Skip to main content

google_cloud_binaryauthorization_v1/
model.rs

1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16
17#![allow(rustdoc::bare_urls)]
18#![allow(rustdoc::broken_intra_doc_links)]
19#![allow(rustdoc::invalid_html_tags)]
20#![allow(rustdoc::redundant_explicit_links)]
21#![no_implicit_prelude]
22extern crate async_trait;
23extern crate bytes;
24extern crate gaxi;
25extern crate google_cloud_gax;
26extern crate google_cloud_grafeas_v1;
27extern crate google_cloud_iam_v1;
28extern crate serde;
29extern crate serde_json;
30extern crate serde_with;
31extern crate std;
32extern crate tracing;
33extern crate wkt;
34
35mod debug;
36mod deserialize;
37mod serialize;
38
39/// A [policy][google.cloud.binaryauthorization.v1.Policy] for container image
40/// binary authorization.
41///
42/// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
43#[derive(Clone, Default, PartialEq)]
44#[non_exhaustive]
45pub struct Policy {
46    /// Output only. The resource name, in the format `projects/*/policy`. There is
47    /// at most one policy per project.
48    pub name: std::string::String,
49
50    /// Optional. A descriptive comment.
51    pub description: std::string::String,
52
53    /// Optional. Controls the evaluation of a Google-maintained global admission
54    /// policy for common system-level images. Images not covered by the global
55    /// policy will be subject to the project admission policy. This setting
56    /// has no effect when specified inside a global admission policy.
57    pub global_policy_evaluation_mode: crate::model::policy::GlobalPolicyEvaluationMode,
58
59    /// Optional. Admission policy allowlisting. A matching admission request will
60    /// always be permitted. This feature is typically used to exclude Google or
61    /// third-party infrastructure images from Binary Authorization policies.
62    pub admission_whitelist_patterns: std::vec::Vec<crate::model::AdmissionWhitelistPattern>,
63
64    /// Optional. A valid policy has only one of the following rule maps non-empty,
65    /// i.e. only one of `cluster_admission_rules`,
66    /// `kubernetes_namespace_admission_rules`,
67    /// `kubernetes_service_account_admission_rules`,
68    /// or `istio_service_identity_admission_rules` can be non-empty.
69    /// Per-cluster admission rules. Cluster spec format:
70    /// `location.clusterId`. There can be at most one admission rule per cluster
71    /// spec.
72    /// A `location` is either a compute zone (e.g. us-central1-a) or a region
73    /// (e.g. us-central1).
74    /// For `clusterId` syntax restrictions see
75    /// <https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters>.
76    pub cluster_admission_rules:
77        std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
78
79    /// Optional. Per-kubernetes-namespace admission rules. K8s namespace spec
80    /// format:
81    /// `[a-z.-]+`, e.g. `some-namespace`
82    pub kubernetes_namespace_admission_rules:
83        std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
84
85    /// Optional. Per-kubernetes-service-account admission rules. Service account
86    /// spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
87    pub kubernetes_service_account_admission_rules:
88        std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
89
90    /// Optional. Per-istio-service-identity admission rules. Istio service
91    /// identity spec format:
92    /// `spiffe://<domain>/ns/<namespace>/sa/<serviceaccount>` or
93    /// `<domain>/ns/<namespace>/sa/<serviceaccount>`
94    /// e.g. `spiffe://example.com/ns/test-ns/sa/default`
95    pub istio_service_identity_admission_rules:
96        std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
97
98    /// Required. Default admission rule for a cluster without a per-cluster, per-
99    /// kubernetes-service-account, or per-istio-service-identity admission rule.
100    pub default_admission_rule: std::option::Option<crate::model::AdmissionRule>,
101
102    /// Output only. Time when the policy was last updated.
103    pub update_time: std::option::Option<wkt::Timestamp>,
104
105    /// Optional. A checksum, returned by the server, that can be sent on update
106    /// requests to ensure the policy has an up-to-date value before attempting to
107    /// update it. See <https://google.aip.dev/154>.
108    pub etag: std::string::String,
109
110    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
111}
112
113impl Policy {
114    /// Creates a new default instance.
115    pub fn new() -> Self {
116        std::default::Default::default()
117    }
118
119    /// Sets the value of [name][crate::model::Policy::name].
120    ///
121    /// # Example
122    /// ```ignore,no_run
123    /// # use google_cloud_binaryauthorization_v1::model::Policy;
124    /// # let project_id = "project_id";
125    /// let x = Policy::new().set_name(format!("projects/{project_id}/policy"));
126    /// ```
127    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
128        self.name = v.into();
129        self
130    }
131
132    /// Sets the value of [description][crate::model::Policy::description].
133    ///
134    /// # Example
135    /// ```ignore,no_run
136    /// # use google_cloud_binaryauthorization_v1::model::Policy;
137    /// let x = Policy::new().set_description("example");
138    /// ```
139    pub fn set_description<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
140        self.description = v.into();
141        self
142    }
143
144    /// Sets the value of [global_policy_evaluation_mode][crate::model::Policy::global_policy_evaluation_mode].
145    ///
146    /// # Example
147    /// ```ignore,no_run
148    /// # use google_cloud_binaryauthorization_v1::model::Policy;
149    /// use google_cloud_binaryauthorization_v1::model::policy::GlobalPolicyEvaluationMode;
150    /// let x0 = Policy::new().set_global_policy_evaluation_mode(GlobalPolicyEvaluationMode::Enable);
151    /// let x1 = Policy::new().set_global_policy_evaluation_mode(GlobalPolicyEvaluationMode::Disable);
152    /// ```
153    pub fn set_global_policy_evaluation_mode<
154        T: std::convert::Into<crate::model::policy::GlobalPolicyEvaluationMode>,
155    >(
156        mut self,
157        v: T,
158    ) -> Self {
159        self.global_policy_evaluation_mode = v.into();
160        self
161    }
162
163    /// Sets the value of [admission_whitelist_patterns][crate::model::Policy::admission_whitelist_patterns].
164    ///
165    /// # Example
166    /// ```ignore,no_run
167    /// # use google_cloud_binaryauthorization_v1::model::Policy;
168    /// use google_cloud_binaryauthorization_v1::model::AdmissionWhitelistPattern;
169    /// let x = Policy::new()
170    ///     .set_admission_whitelist_patterns([
171    ///         AdmissionWhitelistPattern::default()/* use setters */,
172    ///         AdmissionWhitelistPattern::default()/* use (different) setters */,
173    ///     ]);
174    /// ```
175    pub fn set_admission_whitelist_patterns<T, V>(mut self, v: T) -> Self
176    where
177        T: std::iter::IntoIterator<Item = V>,
178        V: std::convert::Into<crate::model::AdmissionWhitelistPattern>,
179    {
180        use std::iter::Iterator;
181        self.admission_whitelist_patterns = v.into_iter().map(|i| i.into()).collect();
182        self
183    }
184
185    /// Sets the value of [cluster_admission_rules][crate::model::Policy::cluster_admission_rules].
186    ///
187    /// # Example
188    /// ```ignore,no_run
189    /// # use google_cloud_binaryauthorization_v1::model::Policy;
190    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
191    /// let x = Policy::new().set_cluster_admission_rules([
192    ///     ("key0", AdmissionRule::default()/* use setters */),
193    ///     ("key1", AdmissionRule::default()/* use (different) setters */),
194    /// ]);
195    /// ```
196    pub fn set_cluster_admission_rules<T, K, V>(mut self, v: T) -> Self
197    where
198        T: std::iter::IntoIterator<Item = (K, V)>,
199        K: std::convert::Into<std::string::String>,
200        V: std::convert::Into<crate::model::AdmissionRule>,
201    {
202        use std::iter::Iterator;
203        self.cluster_admission_rules = v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
204        self
205    }
206
207    /// Sets the value of [kubernetes_namespace_admission_rules][crate::model::Policy::kubernetes_namespace_admission_rules].
208    ///
209    /// # Example
210    /// ```ignore,no_run
211    /// # use google_cloud_binaryauthorization_v1::model::Policy;
212    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
213    /// let x = Policy::new().set_kubernetes_namespace_admission_rules([
214    ///     ("key0", AdmissionRule::default()/* use setters */),
215    ///     ("key1", AdmissionRule::default()/* use (different) setters */),
216    /// ]);
217    /// ```
218    pub fn set_kubernetes_namespace_admission_rules<T, K, V>(mut self, v: T) -> Self
219    where
220        T: std::iter::IntoIterator<Item = (K, V)>,
221        K: std::convert::Into<std::string::String>,
222        V: std::convert::Into<crate::model::AdmissionRule>,
223    {
224        use std::iter::Iterator;
225        self.kubernetes_namespace_admission_rules =
226            v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
227        self
228    }
229
230    /// Sets the value of [kubernetes_service_account_admission_rules][crate::model::Policy::kubernetes_service_account_admission_rules].
231    ///
232    /// # Example
233    /// ```ignore,no_run
234    /// # use google_cloud_binaryauthorization_v1::model::Policy;
235    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
236    /// let x = Policy::new().set_kubernetes_service_account_admission_rules([
237    ///     ("key0", AdmissionRule::default()/* use setters */),
238    ///     ("key1", AdmissionRule::default()/* use (different) setters */),
239    /// ]);
240    /// ```
241    pub fn set_kubernetes_service_account_admission_rules<T, K, V>(mut self, v: T) -> Self
242    where
243        T: std::iter::IntoIterator<Item = (K, V)>,
244        K: std::convert::Into<std::string::String>,
245        V: std::convert::Into<crate::model::AdmissionRule>,
246    {
247        use std::iter::Iterator;
248        self.kubernetes_service_account_admission_rules =
249            v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
250        self
251    }
252
253    /// Sets the value of [istio_service_identity_admission_rules][crate::model::Policy::istio_service_identity_admission_rules].
