Crate google_binaryauthorization1_beta1

This documentation was generated from Binary Authorization crate version 1.0.12+20190628, where 20190628 is the exact revision of the binaryauthorization:v1beta1 schema built by the mako code generator v1.0.12.

Everything else about the Binary Authorization v1_beta1 API can be found at the official documentation site. The original source code is on github.

Features

Handle the following Resources with ease from the central hub ...

• projects
• attestors create, attestors delete, attestors get, attestors get iam policy, attestors list, attestors set iam policy, attestors test iam permissions, attestors update, get policy, policy get iam policy, policy set iam policy, policy test iam permissions and update policy

Not what you are looking for ? Find all other Google APIs in their Rust documentation index.

Structure of this Library

The API is structured into the following primary items:

• Hub
  • a central object to maintain state and allow accessing all Activities
  • creates Method Builders which in turn allow access to individual Call Builders
• Resources
  • primary types that you can apply Activities to
  • a collection of properties and Parts
  • Parts
    • a collection of properties
    • never directly used in Activities
• Activities
  • operations to apply to Resources

All structures are marked with applicable traits to further categorize them and ease browsing.

Generally speaking, you can invoke Activities like this:

let r = hub.resource().activity(...).doit()

Or specifically ...

let r = hub.projects().policy_set_iam_policy(...).doit()
let r = hub.projects().attestors_set_iam_policy(...).doit()
let r = hub.projects().policy_get_iam_policy(...).doit()
let r = hub.projects().attestors_get_iam_policy(...).doit()

The resource() and activity(...) calls create builders. The second one dealing with Activities supports various methods to configure the impending operation (not shown here). It is made such that all required arguments have to be specified right away (i.e. (...)), whereas all optional ones can be build up as desired. The doit() method performs the actual communication with the server and returns the respective result.

Usage

Setting up your Project

To use this library, you would put the following lines into your Cargo.toml file:

[dependencies]
google-binaryauthorization1_beta1 = "*"
# This project intentionally uses an old version of Hyper. See
# https://github.com/Byron/google-apis-rs/issues/173 for more
# information.
hyper = "^0.10"
hyper-rustls = "^0.6"
serde = "^1.0"
serde_json = "^1.0"
yup-oauth2 = "^1.0"

A complete example

extern crate hyper;
extern crate hyper_rustls;
extern crate yup_oauth2 as oauth2;
extern crate google_binaryauthorization1_beta1 as binaryauthorization1_beta1;
use binaryauthorization1_beta1::SetIamPolicyRequest;
use binaryauthorization1_beta1::{Result, Error};
use std::default::Default;
use oauth2::{Authenticator, DefaultAuthenticatorDelegate, ApplicationSecret, MemoryStorage};
use binaryauthorization1_beta1::BinaryAuthorization;
 
// Get an ApplicationSecret instance by some means. It contains the `client_id` and 
// `client_secret`, among other things.
let secret: ApplicationSecret = Default::default();
// Instantiate the authenticator. It will choose a suitable authentication flow for you, 
// unless you replace  `None` with the desired Flow.
// Provide your own `AuthenticatorDelegate` to adjust the way it operates and get feedback about 
// what's going on. You probably want to bring in your own `TokenStorage` to persist tokens and
// retrieve them from storage.
let auth = Authenticator::new(&secret, DefaultAuthenticatorDelegate,
                              hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())),
                              <MemoryStorage as Default>::default(), None);
let mut hub = BinaryAuthorization::new(hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())), auth);
// As the method needs a request, you would usually fill it with the desired information
// into the respective structure. Some of the parts shown here might not be applicable !
// Values shown here are possibly random and not representative !
let mut req = SetIamPolicyRequest::default();
 
// You can configure optional parameters by calling the respective setters at will, and
// execute the final call using `doit()`.
// Values shown here are possibly random and not representative !
let result = hub.projects().policy_set_iam_policy(req, "resource")
             .doit();
 
match result {
    Err(e) => match e {
        // The Error enum provides details about what exactly happened.
        // You can also just use its `Debug`, `Display` or `Error` traits
         Error::HttpError(_)
        |Error::MissingAPIKey
        |Error::MissingToken(_)
        |Error::Cancelled
        |Error::UploadSizeLimitExceeded(_, _)
        |Error::Failure(_)
        |Error::BadRequest(_)
        |Error::FieldClash(_)
        |Error::JsonDecodeError(_, _) => println!("{}", e),
    },
    Ok(res) => println!("Success: {:?}", res),
}

Handling Errors

All errors produced by the system are provided either as Result enumeration as return value of the doit() methods, or handed as possibly intermediate results to either the Hub Delegate, or the Authenticator Delegate.

When delegates handle errors or intermediate values, they may have a chance to instruct the system to retry. This makes the system potentially resilient to all kinds of errors.

Uploads and Downloads

If a method supports downloads, the response body, which is part of the Result, should be read by you to obtain the media. If such a method also supports a Response Result, it will return that by default. You can see it as meta-data for the actual media. To trigger a media download, you will have to set up the builder by making this call: .param("alt", "media").

