 index 177e22456e8a..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/.toys.rb +++ /dev/null @@ -1,28 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -toys_version! ">= 0.15.3" - -if ENV["RUBY_COMMON_TOOLS"] - common_tools_dir = File.expand_path ENV["RUBY_COMMON_TOOLS"] - load File.join(common_tools_dir, "toys", "gapic") -else - load_git remote: "https://github.com/googleapis/ruby-common-tools.git", - path: "toys/gapic", - update: true -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts b/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts deleted file mode 100644 index a2253f9a1ac0..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/.yardopts +++ /dev/null @@ -1,12 +0,0 @@ ---no-private ---title="Binary Authorization V1 API" ---exclude _pb\.rb$ ---markup markdown ---markup-provider redcarpet - -./lib/**/*.rb -./proto_docs/**/*.rb -- -README.md -LICENSE.md -AUTHENTICATION.md diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md b/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md deleted file mode 100644 index 8279621c45ca..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/AUTHENTICATION.md +++ /dev/null @@ -1,122 +0,0 @@ -# Authentication - -The recommended way to authenticate to the google-cloud-binary_authorization-v1 library is to use -[Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials). -To review all of your authentication options, see [Credentials lookup](#credential-lookup). - -## Quickstart - -The following example shows how to set up authentication for a local development -environment with your user credentials. - -**NOTE:** This method is _not_ recommended for running in production. User credentials -should be used only during development. - -1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk). -2. Set up a local ADC file with your user credentials: - -```sh -gcloud auth application-default login -``` - -3. Write code as if already authenticated. - -For more information about setting up authentication for a local development environment, see -[Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev). - -## Credential Lookup - -The google-cloud-binary_authorization-v1 library provides several mechanisms to configure your system. -Generally, using Application Default Credentials to facilitate automatic -credentials discovery is the easist method. But if you need to explicitly specify -credentials, there are several methods available to you. - -Credentials are accepted in the following ways, in the following order or precedence: - -1. Credentials specified in method arguments -2. Credentials specified in configuration -3. Credentials pointed to or included in environment variables -4. Credentials found in local ADC file -5. Credentials returned by the metadata server for the attached service account (GCP) - -### Configuration - -You can configure a path to a JSON credentials file, either for an individual client object or -globally, for all client objects. The JSON file can contain credentials created for -[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation), -[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a -[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key). - -Note: Service account keys are a security risk if not managed correctly. You should -[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree) -whenever possible. - -To configure a credentials file for an individual client initialization: - -```ruby -require "google/cloud/binary_authorization/v1" - -client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = "path/to/credentialfile.json" -end -``` - -To configure a credentials file globally for all clients: - -```ruby -require "google/cloud/binary_authorization/v1" - -::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| - config.credentials = "path/to/credentialfile.json" -end - -client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new -``` - -### Environment Variables - -You can also use an environment variable to provide a JSON credentials file. -The environment variable can contain a path to the credentials file or, for -environments such as Docker containers where writing files is not encouraged, -you can include the credentials file itself. - -The JSON file can contain credentials created for -[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation), -[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a -[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key). - -Note: Service account keys are a security risk if not managed correctly. You should -[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree) -whenever possible. - -The environment variables that google-cloud-binary_authorization-v1 -checks for credentials are: - -* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents -* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file - -```ruby -require "google/cloud/binary_authorization/v1" - -ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json" - -client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new -``` - -### Local ADC file - -You can set up a local ADC file with your user credentials for authentication during -development. If credentials are not provided in code or in environment variables, -then the local ADC credentials are discovered. - -Follow the steps in [Quickstart](#quickstart) to set up a local ADC file. - -### Google Cloud Platform environments - -When running on Google Cloud Platform (GCP), including Google Compute Engine -(GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud -Functions (GCF) and Cloud Run, credentials are retrieved from the attached -service account automatically. Code should be written as if already authenticated. - -For more information, see -[Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa). diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md b/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md deleted file mode 100644 index f88957a62ba2..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -# Release History - diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile b/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile deleted file mode 100644 index 6442df18fa2f..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/Gemfile +++ /dev/null @@ -1,11 +0,0 @@ -source "https://rubygems.org" - -gemspec - -gem "google-style", "~> 1.31.1" -gem "minitest", "~> 5.22" -gem "minitest-focus", "~> 1.4" -gem "minitest-rg", "~> 5.3" -gem "rake", ">= 13.0" -gem "redcarpet", "~> 3.6" -gem "yard", "~> 0.9" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md b/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md deleted file mode 100644 index c261857ba6ad..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/LICENSE.md +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/README.md b/owl-bot-staging/google-cloud-binary_authorization-v1/README.md deleted file mode 100644 index 1421b3d50521..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/README.md +++ /dev/null @@ -1,154 +0,0 @@ -# Ruby Client for the Binary Authorization V1 API - -The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters, Anthos clusters on VMware, and Cloud Run. - -Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. - -https://github.com/googleapis/google-cloud-ruby - -This gem is a _versioned_ client. It provides basic client classes for a -specific version of the Binary Authorization V1 API. Most users should consider using -the main client gem, -[google-cloud-binary_authorization](https://rubygems.org/gems/google-cloud-binary_authorization). -See the section below titled *Which client should I use?* for more information. - -## Installation - -``` -$ gem install google-cloud-binary_authorization-v1 -``` - -## Before You Begin - -In order to use this library, you first need to go through the following steps: - -1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project) -1. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project) -1. [Enable the API.](https://console.cloud.google.com/apis/library/binaryauthorization.googleapis.com) -1. [Set up authentication.](AUTHENTICATION.md) - -## Quick Start - -```ruby -require "google/cloud/binary_authorization/v1" - -client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new -request = ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new # (request fields as keyword arguments...) -response = client.get_policy request -``` - -View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-binary_authorization-v1/latest) -for class and method documentation. - -See also the [Product Documentation](https://cloud.google.com/binary-authorization/) -for general usage information. - -## Debug Logging - -This library comes with opt-in Debug Logging that can help you troubleshoot -your application's integration with the API. When logging is activated, key -events such as requests and responses, along with data payloads and metadata -such as headers and client configuration, are logged to the standard error -stream. - -**WARNING:** Client Library Debug Logging includes your data payloads in -plaintext, which could include sensitive data such as PII for yourself or your -customers, private keys, or other security data that could be compromising if -leaked. Always practice good data hygiene with your application logs, and follow -the principle of least access. Google also recommends that Client Library Debug -Logging be enabled only temporarily during active debugging, and not used -permanently in production. - -To enable logging, set the environment variable `GOOGLE_SDK_RUBY_LOGGING_GEMS` -to the value `all`. Alternatively, you can set the value to a comma-delimited -list of client library gem names. This will select the default logging behavior, -which writes logs to the standard error stream. On a local workstation, this may -result in logs appearing on the console. When running on a Google Cloud hosting -service such as [Google Cloud Run](https://cloud.google.com/run), this generally -results in logs appearing alongside your application logs in the -[Google Cloud Logging](https://cloud.google.com/logging/) service. - -You can customize logging by modifying the `logger` configuration when -constructing a client object. For example: - -```ruby -require "google/cloud/binary_authorization/v1" -require "logger" - -client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.logger = Logger.new "my-app.log" -end -``` - -## Google Cloud Samples - -To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples). - -## Supported Ruby Versions - -This library is supported on Ruby 3.0+. - -Google provides official support for Ruby versions that are actively supported -by Ruby Core—that is, Ruby versions that are either in normal maintenance or -in security maintenance, and not end of life. Older versions of Ruby _may_ -still work, but are unsupported and not recommended. See -https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby -support schedule. - -## Which client should I use? - -Most modern Ruby client libraries for Google APIs come in two flavors: the main -client library with a name such as `google-cloud-binary_authorization`, -and lower-level _versioned_ client libraries with names such as -`google-cloud-binary_authorization-v1`. -_In most cases, you should install the main client._ - -### What's the difference between the main client and a versioned client? - -A _versioned client_ provides a basic set of data types and client classes for -a _single version_ of a specific service. (That is, for a service with multiple -versions, there might be a separate versioned client for each service version.) -Most versioned clients are written and maintained by a code generator. - -The _main client_ is designed to provide you with the _recommended_ client -interfaces for the service. There will be only one main client for any given -service, even a service with multiple versions. The main client includes -factory methods for constructing the client objects we recommend for most -users. In some cases, those will be classes provided by an underlying versioned -client; in other cases, they will be handwritten higher-level client objects -with additional capabilities, convenience methods, or best practices built in. -Generally, the main client will default to a recommended service version, -although in some cases you can override this if you need to talk to a specific -service version. - -### Why would I want to use the main client? - -We recommend that most users install the main client gem for a service. You can -identify this gem as the one _without_ a version in its name, e.g. -`google-cloud-binary_authorization`. -The main client is recommended because it will embody the best practices for -accessing the service, and may also provide more convenient interfaces or -tighter integration into frameworks and third-party libraries. In addition, the -documentation and samples published by Google will generally demonstrate use of -the main client. - -### Why would I want to use a versioned client? - -You can use a versioned client if you are content with a possibly lower-level -class interface, you explicitly want to avoid features provided by the main -client, or you want to access a specific service version not be covered by the -main client. You can identify versioned client gems because the service version -is part of the name, e.g. `google-cloud-binary_authorization-v1`. - -### What about the google-apis- clients? - -Client library gems with names that begin with `google-apis-` are based on an -older code generation technology. They talk to a REST/JSON backend (whereas -most modern clients talk to a [gRPC](https://grpc.io/) backend) and they may -not offer the same performance, features, and ease of use provided by more -modern clients. - -The `google-apis-` clients have wide coverage across Google services, so you -might need to use one if there is no modern client available for the service. -However, if a modern client is available, we generally recommend it over the -older `google-apis-` clients. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile b/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile deleted file mode 100644 index ed9face33f1e..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/Rakefile +++ /dev/null @@ -1,168 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "bundler/setup" -require "bundler/gem_tasks" - -require "rubocop/rake_task" -RuboCop::RakeTask.new - -require "rake/testtask" -desc "Run tests." -Rake::TestTask.new do |t| - t.libs << "test" - t.test_files = FileList["test/**/*_test.rb"] - t.warning = false -end - -desc "Runs the smoke tests." -Rake::TestTask.new :smoke_test do |t| - t.test_files = FileList["acceptance/**/*smoke_test.rb"] - t.warning = false -end - -# Acceptance tests -desc "Run the google-cloud-binary_authorization-v1 acceptance tests." -task :acceptance, :project, :keyfile do |t, args| - project = args[:project] - project ||= - ENV["BINARY_AUTHORIZATION_TEST_PROJECT"] || - ENV["GCLOUD_TEST_PROJECT"] - keyfile = args[:keyfile] - keyfile ||= - ENV["BINARY_AUTHORIZATION_TEST_KEYFILE"] || - ENV["GCLOUD_TEST_KEYFILE"] - if keyfile - keyfile = File.read keyfile - else - keyfile ||= - ENV["BINARY_AUTHORIZATION_TEST_KEYFILE_JSON"] || - ENV["GCLOUD_TEST_KEYFILE_JSON"] - end - if project.nil? || keyfile.nil? - fail "You must provide a project and keyfile. e.g. rake acceptance[test123, /path/to/keyfile.json] or BINARY_AUTHORIZATION_TEST_PROJECT=test123 BINARY_AUTHORIZATION_TEST_KEYFILE=/path/to/keyfile.json rake acceptance" - end - require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Credentials.env_vars.each do |path| - ENV[path] = nil - end - ENV["BINARY_AUTHORIZATION_PROJECT"] = project - ENV["BINARY_AUTHORIZATION_TEST_PROJECT"] = project - ENV["BINARY_AUTHORIZATION_KEYFILE_JSON"] = keyfile - - Rake::Task["acceptance:run"].invoke -end - -namespace :acceptance do - task :run do - if File.directory? "acceptance" - Rake::Task[:smoke_test].invoke - else - puts "The google-cloud-binary_authorization-v1 gem has no acceptance tests." - end - end - - desc "Run acceptance cleanup." - task :cleanup do - end -end - -task :samples do - Rake::Task["samples:latest"].invoke -end - -namespace :samples do - task :latest do - if File.directory? "samples" - Dir.chdir "samples" do - Bundler.with_clean_env do - ENV["GOOGLE_CLOUD_SAMPLES_TEST"] = "not_master" - sh "bundle update" - sh "bundle exec rake test" - end - end - else - puts "The google-cloud-binary_authorization-v1 gem has no samples to test." - end - end - - task :master do - if File.directory? "samples" - Dir.chdir "samples" do - Bundler.with_clean_env do - ENV["GOOGLE_CLOUD_SAMPLES_TEST"] = "master" - sh "bundle update" - sh "bundle exec rake test" - end - end - else - puts "The google-cloud-binary_authorization-v1 gem has no samples to test." - end - end -end - -require "yard" -require "yard/rake/yardoc_task" -YARD::Rake::YardocTask.new do |y| -end - -desc "Run yard-doctest example tests." -task :doctest do - puts "The google-cloud-binary_authorization-v1 gem does not have doctest tests." -end - -desc "Run the CI build" -task :ci do - header "BUILDING google-cloud-binary_authorization-v1" - header "google-cloud-binary_authorization-v1 rubocop", "*" - Rake::Task[:rubocop].invoke - header "google-cloud-binary_authorization-v1 yard", "*" - Rake::Task[:yard].invoke - header "google-cloud-binary_authorization-v1 test", "*" - Rake::Task[:test].invoke -end - -namespace :ci do - desc "Run the CI build, with smoke tests." - task :smoke_test do - Rake::Task[:ci].invoke - header "google-cloud-binary_authorization-v1 smoke_test", "*" - Rake::Task[:smoke_test].invoke - end - desc "Run the CI build, with acceptance tests." - task :acceptance do - Rake::Task[:ci].invoke - header "google-cloud-binary_authorization-v1 acceptance", "*" - Rake::Task[:acceptance].invoke - end - task :a do - # This is a handy shortcut to save typing - Rake::Task["ci:acceptance"].invoke - end -end - -task default: :test - -def header str, token = "#" - line_length = str.length + 8 - puts "" - puts token * line_length - puts "#{token * 3} #{str} #{token * 3}" - puts token * line_length - puts "" -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json b/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json deleted file mode 100644 index 62616714fd74..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/gapic_metadata.json +++ /dev/null @@ -1,81 +0,0 @@ -{ - "schema": "1.0", - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "ruby", - "protoPackage": "google.cloud.binaryauthorization.v1", - "libraryPackage": "::Google::Cloud::BinaryAuthorization::V1", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client", - "rpcs": { - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - }, - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec b/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec deleted file mode 100644 index 1a0663400e09..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/google-cloud-binary_authorization-v1.gemspec +++ /dev/null @@ -1,29 +0,0 @@ -# -*- ruby -*- -# encoding: utf-8 - -require File.expand_path("lib/google/cloud/binary_authorization/v1/version", __dir__) - -Gem::Specification.new do |gem| - gem.name = "google-cloud-binary_authorization-v1" - gem.version = Google::Cloud::BinaryAuthorization::V1::VERSION - - gem.authors = ["Google LLC"] - gem.email = "googleapis-packages@google.com" - gem.description = "Binary Authorization is a service on Google Cloud that provides centralized software supply-chain security for applications that run on Google Kubernetes Engine (GKE) and GKE on-prem. Note that google-cloud-binary_authorization-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-binary_authorization instead. See the readme for more details." - gem.summary = "The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters, Anthos clusters on VMware, and Cloud Run." - gem.homepage = "https://github.com/googleapis/google-cloud-ruby" - gem.license = "Apache-2.0" - - gem.platform = Gem::Platform::RUBY - - gem.files = `git ls-files -- lib/*`.split("\n") + - `git ls-files -- proto_docs/*`.split("\n") + - ["README.md", "LICENSE.md", "AUTHENTICATION.md", ".yardopts"] - gem.require_paths = ["lib"] - - gem.required_ruby_version = ">= 3.1" - - gem.add_dependency "gapic-common", "~> 1.2" - gem.add_dependency "google-cloud-errors", "~> 1.0" - gem.add_dependency "grafeas-v1", "> 0.0", "< 2.a" -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb deleted file mode 100644 index 6fd39b3fb94a..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google-cloud-binary_authorization-v1.rb +++ /dev/null @@ -1,21 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# This gem does not autoload during Bundler.require. To load this gem, -# issue explicit require statements for the packages desired, e.g.: -# require "google/cloud/binary_authorization/v1" diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb deleted file mode 100644 index d797dafc8014..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/binary_authorization/v1/binauthz_management_service" -require "google/cloud/binary_authorization/v1/system_policy" -require "google/cloud/binary_authorization/v1/validation_helper" -require "google/cloud/binary_authorization/v1/version" - -module Google - module Cloud - module BinaryAuthorization - ## - # API client module. - # - # @example Load this package, including all its services, and instantiate a gRPC client - # - # require "google/cloud/binary_authorization/v1" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # @example Load this package, including all its services, and instantiate a REST client - # - # require "google/cloud/binary_authorization/v1" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - module V1 - end - end - end -end - -helper_path = ::File.join __dir__, "v1", "_helpers.rb" -require "google/cloud/binary_authorization/v1/_helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb deleted file mode 100644 index 1efe07271436..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service.rb +++ /dev/null @@ -1,61 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/common" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" -require "google/cloud/binary_authorization/v1/binauthz_management_service/paths" -require "google/cloud/binary_authorization/v1/binauthz_management_service/client" -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # Google Cloud Management Service for Binary Authorization admission policies - # and attestation authorities. - # - # This API implements a REST model with the following objects: - # - # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} - # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} - # - # @example Load this service and instantiate a gRPC client - # - # require "google/cloud/binary_authorization/v1/binauthz_management_service" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # @example Load this service and instantiate a REST client - # - # require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - module BinauthzManagementService - end - end - end - end -end - -helper_path = ::File.join __dir__, "binauthz_management_service", "helpers.rb" -require "google/cloud/binary_authorization/v1/binauthz_management_service/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb deleted file mode 100644 index 7f2a92bf4c5a..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/client.rb +++ /dev/null @@ -1,1108 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementService - ## - # Client for the BinauthzManagementService service. - # - # Google Cloud Management Service for Binary Authorization admission policies - # and attestation authorities. - # - # This API implements a REST model with the following objects: - # - # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} - # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - include Paths - - # @private - attr_reader :binauthz_management_service_stub - - ## - # Configure the BinauthzManagementService Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all BinauthzManagementService clients - # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config.rpcs.get_policy.timeout = 600.0 - default_config.rpcs.get_policy.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.update_policy.timeout = 600.0 - default_config.rpcs.update_policy.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.create_attestor.timeout = 600.0 - - default_config.rpcs.get_attestor.timeout = 600.0 - default_config.rpcs.get_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.update_attestor.timeout = 600.0 - default_config.rpcs.update_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.list_attestors.timeout = 600.0 - default_config.rpcs.list_attestors.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.delete_attestor.timeout = 600.0 - default_config.rpcs.delete_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the BinauthzManagementService Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @binauthz_management_service_stub.universe_domain - end - - ## - # Create a new BinauthzManagementService client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the BinauthzManagementService client. - # @yieldparam config [Client::Configuration] - # - def initialize - # These require statements are intentionally placed here to initialize - # the gRPC module only when it's required. - # See https://github.com/googleapis/toolkit/issues/446 - require "gapic/grpc" - require "google/cloud/binaryauthorization/v1/service_services_pb" - - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @binauthz_management_service_stub = ::Gapic::ServiceStub.new( - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementServiceV1::Stub, - credentials: credentials, - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - channel_args: @config.channel_args, - interceptors: @config.interceptors, - channel_pool_config: @config.channel_pool, - logger: @config.logger - ) - - @binauthz_management_service_stub.stub_logger&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @binauthz_management_service_stub.logger - end - - # Service calls - - ## - # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} specifies the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} that must attest to - # a container image, before the project is allowed to deploy that - # image. There is at most one policy per project. All image admission - # requests are permitted if a project has no policy. - # - # Gets the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for this project. Returns a default - # {::Google::Cloud::BinaryAuthorization::V1::Policy policy} if the project does not have one. - # - # @overload get_policy(request, options = nil) - # Pass arguments to `get_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload get_policy(name: nil) - # Pass arguments to `get_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, - # in the format `projects/*/policy`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new - # - # # Call the get_policy method. - # result = client.get_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def get_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.get_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.name - header_params["name"] = request.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.get_policy.timeout, - metadata: metadata, - retry_policy: @config.rpcs.get_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :get_policy, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Creates or updates a project's {::Google::Cloud::BinaryAuthorization::V1::Policy policy}, and returns a copy of the - # new {::Google::Cloud::BinaryAuthorization::V1::Policy policy}. A policy is always updated as a whole, to avoid race - # conditions with concurrent policy enforcement (or management!) - # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - # if the request is malformed. - # - # @overload update_policy(request, options = nil) - # Pass arguments to `update_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload update_policy(policy: nil) - # Pass arguments to `update_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param policy [::Google::Cloud::BinaryAuthorization::V1::Policy, ::Hash] - # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in - # the request URL, in the format `projects/*/policy`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new - # - # # Call the update_policy method. - # result = client.update_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def update_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.update_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.policy&.name - header_params["policy.name"] = request.policy.