google_cloud_binaryauthorization_v1/client.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16#![allow(rustdoc::redundant_explicit_links)]
17#![allow(rustdoc::broken_intra_doc_links)]
18
19use crate::Result;
20use std::sync::Arc;
21
22/// Implements a client for the Binary Authorization API.
23///
24/// # Service Description
25///
26/// Google Cloud Management Service for Binary Authorization admission policies
27/// and attestation authorities.
28///
29/// This API implements a REST model with the following objects:
30///
31/// * [Policy][google.cloud.binaryauthorization.v1.Policy]
32/// * [Attestor][google.cloud.binaryauthorization.v1.Attestor]
33///
34/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
35/// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
36///
37/// # Configuration
38///
39/// `BinauthzManagementServiceV1` has various configuration parameters, the defaults should
40/// work with most applications.
41///
42/// # Pooling and Cloning
43///
44/// `BinauthzManagementServiceV1` holds a connection pool internally, it is advised to
45/// create one and the reuse it. You do not need to wrap `BinauthzManagementServiceV1` in
46/// an [Rc](std::rc::Rc) or [Arc] to reuse it, because it already uses an `Arc`
47/// internally.
48#[derive(Clone, Debug)]
49pub struct BinauthzManagementServiceV1 {
50 inner: Arc<dyn crate::stubs::dynamic::BinauthzManagementServiceV1>,
51}
52
53impl BinauthzManagementServiceV1 {
54 /// Creates a new client with the default configuration.
55 pub async fn new() -> Result<Self> {
56 Self::new_with_config(gax::options::ClientConfig::default()).await
57 }
58
59 /// Creates a new client with the specified configuration.
60 pub async fn new_with_config(conf: gax::options::ClientConfig) -> Result<Self> {
61 let inner = Self::build_inner(conf).await?;
62 Ok(Self { inner })
63 }
64
65 /// Creates a new client from the provided stub.
66 ///
67 /// The most common case for calling this function is when mocking the
68 /// client.
69 pub fn from_stub<T>(stub: T) -> Self
70 where
71 T: crate::stubs::BinauthzManagementServiceV1 + 'static,
72 {
73 Self {
74 inner: Arc::new(stub),
75 }
76 }
77
78 async fn build_inner(
79 conf: gax::options::ClientConfig,
80 ) -> Result<Arc<dyn crate::stubs::dynamic::BinauthzManagementServiceV1>> {
81 if conf.tracing_enabled() {
82 return Ok(Arc::new(Self::build_with_tracing(conf).await?));
83 }
84 Ok(Arc::new(Self::build_transport(conf).await?))
85 }
86
87 async fn build_transport(
88 conf: gax::options::ClientConfig,
89 ) -> Result<impl crate::stubs::BinauthzManagementServiceV1> {
90 crate::transport::BinauthzManagementServiceV1::new(conf).await
91 }
92
93 async fn build_with_tracing(
94 conf: gax::options::ClientConfig,
95 ) -> Result<impl crate::stubs::BinauthzManagementServiceV1> {
96 Self::build_transport(conf)
97 .await
98 .map(crate::tracing::BinauthzManagementServiceV1::new)
99 }
100
101 /// A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to
102 /// a container image, before the project is allowed to deploy that
103 /// image. There is at most one policy per project. All image admission
104 /// requests are permitted if a project has no policy.
105 ///
106 /// Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default
107 /// [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.
108 ///
109 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
110 /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
111 pub fn get_policy(
112 &self,
113 name: impl Into<std::string::String>,
114 ) -> crate::builders::binauthz_management_service_v_1::GetPolicy {
115 crate::builders::binauthz_management_service_v_1::GetPolicy::new(self.inner.clone())
116 .set_name(name.into())
117 }
118
119 /// Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the
120 /// new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race
121 /// conditions with concurrent policy enforcement (or management!)
122 /// requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
123 /// if the request is malformed.