254    ///
255    /// # Example
256    /// ```ignore,no_run
257    /// # use google_cloud_binaryauthorization_v1::model::Policy;
258    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
259    /// let x = Policy::new().set_istio_service_identity_admission_rules([
260    ///     ("key0", AdmissionRule::default()/* use setters */),
261    ///     ("key1", AdmissionRule::default()/* use (different) setters */),
262    /// ]);
263    /// ```
264    pub fn set_istio_service_identity_admission_rules<T, K, V>(mut self, v: T) -> Self
265    where
266        T: std::iter::IntoIterator<Item = (K, V)>,
267        K: std::convert::Into<std::string::String>,
268        V: std::convert::Into<crate::model::AdmissionRule>,
269    {
270        use std::iter::Iterator;
271        self.istio_service_identity_admission_rules =
272            v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
273        self
274    }
275
276    /// Sets the value of [default_admission_rule][crate::model::Policy::default_admission_rule].
277    ///
278    /// # Example
279    /// ```ignore,no_run
280    /// # use google_cloud_binaryauthorization_v1::model::Policy;
281    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
282    /// let x = Policy::new().set_default_admission_rule(AdmissionRule::default()/* use setters */);
283    /// ```
284    pub fn set_default_admission_rule<T>(mut self, v: T) -> Self
285    where
286        T: std::convert::Into<crate::model::AdmissionRule>,
287    {
288        self.default_admission_rule = std::option::Option::Some(v.into());
289        self
290    }
291
292    /// Sets or clears the value of [default_admission_rule][crate::model::Policy::default_admission_rule].
293    ///
294    /// # Example
295    /// ```ignore,no_run
296    /// # use google_cloud_binaryauthorization_v1::model::Policy;
297    /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
298    /// let x = Policy::new().set_or_clear_default_admission_rule(Some(AdmissionRule::default()/* use setters */));
299    /// let x = Policy::new().set_or_clear_default_admission_rule(None::<AdmissionRule>);
300    /// ```
301    pub fn set_or_clear_default_admission_rule<T>(mut self, v: std::option::Option<T>) -> Self
302    where
303        T: std::convert::Into<crate::model::AdmissionRule>,
304    {
305        self.default_admission_rule = v.map(|x| x.into());
306        self
307    }
308
309    /// Sets the value of [update_time][crate::model::Policy::update_time].
310    ///
311    /// # Example
312    /// ```ignore,no_run
313    /// # use google_cloud_binaryauthorization_v1::model::Policy;
314    /// use wkt::Timestamp;
315    /// let x = Policy::new().set_update_time(Timestamp::default()/* use setters */);
316    /// ```
317    pub fn set_update_time<T>(mut self, v: T) -> Self
318    where
319        T: std::convert::Into<wkt::Timestamp>,
320    {
321        self.update_time = std::option::Option::Some(v.into());
322        self
323    }
324
325    /// Sets or clears the value of [update_time][crate::model::Policy::update_time].
326    ///
327    /// # Example
328    /// ```ignore,no_run
329    /// # use google_cloud_binaryauthorization_v1::model::Policy;
330    /// use wkt::Timestamp;
331    /// let x = Policy::new().set_or_clear_update_time(Some(Timestamp::default()/* use setters */));
332    /// let x = Policy::new().set_or_clear_update_time(None::<Timestamp>);
333    /// ```
334    pub fn set_or_clear_update_time<T>(mut self, v: std::option::Option<T>) -> Self
335    where
336        T: std::convert::Into<wkt::Timestamp>,
337    {
338        self.update_time = v.map(|x| x.into());
339        self
340    }
341
342    /// Sets the value of [etag][crate::model::Policy::etag].
343    ///
344    /// # Example
345    /// ```ignore,no_run
346    /// # use google_cloud_binaryauthorization_v1::model::Policy;
347    /// let x = Policy::new().set_etag("example");
348    /// ```
349    pub fn set_etag<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
350        self.etag = v.into();
351        self
352    }
353}
354
355impl wkt::message::Message for Policy {
356    fn typename() -> &'static str {
357        "type.googleapis.com/google.cloud.binaryauthorization.v1.Policy"
358    }
359}
360
361/// Defines additional types related to [Policy].
362pub mod policy {
363    #[allow(unused_imports)]
364    use super::*;
365
366    /// Enum for [GlobalPolicyEvaluationMode].
367    ///
368    /// # Working with unknown values
369    ///
370    /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
371    /// additional enum variants at any time. Adding new variants is not considered
372    /// a breaking change. Applications should write their code in anticipation of:
373    ///
374    /// - New values appearing in future releases of the client library, **and**
375    /// - New values received dynamically, without application changes.
376    ///
377    /// Please consult the [Working with enums] section in the user guide for some
378    /// guidelines.
379    ///
380    /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
381    #[derive(Clone, Debug, PartialEq)]
382    #[non_exhaustive]
383    pub enum GlobalPolicyEvaluationMode {
384        /// Not specified: `DISABLE` is assumed.
385        Unspecified,
386        /// Enables system policy evaluation.
387        Enable,
388        /// Disables system policy evaluation.
389        Disable,
390        /// If set, the enum was initialized with an unknown value.
391        ///
392        /// Applications can examine the value using [GlobalPolicyEvaluationMode::value] or
393        /// [GlobalPolicyEvaluationMode::name].
394        UnknownValue(global_policy_evaluation_mode::UnknownValue),
395    }
396
397    #[doc(hidden)]
398    pub mod global_policy_evaluation_mode {
399        #[allow(unused_imports)]
400        use super::*;
401        #[derive(Clone, Debug, PartialEq)]
402        pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
403    }
404
405    impl GlobalPolicyEvaluationMode {
406        /// Gets the enum value.
407        ///
408        /// Returns `None` if the enum contains an unknown value deserialized from
409        /// the string representation of enums.
410        pub fn value(&self) -> std::option::Option<i32> {
411            match self {
412                Self::Unspecified => std::option::Option::Some(0),
413                Self::Enable => std::option::Option::Some(1),
414                Self::Disable => std::option::Option::Some(2),
415                Self::UnknownValue(u) => u.0.value(),
416            }
417        }
418
419        /// Gets the enum value as a string.
420        ///
421        /// Returns `None` if the enum contains an unknown value deserialized from
422        /// the integer representation of enums.
423        pub fn name(&self) -> std::option::Option<&str> {
424            match self {
425                Self::Unspecified => {
426                    std::option::Option::Some("GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED")
427                }
428                Self::Enable => std::option::Option::Some("ENABLE"),
429                Self::Disable => std::option::Option::Some("DISABLE"),
430                Self::UnknownValue(u) => u.0.name(),
431            }
432        }
433    }
434
435    impl std::default::Default for GlobalPolicyEvaluationMode {
436        fn default() -> Self {
437            use std::convert::From;
438            Self::from(0)
439        }
440    }
441
442    impl std::fmt::Display for GlobalPolicyEvaluationMode {
443        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
444            wkt::internal::display_enum(f, self.name(), self.value())
445        }
446    }
447
448    impl std::convert::From<i32> for GlobalPolicyEvaluationMode {
449        fn from(value: i32) -> Self {
450            match value {
451                0 => Self::Unspecified,
452                1 => Self::Enable,
453                2 => Self::Disable,
454                _ => Self::UnknownValue(global_policy_evaluation_mode::UnknownValue(
455                    wkt::internal::UnknownEnumValue::Integer(value),
456                )),
457            }
458        }
459    }
460
461    impl std::convert::From<&str> for GlobalPolicyEvaluationMode {
462        fn from(value: &str) -> Self {
463            use std::string::ToString;
464            match value {
465                "GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED" => Self::Unspecified,
466                "ENABLE" => Self::Enable,
467                "DISABLE" => Self::Disable,
468                _ => Self::UnknownValue(global_policy_evaluation_mode::UnknownValue(
469                    wkt::internal::UnknownEnumValue::String(value.to_string()),
470                )),
471            }
472        }
473    }
474
475    impl serde::ser::Serialize for GlobalPolicyEvaluationMode {
476        fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
477        where
478            S: serde::Serializer,
479        {
480            match self {
481                Self::Unspecified => serializer.serialize_i32(0),
482                Self::Enable => serializer.serialize_i32(1),
483                Self::Disable => serializer.serialize_i32(2),
484                Self::UnknownValue(u) => u.0.serialize(serializer),
485            }
486        }
487    }
488
489    impl<'de> serde::de::Deserialize<'de> for GlobalPolicyEvaluationMode {
490        fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
491        where
492            D: serde::Deserializer<'de>,
493        {
494            deserializer.deserialize_any(
495                wkt::internal::EnumVisitor::<GlobalPolicyEvaluationMode>::new(
496                    ".google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode",
497                ),
498            )
499        }
500    }
501}
502
503/// An [admission allowlist
504/// pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]
505/// exempts images from checks by [admission
506/// rules][google.cloud.binaryauthorization.v1.AdmissionRule].
