blob: ee80816d5c92f72cde11a6da67ea98885f6aa4f2 [file] [log] [blame]
// Copyright 2021 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Code generated by protoc-gen-go_gapic. DO NOT EDIT.
package binaryauthorization
import (
"context"
"fmt"
"math"
"net/url"
"time"
"github.com/golang/protobuf/proto"
gax "github.com/googleapis/gax-go/v2"
"google.golang.org/api/iterator"
"google.golang.org/api/option"
"google.golang.org/api/option/internaloption"
gtransport "google.golang.org/api/transport/grpc"
binaryauthorizationpb "google.golang.org/genproto/googleapis/cloud/binaryauthorization/v1beta1"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/metadata"
)
var newBinauthzManagementServiceV1Beta1ClientHook clientHook
// BinauthzManagementServiceV1Beta1CallOptions contains the retry settings for each method of BinauthzManagementServiceV1Beta1Client.
type BinauthzManagementServiceV1Beta1CallOptions struct {
GetPolicy []gax.CallOption
UpdatePolicy []gax.CallOption
CreateAttestor []gax.CallOption
GetAttestor []gax.CallOption
UpdateAttestor []gax.CallOption
ListAttestors []gax.CallOption
DeleteAttestor []gax.CallOption
}
func defaultBinauthzManagementServiceV1Beta1ClientOptions() []option.ClientOption {
return []option.ClientOption{
internaloption.WithDefaultEndpoint("binaryauthorization.googleapis.com:443"),
internaloption.WithDefaultMTLSEndpoint("binaryauthorization.mtls.googleapis.com:443"),
internaloption.WithDefaultAudience("https://binaryauthorization.googleapis.com/"),
internaloption.WithDefaultScopes(DefaultAuthScopes()...),
option.WithGRPCDialOption(grpc.WithDisableServiceConfig()),
option.WithGRPCDialOption(grpc.WithDefaultCallOptions(
grpc.MaxCallRecvMsgSize(math.MaxInt32))),
}
}
func defaultBinauthzManagementServiceV1Beta1CallOptions() *BinauthzManagementServiceV1Beta1CallOptions {
return &BinauthzManagementServiceV1Beta1CallOptions{
GetPolicy: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
UpdatePolicy: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
CreateAttestor: []gax.CallOption{},
GetAttestor: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
UpdateAttestor: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
ListAttestors: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
DeleteAttestor: []gax.CallOption{
gax.WithRetry(func() gax.Retryer {
return gax.OnCodes([]codes.Code{
codes.DeadlineExceeded,
codes.Unavailable,
}, gax.Backoff{
Initial: 100 * time.Millisecond,
Max: 60000 * time.Millisecond,
Multiplier: 1.30,
})
}),
},
}
}
// BinauthzManagementServiceV1Beta1Client is a client for interacting with Binary Authorization API.
//
// Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
type BinauthzManagementServiceV1Beta1Client struct {
// Connection pool of gRPC connections to the service.
connPool gtransport.ConnPool
// flag to opt out of default deadlines via GOOGLE_API_GO_EXPERIMENTAL_DISABLE_DEFAULT_DEADLINE
disableDeadlines bool
// The gRPC API client.
binauthzManagementServiceV1Beta1Client binaryauthorizationpb.BinauthzManagementServiceV1Beta1Client
// The call options for this service.
CallOptions *BinauthzManagementServiceV1Beta1CallOptions
// The x-goog-* metadata to be sent with each request.
xGoogMetadata metadata.MD
}
// NewBinauthzManagementServiceV1Beta1Client creates a new binauthz management service v1 beta1 client.
//
// Google Cloud Management Service for Binary Authorization admission policies
// and attestation authorities.
//
// This API implements a REST model with the following objects:
//
// Policy
//
// Attestor
func NewBinauthzManagementServiceV1Beta1Client(ctx context.Context, opts ...option.ClientOption) (*BinauthzManagementServiceV1Beta1Client, error) {
clientOpts := defaultBinauthzManagementServiceV1Beta1ClientOptions()
if newBinauthzManagementServiceV1Beta1ClientHook != nil {
hookOpts, err := newBinauthzManagementServiceV1Beta1ClientHook(ctx, clientHookParams{})
if err != nil {
return nil, err
}
clientOpts = append(clientOpts, hookOpts...)