124 ///
125 /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
126 pub fn update_policy(
127 &self,
128 policy: impl Into<crate::model::Policy>,
129 ) -> crate::builders::binauthz_management_service_v_1::UpdatePolicy {
130 crate::builders::binauthz_management_service_v_1::UpdatePolicy::new(self.inner.clone())
131 .set_policy(policy.into())
132 }
133
134 /// Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new
135 /// [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist,
136 /// INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
137 /// [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.
138 ///
139 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
140 pub fn create_attestor(
141 &self,
142 parent: impl Into<std::string::String>,
143 ) -> crate::builders::binauthz_management_service_v_1::CreateAttestor {
144 crate::builders::binauthz_management_service_v_1::CreateAttestor::new(self.inner.clone())
145 .set_parent(parent.into())
146 }
147
148 /// Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor].
149 /// Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
150 ///
151 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
152 pub fn get_attestor(
153 &self,
154 name: impl Into<std::string::String>,
155 ) -> crate::builders::binauthz_management_service_v_1::GetAttestor {
156 crate::builders::binauthz_management_service_v_1::GetAttestor::new(self.inner.clone())
157 .set_name(name.into())
158 }
159
160 /// Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor].
161 /// Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
162 ///
163 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
164 pub fn update_attestor(
165 &self,
166 attestor: impl Into<crate::model::Attestor>,
167 ) -> crate::builders::binauthz_management_service_v_1::UpdateAttestor {
168 crate::builders::binauthz_management_service_v_1::UpdateAttestor::new(self.inner.clone())
169 .set_attestor(attestor.into())
170 }
171
172 /// Lists [attestors][google.cloud.binaryauthorization.v1.Attestor].
173 /// Returns INVALID_ARGUMENT if the project does not exist.
174 ///
175 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
176 pub fn list_attestors(
177 &self,
178 parent: impl Into<std::string::String>,
179 ) -> crate::builders::binauthz_management_service_v_1::ListAttestors {
180 crate::builders::binauthz_management_service_v_1::ListAttestors::new(self.inner.clone())
181 .set_parent(parent.into())
182 }
183
184 /// Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the
185 /// [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
186 ///
187 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
188 pub fn delete_attestor(
189 &self,
190 name: impl Into<std::string::String>,
191 ) -> crate::builders::binauthz_management_service_v_1::DeleteAttestor {
192 crate::builders::binauthz_management_service_v_1::DeleteAttestor::new(self.inner.clone())
193 .set_name(name.into())
194 }
195}
196
197/// Implements a client for the Binary Authorization API.
198///
199/// # Service Description
200///
201/// API for working with the system policy.
202///
203/// # Configuration
204///
205/// `SystemPolicyV1` has various configuration parameters, the defaults should
206/// work with most applications.
207///
208/// # Pooling and Cloning
209///
210/// `SystemPolicyV1` holds a connection pool internally, it is advised to
211/// create one and the reuse it. You do not need to wrap `SystemPolicyV1` in
212/// an [Rc](std::rc::Rc) or [Arc] to reuse it, because it already uses an `Arc`
213/// internally.
214#[derive(Clone, Debug)]
215pub struct SystemPolicyV1 {
216 inner: Arc<dyn crate::stubs::dynamic::SystemPolicyV1>,
217}
218
219impl SystemPolicyV1 {
220 /// Creates a new client with the default configuration.
221 pub async fn new() -> Result<Self> {
222 Self::new_with_config(gax::options::ClientConfig::default()).await
223 }
224
225 /// Creates a new client with the specified configuration.
226 pub async fn new_with_config(conf: gax::options::ClientConfig) -> Result<Self> {
227 let inner = Self::build_inner(conf).await?;
228 Ok(Self { inner })
229 }
230
231 /// Creates a new client from the provided stub.
232 ///
233 /// The most common case for calling this function is when mocking the
234 /// client.