507///
508/// [google.cloud.binaryauthorization.v1.AdmissionRule]: crate::model::AdmissionRule
509/// [google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]: crate::model::AdmissionWhitelistPattern
510#[derive(Clone, Default, PartialEq)]
511#[non_exhaustive]
512pub struct AdmissionWhitelistPattern {
513    /// An image name pattern to allowlist, in the form `registry/path/to/image`.
514    /// This supports a trailing `*` wildcard, but this is allowed only in
515    /// text after the `registry/` part. This also supports a trailing `**`
516    /// wildcard which matches subdirectories of a given entry.
517    pub name_pattern: std::string::String,
518
519    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
520}
521
522impl AdmissionWhitelistPattern {
523    /// Creates a new default instance.
524    pub fn new() -> Self {
525        std::default::Default::default()
526    }
527
528    /// Sets the value of [name_pattern][crate::model::AdmissionWhitelistPattern::name_pattern].
529    ///
530    /// # Example
531    /// ```ignore,no_run
532    /// # use google_cloud_binaryauthorization_v1::model::AdmissionWhitelistPattern;
533    /// let x = AdmissionWhitelistPattern::new().set_name_pattern("example");
534    /// ```
535    pub fn set_name_pattern<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
536        self.name_pattern = v.into();
537        self
538    }
539}
540
541impl wkt::message::Message for AdmissionWhitelistPattern {
542    fn typename() -> &'static str {
543        "type.googleapis.com/google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern"
544    }
545}
546
547/// An [admission rule][google.cloud.binaryauthorization.v1.AdmissionRule]
548/// specifies either that all container images used in a pod creation request
549/// must be attested to by one or more
550/// [attestors][google.cloud.binaryauthorization.v1.Attestor], that all pod
551/// creations will be allowed, or that all pod creations will be denied.
552///
553/// Images matching an [admission allowlist
554/// pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] are
555/// exempted from admission rules and will never block a pod creation.
556///
557/// [google.cloud.binaryauthorization.v1.AdmissionRule]: crate::model::AdmissionRule
558/// [google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]: crate::model::AdmissionWhitelistPattern
559/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
560#[derive(Clone, Default, PartialEq)]
561#[non_exhaustive]
562pub struct AdmissionRule {
563    /// Required. How this admission rule will be evaluated.
564    pub evaluation_mode: crate::model::admission_rule::EvaluationMode,
565
566    /// Optional. The resource names of the attestors that must attest to
567    /// a container image, in the format `projects/*/attestors/*`. Each
568    /// attestor must exist before a policy can reference it.  To add an attestor
569    /// to a policy the principal issuing the policy change request must be able
570    /// to read the attestor resource.
571    ///
572    /// Note: this field must be non-empty when the `evaluation_mode` field
573    /// specifies `REQUIRE_ATTESTATION`, otherwise it must be empty.
574    pub require_attestations_by: std::vec::Vec<std::string::String>,
575
576    /// Required. The action when a pod creation is denied by the admission rule.
577    pub enforcement_mode: crate::model::admission_rule::EnforcementMode,
578
579    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
580}
581
582impl AdmissionRule {
583    /// Creates a new default instance.
584    pub fn new() -> Self {
585        std::default::Default::default()
586    }
587
588    /// Sets the value of [evaluation_mode][crate::model::AdmissionRule::evaluation_mode].
589    ///
590    /// # Example
591    /// ```ignore,no_run
592    /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
593    /// use google_cloud_binaryauthorization_v1::model::admission_rule::EvaluationMode;
594    /// let x0 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::AlwaysAllow);
595    /// let x1 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::RequireAttestation);
596    /// let x2 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::AlwaysDeny);
597    /// ```
598    pub fn set_evaluation_mode<
599        T: std::convert::Into<crate::model::admission_rule::EvaluationMode>,
600    >(
601        mut self,
602        v: T,
603    ) -> Self {
604        self.evaluation_mode = v.into();
605        self
606    }
607
608    /// Sets the value of [require_attestations_by][crate::model::AdmissionRule::require_attestations_by].
609    ///
610    /// # Example
611    /// ```ignore,no_run
612    /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
613    /// let x = AdmissionRule::new().set_require_attestations_by(["a", "b", "c"]);
614    /// ```
615    pub fn set_require_attestations_by<T, V>(mut self, v: T) -> Self
616    where
617        T: std::iter::IntoIterator<Item = V>,
618        V: std::convert::Into<std::string::String>,
619    {
620        use std::iter::Iterator;
621        self.require_attestations_by = v.into_iter().map(|i| i.into()).collect();
622        self
623    }
624
625    /// Sets the value of [enforcement_mode][crate::model::AdmissionRule::enforcement_mode].
626    ///
627    /// # Example
628    /// ```ignore,no_run
629    /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
630    /// use google_cloud_binaryauthorization_v1::model::admission_rule::EnforcementMode;
631    /// let x0 = AdmissionRule::new().set_enforcement_mode(EnforcementMode::EnforcedBlockAndAuditLog);
632    /// let x1 = AdmissionRule::new().set_enforcement_mode(EnforcementMode::DryrunAuditLogOnly);
633    /// ```
634    pub fn set_enforcement_mode<
635        T: std::convert::Into<crate::model::admission_rule::EnforcementMode>,
636    >(
637        mut self,
638        v: T,
639    ) -> Self {
640        self.enforcement_mode = v.into();
641        self
642    }
643}
644
645impl wkt::message::Message for AdmissionRule {
646    fn typename() -> &'static str {
647        "type.googleapis.com/google.cloud.binaryauthorization.v1.AdmissionRule"
648    }
649}
650
651/// Defines additional types related to [AdmissionRule].
652pub mod admission_rule {
653    #[allow(unused_imports)]
654    use super::*;
655
656    /// Enum for [EvaluationMode].
657    ///
658    /// # Working with unknown values
659    ///
660    /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
661    /// additional enum variants at any time. Adding new variants is not considered
662    /// a breaking change. Applications should write their code in anticipation of:
663    ///
664    /// - New values appearing in future releases of the client library, **and**
665    /// - New values received dynamically, without application changes.
666    ///
667    /// Please consult the [Working with enums] section in the user guide for some
668    /// guidelines.
669    ///
670    /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
671    #[derive(Clone, Debug, PartialEq)]
672    #[non_exhaustive]
673    pub enum EvaluationMode {
674        /// Do not use.
675        Unspecified,
676        /// This rule allows all pod creations.
677        AlwaysAllow,
678        /// This rule allows a pod creation if all the attestors listed in
679        /// `require_attestations_by` have valid attestations for all of the
680        /// images in the pod spec.
681        RequireAttestation,
682        /// This rule denies all pod creations.
683        AlwaysDeny,
684        /// If set, the enum was initialized with an unknown value.
685        ///
686        /// Applications can examine the value using [EvaluationMode::value] or
687        /// [EvaluationMode::name].
688        UnknownValue(evaluation_mode::UnknownValue),
689    }
690
691    #[doc(hidden)]
692    pub mod evaluation_mode {
693        #[allow(unused_imports)]
694        use super::*;
695        #[derive(Clone, Debug, PartialEq)]
696        pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
697    }
698
699    impl EvaluationMode {
700        /// Gets the enum value.
701        ///
702        /// Returns `None` if the enum contains an unknown value deserialized from
703        /// the string representation of enums.
704        pub fn value(&self) -> std::option::Option<i32> {
705            match self {
706                Self::Unspecified => std::option::Option::Some(0),
707                Self::AlwaysAllow => std::option::Option::Some(1),
708                Self::RequireAttestation => std::option::Option::Some(2),
709                Self::AlwaysDeny => std::option::Option::Some(3),
710                Self::UnknownValue(u) => u.0.value(),
711            }
712        }
713
714        /// Gets the enum value as a string.
715        ///
716        /// Returns `None` if the enum contains an unknown value deserialized from
717        /// the integer representation of enums.
718        pub fn name(&self) -> std::option::Option<&str> {
719            match self {
720                Self::Unspecified => std::option::Option::Some("EVALUATION_MODE_UNSPECIFIED"),
721                Self::AlwaysAllow => std::option::Option::Some("ALWAYS_ALLOW"),
722                Self::RequireAttestation => std::option::Option::Some("REQUIRE_ATTESTATION"),
723                Self::AlwaysDeny => std::option::Option::Some("ALWAYS_DENY"),
724                Self::UnknownValue(u) => u.0.name(),
725            }
726        }
727    }
728
729    impl std::default::Default for EvaluationMode {
730        fn default() -> Self {
731            use std::convert::From;
732            Self::from(0)
733        }
734    }
735
736    impl std::fmt::Display for EvaluationMode {
737        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
738            wkt::internal::display_enum(f, self.name(), self.value())
739        }
740    }
741
742    impl std::convert::From<i32> for EvaluationMode {
743        fn from(value: i32) -> Self {
744            match value {
745                0 => Self::Unspecified,
746                1 => Self::AlwaysAllow,
747                2 => Self::RequireAttestation,
748                3 => Self::AlwaysDeny,
749                _ => Self::UnknownValue(evaluation_mode::UnknownValue(
750                    wkt::internal::UnknownEnumValue::Integer(value),
751                )),
752            }
753        }
754    }
755
756    impl std::convert::From<&str> for EvaluationMode {
757        fn from(value: &str) -> Self {
758            use std::string::ToString;
759            match value {
760                "EVALUATION_MODE_UNSPECIFIED" => Self::Unspecified,
761                "ALWAYS_ALLOW" => Self::AlwaysAllow,
762                "REQUIRE_ATTESTATION" => Self::RequireAttestation,
763                "ALWAYS_DENY" => Self::AlwaysDeny,
764                _ => Self::UnknownValue(evaluation_mode::UnknownValue(
765                    wkt::internal::UnknownEnumValue::String(value.to_string()),
766                )),
767            }
768        }
769    }
770
771    impl serde::ser::Serialize for EvaluationMode {
772        fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
773        where
774            S: serde::Serializer,
775        {
776            match self {
777                Self::Unspecified => serializer.serialize_i32(0),
778                Self::AlwaysAllow => serializer.serialize_i32(1),
779                Self::RequireAttestation => serializer.serialize_i32(2),
780                Self::AlwaysDeny => serializer.serialize_i32(3),
781                Self::UnknownValue(u) => u.0.serialize(serializer),
782            }
783        }
784    }
785
786    impl<'de> serde::de::Deserialize<'de> for EvaluationMode {
787        fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
788        where
789            D: serde::Deserializer<'de>,
790        {
791            deserializer.deserialize_any(wkt::internal::EnumVisitor::<EvaluationMode>::new(
792                ".google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode",
793            ))
794        }
795    }
796
797    /// Defines the possible actions when a pod creation is denied by an admission
798    /// rule.