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.update_policy.timeout, - metadata: metadata, - retry_policy: @config.rpcs.update_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :update_policy, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Creates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}, and returns a copy of the new - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the project does not exist, - # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} already exists. - # - # @overload create_attestor(request, options = nil) - # Pass arguments to `create_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload create_attestor(parent: nil, attestor_id: nil, attestor: nil) - # Pass arguments to `create_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param parent [::String] - # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # @param attestor_id [::String] - # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. - # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] - # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, - # in the format `projects/*/attestors/*`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new - # - # # Call the create_attestor method. - # result = client.create_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def create_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.create_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.parent - header_params["parent"] = request.parent - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.create_attestor.timeout, - metadata: metadata, - retry_policy: @config.rpcs.create_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :create_attestor, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Gets an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload get_attestor(request, options = nil) - # Pass arguments to `get_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload get_attestor(name: nil) - # Pass arguments to `get_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format - # `projects/*/attestors/*`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new - # - # # Call the get_attestor method. - # result = client.get_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def get_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.get_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.name - header_params["name"] = request.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.get_attestor.timeout, - metadata: metadata, - retry_policy: @config.rpcs.get_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :get_attestor, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Updates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload update_attestor(request, options = nil) - # Pass arguments to `update_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload update_attestor(attestor: nil) - # Pass arguments to `update_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] - # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name - # in the request URL, in the format `projects/*/attestors/*`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new - # - # # Call the update_attestor method. - # result = client.update_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def update_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.update_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.attestor&.name - header_params["attestor.name"] = request.attestor.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.update_attestor.timeout, - metadata: metadata, - retry_policy: @config.rpcs.update_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :update_attestor, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Lists {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. - # Returns INVALID_ARGUMENT if the project does not exist. - # - # @overload list_attestors(request, options = nil) - # Pass arguments to `list_attestors` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload list_attestors(parent: nil, page_size: nil, page_token: nil) - # Pass arguments to `list_attestors` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param parent [::String] - # Required. The resource name of the project associated with the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. - # @param page_size [::Integer] - # Requested page size. The server may return fewer results than requested. If - # unspecified, the server will pick an appropriate default. - # @param page_token [::String] - # A token identifying a page of results the server should return. Typically, - # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned - # from the previous call to the `ListAttestors` method. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new - # - # # Call the list_attestors method. - # result = client.list_attestors request - # - # # The returned object is of type Gapic::PagedEnumerable. You can iterate - # # over elements, and API calls will be issued to fetch pages as needed. - # result.each do |item| - # # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. - # p item - # end - # - def list_attestors request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.list_attestors.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.parent - header_params["parent"] = request.parent - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.list_attestors.timeout, - metadata: metadata, - retry_policy: @config.rpcs.list_attestors.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :list_attestors, request, options: options do |response, operation| - response = ::Gapic::PagedEnumerable.new @binauthz_management_service_stub, :list_attestors, request, response, operation, options - yield response, operation if block_given? - throw :response, response - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Deletes an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload delete_attestor(request, options = nil) - # Pass arguments to `delete_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload delete_attestor(name: nil) - # Pass arguments to `delete_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format - # `projects/*/attestors/*`. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Protobuf::Empty] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Protobuf::Empty] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new - # - # # Call the delete_attestor method. - # result = client.delete_attestor request - # - # # The returned object is of type Google::Protobuf::Empty. - # p result - # - def delete_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.delete_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.name - header_params["name"] = request.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.delete_attestor.timeout, - metadata: metadata, - retry_policy: @config.rpcs.delete_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.call_rpc :delete_attestor, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the BinauthzManagementService API. - # - # This class represents the configuration for BinauthzManagementService, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # get_policy to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.get_policy.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.get_policy.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`GRPC::Core::Channel`) a gRPC channel with included credentials - # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object - # * (`nil`) indicating no credentials - # - # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials - # is deprecated. Providing an unvalidated credential configuration to - # Google APIs can compromise the security of your systems and data. - # - # @example - # - # # The recommended way to provide credentials is to use the `make_creds` method - # # on the appropriate credentials class for your environment. - # - # require "googleauth" - # - # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( - # json_key_io: ::File.open("/path/to/keyfile.json") - # ) - # - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - # config.credentials = credentials - # end - # - # @note Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] channel_args - # Extra parameters passed to the gRPC channel. Note: this is ignored if a - # `GRPC::Core::Channel` object is provided as the credential. - # @return [::Hash] - # @!attribute [rw] interceptors - # An array of interceptors that are run before calls are executed. - # @return [::Array<::GRPC::ClientInterceptor>] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional gRPC headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) - config_attr :interceptors, nil, ::Array, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration for the channel pool - # @return [::Gapic::ServiceStub::ChannelPool::Configuration] - # - def channel_pool - @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new - end - - ## - # Configuration RPC class for the BinauthzManagementService API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `get_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :get_policy - ## - # RPC-specific configuration for `update_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :update_policy - ## - # RPC-specific configuration for `create_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :create_attestor - ## - # RPC-specific configuration for `get_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :get_attestor - ## - # RPC-specific configuration for `update_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :update_attestor - ## - # RPC-specific configuration for `list_attestors` - # @return [::Gapic::Config::Method] - # - attr_reader :list_attestors - ## - # RPC-specific configuration for `delete_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :delete_attestor - - # @private - def initialize parent_rpcs = nil - get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy - @get_policy = ::Gapic::Config::Method.new get_policy_config - update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy - @update_policy = ::Gapic::Config::Method.new update_policy_config - create_attestor_config = parent_rpcs.create_attestor if parent_rpcs.respond_to? :create_attestor - @create_attestor = ::Gapic::Config::Method.new create_attestor_config - get_attestor_config = parent_rpcs.get_attestor if parent_rpcs.respond_to? :get_attestor - @get_attestor = ::Gapic::Config::Method.new get_attestor_config - update_attestor_config = parent_rpcs.update_attestor if parent_rpcs.respond_to? :update_attestor - @update_attestor = ::Gapic::Config::Method.new update_attestor_config - list_attestors_config = parent_rpcs.list_attestors if parent_rpcs.respond_to? :list_attestors - @list_attestors = ::Gapic::Config::Method.new list_attestors_config - delete_attestor_config = parent_rpcs.delete_attestor if parent_rpcs.respond_to? :delete_attestor - @delete_attestor = ::Gapic::Config::Method.new delete_attestor_config - - yield self if block_given? - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb deleted file mode 100644 index 530400adb780..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/credentials.rb +++ /dev/null @@ -1,51 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "googleauth" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementService - # Credentials for the BinauthzManagementService API. - class Credentials < ::Google::Auth::Credentials - self.scope = [ - "https://www.googleapis.com/auth/cloud-platform" - ] - self.env_vars = [ - "BINARY_AUTHORIZATION_CREDENTIALS", - "BINARY_AUTHORIZATION_KEYFILE", - "GOOGLE_CLOUD_CREDENTIALS", - "GOOGLE_CLOUD_KEYFILE", - "GCLOUD_KEYFILE", - "BINARY_AUTHORIZATION_CREDENTIALS_JSON", - "BINARY_AUTHORIZATION_KEYFILE_JSON", - "GOOGLE_CLOUD_CREDENTIALS_JSON", - "GOOGLE_CLOUD_KEYFILE_JSON", - "GCLOUD_KEYFILE_JSON" - ] - self.paths = [ - "~/.config/google_cloud/application_default_credentials.json" - ] - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb deleted file mode 100644 index a4282d52ea46..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/paths.rb +++ /dev/null @@ -1,97 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementService - # Path helper methods for the BinauthzManagementService API. - module Paths - ## - # Create a fully-qualified Attestor resource string. - # - # The resource will be in the following format: - # - # `projects/{project}/attestors/{attestor}` - # - # @param project [String] - # @param attestor [String] - # - # @return [::String] - def attestor_path project:, attestor: - raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/" - - "projects/#{project}/attestors/#{attestor}" - end - - ## - # Create a fully-qualified Policy resource string. - # - # @overload policy_path(project:) - # The resource will be in the following format: - # - # `projects/{project}/policy` - # - # @param project [String] - # - # @overload policy_path(location:) - # The resource will be in the following format: - # - # `locations/{location}/policy` - # - # @param location [String] - # - # @return [::String] - def policy_path **args - resources = { - "project" => (proc do |project:| - "projects/#{project}/policy" - end), - "location" => (proc do |location:| - "locations/#{location}/policy" - end) - } - - resource = resources[args.keys.sort.join(":")] - raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil? - resource.call(**args) - end - - ## - # Create a fully-qualified Project resource string. - # - # The resource will be in the following format: - # - # `projects/{project}` - # - # @param project [String] - # - # @return [::String] - def project_path project: - "projects/#{project}" - end - - extend self - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb deleted file mode 100644 index 6a6ed328774c..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest.rb +++ /dev/null @@ -1,58 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/rest" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/binauthz_management_service/credentials" -require "google/cloud/binary_authorization/v1/binauthz_management_service/paths" -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/client" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # Google Cloud Management Service for Binary Authorization admission policies - # and attestation authorities. - # - # This API implements a REST model with the following objects: - # - # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} - # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} - # - # To load this service and instantiate a REST client: - # - # require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - module BinauthzManagementService - # Client for the REST transport - module Rest - end - end - end - end - end -end - -helper_path = ::File.join __dir__, "rest", "helpers.rb" -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb deleted file mode 100644 index 5469431c70f2..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb +++ /dev/null @@ -1,1016 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementService - module Rest - ## - # REST client for the BinauthzManagementService service. - # - # Google Cloud Management Service for Binary Authorization admission policies - # and attestation authorities. - # - # This API implements a REST model with the following objects: - # - # * {::Google::Cloud::BinaryAuthorization::V1::Policy Policy} - # * {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - include Paths - - # @private - attr_reader :binauthz_management_service_stub - - ## - # Configure the BinauthzManagementService Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all BinauthzManagementService clients - # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config.rpcs.get_policy.timeout = 600.0 - default_config.rpcs.get_policy.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.update_policy.timeout = 600.0 - default_config.rpcs.update_policy.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.create_attestor.timeout = 600.0 - - default_config.rpcs.get_attestor.timeout = 600.0 - default_config.rpcs.get_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.update_attestor.timeout = 600.0 - default_config.rpcs.update_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.list_attestors.timeout = 600.0 - default_config.rpcs.list_attestors.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config.rpcs.delete_attestor.timeout = 600.0 - default_config.rpcs.delete_attestor.retry_policy = { - initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] - } - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the BinauthzManagementService Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @binauthz_management_service_stub.universe_domain - end - - ## - # Create a new BinauthzManagementService REST client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the BinauthzManagementService client. - # @yieldparam config [Client::Configuration] - # - def initialize - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @binauthz_management_service_stub = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.new( - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - credentials: credentials, - logger: @config.logger - ) - - @binauthz_management_service_stub.logger(stub: true)&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @binauthz_management_service_stub.logger - end - - # Service calls - - ## - # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} specifies the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} that must attest to - # a container image, before the project is allowed to deploy that - # image. There is at most one policy per project. All image admission - # requests are permitted if a project has no policy. - # - # Gets the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for this project. Returns a default - # {::Google::Cloud::BinaryAuthorization::V1::Policy policy} if the project does not have one. - # - # @overload get_policy(request, options = nil) - # Pass arguments to `get_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload get_policy(name: nil) - # Pass arguments to `get_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, - # in the format `projects/*/policy`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new - # - # # Call the get_policy method. - # result = client.get_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def get_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.get_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.get_policy.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.get_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.get_policy request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Creates or updates a project's {::Google::Cloud::BinaryAuthorization::V1::Policy policy}, and returns a copy of the - # new {::Google::Cloud::BinaryAuthorization::V1::Policy policy}. A policy is always updated as a whole, to avoid race - # conditions with concurrent policy enforcement (or management!) - # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - # if the request is malformed. - # - # @overload update_policy(request, options = nil) - # Pass arguments to `update_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload update_policy(policy: nil) - # Pass arguments to `update_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param policy [::Google::Cloud::BinaryAuthorization::V1::Policy, ::Hash] - # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in - # the request URL, in the format `projects/*/policy`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new - # - # # Call the update_policy method. - # result = client.update_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def update_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.update_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.update_policy.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.update_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.update_policy request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Creates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}, and returns a copy of the new - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the project does not exist, - # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} already exists. - # - # @overload create_attestor(request, options = nil) - # Pass arguments to `create_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload create_attestor(parent: nil, attestor_id: nil, attestor: nil) - # Pass arguments to `create_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param parent [::String] - # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # @param attestor_id [::String] - # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. - # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] - # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, - # in the format `projects/*/attestors/*`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new - # - # # Call the create_attestor method. - # result = client.create_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def create_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.create_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.create_attestor.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.create_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.create_attestor request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Gets an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload get_attestor(request, options = nil) - # Pass arguments to `get_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload get_attestor(name: nil) - # Pass arguments to `get_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format - # `projects/*/attestors/*`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new - # - # # Call the get_attestor method. - # result = client.get_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def get_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.get_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.get_attestor.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.get_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.get_attestor request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Updates an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload update_attestor(request, options = nil) - # Pass arguments to `update_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload update_attestor(attestor: nil) - # Pass arguments to `update_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param attestor [::Google::Cloud::BinaryAuthorization::V1::Attestor, ::Hash] - # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name - # in the request URL, in the format `projects/*/attestors/*`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new - # - # # Call the update_attestor method. - # result = client.update_attestor request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - # p result - # - def update_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.update_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.update_attestor.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.update_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.update_attestor request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Lists {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. - # Returns INVALID_ARGUMENT if the project does not exist. - # - # @overload list_attestors(request, options = nil) - # Pass arguments to `list_attestors` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload list_attestors(parent: nil, page_size: nil, page_token: nil) - # Pass arguments to `list_attestors` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param parent [::String] - # Required. The resource name of the project associated with the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. - # @param page_size [::Integer] - # Requested page size. The server may return fewer results than requested. If - # unspecified, the server will pick an appropriate default. - # @param page_token [::String] - # A token identifying a page of results the server should return. Typically, - # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned - # from the previous call to the `ListAttestors` method. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new - # - # # Call the list_attestors method. - # result = client.list_attestors request - # - # # The returned object is of type Gapic::PagedEnumerable. You can iterate - # # over elements, and API calls will be issued to fetch pages as needed. - # result.each do |item| - # # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. - # p item - # end - # - def list_attestors request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.list_attestors.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.list_attestors.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.list_attestors.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.list_attestors request, options do |result, operation| - result = ::Gapic::Rest::PagedEnumerable.new @binauthz_management_service_stub, :list_attestors, "attestors", request, result, options - yield result, operation if block_given? - throw :response, result - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Deletes an {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. Returns NOT_FOUND if the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} does not exist. - # - # @overload delete_attestor(request, options = nil) - # Pass arguments to `delete_attestor` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload delete_attestor(name: nil) - # Pass arguments to `delete_attestor` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format - # `projects/*/attestors/*`. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Protobuf::Empty] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Protobuf::Empty] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new - # - # # Call the delete_attestor method. - # result = client.delete_attestor request - # - # # The returned object is of type Google::Protobuf::Empty. - # p result - # - def delete_attestor request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.delete_attestor.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.delete_attestor.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.delete_attestor.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @binauthz_management_service_stub.delete_attestor request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the BinauthzManagementService REST API. - # - # This class represents the configuration for BinauthzManagementService REST, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # get_policy to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.get_policy.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.get_policy.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`String`) The path to a service account key file in JSON format - # * (`Hash`) A service account key as a Hash - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`nil`) indicating no credentials - # - # Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration RPC class for the BinauthzManagementService API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `get_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :get_policy - ## - # RPC-specific configuration for `update_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :update_policy - ## - # RPC-specific configuration for `create_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :create_attestor - ## - # RPC-specific configuration for `get_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :get_attestor - ## - # RPC-specific configuration for `update_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :update_attestor - ## - # RPC-specific configuration for `list_attestors` - # @return [::Gapic::Config::Method] - # - attr_reader :list_attestors - ## - # RPC-specific configuration for `delete_attestor` - # @return [::Gapic::Config::Method] - # - attr_reader :delete_attestor - - # @private - def initialize parent_rpcs = nil - get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy - @get_policy = ::Gapic::Config::Method.new get_policy_config - update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy - @update_policy = ::Gapic::Config::Method.new update_policy_config - create_attestor_config = parent_rpcs.create_attestor if parent_rpcs.respond_to? :create_attestor - @create_attestor = ::Gapic::Config::Method.new create_attestor_config - get_attestor_config = parent_rpcs.get_attestor if parent_rpcs.respond_to? :get_attestor - @get_attestor = ::Gapic::Config::Method.new get_attestor_config - update_attestor_config = parent_rpcs.update_attestor if parent_rpcs.respond_to? :update_attestor - @update_attestor = ::Gapic::Config::Method.new update_attestor_config - list_attestors_config = parent_rpcs.list_attestors if parent_rpcs.respond_to? :list_attestors - @list_attestors = ::Gapic::Config::Method.new list_attestors_config - delete_attestor_config = parent_rpcs.delete_attestor if parent_rpcs.respond_to? :delete_attestor - @delete_attestor = ::Gapic::Config::Method.new delete_attestor_config - - yield self if block_given? - end - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb deleted file mode 100644 index 7b1298ec749d..