From 27c4e7c30a0d95b9262e2bfb934e940904a131db Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 20 Jan 2023 11:46:20 -0500 Subject: [PATCH 1/2] docs: Add documentation for enums (#198) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs: Add documentation for enums fix: Add context manager return types chore: Update gapic-generator-python to v1.8.1 PiperOrigin-RevId: 503210727 Source-Link: https://github.com/googleapis/googleapis/commit/a391fd1dac18dfdfa00c18c8404f2c3a6ff8e98e Source-Link: https://github.com/googleapis/googleapis-gen/commit/0080f830dec37c3384157082bce279e37079ea58 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMDA4MGY4MzBkZWMzN2MzMzg0MTU3MDgyYmNlMjc5ZTM3MDc5ZWE1OCJ9 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../binauthz_management_service_v1/client.py | 2 +- .../services/system_policy_v1/client.py | 2 +- .../services/validation_helper_v1/client.py | 2 +- .../binaryauthorization_v1/types/resources.py | 75 ++++++++++++++++++- .../binaryauthorization_v1/types/service.py | 13 +++- .../client.py | 2 +- .../services/system_policy_v1_beta1/client.py | 2 +- .../types/continuous_validation_logging.py | 21 +++++- .../types/resources.py | 75 ++++++++++++++++++- ...a_google.cloud.binaryauthorization.v1.json | 2 +- ...gle.cloud.binaryauthorization.v1beta1.json | 2 +- 11 files changed, 184 insertions(+), 14 deletions(-) diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py index b1da41b..11195b2 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -1277,7 +1277,7 @@ def sample_delete_attestor(): metadata=metadata, ) - def __enter__(self): + def __enter__(self) -> "BinauthzManagementServiceV1Client": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py index 6401f47..e60306a 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -539,7 +539,7 @@ def sample_get_system_policy(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "SystemPolicyV1Client": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py index 78b2eff..3b16181 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -506,7 +506,7 @@ def sample_validate_attestation_occurrence(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "ValidationHelperV1Client": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/binaryauthorization_v1/types/resources.py b/google/cloud/binaryauthorization_v1/types/resources.py index 92294ca..546571e 100644 --- a/google/cloud/binaryauthorization_v1/types/resources.py +++ b/google/cloud/binaryauthorization_v1/types/resources.py @@ -89,7 +89,16 @@ class Policy(proto.Message): """ class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" + r""" + + Values: + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED (0): + Not specified: DISABLE is assumed. + ENABLE (1): + Enables system policy evaluation. + DISABLE (2): + Disables system policy evaluation. + """ GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 ENABLE = 1 DISABLE = 2 @@ -212,7 +221,20 @@ class AdmissionRule(proto.Message): """ class EvaluationMode(proto.Enum): - r"""""" + r""" + + Values: + EVALUATION_MODE_UNSPECIFIED (0): + Do not use. + ALWAYS_ALLOW (1): + This rule allows all all pod creations. + REQUIRE_ATTESTATION (2): + This rule allows a pod creation if all the attestors listed + in 'require_attestations_by' have valid attestations for all + of the images in the pod spec. + ALWAYS_DENY (3): + This rule denies all pod creations. + """ EVALUATION_MODE_UNSPECIFIED = 0 ALWAYS_ALLOW = 1 REQUIRE_ATTESTATION = 2 @@ -221,6 +243,17 @@ class EvaluationMode(proto.Enum): class EnforcementMode(proto.Enum): r"""Defines the possible actions when a pod creation is denied by an admission rule. + + Values: + ENFORCEMENT_MODE_UNSPECIFIED (0): + Do not use. + ENFORCED_BLOCK_AND_AUDIT_LOG (1): + Enforce the admission rule by blocking the + pod creation. + DRYRUN_AUDIT_LOG_ONLY (2): + Dryrun mode: Audit logging only. This will + allow the pod creation as if the admission + request had specified break-glass. """ ENFORCEMENT_MODE_UNSPECIFIED = 0 ENFORCED_BLOCK_AND_AUDIT_LOG = 1 @@ -372,6 +405,44 @@ class SignatureAlgorithm(proto.Enum): algorithms. See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz might support additional public key types independently of Tink and/or KMS. + + Values: + SIGNATURE_ALGORITHM_UNSPECIFIED (0): + Not specified. + RSA_PSS_2048_SHA256 (1): + RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_PSS_3072_SHA256 (2): + RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_PSS_4096_SHA256 (3): + RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_PSS_4096_SHA512 (4): + RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_SIGN_PKCS1_2048_SHA256 (5): + RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 (6): + RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 (7): + RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA512 (8): + RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + ECDSA_P256_SHA256 (9): + ECDSA on the NIST P-256 curve with a SHA256 + digest. + EC_SIGN_P256_SHA256 (9): + ECDSA on the NIST P-256 curve with a SHA256 + digest. + ECDSA_P384_SHA384 (10): + ECDSA on the NIST P-384 curve with a SHA384 + digest. + EC_SIGN_P384_SHA384 (10): + ECDSA on the NIST P-384 curve with a SHA384 + digest. + ECDSA_P521_SHA512 (11): + ECDSA on the NIST P-521 curve with a SHA512 + digest. + EC_SIGN_P521_SHA512 (11): + ECDSA on the NIST P-521 curve with a SHA512 + digest. """ _pb_options = {"allow_alias": True} SIGNATURE_ALGORITHM_UNSPECIFIED = 0 diff --git a/google/cloud/binaryauthorization_v1/types/service.py b/google/cloud/binaryauthorization_v1/types/service.py index 03c4383..2ef1287 100644 --- a/google/cloud/binaryauthorization_v1/types/service.py +++ b/google/cloud/binaryauthorization_v1/types/service.py @@ -300,7 +300,18 @@ class ValidateAttestationOccurrenceResponse(proto.Message): """ class Result(proto.Enum): - r"""The enum returned in the "result" field.""" + r"""The enum returned in the "result" field. + + Values: + RESULT_UNSPECIFIED (0): + Unspecified. + VERIFIED (1): + The Attestation was able to verified by the + Attestor. + ATTESTATION_NOT_VERIFIABLE (2): + The Attestation was not able to verified by + the Attestor. + """ RESULT_UNSPECIFIED = 0 VERIFIED = 1 ATTESTATION_NOT_VERIFIABLE = 2 diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py index 2cdf118..41d437b 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -1290,7 +1290,7 @@ def sample_delete_attestor(): metadata=metadata, ) - def __enter__(self): + def __enter__(self) -> "BinauthzManagementServiceV1Beta1Client": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py index dc64c6a..33ef514 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -540,7 +540,7 @@ def sample_get_system_policy(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "SystemPolicyV1Beta1Client": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py index 0c00a48..3d705d9 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -67,7 +67,15 @@ class ContinuousValidationPodEvent(proto.Message): """ class PolicyConformanceVerdict(proto.Enum): - r"""Audit time policy conformance verdict.""" + r"""Audit time policy conformance verdict. + + Values: + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED (0): + We should always have a verdict. This is an + error. + VIOLATES_POLICY (1): + The pod violates the policy. + """ POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 VIOLATES_POLICY = 1 @@ -84,7 +92,16 @@ class ImageDetails(proto.Message): """ class AuditResult(proto.Enum): - r"""Result of the audit.""" + r"""Result of the audit. + + Values: + AUDIT_RESULT_UNSPECIFIED (0): + Unspecified result. This is an error. + ALLOW (1): + Image is allowed. + DENY (2): + Image is denied. + """ AUDIT_RESULT_UNSPECIFIED = 0 ALLOW = 1 DENY = 2 diff --git a/google/cloud/binaryauthorization_v1beta1/types/resources.py b/google/cloud/binaryauthorization_v1beta1/types/resources.py index 3b88e73..90d1dd5 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ b/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -88,7 +88,16 @@ class Policy(proto.Message): """ class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" + r""" + + Values: + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED (0): + Not specified: DISABLE is assumed. + ENABLE (1): + Enables system policy evaluation. + DISABLE (2): + Disables system policy evaluation. + """ GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 ENABLE = 1 DISABLE = 2 @@ -214,7 +223,20 @@ class AdmissionRule(proto.Message): """ class EvaluationMode(proto.Enum): - r"""""" + r""" + + Values: + EVALUATION_MODE_UNSPECIFIED (0): + Do not use. + ALWAYS_ALLOW (1): + This rule allows all all pod creations. + REQUIRE_ATTESTATION (2): + This rule allows a pod creation if all the attestors listed + in ``require_attestations_by`` have valid attestations for + all of the images in the pod spec. + ALWAYS_DENY (3): + This rule denies all pod creations. + """ EVALUATION_MODE_UNSPECIFIED = 0 ALWAYS_ALLOW = 1 REQUIRE_ATTESTATION = 2 @@ -223,6 +245,17 @@ class EvaluationMode(proto.Enum): class EnforcementMode(proto.Enum): r"""Defines the possible actions when a pod creation is denied by an admission rule. + + Values: + ENFORCEMENT_MODE_UNSPECIFIED (0): + Do not use. + ENFORCED_BLOCK_AND_AUDIT_LOG (1): + Enforce the admission rule by blocking the + pod creation. + DRYRUN_AUDIT_LOG_ONLY (2): + Dryrun mode: Audit logging only. This will + allow the pod creation as if the admission + request had specified break-glass. """ ENFORCEMENT_MODE_UNSPECIFIED = 0 ENFORCED_BLOCK_AND_AUDIT_LOG = 1 @@ -372,6 +405,44 @@ class SignatureAlgorithm(proto.Enum): algorithms. See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz might support additional public key