799    ///
800    /// # Working with unknown values
801    ///
802    /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
803    /// additional enum variants at any time. Adding new variants is not considered
804    /// a breaking change. Applications should write their code in anticipation of:
805    ///
806    /// - New values appearing in future releases of the client library, **and**
807    /// - New values received dynamically, without application changes.
808    ///
809    /// Please consult the [Working with enums] section in the user guide for some
810    /// guidelines.
811    ///
812    /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
813    #[derive(Clone, Debug, PartialEq)]
814    #[non_exhaustive]
815    pub enum EnforcementMode {
816        /// Do not use.
817        Unspecified,
818        /// Enforce the admission rule by blocking the pod creation.
819        EnforcedBlockAndAuditLog,
820        /// Dryrun mode: Audit logging only.  This will allow the pod creation as if
821        /// the admission request had specified break-glass.
822        DryrunAuditLogOnly,
823        /// If set, the enum was initialized with an unknown value.
824        ///
825        /// Applications can examine the value using [EnforcementMode::value] or
826        /// [EnforcementMode::name].
827        UnknownValue(enforcement_mode::UnknownValue),
828    }
829
830    #[doc(hidden)]
831    pub mod enforcement_mode {
832        #[allow(unused_imports)]
833        use super::*;
834        #[derive(Clone, Debug, PartialEq)]
835        pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
836    }
837
838    impl EnforcementMode {
839        /// Gets the enum value.
840        ///
841        /// Returns `None` if the enum contains an unknown value deserialized from
842        /// the string representation of enums.
843        pub fn value(&self) -> std::option::Option<i32> {
844            match self {
845                Self::Unspecified => std::option::Option::Some(0),
846                Self::EnforcedBlockAndAuditLog => std::option::Option::Some(1),
847                Self::DryrunAuditLogOnly => std::option::Option::Some(2),
848                Self::UnknownValue(u) => u.0.value(),
849            }
850        }
851
852        /// Gets the enum value as a string.
853        ///
854        /// Returns `None` if the enum contains an unknown value deserialized from
855        /// the integer representation of enums.
856        pub fn name(&self) -> std::option::Option<&str> {
857            match self {
858                Self::Unspecified => std::option::Option::Some("ENFORCEMENT_MODE_UNSPECIFIED"),
859                Self::EnforcedBlockAndAuditLog => {
860                    std::option::Option::Some("ENFORCED_BLOCK_AND_AUDIT_LOG")
861                }
862                Self::DryrunAuditLogOnly => std::option::Option::Some("DRYRUN_AUDIT_LOG_ONLY"),
863                Self::UnknownValue(u) => u.0.name(),
864            }
865        }
866    }
867
868    impl std::default::Default for EnforcementMode {
869        fn default() -> Self {
870            use std::convert::From;
871            Self::from(0)
872        }
873    }
874
875    impl std::fmt::Display for EnforcementMode {
876        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
877            wkt::internal::display_enum(f, self.name(), self.value())
878        }
879    }
880
881    impl std::convert::From<i32> for EnforcementMode {
882        fn from(value: i32) -> Self {
883            match value {
884                0 => Self::Unspecified,
885                1 => Self::EnforcedBlockAndAuditLog,
886                2 => Self::DryrunAuditLogOnly,
887                _ => Self::UnknownValue(enforcement_mode::UnknownValue(
888                    wkt::internal::UnknownEnumValue::Integer(value),
889                )),
890            }
891        }
892    }
893
894    impl std::convert::From<&str> for EnforcementMode {
895        fn from(value: &str) -> Self {
896            use std::string::ToString;
897            match value {
898                "ENFORCEMENT_MODE_UNSPECIFIED" => Self::Unspecified,
899                "ENFORCED_BLOCK_AND_AUDIT_LOG" => Self::EnforcedBlockAndAuditLog,
900                "DRYRUN_AUDIT_LOG_ONLY" => Self::DryrunAuditLogOnly,
901                _ => Self::UnknownValue(enforcement_mode::UnknownValue(
902                    wkt::internal::UnknownEnumValue::String(value.to_string()),
903                )),
904            }
905        }
906    }
907
908    impl serde::ser::Serialize for EnforcementMode {
909        fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
910        where
911            S: serde::Serializer,
912        {
913            match self {
914                Self::Unspecified => serializer.serialize_i32(0),
915                Self::EnforcedBlockAndAuditLog => serializer.serialize_i32(1),
916                Self::DryrunAuditLogOnly => serializer.serialize_i32(2),
917                Self::UnknownValue(u) => u.0.serialize(serializer),
918            }
919        }
920    }
921
922    impl<'de> serde::de::Deserialize<'de> for EnforcementMode {
923        fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
924        where
925            D: serde::Deserializer<'de>,
926        {
927            deserializer.deserialize_any(wkt::internal::EnumVisitor::<EnforcementMode>::new(
928                ".google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode",
929            ))
930        }
931    }
932}
933
934/// An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to
935/// container image artifacts. An existing attestor cannot be modified except
936/// where indicated.
937///
938/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
939#[derive(Clone, Default, PartialEq)]
940#[non_exhaustive]
941pub struct Attestor {
942    /// Required. The resource name, in the format:
943    /// `projects/*/attestors/*`. This field may not be updated.
944    pub name: std::string::String,
945
946    /// Optional. A descriptive comment.  This field may be updated.
947    /// The field may be displayed in chooser dialogs.
948    pub description: std::string::String,
949
950    /// Output only. Time when the attestor was last updated.
951    pub update_time: std::option::Option<wkt::Timestamp>,
952
953    /// Optional. A checksum, returned by the server, that can be sent on update
954    /// requests to ensure the attestor has an up-to-date value before attempting
955    /// to update it. See <https://google.aip.dev/154>.
956    pub etag: std::string::String,
957
958    #[allow(missing_docs)]
959    pub attestor_type: std::option::Option<crate::model::attestor::AttestorType>,
960
961    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
962}
963
964impl Attestor {
965    /// Creates a new default instance.
966    pub fn new() -> Self {
967        std::default::Default::default()
968    }
969
970    /// Sets the value of [name][crate::model::Attestor::name].
971    ///
972    /// # Example
973    /// ```ignore,no_run
974    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
975    /// # let project_id = "project_id";
976    /// # let attestor_id = "attestor_id";
977    /// let x = Attestor::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
978    /// ```
979    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
980        self.name = v.into();
981        self
982    }
983
984    /// Sets the value of [description][crate::model::Attestor::description].
985    ///
986    /// # Example
987    /// ```ignore,no_run
988    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
989    /// let x = Attestor::new().set_description("example");
990    /// ```
991    pub fn set_description<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
992        self.description = v.into();
993        self
994    }
995
996    /// Sets the value of [update_time][crate::model::Attestor::update_time].
997    ///
998    /// # Example
999    /// ```ignore,no_run
1000    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1001    /// use wkt::Timestamp;
1002    /// let x = Attestor::new().set_update_time(Timestamp::default()/* use setters */);
1003    /// ```
1004    pub fn set_update_time<T>(mut self, v: T) -> Self
1005    where
1006        T: std::convert::Into<wkt::Timestamp>,
1007    {
1008        self.update_time = std::option::Option::Some(v.into());
1009        self
1010    }
1011
1012    /// Sets or clears the value of [update_time][crate::model::Attestor::update_time].
1013    ///
1014    /// # Example
1015    /// ```ignore,no_run
1016    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1017    /// use wkt::Timestamp;
1018    /// let x = Attestor::new().set_or_clear_update_time(Some(Timestamp::default()/* use setters */));
1019    /// let x = Attestor::new().set_or_clear_update_time(None::<Timestamp>);
1020    /// ```
1021    pub fn set_or_clear_update_time<T>(mut self, v: std::option::Option<T>) -> Self
1022    where
1023        T: std::convert::Into<wkt::Timestamp>,
1024    {
1025        self.update_time = v.map(|x| x.into());
1026        self
1027    }
1028
1029    /// Sets the value of [etag][crate::model::Attestor::etag].