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/service_stub.rb +++ /dev/null @@ -1,511 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementService - module Rest - ## - # REST service stub for the BinauthzManagementService service. - # Service stub contains baseline method implementations - # including transcoding, making the REST call, and deserialing the response. - # - class ServiceStub - # @private - def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: - # These require statements are intentionally placed here to initialize - # the REST modules only when it's required. - require "gapic/rest" - - @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, - endpoint_template: endpoint_template, - universe_domain: universe_domain, - credentials: credentials, - numeric_enums: true, - service_name: self.class, - raise_faraday_errors: false, - logger: logger - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @client_stub.universe_domain - end - - ## - # The effective endpoint - # - # @return [String] - # - def endpoint - @client_stub.endpoint - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger stub: false - stub ? @client_stub.stub_logger : @client_stub.logger - end - - ## - # Baseline implementation for the get_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # A result object deserialized from the server's reply - def get_policy request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_get_policy_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "get_policy", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the update_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # A result object deserialized from the server's reply - def update_policy request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_update_policy_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "update_policy", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the create_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # A result object deserialized from the server's reply - def create_attestor request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_create_attestor_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "create_attestor", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the get_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # A result object deserialized from the server's reply - def get_attestor request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_get_attestor_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "get_attestor", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the update_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # A result object deserialized from the server's reply - def update_attestor request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_update_attestor_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "update_attestor", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the list_attestors REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse] - # A result object deserialized from the server's reply - def list_attestors request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_list_attestors_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "list_attestors", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # Baseline implementation for the delete_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Protobuf::Empty] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Protobuf::Empty] - # A result object deserialized from the server's reply - def delete_attestor request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_delete_attestor_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "delete_attestor", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Protobuf::Empty.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # @private - # - # GRPC transcoding helper method for the get_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_get_policy_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :get, - uri_template: "/v1/{name}", - matches: [ - ["name", %r{^projects/[^/]+/policy/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the update_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_update_policy_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :put, - uri_template: "/v1/{policy.name}", - body: "policy", - matches: [ - ["policy.name", %r{^projects/[^/]+/policy/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the create_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_create_attestor_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :post, - uri_template: "/v1/{parent}/attestors", - body: "attestor", - matches: [ - ["parent", %r{^projects/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the get_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_get_attestor_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :get, - uri_template: "/v1/{name}", - matches: [ - ["name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the update_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_update_attestor_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :put, - uri_template: "/v1/{attestor.name}", - body: "attestor", - matches: [ - ["attestor.name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the list_attestors REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_list_attestors_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :get, - uri_template: "/v1/{parent}/attestors", - matches: [ - ["parent", %r{^projects/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - - ## - # @private - # - # GRPC transcoding helper method for the delete_attestor REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_delete_attestor_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :delete, - uri_template: "/v1/{name}", - matches: [ - ["name", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb deleted file mode 100644 index 999349ce2371..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/rest.rb +++ /dev/null @@ -1,39 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" -require "google/cloud/binary_authorization/v1/system_policy/rest" -require "google/cloud/binary_authorization/v1/validation_helper/rest" -require "google/cloud/binary_authorization/v1/version" - -module Google - module Cloud - module BinaryAuthorization - ## - # To load just the REST part of this package, including all its services, and instantiate a REST client: - # - # @example - # - # require "google/cloud/binary_authorization/v1/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new - # - module V1 - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb deleted file mode 100644 index 1bd243e5d524..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy.rb +++ /dev/null @@ -1,55 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/common" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/system_policy/credentials" -require "google/cloud/binary_authorization/v1/system_policy/paths" -require "google/cloud/binary_authorization/v1/system_policy/client" -require "google/cloud/binary_authorization/v1/system_policy/rest" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # API for working with the system policy. - # - # @example Load this service and instantiate a gRPC client - # - # require "google/cloud/binary_authorization/v1/system_policy" - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new - # - # @example Load this service and instantiate a REST client - # - # require "google/cloud/binary_authorization/v1/system_policy/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new - # - module SystemPolicy - end - end - end - end -end - -helper_path = ::File.join __dir__, "system_policy", "helpers.rb" -require "google/cloud/binary_authorization/v1/system_policy/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb deleted file mode 100644 index 8e7f2b36ad22..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/client.rb +++ /dev/null @@ -1,475 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module SystemPolicy - ## - # Client for the SystemPolicy service. - # - # API for working with the system policy. - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - include Paths - - # @private - attr_reader :system_policy_stub - - ## - # Configure the SystemPolicy Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all SystemPolicy clients - # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the SystemPolicy Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @system_policy_stub.universe_domain - end - - ## - # Create a new SystemPolicy client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the SystemPolicy client. - # @yieldparam config [Client::Configuration] - # - def initialize - # These require statements are intentionally placed here to initialize - # the gRPC module only when it's required. - # See https://github.com/googleapis/toolkit/issues/446 - require "gapic/grpc" - require "google/cloud/binaryauthorization/v1/service_services_pb" - - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @system_policy_stub = ::Gapic::ServiceStub.new( - ::Google::Cloud::BinaryAuthorization::V1::SystemPolicyV1::Stub, - credentials: credentials, - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - channel_args: @config.channel_args, - interceptors: @config.interceptors, - channel_pool_config: @config.channel_pool, - logger: @config.logger - ) - - @system_policy_stub.stub_logger&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @system_policy_stub.logger - end - - # Service calls - - ## - # Gets the current system policy in the specified location. - # - # @overload get_system_policy(request, options = nil) - # Pass arguments to `get_system_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload get_system_policy(name: nil) - # Pass arguments to `get_system_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The resource name, in the format `locations/*/policy`. - # Note that the system policy is not associated with a project. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new - # - # # Call the get_system_policy method. - # result = client.get_system_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def get_system_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.get_system_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.name - header_params["name"] = request.name - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.get_system_policy.timeout, - metadata: metadata, - retry_policy: @config.rpcs.get_system_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @system_policy_stub.call_rpc :get_system_policy, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the SystemPolicy API. - # - # This class represents the configuration for SystemPolicy, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # get_system_policy to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.get_system_policy.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.get_system_policy.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`GRPC::Core::Channel`) a gRPC channel with included credentials - # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object - # * (`nil`) indicating no credentials - # - # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials - # is deprecated. Providing an unvalidated credential configuration to - # Google APIs can compromise the security of your systems and data. - # - # @example - # - # # The recommended way to provide credentials is to use the `make_creds` method - # # on the appropriate credentials class for your environment. - # - # require "googleauth" - # - # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( - # json_key_io: ::File.open("/path/to/keyfile.json") - # ) - # - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - # config.credentials = credentials - # end - # - # @note Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] channel_args - # Extra parameters passed to the gRPC channel. Note: this is ignored if a - # `GRPC::Core::Channel` object is provided as the credential. - # @return [::Hash] - # @!attribute [rw] interceptors - # An array of interceptors that are run before calls are executed. - # @return [::Array<::GRPC::ClientInterceptor>] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional gRPC headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) - config_attr :interceptors, nil, ::Array, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration for the channel pool - # @return [::Gapic::ServiceStub::ChannelPool::Configuration] - # - def channel_pool - @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new - end - - ## - # Configuration RPC class for the SystemPolicy API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `get_system_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :get_system_policy - - # @private - def initialize parent_rpcs = nil - get_system_policy_config = parent_rpcs.get_system_policy if parent_rpcs.respond_to? :get_system_policy - @get_system_policy = ::Gapic::Config::Method.new get_system_policy_config - - yield self if block_given? - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb deleted file mode 100644 index 31966bc1a626..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/credentials.rb +++ /dev/null @@ -1,51 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "googleauth" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module SystemPolicy - # Credentials for the SystemPolicy API. - class Credentials < ::Google::Auth::Credentials - self.scope = [ - "https://www.googleapis.com/auth/cloud-platform" - ] - self.env_vars = [ - "BINARY_AUTHORIZATION_CREDENTIALS", - "BINARY_AUTHORIZATION_KEYFILE", - "GOOGLE_CLOUD_CREDENTIALS", - "GOOGLE_CLOUD_KEYFILE", - "GCLOUD_KEYFILE", - "BINARY_AUTHORIZATION_CREDENTIALS_JSON", - "BINARY_AUTHORIZATION_KEYFILE_JSON", - "GOOGLE_CLOUD_CREDENTIALS_JSON", - "GOOGLE_CLOUD_KEYFILE_JSON", - "GCLOUD_KEYFILE_JSON" - ] - self.paths = [ - "~/.config/google_cloud/application_default_credentials.json" - ] - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb deleted file mode 100644 index a34ddc6ef1de..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/paths.rb +++ /dev/null @@ -1,66 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Cloud - module BinaryAuthorization - module V1 - module SystemPolicy - # Path helper methods for the SystemPolicy API. - module Paths - ## - # Create a fully-qualified Policy resource string. - # - # @overload policy_path(project:) - # The resource will be in the following format: - # - # `projects/{project}/policy` - # - # @param project [String] - # - # @overload policy_path(location:) - # The resource will be in the following format: - # - # `locations/{location}/policy` - # - # @param location [String] - # - # @return [::String] - def policy_path **args - resources = { - "project" => (proc do |project:| - "projects/#{project}/policy" - end), - "location" => (proc do |location:| - "locations/#{location}/policy" - end) - } - - resource = resources[args.keys.sort.join(":")] - raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil? - resource.call(**args) - end - - extend self - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb deleted file mode 100644 index 2155f943b245..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest.rb +++ /dev/null @@ -1,52 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/rest" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/system_policy/credentials" -require "google/cloud/binary_authorization/v1/system_policy/paths" -require "google/cloud/binary_authorization/v1/system_policy/rest/client" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # API for working with the system policy. - # - # To load this service and instantiate a REST client: - # - # require "google/cloud/binary_authorization/v1/system_policy/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new - # - module SystemPolicy - # Client for the REST transport - module Rest - end - end - end - end - end -end - -helper_path = ::File.join __dir__, "rest", "helpers.rb" -require "google/cloud/binary_authorization/v1/system_policy/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb deleted file mode 100644 index bef7a2dd8fad..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/client.rb +++ /dev/null @@ -1,425 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/system_policy/rest/service_stub" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module SystemPolicy - module Rest - ## - # REST client for the SystemPolicy service. - # - # API for working with the system policy. - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - include Paths - - # @private - attr_reader :system_policy_stub - - ## - # Configure the SystemPolicy Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all SystemPolicy clients - # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the SystemPolicy Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @system_policy_stub.universe_domain - end - - ## - # Create a new SystemPolicy REST client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the SystemPolicy client. - # @yieldparam config [Client::Configuration] - # - def initialize - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @system_policy_stub = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ServiceStub.new( - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - credentials: credentials, - logger: @config.logger - ) - - @system_policy_stub.logger(stub: true)&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @system_policy_stub.logger - end - - # Service calls - - ## - # Gets the current system policy in the specified location. - # - # @overload get_system_policy(request, options = nil) - # Pass arguments to `get_system_policy` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload get_system_policy(name: nil) - # Pass arguments to `get_system_policy` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param name [::String] - # Required. The resource name, in the format `locations/*/policy`. - # Note that the system policy is not associated with a project. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new - # - # # Call the get_system_policy method. - # result = client.get_system_policy request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - # p result - # - def get_system_policy request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.get_system_policy.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.get_system_policy.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.get_system_policy.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @system_policy_stub.get_system_policy request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the SystemPolicy REST API. - # - # This class represents the configuration for SystemPolicy REST, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # get_system_policy to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.get_system_policy.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.get_system_policy.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`String`) The path to a service account key file in JSON format - # * (`Hash`) A service account key as a Hash - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`nil`) indicating no credentials - # - # Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration RPC class for the SystemPolicy API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `get_system_policy` - # @return [::Gapic::Config::Method] - # - attr_reader :get_system_policy - - # @private - def initialize parent_rpcs = nil - get_system_policy_config = parent_rpcs.get_system_policy if parent_rpcs.respond_to? :get_system_policy - @get_system_policy = ::Gapic::Config::Method.new get_system_policy_config - - yield self if block_given? - end - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb deleted file mode 100644 index e2ae8689bfc2..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/system_policy/rest/service_stub.rb +++ /dev/null @@ -1,142 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module SystemPolicy - module Rest - ## - # REST service stub for the SystemPolicy service. - # Service stub contains baseline method implementations - # including transcoding, making the REST call, and deserialing the response. - # - class ServiceStub - # @private - def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: - # These require statements are intentionally placed here to initialize - # the REST modules only when it's required. - require "gapic/rest" - - @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, - endpoint_template: endpoint_template, - universe_domain: universe_domain, - credentials: credentials, - numeric_enums: true, - service_name: self.class, - raise_faraday_errors: false, - logger: logger - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @client_stub.universe_domain - end - - ## - # The effective endpoint - # - # @return [String] - # - def endpoint - @client_stub.endpoint - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger stub: false - stub ? @client_stub.stub_logger : @client_stub.logger - end - - ## - # Baseline implementation for the get_system_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::Policy] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # A result object deserialized from the server's reply - def get_system_policy request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_get_system_policy_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "get_system_policy", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::Policy.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # @private - # - # GRPC transcoding helper method for the get_system_policy REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_get_system_policy_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :get, - uri_template: "/v1/{name}", - matches: [ - ["name", %r{^locations/[^/]+/policy/?$}, false] - ] - ) - transcoder.transcode request_pb - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb deleted file mode 100644 index c0b4f435f7a7..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper.rb +++ /dev/null @@ -1,54 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/common" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/validation_helper/credentials" -require "google/cloud/binary_authorization/v1/validation_helper/client" -require "google/cloud/binary_authorization/v1/validation_helper/rest" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # BinAuthz Attestor verification - # - # @example Load this service and instantiate a gRPC client - # - # require "google/cloud/binary_authorization/v1/validation_helper" - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new - # - # @example Load this service and instantiate a REST client - # - # require "google/cloud/binary_authorization/v1/validation_helper/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new - # - module ValidationHelper - end - end - end - end -end - -helper_path = ::File.join __dir__, "validation_helper", "helpers.rb" -require "google/cloud/binary_authorization/v1/validation_helper/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb deleted file mode 100644 index 74c59831b8c1..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/client.rb +++ /dev/null @@ -1,486 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module ValidationHelper - ## - # Client for the ValidationHelper service. - # - # BinAuthz Attestor verification - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - # @private - attr_reader :validation_helper_stub - - ## - # Configure the ValidationHelper Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all ValidationHelper clients - # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the ValidationHelper Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @validation_helper_stub.universe_domain - end - - ## - # Create a new ValidationHelper client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the ValidationHelper client. - # @yieldparam config [Client::Configuration] - # - def initialize - # These require statements are intentionally placed here to initialize - # the gRPC module only when it's required. - # See https://github.com/googleapis/toolkit/issues/446 - require "gapic/grpc" - require "google/cloud/binaryauthorization/v1/service_services_pb" - - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @validation_helper_stub = ::Gapic::ServiceStub.new( - ::Google::Cloud::BinaryAuthorization::V1::ValidationHelperV1::Stub, - credentials: credentials, - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - channel_args: @config.channel_args, - interceptors: @config.interceptors, - channel_pool_config: @config.channel_pool, - logger: @config.logger - ) - - @validation_helper_stub.stub_logger&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @validation_helper_stub.logger - end - - # Service calls - - ## - # Returns whether the given Attestation for the given image URI - # was signed by the given Attestor - # - # @overload validate_attestation_occurrence(request, options = nil) - # Pass arguments to `validate_attestation_occurrence` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional. - # - # @overload validate_attestation_occurrence(attestor: nil, attestation: nil, occurrence_note: nil, occurrence_resource_uri: nil) - # Pass arguments to `validate_attestation_occurrence` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param attestor [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the - # [occurrence][grafeas.v1.Occurrence], in the format - # `projects/*/attestors/*`. - # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash] - # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to - # be checked that it can be verified by the Attestor. It does not have to be - # an existing entity in Container Analysis. It must otherwise be a valid - # AttestationOccurrence. - # @param occurrence_note [::String] - # Required. The resource name of the [Note][grafeas.v1.Note] to which the - # containing [Occurrence][grafeas.v1.Occurrence] is associated. - # @param occurrence_resource_uri [::String] - # Required. The URI of the artifact (e.g. container image) that is the - # subject of the containing [Occurrence][grafeas.v1.Occurrence]. - # - # @yield [response, operation] Access the result along with the RPC operation - # @yieldparam response [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # @yieldparam operation [::GRPC::ActiveCall::Operation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # - # @raise [::Google::Cloud::Error] if the RPC is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new - # - # # Call the validate_attestation_occurrence method. - # result = client.validate_attestation_occurrence request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. - # p result - # - def validate_attestation_occurrence request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - metadata = @config.rpcs.validate_attestation_occurrence.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION - metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - header_params = {} - if request.attestor - header_params["attestor"] = request.attestor - end - - request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") - metadata[:"x-goog-request-params"] ||= request_params_header - - options.apply_defaults timeout: @config.rpcs.validate_attestation_occurrence.timeout, - metadata: metadata, - retry_policy: @config.rpcs.validate_attestation_occurrence.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @validation_helper_stub.call_rpc :validate_attestation_occurrence, request, options: options do |response, operation| - yield response, operation if block_given? - end - rescue ::GRPC::BadStatus => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the ValidationHelper API. - # - # This class represents the configuration for ValidationHelper, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # validate_attestation_occurrence to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.validate_attestation_occurrence.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.validate_attestation_occurrence.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`GRPC::Core::Channel`) a gRPC channel with included credentials - # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object - # * (`nil`) indicating no credentials - # - # @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials - # is deprecated. Providing an unvalidated credential configuration to - # Google APIs can compromise the security of your systems and data. - # - # @example - # - # # The recommended way to provide credentials is to use the `make_creds` method - # # on the appropriate credentials class for your environment. - # - # require "googleauth" - # - # credentials = ::Google::Auth::ServiceAccountCredentials.make_creds( - # json_key_io: ::File.open("/path/to/keyfile.json") - # ) - # - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - # config.credentials = credentials - # end - # - # @note Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] channel_args - # Extra parameters passed to the gRPC channel. Note: this is ignored if a - # `GRPC::Core::Channel` object is provided as the credential. - # @return [::Hash] - # @!attribute [rw] interceptors - # An array of interceptors that are run before calls are executed. - # @return [::Array<::GRPC::ClientInterceptor>] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional gRPC headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC::Core::Channel - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil) - config_attr :interceptors, nil, ::Array, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration for the channel pool - # @return [::Gapic::ServiceStub::ChannelPool::Configuration] - # - def channel_pool - @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new - end - - ## - # Configuration RPC class for the ValidationHelper API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `validate_attestation_occurrence` - # @return [::Gapic::Config::Method] - # - attr_reader :validate_attestation_occurrence - - # @private - def initialize parent_rpcs = nil - validate_attestation_occurrence_config = parent_rpcs.validate_attestation_occurrence if parent_rpcs.respond_to? :validate_attestation_occurrence - @validate_attestation_occurrence = ::Gapic::Config::Method.new validate_attestation_occurrence_config - - yield self if block_given? - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb deleted file mode 100644 index bec24ad23cd8..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/credentials.rb +++ /dev/null @@ -1,51 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "googleauth" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module ValidationHelper - # Credentials for the ValidationHelper API. - class Credentials < ::Google::Auth::Credentials - self.scope = [ - "https://www.googleapis.com/auth/cloud-platform" - ] - self.env_vars = [ - "BINARY_AUTHORIZATION_CREDENTIALS", - "BINARY_AUTHORIZATION_KEYFILE", - "GOOGLE_CLOUD_CREDENTIALS", - "GOOGLE_CLOUD_KEYFILE", - "GCLOUD_KEYFILE", - "BINARY_AUTHORIZATION_CREDENTIALS_JSON", - "BINARY_AUTHORIZATION_KEYFILE_JSON", - "GOOGLE_CLOUD_CREDENTIALS_JSON", - "GOOGLE_CLOUD_KEYFILE_JSON", - "GCLOUD_KEYFILE_JSON" - ] - self.paths = [ - "~/.config/google_cloud/application_default_credentials.json" - ] - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb deleted file mode 100644 index 33b694b610be..