}
disableDeadlines, err := checkDisableDeadlines()
if err != nil {
return nil, err
}
connPool, err := gtransport.DialPool(ctx, append(clientOpts, opts...)...)
if err != nil {
return nil, err
}
c := &BinauthzManagementServiceV1Beta1Client{
connPool: connPool,
disableDeadlines: disableDeadlines,
CallOptions: defaultBinauthzManagementServiceV1Beta1CallOptions(),
binauthzManagementServiceV1Beta1Client: binaryauthorizationpb.NewBinauthzManagementServiceV1Beta1Client(connPool),
}
c.setGoogleClientInfo()
return c, nil
}
// Connection returns a connection to the API service.
//
// Deprecated.
func (c *BinauthzManagementServiceV1Beta1Client) Connection() *grpc.ClientConn {
return c.connPool.Conn()
}
// Close closes the connection to the API service. The user should invoke this when
// the client is no longer required.
func (c *BinauthzManagementServiceV1Beta1Client) Close() error {
return c.connPool.Close()
}
// setGoogleClientInfo sets the name and version of the application in
// the `x-goog-api-client` header passed on each request. Intended for
// use by Google-written clients.
func (c *BinauthzManagementServiceV1Beta1Client) setGoogleClientInfo(keyval ...string) {
kv := append([]string{"gl-go", versionGo()}, keyval...)
kv = append(kv, "gapic", versionClient, "gax", gax.Version, "grpc", grpc.Version)
c.xGoogMetadata = metadata.Pairs("x-goog-api-client", gax.XGoogHeader(kv...))
}
// GetPolicy a policy specifies the attestors that must attest to
// a container image, before the project is allowed to deploy that
// image. There is at most one policy per project. All image admission
// requests are permitted if a project has no policy.
//
// Gets the policy for this project. Returns a default
// policy if the project does not have one.
func (c *BinauthzManagementServiceV1Beta1Client) GetPolicy(ctx context.Context, req *binaryauthorizationpb.GetPolicyRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Policy, error) {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.GetPolicy[0:len(c.CallOptions.GetPolicy):len(c.CallOptions.GetPolicy)], opts...)
var resp *binaryauthorizationpb.Policy
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.GetPolicy(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, err
}
return resp, nil
}
// UpdatePolicy creates or updates a project’s policy, and returns a copy of the
// new policy. A policy is always updated as a whole, to avoid race
// conditions with concurrent policy enforcement (or management!)
// requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
// if the request is malformed.
func (c *BinauthzManagementServiceV1Beta1Client) UpdatePolicy(ctx context.Context, req *binaryauthorizationpb.UpdatePolicyRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Policy, error) {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "policy.name", url.QueryEscape(req.GetPolicy().GetName())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.UpdatePolicy[0:len(c.CallOptions.UpdatePolicy):len(c.CallOptions.UpdatePolicy)], opts...)
var resp *binaryauthorizationpb.Policy
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.UpdatePolicy(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, err
}
return resp, nil
}
// CreateAttestor creates an attestor, and returns a copy of the new
// attestor. Returns NOT_FOUND if the project does not exist,
// INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
// attestor already exists.
func (c *BinauthzManagementServiceV1Beta1Client) CreateAttestor(ctx context.Context, req *binaryauthorizationpb.CreateAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error) {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "parent", url.QueryEscape(req.GetParent())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.CreateAttestor[0:len(c.CallOptions.CreateAttestor):len(c.CallOptions.CreateAttestor)], opts...)
var resp *binaryauthorizationpb.Attestor
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.CreateAttestor(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, err
}
return resp, nil
}
// GetAttestor gets an attestor.
// Returns NOT_FOUND if the attestor does not exist.
func (c *BinauthzManagementServiceV1Beta1Client) GetAttestor(ctx context.Context, req *binaryauthorizationpb.GetAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error) {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.GetAttestor[0:len(c.CallOptions.GetAttestor):len(c.CallOptions.GetAttestor)], opts...)
var resp *binaryauthorizationpb.Attestor
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.GetAttestor(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, err
}
return resp, nil
}
// UpdateAttestor updates an attestor.