1030    ///
1031    /// # Example
1032    /// ```ignore,no_run
1033    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1034    /// let x = Attestor::new().set_etag("example");
1035    /// ```
1036    pub fn set_etag<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1037        self.etag = v.into();
1038        self
1039    }
1040
1041    /// Sets the value of [attestor_type][crate::model::Attestor::attestor_type].
1042    ///
1043    /// Note that all the setters affecting `attestor_type` are mutually
1044    /// exclusive.
1045    ///
1046    /// # Example
1047    /// ```ignore,no_run
1048    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1049    /// use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1050    /// let x = Attestor::new().set_attestor_type(Some(
1051    ///     google_cloud_binaryauthorization_v1::model::attestor::AttestorType::UserOwnedGrafeasNote(UserOwnedGrafeasNote::default().into())));
1052    /// ```
1053    pub fn set_attestor_type<
1054        T: std::convert::Into<std::option::Option<crate::model::attestor::AttestorType>>,
1055    >(
1056        mut self,
1057        v: T,
1058    ) -> Self {
1059        self.attestor_type = v.into();
1060        self
1061    }
1062
1063    /// The value of [attestor_type][crate::model::Attestor::attestor_type]
1064    /// if it holds a `UserOwnedGrafeasNote`, `None` if the field is not set or
1065    /// holds a different branch.
1066    pub fn user_owned_grafeas_note(
1067        &self,
1068    ) -> std::option::Option<&std::boxed::Box<crate::model::UserOwnedGrafeasNote>> {
1069        #[allow(unreachable_patterns)]
1070        self.attestor_type.as_ref().and_then(|v| match v {
1071            crate::model::attestor::AttestorType::UserOwnedGrafeasNote(v) => {
1072                std::option::Option::Some(v)
1073            }
1074            _ => std::option::Option::None,
1075        })
1076    }
1077
1078    /// Sets the value of [attestor_type][crate::model::Attestor::attestor_type]
1079    /// to hold a `UserOwnedGrafeasNote`.
1080    ///
1081    /// Note that all the setters affecting `attestor_type` are
1082    /// mutually exclusive.
1083    ///
1084    /// # Example
1085    /// ```ignore,no_run
1086    /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1087    /// use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1088    /// let x = Attestor::new().set_user_owned_grafeas_note(UserOwnedGrafeasNote::default()/* use setters */);
1089    /// assert!(x.user_owned_grafeas_note().is_some());
1090    /// ```
1091    pub fn set_user_owned_grafeas_note<
1092        T: std::convert::Into<std::boxed::Box<crate::model::UserOwnedGrafeasNote>>,
1093    >(
1094        mut self,
1095        v: T,
1096    ) -> Self {
1097        self.attestor_type = std::option::Option::Some(
1098            crate::model::attestor::AttestorType::UserOwnedGrafeasNote(v.into()),
1099        );
1100        self
1101    }
1102}
1103
1104impl wkt::message::Message for Attestor {
1105    fn typename() -> &'static str {
1106        "type.googleapis.com/google.cloud.binaryauthorization.v1.Attestor"
1107    }
1108}
1109
1110/// Defines additional types related to [Attestor].
1111pub mod attestor {
1112    #[allow(unused_imports)]
1113    use super::*;
1114
1115    #[allow(missing_docs)]
1116    #[derive(Clone, Debug, PartialEq)]
1117    #[non_exhaustive]
1118    pub enum AttestorType {
1119        /// This specifies how an attestation will be read, and how it will be used
1120        /// during policy enforcement.
1121        UserOwnedGrafeasNote(std::boxed::Box<crate::model::UserOwnedGrafeasNote>),
1122    }
1123}
1124
1125/// An [user owned Grafeas
1126/// note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] references a
1127/// Grafeas Attestation.Authority Note created by the user.
1128///
1129/// [google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote]: crate::model::UserOwnedGrafeasNote
1130#[derive(Clone, Default, PartialEq)]
1131#[non_exhaustive]
1132pub struct UserOwnedGrafeasNote {
1133    /// Required. The Grafeas resource name of a Attestation.Authority Note,
1134    /// created by the user, in the format: `projects/[PROJECT_ID]/notes/*`. This
1135    /// field may not be updated. A project ID must be used, not a project number.
1136    ///
1137    /// An attestation by this attestor is stored as a Grafeas
1138    /// Attestation.Authority Occurrence that names a container image and that
1139    /// links to this Note. Grafeas is an external dependency.
1140    pub note_reference: std::string::String,
1141
1142    /// Optional. Public keys that verify attestations signed by this
1143    /// attestor.  This field may be updated.
1144    ///
1145    /// If this field is non-empty, one of the specified public keys must
1146    /// verify that an attestation was signed by this attestor for the
1147    /// image specified in the admission request.
1148    ///
1149    /// If this field is empty, this attestor always returns that no
1150    /// valid attestations exist.
1151    pub public_keys: std::vec::Vec<crate::model::AttestorPublicKey>,
1152
1153    /// Output only. This field will contain the service account email address
1154    /// that this attestor will use as the principal when querying Container
1155    /// Analysis. Attestor administrators must grant this service account the
1156    /// IAM role needed to read attestations from the
1157    /// [note_reference][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote.note_reference]
1158    /// in Container Analysis (`containeranalysis.notes.occurrences.viewer`).
1159    ///
1160    /// This email address is fixed for the lifetime of the attestor, but callers
1161    /// should not make any other assumptions about the service account email;
1162    /// future versions may use an email based on a different naming pattern.
1163    ///
1164    /// [google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote.note_reference]: crate::model::UserOwnedGrafeasNote::note_reference
1165    pub delegation_service_account_email: std::string::String,
1166
1167    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1168}
1169
1170impl UserOwnedGrafeasNote {
1171    /// Creates a new default instance.
1172    pub fn new() -> Self {
1173        std::default::Default::default()
1174    }
1175
1176    /// Sets the value of [note_reference][crate::model::UserOwnedGrafeasNote::note_reference].
1177    ///
1178    /// # Example
1179    /// ```ignore,no_run
1180    /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1181    /// let x = UserOwnedGrafeasNote::new().set_note_reference("example");
1182    /// ```
1183    pub fn set_note_reference<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1184        self.note_reference = v.into();
1185        self
1186    }
1187
1188    /// Sets the value of [public_keys][crate::model::UserOwnedGrafeasNote::public_keys].
1189    ///
1190    /// # Example
1191    /// ```ignore,no_run
1192    /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1193    /// use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1194    /// let x = UserOwnedGrafeasNote::new()
1195    ///     .set_public_keys([
1196    ///         AttestorPublicKey::default()/* use setters */,
1197    ///         AttestorPublicKey::default()/* use (different) setters */,
1198    ///     ]);
1199    /// ```
1200    pub fn set_public_keys<T, V>(mut self, v: T) -> Self
1201    where
1202        T: std::iter::IntoIterator<Item = V>,
1203        V: std::convert::Into<crate::model::AttestorPublicKey>,
1204    {
1205        use std::iter::Iterator;
1206        self.public_keys = v.into_iter().map(|i| i.into()).collect();
1207        self
1208    }
1209
1210    /// Sets the value of [delegation_service_account_email][crate::model::UserOwnedGrafeasNote::delegation_service_account_email].
1211    ///
1212    /// # Example
1213    /// ```ignore,no_run
1214    /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1215    /// let x = UserOwnedGrafeasNote::new().set_delegation_service_account_email("example");
1216    /// ```
1217    pub fn set_delegation_service_account_email<T: std::convert::Into<std::string::String>>(
1218        mut self,
1219        v: T,
1220    ) -> Self {
1221        self.delegation_service_account_email = v.into();
1222        self
1223    }
1224}
1225
1226impl wkt::message::Message for UserOwnedGrafeasNote {
1227    fn typename() -> &'static str {
1228        "type.googleapis.com/google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote"
1229    }
1230}
1231
1232/// A public key in the PkixPublicKey
1233/// [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public keys of
1234/// this type are typically textually encoded using the PEM format.
1235#[derive(Clone, Default, PartialEq)]
1236#[non_exhaustive]
1237pub struct PkixPublicKey {
1238    /// A PEM-encoded public key, as described in
1239    /// <https://tools.ietf.org/html/rfc7468#section-13>
1240    pub public_key_pem: std::string::String,
1241
1242    /// The signature algorithm used to verify a message against a signature using
1243    /// this key.
1244    /// These signature algorithm must match the structure and any object
1245    /// identifiers encoded in `public_key_pem` (i.e. this algorithm must match
1246    /// that of the public key).
1247    pub signature_algorithm: crate::model::pkix_public_key::SignatureAlgorithm,
1248
1249    /// Optional. The ID of this public key.
1250    /// Signatures verified by Binary Authorization must include the ID of the
1251    /// public key that can be used to verify them. The ID must match exactly
1252    /// contents of the `key_id` field exactly.
1253    ///
1254    /// The ID may be explicitly provided by the caller, but it MUST be a valid
1255    /// RFC3986 URI. If `key_id` is left blank and this `PkixPublicKey` is not used
1256    /// in the context of a wrapper (see next paragraph), a default key ID will be
1257    /// computed based on the digest of the DER encoding of the public key.
1258    ///
1259    /// If this `PkixPublicKey` is used in the context of a wrapper that has its
1260    /// own notion of key ID (e.g. `AttestorPublicKey`), then this field can
1261    /// either match that value exactly, or be left blank, in which case it behaves
1262    /// exactly as though it is equal to that wrapper value.