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest.rb +++ /dev/null @@ -1,51 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "gapic/rest" -require "gapic/config" -require "gapic/config/method" - -require "google/cloud/binary_authorization/v1/version" - -require "google/cloud/binary_authorization/v1/validation_helper/credentials" -require "google/cloud/binary_authorization/v1/validation_helper/rest/client" - -module Google - module Cloud - module BinaryAuthorization - module V1 - ## - # BinAuthz Attestor verification - # - # To load this service and instantiate a REST client: - # - # require "google/cloud/binary_authorization/v1/validation_helper/rest" - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new - # - module ValidationHelper - # Client for the REST transport - module Rest - end - end - end - end - end -end - -helper_path = ::File.join __dir__, "rest", "helpers.rb" -require "google/cloud/binary_authorization/v1/validation_helper/rest/helpers" if ::File.file? helper_path diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb deleted file mode 100644 index ac1888ead4ab..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/client.rb +++ /dev/null @@ -1,436 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/errors" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/validation_helper/rest/service_stub" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module ValidationHelper - module Rest - ## - # REST client for the ValidationHelper service. - # - # BinAuthz Attestor verification - # - class Client - # @private - API_VERSION = "" - - # @private - DEFAULT_ENDPOINT_TEMPLATE = "binaryauthorization.$UNIVERSE_DOMAIN$" - - # @private - attr_reader :validation_helper_stub - - ## - # Configure the ValidationHelper Client class. - # - # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @example - # - # # Modify the configuration for all ValidationHelper clients - # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.configure do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def self.configure - @configure ||= begin - namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"] - parent_config = while namespace.any? - parent_name = namespace.join "::" - parent_const = const_get parent_name - break parent_const.configure if parent_const.respond_to? :configure - namespace.pop - end - default_config = Client::Configuration.new parent_config - - default_config - end - yield @configure if block_given? - @configure - end - - ## - # Configure the ValidationHelper Client instance. - # - # The configuration is set to the derived mode, meaning that values can be changed, - # but structural changes (adding new fields, etc.) are not allowed. Structural changes - # should be made on {Client.configure}. - # - # See {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration} - # for a description of the configuration fields. - # - # @yield [config] Configure the Client client. - # @yieldparam config [Client::Configuration] - # - # @return [Client::Configuration] - # - def configure - yield @config if block_given? - @config - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @validation_helper_stub.universe_domain - end - - ## - # Create a new ValidationHelper REST client object. - # - # @example - # - # # Create a client using the default configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new - # - # # Create a client using a custom configuration - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| - # config.timeout = 10.0 - # end - # - # @yield [config] Configure the ValidationHelper client. - # @yieldparam config [Client::Configuration] - # - def initialize - # Create the configuration object - @config = Configuration.new Client.configure - - # Yield the configuration if needed - yield @config if block_given? - - # Create credentials - credentials = @config.credentials - # Use self-signed JWT if the endpoint is unchanged from default, - # but only if the default endpoint does not have a region prefix. - enable_self_signed_jwt = @config.endpoint.nil? || - (@config.endpoint == Configuration::DEFAULT_ENDPOINT && - !@config.endpoint.split(".").first.include?("-")) - credentials ||= Credentials.default scope: @config.scope, - enable_self_signed_jwt: enable_self_signed_jwt - if credentials.is_a?(::String) || credentials.is_a?(::Hash) - credentials = Credentials.new credentials, scope: @config.scope - end - - @quota_project_id = @config.quota_project - @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id - - @validation_helper_stub = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ServiceStub.new( - endpoint: @config.endpoint, - endpoint_template: DEFAULT_ENDPOINT_TEMPLATE, - universe_domain: @config.universe_domain, - credentials: credentials, - logger: @config.logger - ) - - @validation_helper_stub.logger(stub: true)&.info do |entry| - entry.set_system_name - entry.set_service - entry.message = "Created client for #{entry.service}" - entry.set_credentials_fields credentials - entry.set "customEndpoint", @config.endpoint if @config.endpoint - entry.set "defaultTimeout", @config.timeout if @config.timeout - entry.set "quotaProject", @quota_project_id if @quota_project_id - end - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger - @validation_helper_stub.logger - end - - # Service calls - - ## - # Returns whether the given Attestation for the given image URI - # was signed by the given Attestor - # - # @overload validate_attestation_occurrence(request, options = nil) - # Pass arguments to `validate_attestation_occurrence` via a request object, either of type - # {::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest} or an equivalent Hash. - # - # @param request [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Hash] - # A request object representing the call parameters. Required. To specify no - # parameters, or to keep all the default parameter values, pass an empty Hash. - # @param options [::Gapic::CallOptions, ::Hash] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @overload validate_attestation_occurrence(attestor: nil, attestation: nil, occurrence_note: nil, occurrence_resource_uri: nil) - # Pass arguments to `validate_attestation_occurrence` via keyword arguments. Note that at - # least one keyword argument is required. To specify no parameters, or to keep all - # the default parameter values, pass an empty Hash as a request object (see above). - # - # @param attestor [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the - # [occurrence][grafeas.v1.Occurrence], in the format - # `projects/*/attestors/*`. - # @param attestation [::Grafeas::V1::AttestationOccurrence, ::Hash] - # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to - # be checked that it can be verified by the Attestor. It does not have to be - # an existing entity in Container Analysis. It must otherwise be a valid - # AttestationOccurrence. - # @param occurrence_note [::String] - # Required. The resource name of the [Note][grafeas.v1.Note] to which the - # containing [Occurrence][grafeas.v1.Occurrence] is associated. - # @param occurrence_resource_uri [::String] - # Required. The URI of the artifact (e.g. container image) that is the - # subject of the containing [Occurrence][grafeas.v1.Occurrence]. - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # - # @raise [::Google::Cloud::Error] if the REST call is aborted. - # - # @example Basic example - # require "google/cloud/binary_authorization/v1" - # - # # Create a client object. The client can be reused for multiple calls. - # client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new - # - # # Create a request. To set request fields, pass in keyword arguments. - # request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new - # - # # Call the validate_attestation_occurrence method. - # result = client.validate_attestation_occurrence request - # - # # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. - # p result - # - def validate_attestation_occurrence request, options = nil - raise ::ArgumentError, "request must be provided" if request.nil? - - request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest - - # Converts hash and nil to an options object - options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h - - # Customize the options with defaults - call_metadata = @config.rpcs.validate_attestation_occurrence.metadata.to_h - - # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers - call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ - lib_name: @config.lib_name, lib_version: @config.lib_version, - gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION, - transports_version_send: [:rest] - - call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty? - call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id - - options.apply_defaults timeout: @config.rpcs.validate_attestation_occurrence.timeout, - metadata: call_metadata, - retry_policy: @config.rpcs.validate_attestation_occurrence.retry_policy - - options.apply_defaults timeout: @config.timeout, - metadata: @config.metadata, - retry_policy: @config.retry_policy - - @validation_helper_stub.validate_attestation_occurrence request, options do |result, operation| - yield result, operation if block_given? - end - rescue ::Gapic::Rest::Error => e - raise ::Google::Cloud::Error.from_error(e) - end - - ## - # Configuration class for the ValidationHelper REST API. - # - # This class represents the configuration for ValidationHelper REST, - # providing control over timeouts, retry behavior, logging, transport - # parameters, and other low-level controls. Certain parameters can also be - # applied individually to specific RPCs. See - # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration::Rpcs} - # for a list of RPCs that can be configured independently. - # - # Configuration can be applied globally to all clients, or to a single client - # on construction. - # - # @example - # - # # Modify the global config, setting the timeout for - # # validate_attestation_occurrence to 20 seconds, - # # and all remaining timeouts to 10 seconds. - # ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.configure do |config| - # config.timeout = 10.0 - # config.rpcs.validate_attestation_occurrence.timeout = 20.0 - # end - # - # # Apply the above configuration only to a new client. - # client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| - # config.timeout = 10.0 - # config.rpcs.validate_attestation_occurrence.timeout = 20.0 - # end - # - # @!attribute [rw] endpoint - # A custom service endpoint, as a hostname or hostname:port. The default is - # nil, indicating to use the default endpoint in the current universe domain. - # @return [::String,nil] - # @!attribute [rw] credentials - # Credentials to send with calls. You may provide any of the following types: - # * (`String`) The path to a service account key file in JSON format - # * (`Hash`) A service account key as a Hash - # * (`Google::Auth::Credentials`) A googleauth credentials object - # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials)) - # * (`Signet::OAuth2::Client`) A signet oauth2 client object - # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client)) - # * (`nil`) indicating no credentials - # - # Warning: If you accept a credential configuration (JSON file or Hash) from an - # external source for authentication to Google Cloud, you must validate it before - # providing it to a Google API client library. Providing an unvalidated credential - # configuration to Google APIs can compromise the security of your systems and data. - # For more information, refer to [Validate credential configurations from external - # sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - # @return [::Object] - # @!attribute [rw] scope - # The OAuth scopes - # @return [::Array<::String>] - # @!attribute [rw] lib_name - # The library name as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] lib_version - # The library version as recorded in instrumentation and logging - # @return [::String] - # @!attribute [rw] timeout - # The call timeout in seconds. - # @return [::Numeric] - # @!attribute [rw] metadata - # Additional headers to be sent with the call. - # @return [::Hash{::Symbol=>::String}] - # @!attribute [rw] retry_policy - # The retry policy. The value is a hash with the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # @return [::Hash] - # @!attribute [rw] quota_project - # A separate project against which to charge quota. - # @return [::String] - # @!attribute [rw] universe_domain - # The universe domain within which to make requests. This determines the - # default endpoint URL. The default value of nil uses the environment - # universe (usually the default "googleapis.com" universe). - # @return [::String,nil] - # @!attribute [rw] logger - # A custom logger to use for request/response debug logging, or the value - # `:default` (the default) to construct a default logger, or `nil` to - # explicitly disable logging. - # @return [::Logger,:default,nil] - # - class Configuration - extend ::Gapic::Config - - # @private - # The endpoint specific to the default "googleapis.com" universe. Deprecated. - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - - config_attr :endpoint, nil, ::String, nil - config_attr :credentials, nil do |value| - allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Google::Auth::BaseClient, ::Signet::OAuth2::Client, nil] - allowed.any? { |klass| klass === value } - end - config_attr :scope, nil, ::String, ::Array, nil - config_attr :lib_name, nil, ::String, nil - config_attr :lib_version, nil, ::String, nil - config_attr :timeout, nil, ::Numeric, nil - config_attr :metadata, nil, ::Hash, nil - config_attr :retry_policy, nil, ::Hash, ::Proc, nil - config_attr :quota_project, nil, ::String, nil - config_attr :universe_domain, nil, ::String, nil - config_attr :logger, :default, ::Logger, nil, :default - - # @private - def initialize parent_config = nil - @parent_config = parent_config unless parent_config.nil? - - yield self if block_given? - end - - ## - # Configurations for individual RPCs - # @return [Rpcs] - # - def rpcs - @rpcs ||= begin - parent_rpcs = nil - parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs) - Rpcs.new parent_rpcs - end - end - - ## - # Configuration RPC class for the ValidationHelper API. - # - # Includes fields providing the configuration for each RPC in this service. - # Each configuration object is of type `Gapic::Config::Method` and includes - # the following configuration fields: - # - # * `timeout` (*type:* `Numeric`) - The call timeout in seconds - # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers - # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields - # include the following keys: - # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds. - # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds. - # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier. - # * `:retry_codes` (*type:* `Array`) - The error codes that should - # trigger a retry. - # - class Rpcs - ## - # RPC-specific configuration for `validate_attestation_occurrence` - # @return [::Gapic::Config::Method] - # - attr_reader :validate_attestation_occurrence - - # @private - def initialize parent_rpcs = nil - validate_attestation_occurrence_config = parent_rpcs.validate_attestation_occurrence if parent_rpcs.respond_to? :validate_attestation_occurrence - @validate_attestation_occurrence = ::Gapic::Config::Method.new validate_attestation_occurrence_config - - yield self if block_given? - end - end - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb deleted file mode 100644 index c67a95fd8ea5..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/validation_helper/rest/service_stub.rb +++ /dev/null @@ -1,143 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "google/cloud/binaryauthorization/v1/service_pb" - -module Google - module Cloud - module BinaryAuthorization - module V1 - module ValidationHelper - module Rest - ## - # REST service stub for the ValidationHelper service. - # Service stub contains baseline method implementations - # including transcoding, making the REST call, and deserialing the response. - # - class ServiceStub - # @private - def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger: - # These require statements are intentionally placed here to initialize - # the REST modules only when it's required. - require "gapic/rest" - - @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, - endpoint_template: endpoint_template, - universe_domain: universe_domain, - credentials: credentials, - numeric_enums: true, - service_name: self.class, - raise_faraday_errors: false, - logger: logger - end - - ## - # The effective universe domain - # - # @return [String] - # - def universe_domain - @client_stub.universe_domain - end - - ## - # The effective endpoint - # - # @return [String] - # - def endpoint - @client_stub.endpoint - end - - ## - # The logger used for request/response debug logging. - # - # @return [Logger] - # - def logger stub: false - stub ? @client_stub.stub_logger : @client_stub.logger - end - - ## - # Baseline implementation for the validate_attestation_occurrence REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest] - # A request object representing the call parameters. Required. - # @param options [::Gapic::CallOptions] - # Overrides the default settings for this call, e.g, timeout, retries etc. Optional. - # - # @yield [result, operation] Access the result along with the TransportOperation object - # @yieldparam result [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # @yieldparam operation [::Gapic::Rest::TransportOperation] - # - # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse] - # A result object deserialized from the server's reply - def validate_attestation_occurrence request_pb, options = nil - raise ::ArgumentError, "request must be provided" if request_pb.nil? - - verb, uri, query_string_params, body = ServiceStub.transcode_validate_attestation_occurrence_request request_pb - query_string_params = if query_string_params.any? - query_string_params.to_h { |p| p.split "=", 2 } - else - {} - end - - response = @client_stub.make_http_request( - verb, - uri: uri, - body: body || "", - params: query_string_params, - method_name: "validate_attestation_occurrence", - options: options - ) - operation = ::Gapic::Rest::TransportOperation.new response - result = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.decode_json response.body, ignore_unknown_fields: true - catch :response do - yield result, operation if block_given? - result - end - end - - ## - # @private - # - # GRPC transcoding helper method for the validate_attestation_occurrence REST call - # - # @param request_pb [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest] - # A request object representing the call parameters. Required. - # @return [Array(String, [String, nil], Hash{String => String})] - # Uri, Body, Query string parameters - def self.transcode_validate_attestation_occurrence_request request_pb - transcoder = Gapic::Rest::GrpcTranscoder.new - .with_bindings( - uri_method: :post, - uri_template: "/v1/{attestor}:validateAttestationOccurrence", - body: "*", - matches: [ - ["attestor", %r{^projects/[^/]+/attestors/[^/]+/?$}, false] - ] - ) - transcoder.transcode request_pb - end - end - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb deleted file mode 100644 index d95ffedb69c8..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binary_authorization/v1/version.rb +++ /dev/null @@ -1,28 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Cloud - module BinaryAuthorization - module V1 - VERSION = "0.0.1" - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb deleted file mode 100644 index d23c4a65a778..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/resources_pb.rb +++ /dev/null @@ -1,57 +0,0 @@ -# frozen_string_literal: true -# Generated by the protocol buffer compiler. DO NOT EDIT! -# source: google/cloud/binaryauthorization/v1/resources.proto - -require 'google/protobuf' - -require 'google/api/field_behavior_pb' -require 'google/api/resource_pb' -require 'google/protobuf/timestamp_pb' - - -descriptor_data = "\n3google/cloud/binaryauthorization/v1/resources.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xf8\x0c\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12r\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12i\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32>.google.cloud.binaryauthorization.v1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12l\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32\x46.google.cloud.binaryauthorization.v1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x85\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32R.google.cloud.binaryauthorization.v1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x90\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32W.google.cloud.binaryauthorization.v1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x88\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32S.google.cloud.binaryauthorization.v1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12W\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x1ap\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a|\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\x1a}\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x41\n\x05value\x18\x02 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xda\x03\n\rAdmissionRule\x12_\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x41.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32\x42.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xb7\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\\\n\x17user_owned_grafeas_note\x18\x03 \x01(\x0b\x32\x39.google.cloud.binaryauthorization.v1.UserOwnedGrafeasNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb4\x01\n\x14UserOwnedGrafeasNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12P\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32\x36.google.cloud.binaryauthorization.v1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xbf\x04\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12\x62\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32\x45.google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm\"\xb1\x03\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x1a\x02\x10\x01\"\xba\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12M\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3" - -pool = Google::Protobuf::DescriptorPool.generated_pool - -begin - pool.add_serialized_file(descriptor_data) -rescue TypeError - # Compatibility code: will be removed in the next major version. - require 'google/protobuf/descriptor_pb' - parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data) - parsed.clear_dependency - serialized = parsed.class.encode(parsed) - file = pool.add_serialized_file(serialized) - warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}" - imports = [ - ["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"], - ] - imports.each do |type_name, expected_filename| - import_file = pool.lookup(type_name).file_descriptor - if import_file.name != expected_filename - warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}" - end - end - warn "Each proto file must use a consistent fully-qualified name." - warn "This will become an error in the next major version." -end - -module Google - module Cloud - module BinaryAuthorization - module V1 - Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy").msgclass - Policy::GlobalPolicyEvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode").enummodule - AdmissionWhitelistPattern = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern").msgclass - AdmissionRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule").msgclass - AdmissionRule::EvaluationMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode").enummodule - AdmissionRule::EnforcementMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode").enummodule - Attestor = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.Attestor").msgclass - UserOwnedGrafeasNote = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote").msgclass - PkixPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey").msgclass - PkixPublicKey::SignatureAlgorithm = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm").enummodule - AttestorPublicKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.AttestorPublicKey").msgclass - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb deleted file mode 100644 index 88ffd3cdec13..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_pb.rb +++ /dev/null @@ -1,63 +0,0 @@ -# frozen_string_literal: true -# Generated by the protocol buffer compiler. DO NOT EDIT! -# source: google/cloud/binaryauthorization/v1/service.proto - -require 'google/protobuf' - -require 'google/api/annotations_pb' -require 'google/api/client_pb' -require 'google/api/field_behavior_pb' -require 'google/api/resource_pb' -require 'google/cloud/binaryauthorization/v1/resources_pb' -require 'google/protobuf/empty_pb' -require 'grafeas/v1/attestation_pb' - - -descriptor_data = "\n1google/cloud/binaryauthorization/v1/service.proto\x12#google.cloud.binaryauthorization.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x33google/cloud/binaryauthorization/v1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a\x1cgrafeas/v1/attestation.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"W\n\x13UpdatePolicyRequest\x12@\n\x06policy\x18\x01 \x01(\x0b\x32+.google.cloud.binaryauthorization.v1.PolicyB\x03\xe0\x41\x02\"\xbc\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"]\n\x15UpdateAttestorRequest\x12\x44\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32-.google.cloud.binaryauthorization.v1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"r\n\x15ListAttestorsResponse\x12@\n\tattestors\x18\x01 \x03(\x0b\x32-.google.cloud.binaryauthorization.v1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\xbe\x01\n$ValidateAttestationOccurrenceRequest\x12\x15\n\x08\x61ttestor\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12;\n\x0b\x61ttestation\x18\x02 \x01(\x0b\x32!.grafeas.v1.AttestationOccurrenceB\x03\xe0\x41\x02\x12\x1c\n\x0foccurrence_note\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12$\n\x17occurrence_resource_uri\x18\x04 \x01(\tB\x03\xe0\x41\x02\"\xf1\x01\n%ValidateAttestationOccurrenceResponse\x12\x61\n\x06result\x18\x01 \x01(\x0e\x32Q.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result\x12\x15\n\rdenial_reason\x18\x02 \x01(\t\"N\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x0c\n\x08VERIFIED\x10\x01\x12\x1e\n\x1a\x41TTESTATION_NOT_VERIFIABLE\x10\x02\x32\xe2\n\n\x1b\x42inauthzManagementServiceV1\x12\x9c\x01\n\tGetPolicy\x12\x35.google.cloud.binaryauthorization.v1.GetPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"+\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1e\x12\x1c/v1/{name=projects/*/policy}\x12\xb3\x01\n\x0cUpdatePolicy\x12\x38.google.cloud.binaryauthorization.v1.UpdatePolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\"<\xda\x41\x06policy\x82\xd3\xe4\x93\x02-\x1a#/v1/{policy.name=projects/*/policy}:\x06policy\x12\xce\x01\n\x0e\x43reateAttestor\x12:.google.cloud.binaryauthorization.v1.CreateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"Q\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02-\"!/v1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xa7\x01\n\x0bGetAttestor\x12\x37.google.cloud.binaryauthorization.v1.GetAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1/{name=projects/*/attestors/*}\x12\xc4\x01\n\x0eUpdateAttestor\x12:.google.cloud.binaryauthorization.v1.UpdateAttestorRequest\x1a-.google.cloud.binaryauthorization.v1.Attestor\"G\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02\x36\x1a*/v1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xba\x01\n\rListAttestors\x12\x39.google.cloud.binaryauthorization.v1.ListAttestorsRequest\x1a:.google.cloud.binaryauthorization.v1.ListAttestorsResponse\"2\xda\x41\x06parent\x82\xd3\xe4\x93\x02#\x12!/v1/{parent=projects/*}/attestors\x12\x96\x01\n\x0e\x44\x65leteAttestor\x12:.google.cloud.binaryauthorization.v1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#*!/v1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\x94\x02\n\x0eSystemPolicyV1\x12\xa9\x01\n\x0fGetSystemPolicy\x12;.google.cloud.binaryauthorization.v1.GetSystemPolicyRequest\x1a+.google.cloud.binaryauthorization.v1.Policy\",\xda\x41\x04name\x82\xd3\xe4\x93\x02\x1f\x12\x1d/v1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xf5\x02\n\x12ValidationHelperV1\x12\x86\x02\n\x1dValidateAttestationOccurrence\x12I.