Methods supporting uploads can do so using up to 2 different protocols: simple and resumable. The distinctiveness of each is represented by customized doit(...) methods, which are then named upload(...) and upload_resumable(...) respectively.

Customization and Callbacks

You may alter the way an doit() method is called by providing a delegate to the Method Builder before making the final doit() call. Respective methods will be called to provide progress information, as well as determine whether the system should retry on failure.

The delegate trait is default-implemented, allowing you to customize it with minimal effort.

Optional Parts in Server-Requests

All structures provided by this library are made to be enocodable and decodable via json. Optionals are used to indicate that partial requests are responses are valid. Most optionals are are considered Parts which are identifiable by name, which will be sent to the server to indicate either the set parts of the request or the desired parts in the response.

Builder Arguments

Using method builders, you are able to prepare an action call by repeatedly calling it's methods. These will always take a single argument, for which the following statements are true.

• PODs are handed by copy
• strings are passed as &str
• request values are moved

Arguments will always be copied or cloned into the builder, to make them independent of their original life times.

Structs

AdmissionRule	An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied.
AdmissionWhitelistPattern	An admission whitelist pattern exempts images from checks by admission rules.
Attestor	An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.
AttestorPublicKey	An attestor public key that will be used to verify attestations signed by this attestor.
BinaryAuthorization	Central instance to access all BinaryAuthorization related resource activities
Binding	Associates members with a role.
Chunk
ContentRange	Implements the Content-Range header, for serialization only
DefaultDelegate	A delegate with a conservative default implementation, which is used if no other delegate is set.
DummyNetworkStream
Empty	A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance:
ErrorResponse	A utility to represent detailed errors we might see in case there are BadRequests. The latter happen if the sent parameters or request structures are unsound
Expr	Represents an expression text. Example:
IamPolicy	Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.
JsonServerError	A utility type which can decode a server response that indicates error
ListAttestorsResponse	Response message for BinauthzManagementService.ListAttestors.
MethodInfo	Contains information about an API request.
MultiPartReader	Provides a Read interface that converts multiple parts into the protocol identified by RFC2387. Note: This implementation is just as rich as it needs to be to perform uploads to google APIs, and might not be a fully-featured implementation.
PkixPublicKey	A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.
Policy	A policy for container image binary authorization.
ProjectAttestorCreateCall	Creates an attestor, and returns a copy of the new attestor. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.
ProjectAttestorDeleteCall	Deletes an attestor. Returns NOT_FOUND if the attestor does not exist.
ProjectAttestorGetCall	Gets an attestor. Returns NOT_FOUND if the attestor does not exist.
ProjectAttestorGetIamPolicyCall	Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
ProjectAttestorListCall	Lists attestors. Returns INVALID_ARGUMENT if the project does not exist.
ProjectAttestorSetIamPolicyCall	Sets the access control policy on the specified resource. Replaces any existing policy.
ProjectAttestorTestIamPermissionCall	Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
ProjectAttestorUpdateCall	Updates an attestor. Returns NOT_FOUND if the attestor does not exist.
ProjectGetPolicyCall	A policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy.
ProjectMethods	A builder providing access to all methods supported on project resources. It is not used directly, but through the BinaryAuthorization hub.
ProjectPolicyGetIamPolicyCall	Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
ProjectPolicySetIamPolicyCall	Sets the access control policy on the specified resource. Replaces any existing policy.
ProjectPolicyTestIamPermissionCall	Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
ProjectUpdatePolicyCall	Creates or updates a project's policy, and returns a copy of the new policy. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.
RangeResponseHeader
ResumableUploadHelper	A utility type to perform a resumable upload from start to end.
ServerError
ServerMessage
SetIamPolicyRequest	Request message for SetIamPolicy method.
TestIamPermissionsRequest	Request message for TestIamPermissions method.
TestIamPermissionsResponse	Response message for TestIamPermissions method.
UserOwnedDrydockNote	An user owned drydock note references a Drydock ATTESTATION_AUTHORITY Note created by the user.
XUploadContentType	The X-Upload-Content-Type header.

Enums

Error
Scope	Identifies the an OAuth2 authorization scope. A scope is needed when requesting an authorization token.

Traits

CallBuilder	Identifies types which represent builders for a particular resource method
Delegate	A trait specifying functionality to help controlling any request performed by the API. The trait has a conservative default implementation.
Hub	Identifies the Hub. There is only one per library, this trait is supposed to make intended use more explicit. The hub allows to access all resource methods more easily.
MethodsBuilder	Identifies types for building methods of a particular resource type
NestedType	Identifies types which are only used by other types internally. They have no special meaning, this trait just marks them for completeness.
Part	Identifies types which are only used as part of other types, which usually are carrying the Resource trait.
ReadSeek	A utility to specify reader types which provide seeking capabilities too
RequestValue	Identifies types which are used in API requests.
Resource	Identifies types which can be inserted and deleted. Types with this trait are most commonly used by clients of this API.
ResponseResult	Identifies types which are used in API responses.
ToParts	A trait for all types that can convert themselves into a parts string
UnusedType	Identifies types which are not actually used by the API This might be a bug within the google API schema.

Functions

remove_json_null_values

Type Definitions

Result

A universal result type used as return for all calls.