1263    pub key_id: std::string::String,
1264
1265    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1266}
1267
1268impl PkixPublicKey {
1269    /// Creates a new default instance.
1270    pub fn new() -> Self {
1271        std::default::Default::default()
1272    }
1273
1274    /// Sets the value of [public_key_pem][crate::model::PkixPublicKey::public_key_pem].
1275    ///
1276    /// # Example
1277    /// ```ignore,no_run
1278    /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1279    /// let x = PkixPublicKey::new().set_public_key_pem("example");
1280    /// ```
1281    pub fn set_public_key_pem<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1282        self.public_key_pem = v.into();
1283        self
1284    }
1285
1286    /// Sets the value of [signature_algorithm][crate::model::PkixPublicKey::signature_algorithm].
1287    ///
1288    /// # Example
1289    /// ```ignore,no_run
1290    /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1291    /// use google_cloud_binaryauthorization_v1::model::pkix_public_key::SignatureAlgorithm;
1292    /// let x0 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaPss2048Sha256);
1293    /// let x1 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaSignPss2048Sha256);
1294    /// let x2 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaPss3072Sha256);
1295    /// ```
1296    pub fn set_signature_algorithm<
1297        T: std::convert::Into<crate::model::pkix_public_key::SignatureAlgorithm>,
1298    >(
1299        mut self,
1300        v: T,
1301    ) -> Self {
1302        self.signature_algorithm = v.into();
1303        self
1304    }
1305
1306    /// Sets the value of [key_id][crate::model::PkixPublicKey::key_id].
1307    ///
1308    /// # Example
1309    /// ```ignore,no_run
1310    /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1311    /// let x = PkixPublicKey::new().set_key_id("example");
1312    /// ```
1313    pub fn set_key_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1314        self.key_id = v.into();
1315        self
1316    }
1317}
1318
1319impl wkt::message::Message for PkixPublicKey {
1320    fn typename() -> &'static str {
1321        "type.googleapis.com/google.cloud.binaryauthorization.v1.PkixPublicKey"
1322    }
1323}
1324
1325/// Defines additional types related to [PkixPublicKey].
1326pub mod pkix_public_key {
1327    #[allow(unused_imports)]
1328    use super::*;
1329
1330    /// Represents a signature algorithm and other information necessary to verify
1331    /// signatures with a given public key.
1332    /// This is based primarily on the public key types supported by Tink's
1333    /// PemKeyType, which is in turn based on KMS's supported signing
1334    /// [algorithms](https://cloud.google.com/kms/docs/algorithms). In the future,
1335    /// Binary Authorization might support additional public key types
1336    /// independently of Tink and/or KMS.
1337    ///
1338    /// # Working with unknown values
1339    ///
1340    /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
1341    /// additional enum variants at any time. Adding new variants is not considered
1342    /// a breaking change. Applications should write their code in anticipation of:
1343    ///
1344    /// - New values appearing in future releases of the client library, **and**
1345    /// - New values received dynamically, without application changes.
1346    ///
1347    /// Please consult the [Working with enums] section in the user guide for some
1348    /// guidelines.
1349    ///
1350    /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
1351    #[derive(Clone, Debug, PartialEq)]
1352    #[non_exhaustive]
1353    pub enum SignatureAlgorithm {
1354        /// Not specified.
1355        Unspecified,
1356        /// RSASSA-PSS 2048 bit key with a SHA256 digest.
1357        RsaPss2048Sha256,
1358        /// RSASSA-PSS 2048 bit key with a SHA256 digest.
1359        RsaSignPss2048Sha256,
1360        /// RSASSA-PSS 3072 bit key with a SHA256 digest.
1361        RsaPss3072Sha256,
1362        /// RSASSA-PSS 3072 bit key with a SHA256 digest.
1363        RsaSignPss3072Sha256,
1364        /// RSASSA-PSS 4096 bit key with a SHA256 digest.
1365        RsaPss4096Sha256,
1366        /// RSASSA-PSS 4096 bit key with a SHA256 digest.
1367        RsaSignPss4096Sha256,
1368        /// RSASSA-PSS 4096 bit key with a SHA512 digest.
1369        RsaPss4096Sha512,
1370        /// RSASSA-PSS 4096 bit key with a SHA512 digest.
1371        RsaSignPss4096Sha512,
1372        /// RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
1373        RsaSignPkcs12048Sha256,
1374        /// RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
1375        RsaSignPkcs13072Sha256,
1376        /// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
1377        RsaSignPkcs14096Sha256,
1378        /// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
1379        RsaSignPkcs14096Sha512,
1380        /// ECDSA on the NIST P-256 curve with a SHA256 digest.
1381        EcdsaP256Sha256,
1382        /// ECDSA on the NIST P-256 curve with a SHA256 digest.
1383        EcSignP256Sha256,
1384        /// ECDSA on the NIST P-384 curve with a SHA384 digest.
1385        EcdsaP384Sha384,
1386        /// ECDSA on the NIST P-384 curve with a SHA384 digest.
1387        EcSignP384Sha384,
1388        /// ECDSA on the NIST P-521 curve with a SHA512 digest.
1389        EcdsaP521Sha512,
1390        /// ECDSA on the NIST P-521 curve with a SHA512 digest.
1391        EcSignP521Sha512,
1392        /// ML-DSA-65 Post-Quantum Cryptography signature algorithm.
1393        MlDsa65,
1394        /// If set, the enum was initialized with an unknown value.
1395        ///
1396        /// Applications can examine the value using [SignatureAlgorithm::value] or
1397        /// [SignatureAlgorithm::name].
1398        UnknownValue(signature_algorithm::UnknownValue),
1399    }
1400
1401    #[doc(hidden)]
1402    pub mod signature_algorithm {
1403        #[allow(unused_imports)]
1404        use super::*;
1405        #[derive(Clone, Debug, PartialEq)]
1406        pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
1407    }
1408
1409    impl SignatureAlgorithm {
1410        /// Gets the enum value.
1411        ///
1412        /// Returns `None` if the enum contains an unknown value deserialized from
1413        /// the string representation of enums.
1414        pub fn value(&self) -> std::option::Option<i32> {
1415            match self {
1416                Self::Unspecified => std::option::Option::Some(0),
1417                Self::RsaPss2048Sha256 => std::option::Option::Some(1),
1418                Self::RsaSignPss2048Sha256 => std::option::Option::Some(1),
1419                Self::RsaPss3072Sha256 => std::option::Option::Some(2),
1420                Self::RsaSignPss3072Sha256 => std::option::Option::Some(2),
1421                Self::RsaPss4096Sha256 => std::option::Option::Some(3),
1422                Self::RsaSignPss4096Sha256 => std::option::Option::Some(3),
1423                Self::RsaPss4096Sha512 => std::option::Option::Some(4),
1424                Self::RsaSignPss4096Sha512 => std::option::Option::Some(4),
1425                Self::RsaSignPkcs12048Sha256 => std::option::Option::Some(5),
1426                Self::RsaSignPkcs13072Sha256 => std::option::Option::Some(6),
1427                Self::RsaSignPkcs14096Sha256 => std::option::Option::Some(7),
1428                Self::RsaSignPkcs14096Sha512 => std::option::Option::Some(8),
1429                Self::EcdsaP256Sha256 => std::option::Option::Some(9),
1430                Self::EcSignP256Sha256 => std::option::Option::Some(9),
1431                Self::EcdsaP384Sha384 => std::option::Option::Some(10),
1432                Self::EcSignP384Sha384 => std::option::Option::Some(10),
1433                Self::EcdsaP521Sha512 => std::option::Option::Some(11),
1434                Self::EcSignP521Sha512 => std::option::Option::Some(11),
1435                Self::MlDsa65 => std::option::Option::Some(13),
1436                Self::UnknownValue(u) => u.0.value(),
1437            }
1438        }
1439
1440        /// Gets the enum value as a string.
1441        ///
1442        /// Returns `None` if the enum contains an unknown value deserialized from
1443        /// the integer representation of enums.