// Returns NOT_FOUND if the attestor does not exist.
func (c *BinauthzManagementServiceV1Beta1Client) UpdateAttestor(ctx context.Context, req *binaryauthorizationpb.UpdateAttestorRequest, opts ...gax.CallOption) (*binaryauthorizationpb.Attestor, error) {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "attestor.name", url.QueryEscape(req.GetAttestor().GetName())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.UpdateAttestor[0:len(c.CallOptions.UpdateAttestor):len(c.CallOptions.UpdateAttestor)], opts...)
var resp *binaryauthorizationpb.Attestor
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.UpdateAttestor(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, err
}
return resp, nil
}
// ListAttestors lists attestors.
// Returns INVALID_ARGUMENT if the project does not exist.
func (c *BinauthzManagementServiceV1Beta1Client) ListAttestors(ctx context.Context, req *binaryauthorizationpb.ListAttestorsRequest, opts ...gax.CallOption) *AttestorIterator {
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "parent", url.QueryEscape(req.GetParent())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.ListAttestors[0:len(c.CallOptions.ListAttestors):len(c.CallOptions.ListAttestors)], opts...)
it := &AttestorIterator{}
req = proto.Clone(req).(*binaryauthorizationpb.ListAttestorsRequest)
it.InternalFetch = func(pageSize int, pageToken string) ([]*binaryauthorizationpb.Attestor, string, error) {
var resp *binaryauthorizationpb.ListAttestorsResponse
req.PageToken = pageToken
if pageSize > math.MaxInt32 {
req.PageSize = math.MaxInt32
} else {
req.PageSize = int32(pageSize)
}
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
resp, err = c.binauthzManagementServiceV1Beta1Client.ListAttestors(ctx, req, settings.GRPC...)
return err
}, opts...)
if err != nil {
return nil, "", err
}
it.Response = resp
return resp.GetAttestors(), resp.GetNextPageToken(), nil
}
fetch := func(pageSize int, pageToken string) (string, error) {
items, nextPageToken, err := it.InternalFetch(pageSize, pageToken)
if err != nil {
return "", err
}
it.items = append(it.items, items...)
return nextPageToken, nil
}
it.pageInfo, it.nextFunc = iterator.NewPageInfo(fetch, it.bufLen, it.takeBuf)
it.pageInfo.MaxSize = int(req.GetPageSize())
it.pageInfo.Token = req.GetPageToken()
return it
}
// DeleteAttestor deletes an attestor. Returns NOT_FOUND if the
// attestor does not exist.
func (c *BinauthzManagementServiceV1Beta1Client) DeleteAttestor(ctx context.Context, req *binaryauthorizationpb.DeleteAttestorRequest, opts ...gax.CallOption) error {
if _, ok := ctx.Deadline(); !ok && !c.disableDeadlines {
cctx, cancel := context.WithTimeout(ctx, 600000*time.Millisecond)
defer cancel()
ctx = cctx
}
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
opts = append(c.CallOptions.DeleteAttestor[0:len(c.CallOptions.DeleteAttestor):len(c.CallOptions.DeleteAttestor)], opts...)
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
var err error
_, err = c.binauthzManagementServiceV1Beta1Client.DeleteAttestor(ctx, req, settings.GRPC...)
return err
}, opts...)
return err
}
// AttestorIterator manages a stream of *binaryauthorizationpb.Attestor.
type AttestorIterator struct {
items []*binaryauthorizationpb.Attestor
pageInfo *iterator.PageInfo
nextFunc func() error
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*binaryauthorizationpb.Attestor, nextPageToken string, err error)
}
// PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
func (it *AttestorIterator) PageInfo() *iterator.PageInfo {
return it.pageInfo
}
// Next returns the next result. Its second return value is iterator.Done if there are no more
// results. Once Next returns Done, all subsequent calls will return Done.
func (it *AttestorIterator) Next() (*binaryauthorizationpb.Attestor, error) {
var item *binaryauthorizationpb.Attestor
if err := it.nextFunc(); err != nil {
return item, err
}
item = it.items[0]
it.items = it.items[1:]
return item, nil
}
func (it *AttestorIterator) bufLen() int {
return len(it.items)
}
func (it *AttestorIterator) takeBuf() interface{} {
b := it.items
it.items = nil
return b
}