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest\x1aJ.google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse\"N\x82\xd3\xe4\x93\x02H\"C/v1/{attestor=projects/*/attestors/*}:validateAttestationOccurrence:\x01*\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x8c\x02\n5com.google.protos.google.cloud.binaryauthorization.v1P\x00ZYcloud.google.com/go/binaryauthorization/apiv1/binaryauthorizationpb;binaryauthorizationpb\xf8\x01\x01\xaa\x02#Google.Cloud.BinaryAuthorization.V1\xca\x02#Google\\Cloud\\BinaryAuthorization\\V1\xea\x02&Google::Cloud::BinaryAuthorization::V1b\x06proto3" - -pool = Google::Protobuf::DescriptorPool.generated_pool - -begin - pool.add_serialized_file(descriptor_data) -rescue TypeError - # Compatibility code: will be removed in the next major version. - require 'google/protobuf/descriptor_pb' - parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data) - parsed.clear_dependency - serialized = parsed.class.encode(parsed) - file = pool.add_serialized_file(serialized) - warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}" - imports = [ - ["google.cloud.binaryauthorization.v1.Policy", "google/cloud/binaryauthorization/v1/resources.proto"], - ["grafeas.v1.AttestationOccurrence", "grafeas/v1/attestation.proto"], - ] - imports.each do |type_name, expected_filename| - import_file = pool.lookup(type_name).file_descriptor - if import_file.name != expected_filename - warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}" - end - end - warn "Each proto file must use a consistent fully-qualified name." - warn "This will become an error in the next major version." -end - -module Google - module Cloud - module BinaryAuthorization - module V1 - GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetPolicyRequest").msgclass - UpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdatePolicyRequest").msgclass - CreateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.CreateAttestorRequest").msgclass - GetAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetAttestorRequest").msgclass - UpdateAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.UpdateAttestorRequest").msgclass - ListAttestorsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsRequest").msgclass - ListAttestorsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ListAttestorsResponse").msgclass - DeleteAttestorRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.DeleteAttestorRequest").msgclass - GetSystemPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.GetSystemPolicyRequest").msgclass - ValidateAttestationOccurrenceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest").msgclass - ValidateAttestationOccurrenceResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse").msgclass - ValidateAttestationOccurrenceResponse::Result = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result").enummodule - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb deleted file mode 100644 index 8e3e1b2e4ff5..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/lib/google/cloud/binaryauthorization/v1/service_services_pb.rb +++ /dev/null @@ -1,115 +0,0 @@ -# Generated by the protocol buffer compiler. DO NOT EDIT! -# Source: google/cloud/binaryauthorization/v1/service.proto for package 'Google.Cloud.BinaryAuthorization.V1' -# Original file comments: -# Copyright 2025 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'grpc' -require 'google/cloud/binaryauthorization/v1/service_pb' - -module Google - module Cloud - module BinaryAuthorization - module V1 - module BinauthzManagementServiceV1 - # Customer-facing API for Cloud Binary Authorization. - # - # Google Cloud Management Service for Binary Authorization admission policies - # and attestation authorities. - # - # This API implements a REST model with the following objects: - # - # * [Policy][google.cloud.binaryauthorization.v1.Policy] - # * [Attestor][google.cloud.binaryauthorization.v1.Attestor] - class Service - - include ::GRPC::GenericService - - self.marshal_class_method = :encode - self.unmarshal_class_method = :decode - self.service_name = 'google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1' - - # A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to - # a container image, before the project is allowed to deploy that - # image. There is at most one policy per project. All image admission - # requests are permitted if a project has no policy. - # - # Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default - # [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one. - rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy - # Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the - # new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race - # conditions with concurrent policy enforcement (or management!) - # requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT - # if the request is malformed. - rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy - # Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new - # [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist, - # INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the - # [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists. - rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor - # Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor]. - # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor - # Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor]. - # Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1::Attestor - # Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - # Returns INVALID_ARGUMENT if the project does not exist. - rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse - # Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the - # [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist. - rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Google::Protobuf::Empty - end - - Stub = Service.rpc_stub_class - end - module SystemPolicyV1 - # API for working with the system policy. - class Service - - include ::GRPC::GenericService - - self.marshal_class_method = :encode - self.unmarshal_class_method = :decode - self.service_name = 'google.cloud.binaryauthorization.v1.SystemPolicyV1' - - # Gets the current system policy in the specified location. - rpc :GetSystemPolicy, ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1::Policy - end - - Stub = Service.rpc_stub_class - end - module ValidationHelperV1 - # BinAuthz Attestor verification - class Service - - include ::GRPC::GenericService - - self.marshal_class_method = :encode - self.unmarshal_class_method = :decode - self.service_name = 'google.cloud.binaryauthorization.v1.ValidationHelperV1' - - # Returns whether the given Attestation for the given image URI - # was signed by the given Attestor - rpc :ValidateAttestationOccurrence, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse - end - - Stub = Service.rpc_stub_class - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md deleted file mode 100644 index f3a8af37824d..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/README.md +++ /dev/null @@ -1,4 +0,0 @@ -# Binary Authorization V1 Protocol Buffer Documentation - -These files are for the YARD documentation of the generated protobuf files. -They are not intended to be required or loaded at runtime. diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb deleted file mode 100644 index d59ba51a5612..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/client.rb +++ /dev/null @@ -1,473 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Api - # Required information for every language. - # @!attribute [rw] reference_docs_uri - # @deprecated This field is deprecated and may be removed in the next major version update. - # @return [::String] - # Link to automatically generated reference documentation. Example: - # https://cloud.google.com/nodejs/docs/reference/asset/latest - # @!attribute [rw] destinations - # @return [::Array<::Google::Api::ClientLibraryDestination>] - # The destination where API teams want this client library to be published. - # @!attribute [rw] selective_gapic_generation - # @return [::Google::Api::SelectiveGapicGeneration] - # Configuration for which RPCs should be generated in the GAPIC client. - class CommonLanguageSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Details about how and where to publish client libraries. - # @!attribute [rw] version - # @return [::String] - # Version of the API to apply these settings to. This is the full protobuf - # package for the API, ending in the version element. - # Examples: "google.cloud.speech.v1" and "google.spanner.admin.database.v1". - # @!attribute [rw] launch_stage - # @return [::Google::Api::LaunchStage] - # Launch stage of this version of the API. - # @!attribute [rw] rest_numeric_enums - # @return [::Boolean] - # When using transport=rest, the client request will encode enums as - # numbers rather than strings. - # @!attribute [rw] java_settings - # @return [::Google::Api::JavaSettings] - # Settings for legacy Java features, supported in the Service YAML. - # @!attribute [rw] cpp_settings - # @return [::Google::Api::CppSettings] - # Settings for C++ client libraries. - # @!attribute [rw] php_settings - # @return [::Google::Api::PhpSettings] - # Settings for PHP client libraries. - # @!attribute [rw] python_settings - # @return [::Google::Api::PythonSettings] - # Settings for Python client libraries. - # @!attribute [rw] node_settings - # @return [::Google::Api::NodeSettings] - # Settings for Node client libraries. - # @!attribute [rw] dotnet_settings - # @return [::Google::Api::DotnetSettings] - # Settings for .NET client libraries. - # @!attribute [rw] ruby_settings - # @return [::Google::Api::RubySettings] - # Settings for Ruby client libraries. - # @!attribute [rw] go_settings - # @return [::Google::Api::GoSettings] - # Settings for Go client libraries. - class ClientLibrarySettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # This message configures the settings for publishing [Google Cloud Client - # libraries](https://cloud.google.com/apis/docs/cloud-client-libraries) - # generated from the service config. - # @!attribute [rw] method_settings - # @return [::Array<::Google::Api::MethodSettings>] - # A list of API method settings, e.g. the behavior for methods that use the - # long-running operation pattern. - # @!attribute [rw] new_issue_uri - # @return [::String] - # Link to a *public* URI where users can report issues. Example: - # https://issuetracker.google.com/issues/new?component=190865&template=1161103 - # @!attribute [rw] documentation_uri - # @return [::String] - # Link to product home page. Example: - # https://cloud.google.com/asset-inventory/docs/overview - # @!attribute [rw] api_short_name - # @return [::String] - # Used as a tracking tag when collecting data about the APIs developer - # relations artifacts like docs, packages delivered to package managers, - # etc. Example: "speech". - # @!attribute [rw] github_label - # @return [::String] - # GitHub label to apply to issues and pull requests opened for this API. - # @!attribute [rw] codeowner_github_teams - # @return [::Array<::String>] - # GitHub teams to be added to CODEOWNERS in the directory in GitHub - # containing source code for the client libraries for this API. - # @!attribute [rw] doc_tag_prefix - # @return [::String] - # A prefix used in sample code when demarking regions to be included in - # documentation. - # @!attribute [rw] organization - # @return [::Google::Api::ClientLibraryOrganization] - # For whom the client library is being published. - # @!attribute [rw] library_settings - # @return [::Array<::Google::Api::ClientLibrarySettings>] - # Client library settings. If the same version string appears multiple - # times in this list, then the last one wins. Settings from earlier - # settings with the same version string are discarded. - # @!attribute [rw] proto_reference_documentation_uri - # @return [::String] - # Optional link to proto reference documentation. Example: - # https://cloud.google.com/pubsub/lite/docs/reference/rpc - # @!attribute [rw] rest_reference_documentation_uri - # @return [::String] - # Optional link to REST reference documentation. Example: - # https://cloud.google.com/pubsub/lite/docs/reference/rest - class Publishing - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Settings for Java client libraries. - # @!attribute [rw] library_package - # @return [::String] - # The package name to use in Java. Clobbers the java_package option - # set in the protobuf. This should be used **only** by APIs - # who have already set the language_settings.java.package_name" field - # in gapic.yaml. API teams should use the protobuf java_package option - # where possible. - # - # Example of a YAML configuration:: - # - # publishing: - # java_settings: - # library_package: com.google.cloud.pubsub.v1 - # @!attribute [rw] service_class_names - # @return [::Google::Protobuf::Map{::String => ::String}] - # Configure the Java class name to use instead of the service's for its - # corresponding generated GAPIC client. Keys are fully-qualified - # service names as they appear in the protobuf (including the full - # the language_settings.java.interface_names" field in gapic.yaml. API - # teams should otherwise use the service name as it appears in the - # protobuf. - # - # Example of a YAML configuration:: - # - # publishing: - # java_settings: - # service_class_names: - # - google.pubsub.v1.Publisher: TopicAdmin - # - google.pubsub.v1.Subscriber: SubscriptionAdmin - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - class JavaSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::String] - class ServiceClassNamesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # Settings for C++ client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - class CppSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Settings for Php client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - class PhpSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Settings for Python client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - # @!attribute [rw] experimental_features - # @return [::Google::Api::PythonSettings::ExperimentalFeatures] - # Experimental features to be included during client library generation. - class PythonSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # Experimental features to be included during client library generation. - # These fields will be deprecated once the feature graduates and is enabled - # by default. - # @!attribute [rw] rest_async_io_enabled - # @return [::Boolean] - # Enables generation of asynchronous REST clients if `rest` transport is - # enabled. By default, asynchronous REST clients will not be generated. - # This feature will be enabled by default 1 month after launching the - # feature in preview packages. - # @!attribute [rw] protobuf_pythonic_types_enabled - # @return [::Boolean] - # Enables generation of protobuf code using new types that are more - # Pythonic which are included in `protobuf>=5.29.x`. This feature will be - # enabled by default 1 month after launching the feature in preview - # packages. - # @!attribute [rw] unversioned_package_disabled - # @return [::Boolean] - # Disables generation of an unversioned Python package for this client - # library. This means that the module names will need to be versioned in - # import statements. For example `import google.cloud.library_v2` instead - # of `import google.cloud.library`. - class ExperimentalFeatures - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # Settings for Node client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - class NodeSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Settings for Dotnet client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - # @!attribute [rw] renamed_services - # @return [::Google::Protobuf::Map{::String => ::String}] - # Map from original service names to renamed versions. - # This is used when the default generated types - # would cause a naming conflict. (Neither name is - # fully-qualified.) - # Example: Subscriber to SubscriberServiceApi. - # @!attribute [rw] renamed_resources - # @return [::Google::Protobuf::Map{::String => ::String}] - # Map from full resource types to the effective short name - # for the resource. This is used when otherwise resource - # named from different services would cause naming collisions. - # Example entry: - # "datalabeling.googleapis.com/Dataset": "DataLabelingDataset" - # @!attribute [rw] ignored_resources - # @return [::Array<::String>] - # List of full resource types to ignore during generation. - # This is typically used for API-specific Location resources, - # which should be handled by the generator as if they were actually - # the common Location resources. - # Example entry: "documentai.googleapis.com/Location" - # @!attribute [rw] forced_namespace_aliases - # @return [::Array<::String>] - # Namespaces which must be aliased in snippets due to - # a known (but non-generator-predictable) naming collision - # @!attribute [rw] handwritten_signatures - # @return [::Array<::String>] - # Method signatures (in the form "service.method(signature)") - # which are provided separately, so shouldn't be generated. - # Snippets *calling* these methods are still generated, however. - class DotnetSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::String] - class RenamedServicesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::String] - class RenamedResourcesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # Settings for Ruby client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - class RubySettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Settings for Go client libraries. - # @!attribute [rw] common - # @return [::Google::Api::CommonLanguageSettings] - # Some settings. - # @!attribute [rw] renamed_services - # @return [::Google::Protobuf::Map{::String => ::String}] - # Map of service names to renamed services. Keys are the package relative - # service names and values are the name to be used for the service client - # and call options. - # - # publishing: - # go_settings: - # renamed_services: - # Publisher: TopicAdmin - class GoSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::String] - class RenamedServicesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # Describes the generator configuration for a method. - # @!attribute [rw] selector - # @return [::String] - # The fully qualified name of the method, for which the options below apply. - # This is used to find the method to apply the options. - # - # Example: - # - # publishing: - # method_settings: - # - selector: google.storage.control.v2.StorageControl.CreateFolder - # # method settings for CreateFolder... - # @!attribute [rw] long_running - # @return [::Google::Api::MethodSettings::LongRunning] - # Describes settings to use for long-running operations when generating - # API methods for RPCs. Complements RPCs that use the annotations in - # google/longrunning/operations.proto. - # - # Example of a YAML configuration:: - # - # publishing: - # method_settings: - # - selector: google.cloud.speech.v2.Speech.BatchRecognize - # long_running: - # initial_poll_delay: 60s # 1 minute - # poll_delay_multiplier: 1.5 - # max_poll_delay: 360s # 6 minutes - # total_poll_timeout: 54000s # 90 minutes - # @!attribute [rw] auto_populated_fields - # @return [::Array<::String>] - # List of top-level fields of the request message, that should be - # automatically populated by the client libraries based on their - # (google.api.field_info).format. Currently supported format: UUID4. - # - # Example of a YAML configuration: - # - # publishing: - # method_settings: - # - selector: google.example.v1.ExampleService.CreateExample - # auto_populated_fields: - # - request_id - class MethodSettings - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # Describes settings to use when generating API methods that use the - # long-running operation pattern. - # All default values below are from those used in the client library - # generators (e.g. - # [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)). - # @!attribute [rw] initial_poll_delay - # @return [::Google::Protobuf::Duration] - # Initial delay after which the first poll request will be made. - # Default value: 5 seconds. - # @!attribute [rw] poll_delay_multiplier - # @return [::Float] - # Multiplier to gradually increase delay between subsequent polls until it - # reaches max_poll_delay. - # Default value: 1.5. - # @!attribute [rw] max_poll_delay - # @return [::Google::Protobuf::Duration] - # Maximum time between two subsequent poll requests. - # Default value: 45 seconds. - # @!attribute [rw] total_poll_timeout - # @return [::Google::Protobuf::Duration] - # Total polling timeout. - # Default value: 5 minutes. - class LongRunning - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # This message is used to configure the generation of a subset of the RPCs in - # a service for client libraries. - # @!attribute [rw] methods - # @return [::Array<::String>] - # An allowlist of the fully qualified names of RPCs that should be included - # on public client surfaces. - # @!attribute [rw] generate_omitted_as_internal - # @return [::Boolean] - # Setting this to true indicates to the client generators that methods - # that would be excluded from the generation should instead be generated - # in a way that indicates these methods should not be consumed by - # end users. How this is expressed is up to individual language - # implementations to decide. Some examples may be: added annotations, - # obfuscated identifiers, or other language idiomatic patterns. - class SelectiveGapicGeneration - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # The organization for which the client libraries are being published. - # Affects the url where generated docs are published, etc. - module ClientLibraryOrganization - # Not useful. - CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED = 0 - - # Google Cloud Platform Org. - CLOUD = 1 - - # Ads (Advertising) Org. - ADS = 2 - - # Photos Org. - PHOTOS = 3 - - # Street View Org. - STREET_VIEW = 4 - - # Shopping Org. - SHOPPING = 5 - - # Geo Org. - GEO = 6 - - # Generative AI - https://developers.generativeai.google - GENERATIVE_AI = 7 - end - - # To where should client libraries be published? - module ClientLibraryDestination - # Client libraries will neither be generated nor published to package - # managers. - CLIENT_LIBRARY_DESTINATION_UNSPECIFIED = 0 - - # Generate the client library in a repo under github.com/googleapis, - # but don't publish it to package managers. - GITHUB = 10 - - # Publish the library to package managers like nuget.org and npmjs.com. - PACKAGE_MANAGER = 20 - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb deleted file mode 100644 index 582be187d115..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/field_behavior.rb +++ /dev/null @@ -1,85 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Api - # An indicator of the behavior of a given field (for example, that a field - # is required in requests, or given as output but ignored as input). - # This **does not** change the behavior in protocol buffers itself; it only - # denotes the behavior and may affect how API tooling handles the field. - # - # Note: This enum **may** receive new values in the future. - module FieldBehavior - # Conventional default for enums. Do not use this. - FIELD_BEHAVIOR_UNSPECIFIED = 0 - - # Specifically denotes a field as optional. - # While all fields in protocol buffers are optional, this may be specified - # for emphasis if appropriate. - OPTIONAL = 1 - - # Denotes a field as required. - # This indicates that the field **must** be provided as part of the request, - # and failure to do so will cause an error (usually `INVALID_ARGUMENT`). - REQUIRED = 2 - - # Denotes a field as output only. - # This indicates that the field is provided in responses, but including the - # field in a request does nothing (the server *must* ignore it and - # *must not* throw an error as a result of the field's presence). - OUTPUT_ONLY = 3 - - # Denotes a field as input only. - # This indicates that the field is provided in requests, and the - # corresponding field is not included in output. - INPUT_ONLY = 4 - - # Denotes a field as immutable. - # This indicates that the field may be set once in a request to create a - # resource, but may not be changed thereafter. - IMMUTABLE = 5 - - # Denotes that a (repeated) field is an unordered list. - # This indicates that the service may provide the elements of the list - # in any arbitrary order, rather than the order the user originally - # provided. Additionally, the list's order may or may not be stable. - UNORDERED_LIST = 6 - - # Denotes that this field returns a non-empty default value if not set. - # This indicates that if the user provides the empty value in a request, - # a non-empty value will be returned. The user will not be aware of what - # non-empty value to expect. - NON_EMPTY_DEFAULT = 7 - - # Denotes that the field in a resource (a message annotated with - # google.api.resource) is used in the resource name to uniquely identify the - # resource. For AIP-compliant APIs, this should only be applied to the - # `name` field on the resource. - # - # This behavior should not be applied to references to other resources within - # the message. - # - # The identifier field of resources often have different field behavior - # depending on the request it is embedded in (e.g. for Create methods name - # is optional and unused, while for Update methods it is required). Instead - # of method-specific annotations, only `IDENTIFIER` is required. - IDENTIFIER = 8 - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb deleted file mode 100644 index 9392a413fb1b..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/launch_stage.rb +++ /dev/null @@ -1,71 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Api - # The launch stage as defined by [Google Cloud Platform - # Launch Stages](https://cloud.google.com/terms/launch-stages). - module LaunchStage - # Do not use this default value. - LAUNCH_STAGE_UNSPECIFIED = 0 - - # The feature is not yet implemented. Users can not use it. - UNIMPLEMENTED = 6 - - # Prelaunch features are hidden from users and are only visible internally. - PRELAUNCH = 7 - - # Early Access features are limited to a closed group of testers. To use - # these features, you must sign up in advance and sign a Trusted Tester - # agreement (which includes confidentiality provisions). These features may - # be unstable, changed in backward-incompatible ways, and are not - # guaranteed to be released. - EARLY_ACCESS = 1 - - # Alpha is a limited availability test for releases before they are cleared - # for widespread use. By Alpha, all significant design issues are resolved - # and we are in the process of verifying functionality. Alpha customers - # need to apply for access, agree to applicable terms, and have their - # projects allowlisted. Alpha releases don't have to be feature complete, - # no SLAs are provided, and there are no technical support obligations, but - # they will be far enough along that customers can actually use them in - # test environments or for limited-use tests -- just like they would in - # normal production cases. - ALPHA = 2 - - # Beta is the point at which we are ready to open a release for any - # customer to use. There are no SLA or technical support obligations in a - # Beta release. Products will be complete from a feature perspective, but - # may have some open outstanding issues. Beta releases are suitable for - # limited production use cases. - BETA = 3 - - # GA features are open to all developers and are considered stable and - # fully qualified for production use. - GA = 4 - - # Deprecated features are scheduled to be shut down and removed. For more - # information, see the "Deprecation Policy" section of our [Terms of - # Service](https://cloud.google.com/terms/) - # and the [Google Cloud Platform Subject to the Deprecation - # Policy](https://cloud.google.com/terms/deprecation) documentation. - DEPRECATED = 5 - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb deleted file mode 100644 index 25dec4847ac1..