1444        pub fn name(&self) -> std::option::Option<&str> {
1445            match self {
1446                Self::Unspecified => std::option::Option::Some("SIGNATURE_ALGORITHM_UNSPECIFIED"),
1447                Self::RsaPss2048Sha256 => std::option::Option::Some("RSA_PSS_2048_SHA256"),
1448                Self::RsaSignPss2048Sha256 => std::option::Option::Some("RSA_SIGN_PSS_2048_SHA256"),
1449                Self::RsaPss3072Sha256 => std::option::Option::Some("RSA_PSS_3072_SHA256"),
1450                Self::RsaSignPss3072Sha256 => std::option::Option::Some("RSA_SIGN_PSS_3072_SHA256"),
1451                Self::RsaPss4096Sha256 => std::option::Option::Some("RSA_PSS_4096_SHA256"),
1452                Self::RsaSignPss4096Sha256 => std::option::Option::Some("RSA_SIGN_PSS_4096_SHA256"),
1453                Self::RsaPss4096Sha512 => std::option::Option::Some("RSA_PSS_4096_SHA512"),
1454                Self::RsaSignPss4096Sha512 => std::option::Option::Some("RSA_SIGN_PSS_4096_SHA512"),
1455                Self::RsaSignPkcs12048Sha256 => {
1456                    std::option::Option::Some("RSA_SIGN_PKCS1_2048_SHA256")
1457                }
1458                Self::RsaSignPkcs13072Sha256 => {
1459                    std::option::Option::Some("RSA_SIGN_PKCS1_3072_SHA256")
1460                }
1461                Self::RsaSignPkcs14096Sha256 => {
1462                    std::option::Option::Some("RSA_SIGN_PKCS1_4096_SHA256")
1463                }
1464                Self::RsaSignPkcs14096Sha512 => {
1465                    std::option::Option::Some("RSA_SIGN_PKCS1_4096_SHA512")
1466                }
1467                Self::EcdsaP256Sha256 => std::option::Option::Some("ECDSA_P256_SHA256"),
1468                Self::EcSignP256Sha256 => std::option::Option::Some("EC_SIGN_P256_SHA256"),
1469                Self::EcdsaP384Sha384 => std::option::Option::Some("ECDSA_P384_SHA384"),
1470                Self::EcSignP384Sha384 => std::option::Option::Some("EC_SIGN_P384_SHA384"),
1471                Self::EcdsaP521Sha512 => std::option::Option::Some("ECDSA_P521_SHA512"),
1472                Self::EcSignP521Sha512 => std::option::Option::Some("EC_SIGN_P521_SHA512"),
1473                Self::MlDsa65 => std::option::Option::Some("ML_DSA_65"),
1474                Self::UnknownValue(u) => u.0.name(),
1475            }
1476        }
1477    }
1478
1479    impl std::default::Default for SignatureAlgorithm {
1480        fn default() -> Self {
1481            use std::convert::From;
1482            Self::from(0)
1483        }
1484    }
1485
1486    impl std::fmt::Display for SignatureAlgorithm {
1487        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
1488            wkt::internal::display_enum(f, self.name(), self.value())
1489        }
1490    }
1491
1492    impl std::convert::From<i32> for SignatureAlgorithm {
1493        fn from(value: i32) -> Self {
1494            match value {
1495                0 => Self::Unspecified,
1496                1 => Self::RsaPss2048Sha256,
1497                2 => Self::RsaPss3072Sha256,
1498                3 => Self::RsaPss4096Sha256,
1499                4 => Self::RsaPss4096Sha512,
1500                5 => Self::RsaSignPkcs12048Sha256,
1501                6 => Self::RsaSignPkcs13072Sha256,
1502                7 => Self::RsaSignPkcs14096Sha256,
1503                8 => Self::RsaSignPkcs14096Sha512,
1504                9 => Self::EcdsaP256Sha256,
1505                10 => Self::EcdsaP384Sha384,
1506                11 => Self::EcdsaP521Sha512,
1507                13 => Self::MlDsa65,
1508                _ => Self::UnknownValue(signature_algorithm::UnknownValue(
1509                    wkt::internal::UnknownEnumValue::Integer(value),
1510                )),
1511            }
1512        }
1513    }
1514
1515    impl std::convert::From<&str> for SignatureAlgorithm {
1516        fn from(value: &str) -> Self {
1517            use std::string::ToString;
1518            match value {
1519                "SIGNATURE_ALGORITHM_UNSPECIFIED" => Self::Unspecified,
1520                "RSA_PSS_2048_SHA256" => Self::RsaPss2048Sha256,
1521                "RSA_SIGN_PSS_2048_SHA256" => Self::RsaSignPss2048Sha256,
1522                "RSA_PSS_3072_SHA256" => Self::RsaPss3072Sha256,
1523                "RSA_SIGN_PSS_3072_SHA256" => Self::RsaSignPss3072Sha256,
1524                "RSA_PSS_4096_SHA256" => Self::RsaPss4096Sha256,
1525                "RSA_SIGN_PSS_4096_SHA256" => Self::RsaSignPss4096Sha256,
1526                "RSA_PSS_4096_SHA512" => Self::RsaPss4096Sha512,
1527                "RSA_SIGN_PSS_4096_SHA512" => Self::RsaSignPss4096Sha512,
1528                "RSA_SIGN_PKCS1_2048_SHA256" => Self::RsaSignPkcs12048Sha256,
1529                "RSA_SIGN_PKCS1_3072_SHA256" => Self::RsaSignPkcs13072Sha256,
1530                "RSA_SIGN_PKCS1_4096_SHA256" => Self::RsaSignPkcs14096Sha256,
1531                "RSA_SIGN_PKCS1_4096_SHA512" => Self::RsaSignPkcs14096Sha512,
1532                "ECDSA_P256_SHA256" => Self::EcdsaP256Sha256,
1533                "EC_SIGN_P256_SHA256" => Self::EcSignP256Sha256,
1534                "ECDSA_P384_SHA384" => Self::EcdsaP384Sha384,
1535                "EC_SIGN_P384_SHA384" => Self::EcSignP384Sha384,
1536                "ECDSA_P521_SHA512" => Self::EcdsaP521Sha512,
1537                "EC_SIGN_P521_SHA512" => Self::EcSignP521Sha512,
1538                "ML_DSA_65" => Self::MlDsa65,
1539                _ => Self::UnknownValue(signature_algorithm::UnknownValue(
1540                    wkt::internal::UnknownEnumValue::String(value.to_string()),
1541                )),
1542            }
1543        }
1544    }
1545
1546    impl serde::ser::Serialize for SignatureAlgorithm {
1547        fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
1548        where
1549            S: serde::Serializer,
1550        {
1551            match self {
1552                Self::Unspecified => serializer.serialize_i32(0),
1553                Self::RsaPss2048Sha256 => serializer.serialize_i32(1),
1554                Self::RsaSignPss2048Sha256 => serializer.serialize_i32(1),
1555                Self::RsaPss3072Sha256 => serializer.serialize_i32(2),
1556                Self::RsaSignPss3072Sha256 => serializer.serialize_i32(2),
1557                Self::RsaPss4096Sha256 => serializer.serialize_i32(3),
1558                Self::RsaSignPss4096Sha256 => serializer.serialize_i32(3),
1559                Self::RsaPss4096Sha512 => serializer.serialize_i32(4),
1560                Self::RsaSignPss4096Sha512 => serializer.serialize_i32(4),
1561                Self::RsaSignPkcs12048Sha256 => serializer.serialize_i32(5),
1562                Self::RsaSignPkcs13072Sha256 => serializer.serialize_i32(6),
1563                Self::RsaSignPkcs14096Sha256 => serializer.serialize_i32(7),
1564                Self::RsaSignPkcs14096Sha512 => serializer.serialize_i32(8),
1565                Self::EcdsaP256Sha256 => serializer.serialize_i32(9),
1566                Self::EcSignP256Sha256 => serializer.serialize_i32(9),
1567                Self::EcdsaP384Sha384 => serializer.serialize_i32(10),
1568                Self::EcSignP384Sha384 => serializer.serialize_i32(10),
1569                Self::EcdsaP521Sha512 => serializer.serialize_i32(11),
1570                Self::EcSignP521Sha512 => serializer.serialize_i32(11),
1571                Self::MlDsa65 => serializer.serialize_i32(13),
1572                Self::UnknownValue(u) => u.0.serialize(serializer),
1573            }
1574        }
1575    }
1576
1577    impl<'de> serde::de::Deserialize<'de> for SignatureAlgorithm {
1578        fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
1579        where
1580            D: serde::Deserializer<'de>,
1581        {
1582            deserializer.deserialize_any(wkt::internal::EnumVisitor::<SignatureAlgorithm>::new(
1583                ".google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm",
1584            ))
1585        }
1586    }
1587}
1588
1589/// An [attestor public
1590/// key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that will be used
1591/// to verify attestations signed by this attestor.
1592///
1593/// [google.cloud.binaryauthorization.v1.AttestorPublicKey]: crate::model::AttestorPublicKey
1594#[derive(Clone, Default, PartialEq)]
1595#[non_exhaustive]
1596pub struct AttestorPublicKey {
1597    /// Optional. A descriptive comment. This field may be updated.
1598    pub comment: std::string::String,
1599
1600    /// The ID of this public key.
1601    /// Signatures verified by Binary Authorization must include the ID of the
1602    /// public key that can be used to verify them, and that ID must match the
1603    /// contents of this field exactly. Additional restrictions on this field can
1604    /// be imposed based on which public key type is encapsulated. See the
1605    /// documentation on `public_key` cases below for details.
1606    pub id: std::string::String,
1607
1608    #[allow(missing_docs)]
1609    pub public_key: std::option::Option<crate::model::attestor_public_key::PublicKey>,
1610
1611    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1612}
1613
1614impl AttestorPublicKey {
1615    /// Creates a new default instance.
1616    pub fn new() -> Self {
1617        std::default::Default::default()
1618    }
1619
1620    /// Sets the value of [comment][crate::model::AttestorPublicKey::comment].
1621    ///
1622    /// # Example
1623    /// ```ignore,no_run
1624    /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1625    /// let x = AttestorPublicKey::new().set_comment("example");
1626    /// ```
1627    pub fn set_comment<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1628        self.comment = v.into();
1629        self
1630    }
1631
1632    /// Sets the value of [id][crate::model::AttestorPublicKey::id].
1633    ///
1634    /// # Example
1635    /// ```ignore,no_run
1636    /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1637    /// let x = AttestorPublicKey::new().set_id("example");
1638    /// ```
1639    pub fn set_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1640        self.id = v.into();
1641        self
1642    }
1643
1644    /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key].
1645    ///
1646    /// Note that all the setters affecting `public_key` are mutually
1647    /// exclusive.