235 pub fn from_stub<T>(stub: T) -> Self
236 where
237 T: crate::stubs::SystemPolicyV1 + 'static,
238 {
239 Self {
240 inner: Arc::new(stub),
241 }
242 }
243
244 async fn build_inner(
245 conf: gax::options::ClientConfig,
246 ) -> Result<Arc<dyn crate::stubs::dynamic::SystemPolicyV1>> {
247 if conf.tracing_enabled() {
248 return Ok(Arc::new(Self::build_with_tracing(conf).await?));
249 }
250 Ok(Arc::new(Self::build_transport(conf).await?))
251 }
252
253 async fn build_transport(
254 conf: gax::options::ClientConfig,
255 ) -> Result<impl crate::stubs::SystemPolicyV1> {
256 crate::transport::SystemPolicyV1::new(conf).await
257 }
258
259 async fn build_with_tracing(
260 conf: gax::options::ClientConfig,
261 ) -> Result<impl crate::stubs::SystemPolicyV1> {
262 Self::build_transport(conf)
263 .await
264 .map(crate::tracing::SystemPolicyV1::new)
265 }
266
267 /// Gets the current system policy in the specified location.
268 pub fn get_system_policy(
269 &self,
270 name: impl Into<std::string::String>,
271 ) -> crate::builders::system_policy_v_1::GetSystemPolicy {
272 crate::builders::system_policy_v_1::GetSystemPolicy::new(self.inner.clone())
273 .set_name(name.into())
274 }
275}
276
277/// Implements a client for the Binary Authorization API.
278///
279/// # Service Description
280///
281/// BinAuthz Attestor verification
282///
283/// # Configuration
284///
285/// `ValidationHelperV1` has various configuration parameters, the defaults should
286/// work with most applications.
287///
288/// # Pooling and Cloning
289///
290/// `ValidationHelperV1` holds a connection pool internally, it is advised to
291/// create one and the reuse it. You do not need to wrap `ValidationHelperV1` in
292/// an [Rc](std::rc::Rc) or [Arc] to reuse it, because it already uses an `Arc`
293/// internally.
294#[derive(Clone, Debug)]
295pub struct ValidationHelperV1 {
296 inner: Arc<dyn crate::stubs::dynamic::ValidationHelperV1>,
297}
298
299impl ValidationHelperV1 {
300 /// Creates a new client with the default configuration.
301 pub async fn new() -> Result<Self> {
302 Self::new_with_config(gax::options::ClientConfig::default()).await
303 }
304
305 /// Creates a new client with the specified configuration.
306 pub async fn new_with_config(conf: gax::options::ClientConfig) -> Result<Self> {
307 let inner = Self::build_inner(conf).await?;
308 Ok(Self { inner })
309 }
310
311 /// Creates a new client from the provided stub.
312 ///
313 /// The most common case for calling this function is when mocking the
314 /// client.
315 pub fn from_stub<T>(stub: T) -> Self
316 where
317 T: crate::stubs::ValidationHelperV1 + 'static,
318 {
319 Self {
320 inner: Arc::new(stub),
321 }
322 }
323
324 async fn build_inner(
325 conf: gax::options::ClientConfig,
326 ) -> Result<Arc<dyn crate::stubs::dynamic::ValidationHelperV1>> {
327 if conf.tracing_enabled() {
328 return Ok(Arc::new(Self::build_with_tracing(conf).await?));
329 }
330 Ok(Arc::new(Self::build_transport(conf).await?))
331 }
332
333 async fn build_transport(
334 conf: gax::options::ClientConfig,
335 ) -> Result<impl crate::stubs::ValidationHelperV1> {
336 crate::transport::ValidationHelperV1::new(conf).await
337 }
338
339 async fn build_with_tracing(
340 conf: gax::options::ClientConfig,
341 ) -> Result<impl crate::stubs::ValidationHelperV1> {
342 Self::build_transport(conf)
343 .await
344 .map(crate::tracing::ValidationHelperV1::new)
345 }
346
347 /// Returns whether the given Attestation for the given image URI
348 /// was signed by the given Attestor
349 pub fn validate_attestation_occurrence(
350 &self,
351 attestor: impl Into<std::string::String>,
352 ) -> crate::builders::validation_helper_v_1::ValidateAttestationOccurrence {
353 crate::builders::validation_helper_v_1::ValidateAttestationOccurrence::new(
354 self.inner.clone(),
355 )
356 .set_attestor(attestor.into())
357 }
358}