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/api/resource.rb +++ /dev/null @@ -1,227 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Api - # A simple descriptor of a resource type. - # - # ResourceDescriptor annotates a resource message (either by means of a - # protobuf annotation or use in the service config), and associates the - # resource's schema, the resource type, and the pattern of the resource name. - # - # Example: - # - # message Topic { - # // Indicates this message defines a resource schema. - # // Declares the resource type in the format of {service}/{kind}. - # // For Kubernetes resources, the format is {api group}/{kind}. - # option (google.api.resource) = { - # type: "pubsub.googleapis.com/Topic" - # pattern: "projects/{project}/topics/{topic}" - # }; - # } - # - # The ResourceDescriptor Yaml config will look like: - # - # resources: - # - type: "pubsub.googleapis.com/Topic" - # pattern: "projects/{project}/topics/{topic}" - # - # Sometimes, resources have multiple patterns, typically because they can - # live under multiple parents. - # - # Example: - # - # message LogEntry { - # option (google.api.resource) = { - # type: "logging.googleapis.com/LogEntry" - # pattern: "projects/{project}/logs/{log}" - # pattern: "folders/{folder}/logs/{log}" - # pattern: "organizations/{organization}/logs/{log}" - # pattern: "billingAccounts/{billing_account}/logs/{log}" - # }; - # } - # - # The ResourceDescriptor Yaml config will look like: - # - # resources: - # - type: 'logging.googleapis.com/LogEntry' - # pattern: "projects/{project}/logs/{log}" - # pattern: "folders/{folder}/logs/{log}" - # pattern: "organizations/{organization}/logs/{log}" - # pattern: "billingAccounts/{billing_account}/logs/{log}" - # @!attribute [rw] type - # @return [::String] - # The resource type. It must be in the format of - # \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be - # singular and must not include version numbers. - # - # Example: `storage.googleapis.com/Bucket` - # - # The value of the resource_type_kind must follow the regular expression - # /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and - # should use PascalCase (UpperCamelCase). The maximum number of - # characters allowed for the `resource_type_kind` is 100. - # @!attribute [rw] pattern - # @return [::Array<::String>] - # Optional. The relative resource name pattern associated with this resource - # type. The DNS prefix of the full resource name shouldn't be specified here. - # - # The path pattern must follow the syntax, which aligns with HTTP binding - # syntax: - # - # Template = Segment { "/" Segment } ; - # Segment = LITERAL | Variable ; - # Variable = "{" LITERAL "}" ; - # - # Examples: - # - # - "projects/\\{project}/topics/\\{topic}" - # - "projects/\\{project}/knowledgeBases/\\{knowledge_base}" - # - # The components in braces correspond to the IDs for each resource in the - # hierarchy. It is expected that, if multiple patterns are provided, - # the same component name (e.g. "project") refers to IDs of the same - # type of resource. - # @!attribute [rw] name_field - # @return [::String] - # Optional. The field on the resource that designates the resource name - # field. If omitted, this is assumed to be "name". - # @!attribute [rw] history - # @return [::Google::Api::ResourceDescriptor::History] - # Optional. The historical or future-looking state of the resource pattern. - # - # Example: - # - # // The InspectTemplate message originally only supported resource - # // names with organization, and project was added later. - # message InspectTemplate { - # option (google.api.resource) = { - # type: "dlp.googleapis.com/InspectTemplate" - # pattern: - # "organizations/{organization}/inspectTemplates/{inspect_template}" - # pattern: "projects/{project}/inspectTemplates/{inspect_template}" - # history: ORIGINALLY_SINGLE_PATTERN - # }; - # } - # @!attribute [rw] plural - # @return [::String] - # The plural name used in the resource name and permission names, such as - # 'projects' for the resource name of 'projects/\\{project}' and the permission - # name of 'cloudresourcemanager.googleapis.com/projects.get'. One exception - # to this is for Nested Collections that have stuttering names, as defined - # in [AIP-122](https://google.aip.dev/122#nested-collections), where the - # collection ID in the resource name pattern does not necessarily directly - # match the `plural` value. - # - # It is the same concept of the `plural` field in k8s CRD spec - # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ - # - # Note: The plural form is required even for singleton resources. See - # https://aip.dev/156 - # @!attribute [rw] singular - # @return [::String] - # The same concept of the `singular` field in k8s CRD spec - # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ - # Such as "project" for the `resourcemanager.googleapis.com/Project` type. - # @!attribute [rw] style - # @return [::Array<::Google::Api::ResourceDescriptor::Style>] - # Style flag(s) for this resource. - # These indicate that a resource is expected to conform to a given - # style. See the specific style flags for additional information. - class ResourceDescriptor - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # A description of the historical or future-looking state of the - # resource pattern. - module History - # The "unset" value. - HISTORY_UNSPECIFIED = 0 - - # The resource originally had one pattern and launched as such, and - # additional patterns were added later. - ORIGINALLY_SINGLE_PATTERN = 1 - - # The resource has one pattern, but the API owner expects to add more - # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents - # that from being necessary once there are multiple patterns.) - FUTURE_MULTI_PATTERN = 2 - end - - # A flag representing a specific style that a resource claims to conform to. - module Style - # The unspecified value. Do not use. - STYLE_UNSPECIFIED = 0 - - # This resource is intended to be "declarative-friendly". - # - # Declarative-friendly resources must be more strictly consistent, and - # setting this to true communicates to tools that this resource should - # adhere to declarative-friendly expectations. - # - # Note: This is used by the API linter (linter.aip.dev) to enable - # additional checks. - DECLARATIVE_FRIENDLY = 1 - end - end - - # Defines a proto annotation that describes a string field that refers to - # an API resource. - # @!attribute [rw] type - # @return [::String] - # The resource type that the annotated field references. - # - # Example: - # - # message Subscription { - # string topic = 2 [(google.api.resource_reference) = { - # type: "pubsub.googleapis.com/Topic" - # }]; - # } - # - # Occasionally, a field may reference an arbitrary resource. In this case, - # APIs use the special value * in their resource reference. - # - # Example: - # - # message GetIamPolicyRequest { - # string resource = 2 [(google.api.resource_reference) = { - # type: "*" - # }]; - # } - # @!attribute [rw] child_type - # @return [::String] - # The resource type of a child collection that the annotated field - # references. This is useful for annotating the `parent` field that - # doesn't have a fixed resource type. - # - # Example: - # - # message ListLogEntriesRequest { - # string parent = 1 [(google.api.resource_reference) = { - # child_type: "logging.googleapis.com/LogEntry" - # }; - # } - class ResourceReference - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb deleted file mode 100644 index 810eb1c1a992..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/resources.rb +++ /dev/null @@ -1,374 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Cloud - module BinaryAuthorization - module V1 - # A {::Google::Cloud::BinaryAuthorization::V1::Policy policy} for container image binary authorization. - # @!attribute [r] name - # @return [::String] - # Output only. The resource name, in the format `projects/*/policy`. There is - # at most one policy per project. - # @!attribute [rw] description - # @return [::String] - # Optional. A descriptive comment. - # @!attribute [rw] global_policy_evaluation_mode - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy::GlobalPolicyEvaluationMode] - # Optional. Controls the evaluation of a Google-maintained global admission - # policy for common system-level images. Images not covered by the global - # policy will be subject to the project admission policy. This setting - # has no effect when specified inside a global admission policy. - # @!attribute [rw] admission_whitelist_patterns - # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern>] - # Optional. Admission policy allowlisting. A matching admission request will - # always be permitted. This feature is typically used to exclude Google or - # third-party infrastructure images from Binary Authorization policies. - # @!attribute [rw] cluster_admission_rules - # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] - # Optional. Per-cluster admission rules. Cluster spec format: - # `location.clusterId`. There can be at most one admission rule per cluster - # spec. - # A `location` is either a compute zone (e.g. us-central1-a) or a region - # (e.g. us-central1). - # For `clusterId` syntax restrictions see - # https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - # @!attribute [rw] kubernetes_namespace_admission_rules - # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] - # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: - # [a-z.-]+, e.g. 'some-namespace' - # @!attribute [rw] kubernetes_service_account_admission_rules - # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] - # Optional. Per-kubernetes-service-account admission rules. Service account - # spec format: `namespace:serviceaccount`. e.g. 'test-ns:default' - # @!attribute [rw] istio_service_identity_admission_rules - # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1::AdmissionRule}] - # Optional. Per-istio-service-identity admission rules. Istio service - # identity spec format: - # spiffe:///ns//sa/ or - # /ns//sa/ - # e.g. spiffe://example.com/ns/test-ns/sa/default - # @!attribute [rw] default_admission_rule - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] - # Required. Default admission rule for a cluster without a per-cluster, per- - # kubernetes-service-account, or per-istio-service-identity admission rule. - # @!attribute [r] update_time - # @return [::Google::Protobuf::Timestamp] - # Output only. Time when the policy was last updated. - class Policy - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] - class ClusterAdmissionRulesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] - class KubernetesNamespaceAdmissionRulesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] - class KubernetesServiceAccountAdmissionRulesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # @!attribute [rw] key - # @return [::String] - # @!attribute [rw] value - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule] - class IstioServiceIdentityAdmissionRulesEntry - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - module GlobalPolicyEvaluationMode - # Not specified: DISABLE is assumed. - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - - # Enables system policy evaluation. - ENABLE = 1 - - # Disables system policy evaluation. - DISABLE = 2 - end - end - - # An {::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern admission allowlist pattern} exempts images - # from checks by {::Google::Cloud::BinaryAuthorization::V1::AdmissionRule admission rules}. - # @!attribute [rw] name_pattern - # @return [::String] - # An image name pattern to allowlist, in the form `registry/path/to/image`. - # This supports a trailing `*` wildcard, but this is allowed only in - # text after the `registry/` part. This also supports a trailing `**` - # wildcard which matches subdirectories of a given entry. - class AdmissionWhitelistPattern - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # An {::Google::Cloud::BinaryAuthorization::V1::AdmissionRule admission rule} specifies either that all container images - # used in a pod creation request must be attested to by one or more - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, that all pod creations will be allowed, or that all - # pod creations will be denied. - # - # Images matching an {::Google::Cloud::BinaryAuthorization::V1::AdmissionWhitelistPattern admission allowlist pattern} - # are exempted from admission rules and will never block a pod creation. - # @!attribute [rw] evaluation_mode - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule::EvaluationMode] - # Required. How this admission rule will be evaluated. - # @!attribute [rw] require_attestations_by - # @return [::Array<::String>] - # Optional. The resource names of the attestors that must attest to - # a container image, in the format `projects/*/attestors/*`. Each - # attestor must exist before a policy can reference it. To add an attestor - # to a policy the principal issuing the policy change request must be able - # to read the attestor resource. - # - # Note: this field must be non-empty when the evaluation_mode field specifies - # REQUIRE_ATTESTATION, otherwise it must be empty. - # @!attribute [rw] enforcement_mode - # @return [::Google::Cloud::BinaryAuthorization::V1::AdmissionRule::EnforcementMode] - # Required. The action when a pod creation is denied by the admission rule. - class AdmissionRule - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - module EvaluationMode - # Do not use. - EVALUATION_MODE_UNSPECIFIED = 0 - - # This rule allows all all pod creations. - ALWAYS_ALLOW = 1 - - # This rule allows a pod creation if all the attestors listed in - # 'require_attestations_by' have valid attestations for all of the - # images in the pod spec. - REQUIRE_ATTESTATION = 2 - - # This rule denies all pod creations. - ALWAYS_DENY = 3 - end - - # Defines the possible actions when a pod creation is denied by an admission - # rule. - module EnforcementMode - # Do not use. - ENFORCEMENT_MODE_UNSPECIFIED = 0 - - # Enforce the admission rule by blocking the pod creation. - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - - # Dryrun mode: Audit logging only. This will allow the pod creation as if - # the admission request had specified break-glass. - DRYRUN_AUDIT_LOG_ONLY = 2 - end - end - - # An {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} that attests to container image - # artifacts. An existing attestor cannot be modified except where - # indicated. - # @!attribute [rw] name - # @return [::String] - # Required. The resource name, in the format: - # `projects/*/attestors/*`. This field may not be updated. - # @!attribute [rw] description - # @return [::String] - # Optional. A descriptive comment. This field may be updated. - # The field may be displayed in chooser dialogs. - # @!attribute [rw] user_owned_grafeas_note - # @return [::Google::Cloud::BinaryAuthorization::V1::UserOwnedGrafeasNote] - # This specifies how an attestation will be read, and how it will be used - # during policy enforcement. - # @!attribute [r] update_time - # @return [::Google::Protobuf::Timestamp] - # Output only. Time when the attestor was last updated. - class Attestor - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # An {::Google::Cloud::BinaryAuthorization::V1::UserOwnedGrafeasNote user owned Grafeas note} references a Grafeas - # Attestation.Authority Note created by the user. - # @!attribute [rw] note_reference - # @return [::String] - # Required. The Grafeas resource name of a Attestation.Authority Note, - # created by the user, in the format: `projects/*/notes/*`. This field may - # not be updated. - # - # An attestation by this attestor is stored as a Grafeas - # Attestation.Authority Occurrence that names a container image and that - # links to this Note. Grafeas is an external dependency. - # @!attribute [rw] public_keys - # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::AttestorPublicKey>] - # Optional. Public keys that verify attestations signed by this - # attestor. This field may be updated. - # - # If this field is non-empty, one of the specified public keys must - # verify that an attestation was signed by this attestor for the - # image specified in the admission request. - # - # If this field is empty, this attestor always returns that no - # valid attestations exist. - # @!attribute [r] delegation_service_account_email - # @return [::String] - # Output only. This field will contain the service account email address - # that this Attestor will use as the principal when querying Container - # Analysis. Attestor administrators must grant this service account the - # IAM role needed to read attestations from the [note_reference][Note] in - # Container Analysis (`containeranalysis.notes.occurrences.viewer`). - # - # This email address is fixed for the lifetime of the Attestor, but callers - # should not make any other assumptions about the service account email; - # future versions may use an email based on a different naming pattern. - class UserOwnedGrafeasNote - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # A public key in the PkixPublicKey format (see - # https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). - # Public keys of this type are typically textually encoded using the PEM - # format. - # @!attribute [rw] public_key_pem - # @return [::String] - # A PEM-encoded public key, as described in - # https://tools.ietf.org/html/rfc7468#section-13 - # @!attribute [rw] signature_algorithm - # @return [::Google::Cloud::BinaryAuthorization::V1::PkixPublicKey::SignatureAlgorithm] - # The signature algorithm used to verify a message against a signature using - # this key. - # These signature algorithm must match the structure and any object - # identifiers encoded in `public_key_pem` (i.e. this algorithm must match - # that of the public key). - class PkixPublicKey - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # Represents a signature algorithm and other information necessary to verify - # signatures with a given public key. - # This is based primarily on the public key types supported by Tink's - # PemKeyType, which is in turn based on KMS's supported signing algorithms. - # See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz - # might support additional public key types independently of Tink and/or KMS. - module SignatureAlgorithm - # Not specified. - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - - # RSASSA-PSS 2048 bit key with a SHA256 digest. - RSA_PSS_2048_SHA256 = 1 - - # RSASSA-PSS 3072 bit key with a SHA256 digest. - RSA_PSS_3072_SHA256 = 2 - - # RSASSA-PSS 4096 bit key with a SHA256 digest. - RSA_PSS_4096_SHA256 = 3 - - # RSASSA-PSS 4096 bit key with a SHA512 digest. - RSA_PSS_4096_SHA512 = 4 - - # RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_2048_SHA256 = 5 - - # RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_3072_SHA256 = 6 - - # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_4096_SHA256 = 7 - - # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - RSA_SIGN_PKCS1_4096_SHA512 = 8 - - # ECDSA on the NIST P-256 curve with a SHA256 digest. - ECDSA_P256_SHA256 = 9 - - # ECDSA on the NIST P-256 curve with a SHA256 digest. - EC_SIGN_P256_SHA256 = 9 - - # ECDSA on the NIST P-384 curve with a SHA384 digest. - ECDSA_P384_SHA384 = 10 - - # ECDSA on the NIST P-384 curve with a SHA384 digest. - EC_SIGN_P384_SHA384 = 10 - - # ECDSA on the NIST P-521 curve with a SHA512 digest. - ECDSA_P521_SHA512 = 11 - - # ECDSA on the NIST P-521 curve with a SHA512 digest. - EC_SIGN_P521_SHA512 = 11 - end - end - - # An {::Google::Cloud::BinaryAuthorization::V1::AttestorPublicKey attestor public key} that will be used to verify - # attestations signed by this attestor. - # @!attribute [rw] comment - # @return [::String] - # Optional. A descriptive comment. This field may be updated. - # @!attribute [rw] id - # @return [::String] - # The ID of this public key. - # Signatures verified by BinAuthz must include the ID of the public key that - # can be used to verify them, and that ID must match the contents of this - # field exactly. - # Additional restrictions on this field can be imposed based on which public - # key type is encapsulated. See the documentation on `public_key` cases below - # for details. - # @!attribute [rw] ascii_armored_pgp_public_key - # @return [::String] - # ASCII-armored representation of a PGP public key, as the entire output by - # the command `gpg --export --armor foo@example.com` (either LF or CRLF - # line endings). - # When using this field, `id` should be left blank. The BinAuthz API - # handlers will calculate the ID and fill it in automatically. BinAuthz - # computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as - # upper-case hex. If `id` is provided by the caller, it will be - # overwritten by the API-calculated ID. - # - # Note: The following fields are mutually exclusive: `ascii_armored_pgp_public_key`, `pkix_public_key`. If a field in that set is populated, all other fields in the set will automatically be cleared. - # @!attribute [rw] pkix_public_key - # @return [::Google::Cloud::BinaryAuthorization::V1::PkixPublicKey] - # A raw PKIX SubjectPublicKeyInfo format public key. - # - # NOTE: `id` may be explicitly provided by the caller when using this - # type of public key, but it MUST be a valid RFC3986 URI. If `id` is left - # blank, a default one will be computed based on the digest of the DER - # encoding of the public key. - # - # Note: The following fields are mutually exclusive: `pkix_public_key`, `ascii_armored_pgp_public_key`. If a field in that set is populated, all other fields in the set will automatically be cleared. - class AttestorPublicKey - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb deleted file mode 100644 index 995b068a0e85..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/cloud/binaryauthorization/v1/service.rb +++ /dev/null @@ -1,189 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Cloud - module BinaryAuthorization - module V1 - # Request message for [BinauthzManagementService.GetPolicy][]. - # @!attribute [rw] name - # @return [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Policy policy} to retrieve, - # in the format `projects/*/policy`. - class GetPolicyRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.UpdatePolicy][]. - # @!attribute [rw] policy - # @return [::Google::Cloud::BinaryAuthorization::V1::Policy] - # Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1::Policy policy} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Policy#name policy name} field with the resource name in - # the request URL, in the format `projects/*/policy`. - class UpdatePolicyRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.CreateAttestor][]. - # @!attribute [rw] parent - # @return [::String] - # Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor}. - # @!attribute [rw] attestor_id - # @return [::String] - # Required. The {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} ID. - # @!attribute [rw] attestor - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # Required. The initial {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name, - # in the format `projects/*/attestors/*`. - class CreateAttestorRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.GetAttestor][]. - # @!attribute [rw] name - # @return [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} to retrieve, in the format - # `projects/*/attestors/*`. - class GetAttestorRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.UpdateAttestor][]. - # @!attribute [rw] attestor - # @return [::Google::Cloud::BinaryAuthorization::V1::Attestor] - # Required. The updated {::Google::Cloud::BinaryAuthorization::V1::Attestor attestor} value. The service will - # overwrite the {::Google::Cloud::BinaryAuthorization::V1::Attestor#name attestor name} field with the resource name - # in the request URL, in the format `projects/*/attestors/*`. - class UpdateAttestorRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.ListAttestors][]. - # @!attribute [rw] parent - # @return [::String] - # Required. The resource name of the project associated with the - # {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}, in the format `projects/*`. - # @!attribute [rw] page_size - # @return [::Integer] - # Requested page size. The server may return fewer results than requested. If - # unspecified, the server will pick an appropriate default. - # @!attribute [rw] page_token - # @return [::String] - # A token identifying a page of results the server should return. Typically, - # this is the value of {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned - # from the previous call to the `ListAttestors` method. - class ListAttestorsRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Response message for [BinauthzManagementService.ListAttestors][]. - # @!attribute [rw] attestors - # @return [::Array<::Google::Cloud::BinaryAuthorization::V1::Attestor>] - # The list of {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors}. - # @!attribute [rw] next_page_token - # @return [::String] - # A token to retrieve the next page of results. Pass this value in the - # {::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token} field in the subsequent call to the - # `ListAttestors` method to retrieve the next page of results. - class ListAttestorsResponse - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for [BinauthzManagementService.DeleteAttestor][]. - # @!attribute [rw] name - # @return [::String] - # Required. The name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor attestors} to delete, in the format - # `projects/*/attestors/*`. - class DeleteAttestorRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request to read the current system policy. - # @!attribute [rw] name - # @return [::String] - # Required. The resource name, in the format `locations/*/policy`. - # Note that the system policy is not associated with a project. - class GetSystemPolicyRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Request message for - # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}. - # @!attribute [rw] attestor - # @return [::String] - # Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1::Attestor Attestor} of the - # [occurrence][grafeas.v1.Occurrence], in the format - # `projects/*/attestors/*`. - # @!attribute [rw] attestation - # @return [::Grafeas::V1::AttestationOccurrence] - # Required. An {::Grafeas::V1::AttestationOccurrence AttestationOccurrence} to - # be checked that it can be verified by the Attestor. It does not have to be - # an existing entity in Container Analysis. It must otherwise be a valid - # AttestationOccurrence. - # @!attribute [rw] occurrence_note - # @return [::String] - # Required. The resource name of the [Note][grafeas.v1.Note] to which the - # containing [Occurrence][grafeas.v1.Occurrence] is associated. - # @!attribute [rw] occurrence_resource_uri - # @return [::String] - # Required. The URI of the artifact (e.g. container image) that is the - # subject of the containing [Occurrence][grafeas.v1.Occurrence]. - class ValidateAttestationOccurrenceRequest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Response message for - # {::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence ValidationHelperV1.ValidateAttestationOccurrence}. - # @!attribute [rw] result - # @return [::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse::Result] - # The result of the Attestation validation. - # @!attribute [rw] denial_reason - # @return [::String] - # The reason for denial if the Attestation couldn't be validated. - class ValidateAttestationOccurrenceResponse - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # The enum returned in the "result" field. - module Result - # Unspecified. - RESULT_UNSPECIFIED = 0 - - # The Attestation was able to verified by the Attestor. - VERIFIED = 1 - - # The Attestation was not able to verified by the Attestor. - ATTESTATION_NOT_VERIFIABLE = 2 - end - end - end - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb deleted file mode 100644 index ea59f1f91daf..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/duration.rb +++ /dev/null @@ -1,98 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Protobuf - # A Duration represents a signed, fixed-length span of time represented - # as a count of seconds and fractions of seconds at nanosecond - # resolution. It is independent of any calendar and concepts like "day" - # or "month". It is related to Timestamp in that the difference between - # two Timestamp values is a Duration and it can be added or subtracted - # from a Timestamp. Range is approximately +-10,000 years. - # - # # Examples - # - # Example 1: Compute Duration from two Timestamps in pseudo code. - # - # Timestamp start = ...; - # Timestamp end = ...; - # Duration duration = ...; - # - # duration.seconds = end.seconds - start.seconds; - # duration.nanos = end.nanos - start.nanos; - # - # if (duration.seconds < 0 && duration.nanos > 0) { - # duration.seconds += 1; - # duration.nanos -= 1000000000; - # } else if (duration.seconds > 0 && duration.nanos < 0) { - # duration.seconds -= 1; - # duration.nanos += 1000000000; - # } - # - # Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. - # - # Timestamp start = ...; - # Duration duration = ...; - # Timestamp end = ...; - # - # end.seconds = start.seconds + duration.seconds; - # end.nanos = start.nanos + duration.nanos; - # - # if (end.nanos < 0) { - # end.seconds -= 1; - # end.nanos += 1000000000; - # } else if (end.nanos >= 1000000000) { - # end.seconds += 1; - # end.nanos -= 1000000000; - # } - # - # Example 3: Compute Duration from datetime.timedelta in Python. - # - # td = datetime.timedelta(days=3, minutes=10) - # duration = Duration() - # duration.FromTimedelta(td) - # - # # JSON Mapping - # - # In JSON format, the Duration type is encoded as a string rather than an - # object, where the string ends in the suffix "s" (indicating seconds) and - # is preceded by the number of seconds, with nanoseconds expressed as - # fractional seconds. For example, 3 seconds with 0 nanoseconds should be - # encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should - # be expressed in JSON format as "3.000000001s", and 3 seconds and 1 - # microsecond should be expressed in JSON format as "3.000001s". - # @!attribute [rw] seconds - # @return [::Integer] - # Signed seconds of the span of time. Must be from -315,576,000,000 - # to +315,576,000,000 inclusive. Note: these bounds are computed from: - # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - # @!attribute [rw] nanos - # @return [::Integer] - # Signed fractions of a second at nanosecond resolution of the span - # of time. Durations less than one second are represented with a 0 - # `seconds` field and a positive or negative `nanos` field. For durations - # of one second or more, a non-zero value for the `nanos` field must be - # of the same sign as the `seconds` field. Must be from -999,999,999 - # to +999,999,999 inclusive. - class Duration - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb deleted file mode 100644 index 83e4481834a6..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/empty.rb +++ /dev/null @@ -1,34 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Protobuf - # A generic empty message that you can re-use to avoid defining duplicated - # empty messages in your APIs. A typical example is to use it as the request - # or the response type of an API method. For instance: - # - # service Foo { - # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); - # } - class Empty - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb deleted file mode 100644 index 74352be9c58c..