types independently of Tink and/or KMS. + + Values: + SIGNATURE_ALGORITHM_UNSPECIFIED (0): + Not specified. + RSA_PSS_2048_SHA256 (1): + RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_PSS_3072_SHA256 (2): + RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_PSS_4096_SHA256 (3): + RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_PSS_4096_SHA512 (4): + RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_SIGN_PKCS1_2048_SHA256 (5): + RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 (6): + RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 (7): + RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA512 (8): + RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + ECDSA_P256_SHA256 (9): + ECDSA on the NIST P-256 curve with a SHA256 + digest. + EC_SIGN_P256_SHA256 (9): + ECDSA on the NIST P-256 curve with a SHA256 + digest. + ECDSA_P384_SHA384 (10): + ECDSA on the NIST P-384 curve with a SHA384 + digest. + EC_SIGN_P384_SHA384 (10): + ECDSA on the NIST P-384 curve with a SHA384 + digest. + ECDSA_P521_SHA512 (11): + ECDSA on the NIST P-521 curve with a SHA512 + digest. + EC_SIGN_P521_SHA512 (11): + ECDSA on the NIST P-521 curve with a SHA512 + digest. """ _pb_options = {"allow_alias": True} SIGNATURE_ALGORITHM_UNSPECIFIED = 0 diff --git a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json index 7b8743c..6d7a035 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-binary-authorization", - "version": "1.5.0" + "version": "0.1.0" }, "snippets": [ { diff --git a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json index c3db1f1..c60d526 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-binary-authorization", - "version": "1.5.0" + "version": "0.1.0" }, "snippets": [ { From ae8a8ea88b2d687a91db8f4e8f1ada783ba5a6a6 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Mon, 23 Jan 2023 10:43:11 -0500 Subject: [PATCH 2/2] chore(main): release 1.5.1 (#199) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- .release-please-manifest.json | 2 +- CHANGELOG.md | 12 ++++++++++++ google/cloud/binaryauthorization/gapic_version.py | 2 +- google/cloud/binaryauthorization_v1/gapic_version.py | 2 +- .../binaryauthorization_v1beta1/gapic_version.py | 2 +- ...metadata_google.cloud.binaryauthorization.v1.json | 2 +- ...ata_google.cloud.binaryauthorization.v1beta1.json | 2 +- 7 files changed, 18 insertions(+), 6 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index dd8fde7..e20d7e8 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "1.5.0" + ".": "1.5.1" } diff --git a/CHANGELOG.md b/CHANGELOG.md index a34710a..6c074d9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## [1.5.1](https://github.com/googleapis/python-binary-authorization/compare/v1.5.0...v1.5.1) (2023-01-20) + + +### Bug Fixes + +* Add context manager return types ([27c4e7c](https://github.com/googleapis/python-binary-authorization/commit/27c4e7c30a0d95b9262e2bfb934e940904a131db)) + + +### Documentation + +* Add documentation for enums ([27c4e7c](https://github.com/googleapis/python-binary-authorization/commit/27c4e7c30a0d95b9262e2bfb934e940904a131db)) + ## [1.5.0](https://github.com/googleapis/python-binary-authorization/compare/v1.4.0...v1.5.0) (2023-01-10) diff --git a/google/cloud/binaryauthorization/gapic_version.py b/google/cloud/binaryauthorization/gapic_version.py index 997edc1..69ff013 100644 --- a/google/cloud/binaryauthorization/gapic_version.py +++ b/google/cloud/binaryauthorization/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.5.0" # {x-release-please-version} +__version__ = "1.5.1" # {x-release-please-version} diff --git a/google/cloud/binaryauthorization_v1/gapic_version.py b/google/cloud/binaryauthorization_v1/gapic_version.py index 997edc1..69ff013 100644 --- a/google/cloud/binaryauthorization_v1/gapic_version.py +++ b/google/cloud/binaryauthorization_v1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.5.0" # {x-release-please-version} +__version__ = "1.5.1" # {x-release-please-version} diff --git a/google/cloud/binaryauthorization_v1beta1/gapic_version.py b/google/cloud/binaryauthorization_v1beta1/gapic_version.py index 997edc1..69ff013 100644 --- a/google/cloud/binaryauthorization_v1beta1/gapic_version.py +++ b/google/cloud/binaryauthorization_v1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.5.0" # {x-release-please-version} +__version__ = "1.5.1" # {x-release-please-version} diff --git a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json index 6d7a035..c2c231e 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-binary-authorization", - "version": "0.1.0" + "version": "1.5.1" }, "snippets": [ { diff --git a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json index c60d526..2f86034 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-binary-authorization", - "version": "0.1.0" + "version": "1.5.1" }, "snippets": [ {