Skip to content

feat: [grafeas] A new field in_toto_slsa_provenance_v1 is added to message BuildOccurrence #12455

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ohmayr merged 2 commits into from
Mar 15, 2024
Merged

feat: [grafeas] A new field in_toto_slsa_provenance_v1 is added to message BuildOccurrence #12455

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3c6034b
feat: A new field `in_toto_slsa_provenance_v1` is added to message `B…
gcf-owl-bot[bot] Mar 13, 2024
2e9940e
🦉 Updates from OwlBot post-processor
gcf-owl-bot[bot] Mar 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 16 additions & 1 deletion packages/grafeas/grafeas/grafeas/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,11 @@
Metadata,
Recipe,
)
from grafeas.grafeas_v1.types.intoto_statement import InTotoStatement, Subject
from grafeas.grafeas_v1.types.intoto_statement import (
InTotoSlsaProvenanceV1,
InTotoStatement,
Subject,
)
from grafeas.grafeas_v1.types.package import (
Architecture,
Distribution,
Expand All @@ -109,6 +113,12 @@
Source,
SourceContext,
)
from grafeas.grafeas_v1.types.sbom import (
SbomReferenceIntotoPayload,
SbomReferenceIntotoPredicate,
SBOMReferenceNote,
SBOMReferenceOccurrence,
)
from grafeas.grafeas_v1.types.severity import Severity
from grafeas.grafeas_v1.types.slsa_provenance import SlsaProvenance
from grafeas.grafeas_v1.types.slsa_provenance_zero_two import SlsaProvenanceZeroTwo
Expand Down Expand Up @@ -183,6 +193,7 @@
"InTotoProvenance",
"Metadata",
"Recipe",
"InTotoSlsaProvenanceV1",
"InTotoStatement",
"Subject",
"Distribution",
Expand All @@ -204,6 +215,10 @@
"RepoId",
"Source",
"SourceContext",
"SbomReferenceIntotoPayload",
"SbomReferenceIntotoPredicate",
"SBOMReferenceNote",
"SBOMReferenceOccurrence",
"Severity",
"SlsaProvenance",
"SlsaProvenanceZeroTwo",
Expand Down
13 changes: 12 additions & 1 deletion packages/grafeas/grafeas/grafeas_v1/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@
Metadata,
Recipe,
)
from .types.intoto_statement import InTotoStatement, Subject
from .types.intoto_statement import InTotoSlsaProvenanceV1, InTotoStatement, Subject
from .types.package import (
Architecture,
Distribution,
Expand All @@ -96,6 +96,12 @@
Source,
SourceContext,
)
from .types.sbom import (
SbomReferenceIntotoPayload,
SbomReferenceIntotoPredicate,
SBOMReferenceNote,
SBOMReferenceOccurrence,
)
from .types.severity import Severity
from .types.slsa_provenance import SlsaProvenance
from .types.slsa_provenance_zero_two import SlsaProvenanceZeroTwo
Expand Down Expand Up @@ -159,6 +165,7 @@
"ImageNote",
"ImageOccurrence",
"InTotoProvenance",
"InTotoSlsaProvenanceV1",
"InTotoStatement",
"Jwt",
"Layer",
Expand All @@ -181,6 +188,10 @@
"Recipe",
"RelatedUrl",
"RepoId",
"SBOMReferenceNote",
"SBOMReferenceOccurrence",
"SbomReferenceIntotoPayload",
"SbomReferenceIntotoPredicate",
"Severity",
"Signature",
"SlsaProvenance",
Expand Down
1 change: 1 addition & 0 deletions packages/grafeas/grafeas/grafeas_v1/services/grafeas/async_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@
grafeas,
image,
package,
sbom,
upgrade,
vex,
vulnerability,
Expand Down
1 change: 1 addition & 0 deletions packages/grafeas/grafeas/grafeas_v1/services/grafeas/client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@
grafeas,
image,
package,
sbom,
upgrade,
vex,
vulnerability,
Expand Down
24 changes: 24 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/services/grafeas/transports/rest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1141,6 +1141,10 @@ def __call__(
"method": "get",
"uri": "/v1/{name=projects/*/notes/*}",
},
{
"method": "get",
"uri": "/v1/{name=projects/*/locations/*/notes/*}",
},
]
request, metadata = self._interceptor.pre_get_note(request, metadata)
pb_request = grafeas.GetNoteRequest.pb(request)
Expand Down Expand Up @@ -1228,6 +1232,10 @@ def __call__(
"method": "get",
"uri": "/v1/{name=projects/*/occurrences/*}",
},
{
"method": "get",
"uri": "/v1/{name=projects/*/locations/*/occurrences/*}",
},
]
request, metadata = self._interceptor.pre_get_occurrence(request, metadata)
pb_request = grafeas.GetOccurrenceRequest.pb(request)
Expand Down Expand Up @@ -1316,6 +1324,10 @@ def __call__(
"method": "get",
"uri": "/v1/{name=projects/*/occurrences/*}/notes",
},
{
"method": "get",
"uri": "/v1/{name=projects/*/locations/*/occurrences/*}/notes",
},
]
request, metadata = self._interceptor.pre_get_occurrence_note(
request, metadata
Expand Down Expand Up @@ -1406,6 +1418,10 @@ def __call__(
"method": "get",
"uri": "/v1/{name=projects/*/notes/*}/occurrences",
},
{
"method": "get",
"uri": "/v1/{name=projects/*/locations/*/notes/*}/occurrences",
},
]
request, metadata = self._interceptor.pre_list_note_occurrences(
request, metadata
Expand Down Expand Up @@ -1493,6 +1509,10 @@ def __call__(
"method": "get",
"uri": "/v1/{parent=projects/*}/notes",
},
{
"method": "get",
"uri": "/v1/{parent=projects/*/locations/*}/notes",
},
]
request, metadata = self._interceptor.pre_list_notes(request, metadata)
pb_request = grafeas.ListNotesRequest.pb(request)
Expand Down Expand Up @@ -1578,6 +1598,10 @@ def __call__(
"method": "get",
"uri": "/v1/{parent=projects/*}/occurrences",
},
{
"method": "get",
"uri": "/v1/{parent=projects/*/locations/*}/occurrences",
},
]
request, metadata = self._interceptor.pre_list_occurrences(
request, metadata
Expand Down
13 changes: 12 additions & 1 deletion packages/grafeas/grafeas/grafeas_v1/types/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@
Metadata,
Recipe,
)
from .intoto_statement import InTotoStatement, Subject
from .intoto_statement import InTotoSlsaProvenanceV1, InTotoStatement, Subject
from .package import (
Architecture,
Distribution,
Expand All @@ -90,6 +90,12 @@
Source,
SourceContext,
)
from .sbom import (
SbomReferenceIntotoPayload,
SbomReferenceIntotoPredicate,
SBOMReferenceNote,
SBOMReferenceOccurrence,
)
from .severity import Severity
from .slsa_provenance import SlsaProvenance
from .slsa_provenance_zero_two import SlsaProvenanceZeroTwo
Expand Down Expand Up @@ -154,6 +160,7 @@
"InTotoProvenance",
"Metadata",
"Recipe",
"InTotoSlsaProvenanceV1",
"InTotoStatement",
"Subject",
"Distribution",
Expand All @@ -175,6 +182,10 @@
"RepoId",
"Source",
"SourceContext",
"SbomReferenceIntotoPayload",
"SbomReferenceIntotoPredicate",
"SBOMReferenceNote",
"SBOMReferenceOccurrence",
"Severity",
"SlsaProvenance",
"SlsaProvenanceZeroTwo",
Expand Down
11 changes: 11 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/types/build.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,12 @@ class BuildOccurrence(proto.Message):
intoto_statement can contain any type of provenance. The
serialized payload of the statement can be stored and signed
in the Occurrence's envelope.
in_toto_slsa_provenance_v1 (grafeas.grafeas_v1.types.InTotoSlsaProvenanceV1):
In-Toto Slsa Provenance V1 represents a slsa
provenance meeting the slsa spec, wrapped in an
in-toto statement. This allows for direct
jsonification of a to-spec in-toto slsa
statement with a to-spec slsa provenance.
"""