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/google/protobuf/timestamp.rb +++ /dev/null @@ -1,127 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Google - module Protobuf - # A Timestamp represents a point in time independent of any time zone or local - # calendar, encoded as a count of seconds and fractions of seconds at - # nanosecond resolution. The count is relative to an epoch at UTC midnight on - # January 1, 1970, in the proleptic Gregorian calendar which extends the - # Gregorian calendar backwards to year one. - # - # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap - # second table is needed for interpretation, using a [24-hour linear - # smear](https://developers.google.com/time/smear). - # - # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By - # restricting to that range, we ensure that we can convert to and from [RFC - # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings. - # - # # Examples - # - # Example 1: Compute Timestamp from POSIX `time()`. - # - # Timestamp timestamp; - # timestamp.set_seconds(time(NULL)); - # timestamp.set_nanos(0); - # - # Example 2: Compute Timestamp from POSIX `gettimeofday()`. - # - # struct timeval tv; - # gettimeofday(&tv, NULL); - # - # Timestamp timestamp; - # timestamp.set_seconds(tv.tv_sec); - # timestamp.set_nanos(tv.tv_usec * 1000); - # - # Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. - # - # FILETIME ft; - # GetSystemTimeAsFileTime(&ft); - # UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; - # - # // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z - # // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. - # Timestamp timestamp; - # timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); - # timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); - # - # Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. - # - # long millis = System.currentTimeMillis(); - # - # Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) - # .setNanos((int) ((millis % 1000) * 1000000)).build(); - # - # Example 5: Compute Timestamp from Java `Instant.now()`. - # - # Instant now = Instant.now(); - # - # Timestamp timestamp = - # Timestamp.newBuilder().setSeconds(now.getEpochSecond()) - # .setNanos(now.getNano()).build(); - # - # Example 6: Compute Timestamp from current time in Python. - # - # timestamp = Timestamp() - # timestamp.GetCurrentTime() - # - # # JSON Mapping - # - # In JSON format, the Timestamp type is encoded as a string in the - # [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the - # format is "\\{year}-\\{month}-\\{day}T\\{hour}:\\{min}:\\{sec}[.\\{frac_sec}]Z" - # where \\{year} is always expressed using four digits while \\{month}, \\{day}, - # \\{hour}, \\{min}, and \\{sec} are zero-padded to two digits each. The fractional - # seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), - # are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone - # is required. A proto3 JSON serializer should always use UTC (as indicated by - # "Z") when printing the Timestamp type and a proto3 JSON parser should be - # able to accept both UTC and other timezones (as indicated by an offset). - # - # For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past - # 01:30 UTC on January 15, 2017. - # - # In JavaScript, one can convert a Date object to this format using the - # standard - # [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString) - # method. In Python, a standard `datetime.datetime` object can be converted - # to this format using - # [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with - # the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use - # the Joda Time's [`ISODateTimeFormat.dateTime()`]( - # http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime() - # ) to obtain a formatter capable of generating timestamps in this format. - # @!attribute [rw] seconds - # @return [::Integer] - # Represents seconds of UTC time since Unix epoch - # 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to - # 9999-12-31T23:59:59Z inclusive. - # @!attribute [rw] nanos - # @return [::Integer] - # Non-negative fractions of a second at nanosecond resolution. Negative - # second values with fractions must still have non-negative nanos values - # that count forward in time. Must be from 0 to 999,999,999 - # inclusive. - class Timestamp - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb deleted file mode 100644 index 23895f01f033..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/attestation.rb +++ /dev/null @@ -1,98 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Grafeas - module V1 - # Note kind that represents a logical attestation "role" or "authority". For - # example, an organization might have one `Authority` for "QA" and one for - # "build". This note is intended to act strictly as a grouping mechanism for - # the attached occurrences (Attestations). This grouping mechanism also - # provides a security boundary, since IAM ACLs gate the ability for a principle - # to attach an occurrence to a given note. It also provides a single point of - # lookup to find all attached attestation occurrences, even if they don't all - # live in the same project. - # @!attribute [rw] hint - # @return [::Grafeas::V1::AttestationNote::Hint] - # Hint hints at the purpose of the attestation authority. - class AttestationNote - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - - # This submessage provides human-readable hints about the purpose of the - # authority. Because the name of a note acts as its resource reference, it is - # important to disambiguate the canonical name of the Note (which might be a - # UUID for security purposes) from "readable" names more suitable for debug - # output. Note that these hints should not be used to look up authorities in - # security sensitive contexts, such as when looking up attestations to - # verify. - # @!attribute [rw] human_readable_name - # @return [::String] - # Required. The human readable name of this attestation authority, for - # example "qa". - class Hint - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end - - # @!attribute [rw] compact_jwt - # @return [::String] - # The compact encoding of a JWS, which is always three base64 encoded strings - # joined by periods. For details, see: - # https://tools.ietf.org/html/rfc7515.html#section-3.1 - class Jwt - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Occurrence that represents a single "attestation". The authenticity of an - # attestation can be verified using the attached signature. If the verifier - # trusts the public key of the signer, then verifying the signature is - # sufficient to establish trust. In this circumstance, the authority to which - # this attestation is attached is primarily useful for lookup (how to find - # this attestation if you already know the authority and artifact to be - # verified) and intent (for which authority this attestation was intended to - # sign. - # @!attribute [rw] serialized_payload - # @return [::String] - # Required. The serialized payload that is verified by one or more - # `signatures`. - # @!attribute [rw] signatures - # @return [::Array<::Grafeas::V1::Signature>] - # One or more signatures over `serialized_payload`. Verifier implementations - # should consider this attestation message verified if at least one - # `signature` verifies `serialized_payload`. See `Signature` in common.proto - # for more details on signature structure and verification. - # @!attribute [rw] jwts - # @return [::Array<::Grafeas::V1::Jwt>] - # One or more JWTs encoding a self-contained attestation. - # Each JWT encodes the payload that it verifies within the JWT itself. - # Verifier implementation SHOULD ignore the `serialized_payload` field - # when verifying these JWTs. - # If only JWTs are present on this AttestationOccurrence, then the - # `serialized_payload` SHOULD be left empty. - # Each JWT SHOULD encode a claim specific to the `resource_uri` of this - # Occurrence, but this is not validated by Grafeas metadata API - # implementations. The JWT itself is opaque to Grafeas. - class AttestationOccurrence - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb deleted file mode 100644 index 75da254c18f2..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/proto_docs/grafeas/v1/common.rb +++ /dev/null @@ -1,239 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - - -module Grafeas - module V1 - # Metadata for any related URL information. - # @!attribute [rw] url - # @return [::String] - # Specific URL associated with the resource. - # @!attribute [rw] label - # @return [::String] - # Label to describe usage of the URL. - class RelatedUrl - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Verifiers (e.g. Kritis implementations) MUST verify signatures - # with respect to the trust anchors defined in policy (e.g. a Kritis policy). - # Typically this means that the verifier has been configured with a map from - # `public_key_id` to public key material (and any required parameters, e.g. - # signing algorithm). - # - # In particular, verification implementations MUST NOT treat the signature - # `public_key_id` as anything more than a key lookup hint. The `public_key_id` - # DOES NOT validate or authenticate a public key; it only provides a mechanism - # for quickly selecting a public key ALREADY CONFIGURED on the verifier through - # a trusted channel. Verification implementations MUST reject signatures in any - # of the following circumstances: - # * The `public_key_id` is not recognized by the verifier. - # * The public key that `public_key_id` refers to does not verify the - # signature with respect to the payload. - # - # The `signature` contents SHOULD NOT be "attached" (where the payload is - # included with the serialized `signature` bytes). Verifiers MUST ignore any - # "attached" payload and only verify signatures with respect to explicitly - # provided payload (e.g. a `payload` field on the proto message that holds - # this Signature, or the canonical serialization of the proto message that - # holds this signature). - # @!attribute [rw] signature - # @return [::String] - # The content of the signature, an opaque bytestring. - # The payload that this signature verifies MUST be unambiguously provided - # with the Signature during verification. A wrapper message might provide - # the payload explicitly. Alternatively, a message might have a canonical - # serialization that can always be unambiguously computed to derive the - # payload. - # @!attribute [rw] public_key_id - # @return [::String] - # The identifier for the public key that verifies this signature. - # * The `public_key_id` is required. - # * The `public_key_id` SHOULD be an RFC3986 conformant URI. - # * When possible, the `public_key_id` SHOULD be an immutable reference, - # such as a cryptographic digest. - # - # Examples of valid `public_key_id`s: - # - # OpenPGP V4 public key fingerprint: - # * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" - # See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more - # details on this scheme. - # - # RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER - # serialization): - # * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU" - # * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5" - class Signature - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # MUST match - # https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An - # authenticated message of arbitrary type. - # @!attribute [rw] payload - # @return [::String] - # @!attribute [rw] payload_type - # @return [::String] - # @!attribute [rw] signatures - # @return [::Array<::Grafeas::V1::EnvelopeSignature>] - class Envelope - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # @!attribute [rw] sig - # @return [::String] - # @!attribute [rw] keyid - # @return [::String] - class EnvelopeSignature - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Indicates the location at which a package was found. - # @!attribute [rw] file_path - # @return [::String] - # For jars that are contained inside .war files, this filepath - # can indicate the path to war file combined with the path to jar file. - # @!attribute [rw] layer_details - # @return [::Grafeas::V1::LayerDetails] - # Each package found in a file should have its own layer metadata (that is, - # information from the origin layer of the package). - class FileLocation - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # BaseImage describes a base image of a container image. - # @!attribute [rw] name - # @return [::String] - # The name of the base image. - # @!attribute [rw] repository - # @return [::String] - # The repository name in which the base image is from. - # @!attribute [rw] layer_count - # @return [::Integer] - # The number of layers that the base image is composed of. - # @!attribute [rw] registry - # @return [::String] - # The registry in which the base image is from. - class BaseImage - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Details about the layer a package was found in. - # @!attribute [rw] index - # @return [::Integer] - # The index of the layer in the container image. - # @!attribute [rw] diff_id - # @return [::String] - # The diff ID (typically a sha256 hash) of the layer in the container image. - # @!attribute [rw] chain_id - # @return [::String] - # The layer chain ID (sha256 hash) of the layer in the container image. - # https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid - # @!attribute [rw] command - # @return [::String] - # The layer build command that was used to build the layer. This may not be - # found in all layers depending on how the container image is built. - # @!attribute [rw] base_images - # @return [::Array<::Grafeas::V1::BaseImage>] - # The base images the layer is found within. - class LayerDetails - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # License information. - # @!attribute [rw] expression - # @return [::String] - # Often a single license can be used to represent the licensing terms. - # Sometimes it is necessary to include a choice of one or more licenses - # or some combination of license identifiers. - # Examples: "LGPL-2.1-only OR MIT", "LGPL-2.1-only AND MIT", - # "GPL-2.0-or-later WITH Bison-exception-2.2". - # @!attribute [rw] comments - # @return [::String] - # Comments - class License - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Digest information. - # @!attribute [rw] algo - # @return [::String] - # `SHA1`, `SHA512` etc. - # @!attribute [rw] digest_bytes - # @return [::String] - # Value of the digest. - class Digest - include ::Google::Protobuf::MessageExts - extend ::Google::Protobuf::MessageExts::ClassMethods - end - - # Kind represents the kinds of notes supported. - module NoteKind - # Default value. This value is unused. - NOTE_KIND_UNSPECIFIED = 0 - - # The note and occurrence represent a package vulnerability. - VULNERABILITY = 1 - - # The note and occurrence assert build provenance. - BUILD = 2 - - # This represents an image basis relationship. - IMAGE = 3 - - # This represents a package installed via a package manager. - PACKAGE = 4 - - # The note and occurrence track deployment events. - DEPLOYMENT = 5 - - # The note and occurrence track the initial discovery status of a resource. - DISCOVERY = 6 - - # This represents a logical "role" that can attest to artifacts. - ATTESTATION = 7 - - # This represents an available package upgrade. - UPGRADE = 8 - - # This represents a Compliance Note - COMPLIANCE = 9 - - # This represents a DSSE attestation Note - DSSE_ATTESTATION = 10 - - # This represents a Vulnerability Assessment. - VULNERABILITY_ASSESSMENT = 11 - - # This represents an SBOM Reference. - SBOM_REFERENCE = 12 - - # This represents a secret. - SECRET = 13 - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile deleted file mode 100644 index b15f486811b4..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/Gemfile +++ /dev/null @@ -1,32 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -source "https://rubygems.org" - -if ENV["GOOGLE_CLOUD_SAMPLES_TEST"] == "master" - gem "google-cloud-binary_authorization-v1", path: "../" -else - gem "google-cloud-binary_authorization-v1" -end - -group :test do - gem "google-style", "~> 1.26.1" - gem "minitest", "~> 5.16" - gem "minitest-focus", "~> 1.1" - gem "minitest-hooks", "~> 1.5" -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb deleted file mode 100644 index d3d3d9cfbd30..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/create_attestor.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the create_attestor call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor. -# -def create_attestor - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new - - # Call the create_attestor method. - result = client.create_attestor request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb deleted file mode 100644 index 3746ae61fee1..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/delete_attestor.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the delete_attestor call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor. -# -def delete_attestor - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new - - # Call the delete_attestor method. - result = client.delete_attestor request - - # The returned object is of type Google::Protobuf::Empty. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb deleted file mode 100644 index fc121e0e7a05..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_attestor.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the get_attestor call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor. -# -def get_attestor - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new - - # Call the get_attestor method. - result = client.get_attestor request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb deleted file mode 100644 index db65dadfc232..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/get_policy.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the get_policy call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy. -# -def get_policy - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new - - # Call the get_policy method. - result = client.get_policy request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb deleted file mode 100644 index 50bf5c28142b..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/list_attestors.rb +++ /dev/null @@ -1,51 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the list_attestors call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors. -# -def list_attestors - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new - - # Call the list_attestors method. - result = client.list_attestors request - - # The returned object is of type Gapic::PagedEnumerable. You can iterate - # over elements, and API calls will be issued to fetch pages as needed. - result.each do |item| - # Each element is of type ::Google::Cloud::BinaryAuthorization::V1::Attestor. - p item - end -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb deleted file mode 100644 index a4228606d221..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_attestor.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the update_attestor call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor. -# -def update_attestor - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new - - # Call the update_attestor method. - result = client.update_attestor request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Attestor. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb deleted file mode 100644 index c27d96a7f3ce..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/binauthz_management_service/update_policy.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the update_policy call in the BinauthzManagementService service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy. -# -def update_policy - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new - - # Call the update_policy method. - result = client.update_policy request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - p result -end -# [END binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json deleted file mode 100644 index b74cbd346028..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/snippet_metadata_google.cloud.binaryauthorization.v1.json +++ /dev/null @@ -1,375 +0,0 @@ -{ - "client_library": { - "name": "google-cloud-binary_authorization-v1", - "version": "", - "language": "RUBY", - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ] - }, - "snippets": [ - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_GetPolicy_sync", - "title": "Snippet for the get_policy call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy.", - "file": "binauthz_management_service/get_policy.rb", - "language": "RUBY", - "client_method": { - "short_name": "get_policy", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_policy", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "GetPolicy", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_UpdatePolicy_sync", - "title": "Snippet for the update_policy call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy.", - "file": "binauthz_management_service/update_policy.rb", - "language": "RUBY", - "client_method": { - "short_name": "update_policy", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_policy", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "UpdatePolicy", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_CreateAttestor_sync", - "title": "Snippet for the create_attestor call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor.", - "file": "binauthz_management_service/create_attestor.rb", - "language": "RUBY", - "client_method": { - "short_name": "create_attestor", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#create_attestor", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "CreateAttestor", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_GetAttestor_sync", - "title": "Snippet for the get_attestor call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor.", - "file": "binauthz_management_service/get_attestor.rb", - "language": "RUBY", - "client_method": { - "short_name": "get_attestor", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#get_attestor", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "GetAttestor", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_UpdateAttestor_sync", - "title": "Snippet for the update_attestor call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor.", - "file": "binauthz_management_service/update_attestor.rb", - "language": "RUBY", - "client_method": { - "short_name": "update_attestor", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#update_attestor", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Attestor", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "UpdateAttestor", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_ListAttestors_sync", - "title": "Snippet for the list_attestors call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors.", - "file": "binauthz_management_service/list_attestors.rb", - "language": "RUBY", - "client_method": { - "short_name": "list_attestors", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#list_attestors", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "ListAttestors", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 50, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_BinauthzManagementService_DeleteAttestor_sync", - "title": "Snippet for the delete_attestor call in the BinauthzManagementService service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor.", - "file": "binauthz_management_service/delete_attestor.rb", - "language": "RUBY", - "client_method": { - "short_name": "delete_attestor", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client#delete_attestor", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest", - "name": "request" - } - ], - "result_type": "::Google::Protobuf::Empty", - "client": { - "short_name": "BinauthzManagementService::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client" - }, - "method": { - "short_name": "DeleteAttestor", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "short_name": "BinauthzManagementService", - "full_name": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync", - "title": "Snippet for the get_system_policy call in the SystemPolicy service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy.", - "file": "system_policy/get_system_policy.rb", - "language": "RUBY", - "client_method": { - "short_name": "get_system_policy", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::Policy", - "client": { - "short_name": "SystemPolicy::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client" - }, - "method": { - "short_name": "GetSystemPolicy", - "full_name": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "short_name": "SystemPolicy", - "full_name": "google.cloud.binaryauthorization.v1.SystemPolicyV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - }, - { - "region_tag": "binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync", - "title": "Snippet for the validate_attestation_occurrence call in the ValidationHelper service", - "description": "This is an auto-generated example demonstrating basic usage of Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence.", - "file": "validation_helper/validate_attestation_occurrence.rb", - "language": "RUBY", - "client_method": { - "short_name": "validate_attestation_occurrence", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence", - "async": false, - "parameters": [ - { - "type": "::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest", - "name": "request" - } - ], - "result_type": "::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse", - "client": { - "short_name": "ValidationHelper::Client", - "full_name": "::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client" - }, - "method": { - "short_name": "ValidateAttestationOccurrence", - "full_name": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "short_name": "ValidationHelper", - "full_name": "google.cloud.binaryauthorization.v1.ValidationHelperV1" - } - } - }, - "canonical": true, - "origin": "API_DEFINITION", - "segments": [ - { - "start": 20, - "end": 46, - "type": "FULL" - } - ] - } - ] -} \ No newline at end of file diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb deleted file mode 100644 index 03c084a5d4a3..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/system_policy/get_system_policy.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the get_system_policy call in the SystemPolicy service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client#get_system_policy. -# -def get_system_policy - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new - - # Call the get_system_policy method. - result = client.get_system_policy request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::Policy. - p result -end -# [END binaryauthorization_v1_generated_SystemPolicy_GetSystemPolicy_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb deleted file mode 100644 index ce37ef22ca28..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/snippets/validation_helper/validate_attestation_occurrence.rb +++ /dev/null @@ -1,47 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -# [START binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync] -require "google/cloud/binary_authorization/v1" - -## -# Snippet for the validate_attestation_occurrence call in the ValidationHelper service -# -# This snippet has been automatically generated and should be regarded as a code -# template only. It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in https://cloud.google.com/ruby/docs/reference. -# -# This is an auto-generated example demonstrating basic usage of -# Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client#validate_attestation_occurrence. -# -def validate_attestation_occurrence - # Create a client object. The client can be reused for multiple calls. - client = Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new - - # Create a request. To set request fields, pass in keyword arguments. - request = Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new - - # Call the validate_attestation_occurrence method. - result = client.validate_attestation_occurrence request - - # The returned object is of type Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse. - p result -end -# [END binaryauthorization_v1_generated_ValidationHelper_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb deleted file mode 100644 index 021b9dc22a4c..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_paths_test.rb +++ /dev/null @@ -1,82 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" - -require "gapic/grpc/service_stub" - -require "google/cloud/binary_authorization/v1/binauthz_management_service" - -class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::ClientPathsTest < Minitest::Test - class DummyStub - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_attestor_path - grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - ::Gapic::ServiceStub.stub :new, DummyStub.new do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - path = client.attestor_path project: "value0", attestor: "value1" - assert_equal "projects/value0/attestors/value1", path - end - end - - def test_policy_path - grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - ::Gapic::ServiceStub.stub :new, DummyStub.new do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - path = client.policy_path project: "value0" - assert_equal "projects/value0/policy", path - - path = client.policy_path location: "value0" - assert_equal "locations/value0/policy", path - end - end - - def test_project_path - grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - ::Gapic::ServiceStub.stub :new, DummyStub.new do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - path = client.project_path project: "value0" - assert_equal "projects/value0", path - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb deleted file mode 100644 index b02727df0d99..