provenance: g_provenance.BuildProvenance = proto.Field(
Expand All @@ -98,6 +104,11 @@ class BuildOccurrence(proto.Message):
number=4,
message=g_intoto_statement.InTotoStatement,
)
in_toto_slsa_provenance_v1: g_intoto_statement.InTotoSlsaProvenanceV1 = proto.Field(
proto.MESSAGE,
number=5,
message=g_intoto_statement.InTotoSlsaProvenanceV1,
)


__all__ = tuple(sorted(__protobuf__.manifest))
3 changes: 3 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/types/common.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@ class NoteKind(proto.Enum):
This represents a DSSE attestation Note
VULNERABILITY_ASSESSMENT (11):
This represents a Vulnerability Assessment.
SBOM_REFERENCE (12):
This represents an SBOM Reference.
"""
NOTE_KIND_UNSPECIFIED = 0
VULNERABILITY = 1
Expand All @@ -81,6 +83,7 @@ class NoteKind(proto.Enum):
COMPLIANCE = 9
DSSE_ATTESTATION = 10
VULNERABILITY_ASSESSMENT = 11
SBOM_REFERENCE = 12


class RelatedUrl(proto.Message):
Expand Down
8 changes: 8 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/types/compliance.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,9 @@ class ComplianceNote(proto.Message):
scan_instructions (bytes):
Serialized scan instructions with a
predefined format.
impact (str):