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_rest_test.rb +++ /dev/null @@ -1,481 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" -require "gapic/rest" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/binauthz_management_service/rest" - - -class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_count, :requests - - def initialize response, &block - @response = response - @block = block - @call_count = 0 - @requests = [] - end - - def make_get_request uri:, params: {}, options: {}, method_name: nil - make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_delete_request uri:, params: {}, options: {}, method_name: nil - make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil - make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_put_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_http_request *args, **kwargs - @call_count += 1 - - @requests << @block&.call(*args, **kwargs) - - @response - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_get_policy - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_get_policy_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, get_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.get_policy({ name: name }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.get_policy name: name do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.get_policy ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.get_policy({ name: name }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.get_policy(::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, get_policy_client_stub.call_count - end - end - end - - def test_update_policy - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - policy = {} - - update_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_update_policy_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, update_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.update_policy({ policy: policy }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.update_policy policy: policy do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.update_policy ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.update_policy({ policy: policy }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.update_policy(::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, update_policy_client_stub.call_count - end - end - end - - def test_create_attestor - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - parent = "hello world" - attestor_id = "hello world" - attestor = {} - - create_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_create_attestor_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, create_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.create_attestor parent: parent, attestor_id: attestor_id, attestor: attestor do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.create_attestor ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.create_attestor(::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, create_attestor_client_stub.call_count - end - end - end - - def test_get_attestor - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_get_attestor_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, get_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.get_attestor({ name: name }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.get_attestor name: name do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.get_attestor ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.get_attestor({ name: name }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.get_attestor(::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, get_attestor_client_stub.call_count - end - end - end - - def test_update_attestor - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - attestor = {} - - update_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_update_attestor_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, update_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.update_attestor({ attestor: attestor }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.update_attestor attestor: attestor do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.update_attestor ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.update_attestor({ attestor: attestor }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.update_attestor(::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, update_attestor_client_stub.call_count - end - end - end - - def test_list_attestors - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - parent = "hello world" - page_size = 42 - page_token = "hello world" - - list_attestors_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_list_attestors_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, list_attestors_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.list_attestors parent: parent, page_size: page_size, page_token: page_token do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.list_attestors ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.list_attestors(::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, list_attestors_client_stub.call_count - end - end - end - - def test_delete_attestor - # Create test objects. - client_result = ::Google::Protobuf::Empty.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - delete_attestor_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.stub :transcode_delete_attestor_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, delete_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.delete_attestor({ name: name }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.delete_attestor name: name do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.delete_attestor ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.delete_attestor({ name: name }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.delete_attestor(::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, delete_attestor_client_stub.call_count - end - end - end - - def test_configure - credentials_token = :dummy_value - - client = block_config = config = nil - dummy_stub = ClientStub.new nil - Gapic::Rest::ClientStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config| - config.credentials = credentials_token - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client::Configuration, config - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb deleted file mode 100644 index 9c8502cacacf..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/binauthz_management_service_test.rb +++ /dev/null @@ -1,523 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" - -require "gapic/grpc/service_stub" - -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/binauthz_management_service" - -class ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_rpc_count, :requests - - def initialize response, operation, &block - @response = response - @operation = operation - @block = block - @call_rpc_count = 0 - @requests = [] - end - - def call_rpc *args, **kwargs - @call_rpc_count += 1 - - @requests << @block&.call(*args, **kwargs) - - catch :response do - yield @response, @operation if block_given? - @response - end - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_get_policy - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :get_policy, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, request - assert_equal "hello world", request["name"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, get_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.get_policy({ name: name }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.get_policy name: name do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.get_policy ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.get_policy({ name: name }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.get_policy(::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest.new(name: name), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, get_policy_client_stub.call_rpc_count - end - end - - def test_update_policy - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - policy = {} - - update_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :update_policy, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest, request - assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Policy), request["policy"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, update_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.update_policy({ policy: policy }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.update_policy policy: policy do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.update_policy ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.update_policy({ policy: policy }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.update_policy(::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest.new(policy: policy), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, update_policy_client_stub.call_rpc_count - end - end - - def test_create_attestor - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - parent = "hello world" - attestor_id = "hello world" - attestor = {} - - create_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :create_attestor, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, request - assert_equal "hello world", request["parent"] - assert_equal "hello world", request["attestor_id"] - assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Attestor), request["attestor"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, create_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.create_attestor parent: parent, attestor_id: attestor_id, attestor: attestor do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.create_attestor ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.create_attestor({ parent: parent, attestor_id: attestor_id, attestor: attestor }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.create_attestor(::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest.new(parent: parent, attestor_id: attestor_id, attestor: attestor), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, create_attestor_client_stub.call_rpc_count - end - end - - def test_get_attestor - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :get_attestor, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, request - assert_equal "hello world", request["name"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, get_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.get_attestor({ name: name }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.get_attestor name: name do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.get_attestor ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.get_attestor({ name: name }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.get_attestor(::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest.new(name: name), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, get_attestor_client_stub.call_rpc_count - end - end - - def test_update_attestor - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Attestor.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - attestor = {} - - update_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :update_attestor, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest, request - assert_equal Gapic::Protobuf.coerce({}, to: ::Google::Cloud::BinaryAuthorization::V1::Attestor), request["attestor"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, update_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.update_attestor({ attestor: attestor }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.update_attestor attestor: attestor do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.update_attestor ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.update_attestor({ attestor: attestor }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.update_attestor(::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest.new(attestor: attestor), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, update_attestor_client_stub.call_rpc_count - end - end - - def test_list_attestors - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsResponse.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - parent = "hello world" - page_size = 42 - page_token = "hello world" - - list_attestors_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :list_attestors, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, request - assert_equal "hello world", request["parent"] - assert_equal 42, request["page_size"] - assert_equal "hello world", request["page_token"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, list_attestors_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }) do |response, operation| - assert_kind_of Gapic::PagedEnumerable, response - assert_equal grpc_response, response.response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.list_attestors parent: parent, page_size: page_size, page_token: page_token do |response, operation| - assert_kind_of Gapic::PagedEnumerable, response - assert_equal grpc_response, response.response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.list_attestors ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token) do |response, operation| - assert_kind_of Gapic::PagedEnumerable, response - assert_equal grpc_response, response.response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.list_attestors({ parent: parent, page_size: page_size, page_token: page_token }, grpc_options) do |response, operation| - assert_kind_of Gapic::PagedEnumerable, response - assert_equal grpc_response, response.response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.list_attestors(::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest.new(parent: parent, page_size: page_size, page_token: page_token), grpc_options) do |response, operation| - assert_kind_of Gapic::PagedEnumerable, response - assert_equal grpc_response, response.response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, list_attestors_client_stub.call_rpc_count - end - end - - def test_delete_attestor - # Create GRPC objects. - grpc_response = ::Google::Protobuf::Empty.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - delete_attestor_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :delete_attestor, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, request - assert_equal "hello world", request["name"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, delete_attestor_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.delete_attestor({ name: name }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.delete_attestor name: name do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.delete_attestor ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.delete_attestor({ name: name }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.delete_attestor(::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest.new(name: name), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, delete_attestor_client_stub.call_rpc_count - end - end - - def test_configure - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - - client = block_config = config = nil - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = grpc_channel - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client::Configuration, config - end - - def test_credentials - key = OpenSSL::PKey::RSA.new 2048 - cred_json = { - "private_key" => key.to_pem, - "client_email" => "app@developer.gserviceaccount.com", - "type" => "service_account" - } - key_file = StringIO.new cred_json.to_json - creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) - - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client.new do |config| - config.credentials = creds - end - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Client, client - assert_equal creds, client.configure.credentials - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb deleted file mode 100644 index 627c53badd9f..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_paths_test.rb +++ /dev/null @@ -1,58 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" - -require "gapic/grpc/service_stub" - -require "google/cloud/binary_authorization/v1/system_policy" - -class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::ClientPathsTest < Minitest::Test - class DummyStub - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_policy_path - grpc_channel = ::GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - ::Gapic::ServiceStub.stub :new, DummyStub.new do - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - config.credentials = grpc_channel - end - - path = client.policy_path project: "value0" - assert_equal "projects/value0/policy", path - - path = client.policy_path location: "value0" - assert_equal "locations/value0/policy", path - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb deleted file mode 100644 index c945256e19b5..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_rest_test.rb +++ /dev/null @@ -1,153 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" -require "gapic/rest" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/system_policy/rest" - - -class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_count, :requests - - def initialize response, &block - @response = response - @block = block - @call_count = 0 - @requests = [] - end - - def make_get_request uri:, params: {}, options: {}, method_name: nil - make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_delete_request uri:, params: {}, options: {}, method_name: nil - make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil - make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_put_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_http_request *args, **kwargs - @call_count += 1 - - @requests << @block&.call(*args, **kwargs) - - @response - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_get_system_policy - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_system_policy_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::ServiceStub.stub :transcode_get_system_policy_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, get_system_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.get_system_policy({ name: name }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.get_system_policy name: name do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.get_system_policy ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.get_system_policy({ name: name }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.get_system_policy(::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, get_system_policy_client_stub.call_count - end - end - end - - def test_configure - credentials_token = :dummy_value - - client = block_config = config = nil - dummy_stub = ClientStub.new nil - Gapic::Rest::ClientStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client.new do |config| - config.credentials = credentials_token - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Rest::Client::Configuration, config - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb deleted file mode 100644 index bc615fe2637c..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/system_policy_test.rb +++ /dev/null @@ -1,162 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" - -require "gapic/grpc/service_stub" - -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/system_policy" - -class ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_rpc_count, :requests - - def initialize response, operation, &block - @response = response - @operation = operation - @block = block - @call_rpc_count = 0 - @requests = [] - end - - def call_rpc *args, **kwargs - @call_rpc_count += 1 - - @requests << @block&.call(*args, **kwargs) - - catch :response do - yield @response, @operation if block_given? - @response - end - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_get_system_policy - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::Policy.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - name = "hello world" - - get_system_policy_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :get_system_policy, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest, request - assert_equal "hello world", request["name"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, get_system_policy_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.get_system_policy({ name: name }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.get_system_policy name: name do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.get_system_policy ::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.get_system_policy({ name: name }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.get_system_policy(::Google::Cloud::BinaryAuthorization::V1::GetSystemPolicyRequest.new(name: name), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, get_system_policy_client_stub.call_rpc_count - end - end - - def test_configure - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - - client = block_config = config = nil - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - config.credentials = grpc_channel - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client::Configuration, config - end - - def test_credentials - key = OpenSSL::PKey::RSA.new 2048 - cred_json = { - "private_key" => key.to_pem, - "client_email" => "app@developer.gserviceaccount.com", - "type" => "service_account" - } - key_file = StringIO.new cred_json.to_json - creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) - - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client.new do |config| - config.credentials = creds - end - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::SystemPolicy::Client, client - assert_equal creds, client.configure.credentials - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb deleted file mode 100644 index bd7846c5fb28..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_rest_test.rb +++ /dev/null @@ -1,156 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" -require "gapic/rest" -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/validation_helper/rest" - - -class ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_count, :requests - - def initialize response, &block - @response = response - @block = block - @call_count = 0 - @requests = [] - end - - def make_get_request uri:, params: {}, options: {}, method_name: nil - make_http_request :get, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_delete_request uri:, params: {}, options: {}, method_name: nil - make_http_request :delete, uri: uri, body: nil, params: params, options: options, method_name: method_name - end - - def make_post_request uri:, body: nil, params: {}, options: {}, method_name: nil - make_http_request :post, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_patch_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :patch, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_put_request uri:, body:, params: {}, options: {}, method_name: nil - make_http_request :put, uri: uri, body: body, params: params, options: options, method_name: method_name - end - - def make_http_request *args, **kwargs - @call_count += 1 - - @requests << @block&.call(*args, **kwargs) - - @response - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_validate_attestation_occurrence - # Create test objects. - client_result = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.new - http_response = OpenStruct.new body: client_result.to_json - - call_options = {} - - # Create request parameters for a unary method. - attestor = "hello world" - attestation = {} - occurrence_note = "hello world" - occurrence_resource_uri = "hello world" - - validate_attestation_occurrence_client_stub = ClientStub.new http_response do |_verb, uri:, body:, params:, options:, method_name:| - assert options.metadata.key? :"x-goog-api-client" - assert options.metadata[:"x-goog-api-client"].include? "rest" - refute options.metadata[:"x-goog-api-client"].include? "grpc" - end - - ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::ServiceStub.stub :transcode_validate_attestation_occurrence_request, ["", "", {}] do - Gapic::Rest::ClientStub.stub :new, validate_attestation_occurrence_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| - config.credentials = :dummy_value - end - - # Use hash object - client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use named arguments - client.validate_attestation_occurrence attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object - client.validate_attestation_occurrence ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use hash object with options - client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }, call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Use protobuf object with options - client.validate_attestation_occurrence(::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri), call_options) do |_result, response| - assert_equal http_response, response.underlying_op - end - - # Verify method calls - assert_equal 5, validate_attestation_occurrence_client_stub.call_count - end - end - end - - def test_configure - credentials_token = :dummy_value - - client = block_config = config = nil - dummy_stub = ClientStub.new nil - Gapic::Rest::ClientStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client.new do |config| - config.credentials = credentials_token - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Rest::Client::Configuration, config - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb deleted file mode 100644 index 1beca9828985..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/google/cloud/binary_authorization/v1/validation_helper_test.rb +++ /dev/null @@ -1,168 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "helper" - -require "gapic/grpc/service_stub" - -require "google/cloud/binaryauthorization/v1/service_pb" -require "google/cloud/binary_authorization/v1/validation_helper" - -class ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::ClientTest < Minitest::Test - class ClientStub - attr_accessor :call_rpc_count, :requests - - def initialize response, operation, &block - @response = response - @operation = operation - @block = block - @call_rpc_count = 0 - @requests = [] - end - - def call_rpc *args, **kwargs - @call_rpc_count += 1 - - @requests << @block&.call(*args, **kwargs) - - catch :response do - yield @response, @operation if block_given? - @response - end - end - - def endpoint - "endpoint.example.com" - end - - def universe_domain - "example.com" - end - - def stub_logger - nil - end - - def logger - nil - end - end - - def test_validate_attestation_occurrence - # Create GRPC objects. - grpc_response = ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceResponse.new - grpc_operation = GRPC::ActiveCall::Operation.new nil - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - grpc_options = {} - - # Create request parameters for a unary method. - attestor = "hello world" - attestation = {} - occurrence_note = "hello world" - occurrence_resource_uri = "hello world" - - validate_attestation_occurrence_client_stub = ClientStub.new grpc_response, grpc_operation do |name, request, options:| - assert_equal :validate_attestation_occurrence, name - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest, request - assert_equal "hello world", request["attestor"] - assert_equal Gapic::Protobuf.coerce({}, to: ::Grafeas::V1::AttestationOccurrence), request["attestation"] - assert_equal "hello world", request["occurrence_note"] - assert_equal "hello world", request["occurrence_resource_uri"] - refute_nil options - end - - Gapic::ServiceStub.stub :new, validate_attestation_occurrence_client_stub do - # Create client - client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - config.credentials = grpc_channel - end - - # Use hash object - client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use named arguments - client.validate_attestation_occurrence attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object - client.validate_attestation_occurrence ::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use hash object with options - client.validate_attestation_occurrence({ attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri }, grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Use protobuf object with options - client.validate_attestation_occurrence(::Google::Cloud::BinaryAuthorization::V1::ValidateAttestationOccurrenceRequest.new(attestor: attestor, attestation: attestation, occurrence_note: occurrence_note, occurrence_resource_uri: occurrence_resource_uri), grpc_options) do |response, operation| - assert_equal grpc_response, response - assert_equal grpc_operation, operation - end - - # Verify method calls - assert_equal 5, validate_attestation_occurrence_client_stub.call_rpc_count - end - end - - def test_configure - grpc_channel = GRPC::Core::Channel.new "localhost:8888", nil, :this_channel_is_insecure - - client = block_config = config = nil - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - config.credentials = grpc_channel - end - end - - config = client.configure do |c| - block_config = c - end - - assert_same block_config, config - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client::Configuration, config - end - - def test_credentials - key = OpenSSL::PKey::RSA.new 2048 - cred_json = { - "private_key" => key.to_pem, - "client_email" => "app@developer.gserviceaccount.com", - "type" => "service_account" - } - key_file = StringIO.new cred_json.to_json - creds = Google::Auth::ServiceAccountCredentials.make_creds({ json_key_io: key_file }) - - dummy_stub = ClientStub.new nil, nil - Gapic::ServiceStub.stub :new, dummy_stub do - client = ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client.new do |config| - config.credentials = creds - end - assert_kind_of ::Google::Cloud::BinaryAuthorization::V1::ValidationHelper::Client, client - assert_equal creds, client.configure.credentials - end - end -end diff --git a/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb b/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb deleted file mode 100644 index f0e715458fa2..000000000000 --- a/owl-bot-staging/google-cloud-binary_authorization-v1/test/helper.rb +++ /dev/null @@ -1,25 +0,0 @@ -# frozen_string_literal: true - -# Copyright 2026 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Auto-generated by gapic-generator-ruby. DO NOT EDIT! - -require "minitest/autorun" -require "minitest/focus" -require "minitest/rg" - -require "grpc" - -require "ostruct"