This field is a member of `oneof`_ ``potential_impact``.
"""

class CisBenchmark(proto.Message):
Expand Down Expand Up @@ -111,6 +114,11 @@ class CisBenchmark(proto.Message):
proto.BYTES,
number=7,
)
impact: str = proto.Field(
proto.STRING,
number=8,
oneof="potential_impact",
)


class ComplianceVersion(proto.Message):
Expand Down
43 changes: 43 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/types/discovery.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,8 @@ class DiscoveryOccurrence(proto.Message):
archive_time (google.protobuf.timestamp_pb2.Timestamp):
The time occurrences related to this
discovery occurrence were archived.
sbom_status (grafeas.grafeas_v1.types.DiscoveryOccurrence.SBOMStatus):
The status of an SBOM generation.
"""

class ContinuousAnalysis(proto.Enum):
Expand Down Expand Up @@ -141,6 +143,42 @@ class AnalysisCompleted(proto.Message):
number=1,
)

class SBOMStatus(proto.Message):
r"""The status of an SBOM generation.

Attributes:
sbom_state (grafeas.grafeas_v1.types.DiscoveryOccurrence.SBOMStatus.SBOMState):
The progress of the SBOM generation.
error (str):
If there was an error generating an SBOM,
this will indicate what that error was.
"""

class SBOMState(proto.Enum):
r"""An enum indicating the progress of the SBOM generation.

Values:
SBOM_STATE_UNSPECIFIED (0):
Default unknown state.
PENDING (1):
SBOM scanning is pending.
COMPLETE (2):
SBOM scanning has completed.
"""
SBOM_STATE_UNSPECIFIED = 0
PENDING = 1
COMPLETE = 2

sbom_state: "DiscoveryOccurrence.SBOMStatus.SBOMState" = proto.Field(
proto.ENUM,
number=1,
enum="DiscoveryOccurrence.SBOMStatus.SBOMState",
)
error: str = proto.Field(
proto.STRING,
number=2,
)

continuous_analysis: ContinuousAnalysis = proto.Field(
proto.ENUM,
number=1,
Expand Down Expand Up @@ -180,6 +218,11 @@ class AnalysisCompleted(proto.Message):
number=6,
message=timestamp_pb2.Timestamp,
)
sbom_status: SBOMStatus = proto.Field(
proto.MESSAGE,
number=9,
message=SBOMStatus,
)


__all__ = tuple(sorted(__protobuf__.manifest))
22 changes: 22 additions & 0 deletions packages/grafeas/grafeas/grafeas_v1/types/grafeas.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
from grafeas.grafeas_v1.types import dsse_attestation as g_dsse_attestation
from grafeas.grafeas_v1.types import image as g_image
from grafeas.grafeas_v1.types import package as g_package
from grafeas.grafeas_v1.types import sbom
from grafeas.grafeas_v1.types import upgrade as g_upgrade
from grafeas.grafeas_v1.types import vex
from grafeas.grafeas_v1.types import vulnerability as g_vulnerability
Expand Down Expand Up @@ -145,6 +146,11 @@ class Occurrence(proto.Message):
Describes an attestation of an artifact using
dsse.

This field is a member of `oneof`_ ``details``.
sbom_reference (grafeas.grafeas_v1.types.SBOMReferenceOccurrence):
Describes a specific SBOM reference
occurrences.

This field is a member of `oneof`_ ``details``.
envelope (grafeas.grafeas_v1.types.Envelope):
https://github.com/secure-systems-lab/dsse
Expand Down Expand Up @@ -241,6 +247,12 @@ class Occurrence(proto.Message):
oneof="details",
message=g_dsse_attestation.DSSEAttestationOccurrence,
)
sbom_reference: sbom.SBOMReferenceOccurrence = proto.Field(
proto.MESSAGE,
number=19,
oneof="details",
message=sbom.SBOMReferenceOccurrence,
)
envelope: common.Envelope = proto.Field(
proto.MESSAGE,
number=18,
Expand Down Expand Up @@ -331,6 +343,10 @@ class Note(proto.Message):
vulnerability_assessment (grafeas.grafeas_v1.types.VulnerabilityAssessmentNote):
A note describing a vulnerability assessment.

This field is a member of `oneof`_ ``type``.
sbom_reference (grafeas.grafeas_v1.types.SBOMReferenceNote):
A note describing an SBOM reference.

This field is a member of `oneof`_ ``type``.
"""

Expand Down Expand Up @@ -441,6 +457,12 @@ class Note(proto.Message):
oneof="type",
message=vex.VulnerabilityAssessmentNote,
)
sbom_reference: sbom.SBOMReferenceNote = proto.Field(
proto.MESSAGE,
number=21,
oneof="type",
message=sbom.SBOMReferenceNote,
)


class GetOccurrenceRequest(proto.Message):
Expand Down
Loading