1648    ///
1649    /// # Example
1650    /// ```ignore,no_run
1651    /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1652    /// use google_cloud_binaryauthorization_v1::model::attestor_public_key::PublicKey;
1653    /// let x = AttestorPublicKey::new().set_public_key(Some(PublicKey::AsciiArmoredPgpPublicKey("example".to_string())));
1654    /// ```
1655    pub fn set_public_key<
1656        T: std::convert::Into<std::option::Option<crate::model::attestor_public_key::PublicKey>>,
1657    >(
1658        mut self,
1659        v: T,
1660    ) -> Self {
1661        self.public_key = v.into();
1662        self
1663    }
1664
1665    /// The value of [public_key][crate::model::AttestorPublicKey::public_key]
1666    /// if it holds a `AsciiArmoredPgpPublicKey`, `None` if the field is not set or
1667    /// holds a different branch.
1668    pub fn ascii_armored_pgp_public_key(&self) -> std::option::Option<&std::string::String> {
1669        #[allow(unreachable_patterns)]
1670        self.public_key.as_ref().and_then(|v| match v {
1671            crate::model::attestor_public_key::PublicKey::AsciiArmoredPgpPublicKey(v) => {
1672                std::option::Option::Some(v)
1673            }
1674            _ => std::option::Option::None,
1675        })
1676    }
1677
1678    /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key]
1679    /// to hold a `AsciiArmoredPgpPublicKey`.
1680    ///
1681    /// Note that all the setters affecting `public_key` are
1682    /// mutually exclusive.
1683    ///
1684    /// # Example
1685    /// ```ignore,no_run
1686    /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1687    /// let x = AttestorPublicKey::new().set_ascii_armored_pgp_public_key("example");
1688    /// assert!(x.ascii_armored_pgp_public_key().is_some());
1689    /// assert!(x.pkix_public_key().is_none());
1690    /// ```
1691    pub fn set_ascii_armored_pgp_public_key<T: std::convert::Into<std::string::String>>(
1692        mut self,
1693        v: T,
1694    ) -> Self {
1695        self.public_key = std::option::Option::Some(
1696            crate::model::attestor_public_key::PublicKey::AsciiArmoredPgpPublicKey(v.into()),
1697        );
1698        self
1699    }
1700
1701    /// The value of [public_key][crate::model::AttestorPublicKey::public_key]
1702    /// if it holds a `PkixPublicKey`, `None` if the field is not set or
1703    /// holds a different branch.
1704    pub fn pkix_public_key(
1705        &self,
1706    ) -> std::option::Option<&std::boxed::Box<crate::model::PkixPublicKey>> {
1707        #[allow(unreachable_patterns)]
1708        self.public_key.as_ref().and_then(|v| match v {
1709            crate::model::attestor_public_key::PublicKey::PkixPublicKey(v) => {
1710                std::option::Option::Some(v)
1711            }
1712            _ => std::option::Option::None,
1713        })
1714    }
1715
1716    /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key]
1717    /// to hold a `PkixPublicKey`.
1718    ///
1719    /// Note that all the setters affecting `public_key` are
1720    /// mutually exclusive.
1721    ///
1722    /// # Example
1723    /// ```ignore,no_run
1724    /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1725    /// use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1726    /// let x = AttestorPublicKey::new().set_pkix_public_key(PkixPublicKey::default()/* use setters */);
1727    /// assert!(x.pkix_public_key().is_some());
1728    /// assert!(x.ascii_armored_pgp_public_key().is_none());
1729    /// ```
1730    pub fn set_pkix_public_key<
1731        T: std::convert::Into<std::boxed::Box<crate::model::PkixPublicKey>>,
1732    >(
1733        mut self,
1734        v: T,
1735    ) -> Self {
1736        self.public_key = std::option::Option::Some(
1737            crate::model::attestor_public_key::PublicKey::PkixPublicKey(v.into()),
1738        );
1739        self
1740    }
1741}
1742
1743impl wkt::message::Message for AttestorPublicKey {
1744    fn typename() -> &'static str {
1745        "type.googleapis.com/google.cloud.binaryauthorization.v1.AttestorPublicKey"
1746    }
1747}
1748
1749/// Defines additional types related to [AttestorPublicKey].
1750pub mod attestor_public_key {
1751    #[allow(unused_imports)]
1752    use super::*;
1753
1754    #[allow(missing_docs)]
1755    #[derive(Clone, Debug, PartialEq)]
1756    #[non_exhaustive]
1757    pub enum PublicKey {
1758        /// ASCII-armored representation of a PGP public key, as the entire output by
1759        /// the command `gpg --export --armor foo@example.com` (either LF or CRLF
1760        /// line endings).
1761        /// When using this field, `id` should be left blank.  The Binary
1762        /// Authorization API handlers will calculate the ID and fill it in
1763        /// automatically.  Binary Authorization computes this ID as the OpenPGP
1764        /// RFC4880 V4 fingerprint, represented as upper-case hex.  If `id` is
1765        /// provided by the caller, it will be overwritten by the API-calculated ID.
1766        AsciiArmoredPgpPublicKey(std::string::String),
1767        /// A raw PKIX SubjectPublicKeyInfo format public key.
1768        ///
1769        /// NOTE: `id` may be explicitly provided by the caller when using this
1770        /// type of public key, but it MUST be a valid RFC3986 URI. If `id` is left
1771        /// blank, a default one will be computed based on the digest of the DER
1772        /// encoding of the public key.
1773        PkixPublicKey(std::boxed::Box<crate::model::PkixPublicKey>),
1774    }
1775}
1776
1777/// Request message for
1778/// [BinauthzManagementServiceV1.GetPolicy][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy].
1779///
1780/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy]: crate::client::BinauthzManagementServiceV1::get_policy
1781#[derive(Clone, Default, PartialEq)]
1782#[non_exhaustive]
1783pub struct GetPolicyRequest {
1784    /// Required. The resource name of the
1785    /// [policy][google.cloud.binaryauthorization.v1.Policy] to retrieve, in the
1786    /// format `projects/*/policy`.
1787    ///
1788    /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
1789    pub name: std::string::String,
1790
1791    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1792}
1793
1794impl GetPolicyRequest {
1795    /// Creates a new default instance.
1796    pub fn new() -> Self {
1797        std::default::Default::default()
1798    }
1799
1800    /// Sets the value of [name][crate::model::GetPolicyRequest::name].
1801    ///
1802    /// # Example
1803    /// ```ignore,no_run
1804    /// # use google_cloud_binaryauthorization_v1::model::GetPolicyRequest;
1805    /// # let project_id = "project_id";
1806    /// let x = GetPolicyRequest::new().set_name(format!("projects/{project_id}/policy"));
1807    /// ```
1808    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1809        self.name = v.into();
1810        self
1811    }
1812}
1813
1814impl wkt::message::Message for GetPolicyRequest {
1815    fn typename() -> &'static str {
1816        "type.googleapis.com/google.cloud.binaryauthorization.v1.GetPolicyRequest"
1817    }
1818}
1819
1820/// Request message for
1821/// [BinauthzManagementServiceV1.UpdatePolicy][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy].
1822///
1823/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy]: crate::client::BinauthzManagementServiceV1::update_policy
1824#[derive(Clone, Default, PartialEq)]
1825#[non_exhaustive]
1826pub struct UpdatePolicyRequest {
1827    /// Required. A new or updated
1828    /// [policy][google.cloud.binaryauthorization.v1.Policy] value. The service
1829    /// will overwrite the [policy
1830    /// name][google.cloud.binaryauthorization.v1.Policy.name] field with the
1831    /// resource name in the request URL, in the format `projects/*/policy`.
1832    ///
1833    /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
1834    /// [google.cloud.binaryauthorization.v1.Policy.name]: crate::model::Policy::name
1835    pub policy: std::option::Option<crate::model::Policy>,
1836
1837    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1838}
1839
1840impl UpdatePolicyRequest {
1841    /// Creates a new default instance.
1842    pub fn new() -> Self {
1843        std::default::Default::default()
1844    }
1845
1846    /// Sets the value of [policy][crate::model::UpdatePolicyRequest::policy].
1847    ///
1848    /// # Example
1849    /// ```ignore,no_run
1850    /// # use google_cloud_binaryauthorization_v1::model::UpdatePolicyRequest;
1851    /// use google_cloud_binaryauthorization_v1::model::Policy;
1852    /// let x = UpdatePolicyRequest::new().set_policy(Policy::default()/* use setters */);
1853    /// ```
1854    pub fn set_policy<T>(mut self, v: T) -> Self
1855    where
1856        T: std::convert::Into<crate::model::Policy>,
1857    {
1858        self.policy = std::option::Option::Some(v.into());
1859        self
1860    }
1861
1862    /// Sets or clears the value of [policy][crate::model::UpdatePolicyRequest::policy].
1863    ///
1864    /// # Example
1865    /// ```ignore,no_run
1866    /// # use google_cloud_binaryauthorization_v1::model::UpdatePolicyRequest;
1867    /// use google_cloud_binaryauthorization_v1::model::Policy;
1868    /// let x = UpdatePolicyRequest::new().set_or_clear_policy(Some(Policy::default()/* use setters */));
1869    /// let x = UpdatePolicyRequest::new().set_or_clear_policy(None::<Policy>);
1870    /// ```
1871    pub fn set_or_clear_policy<T>(mut self, v: std::option::Option<T>) -> Self
1872    where
1873        T: std::convert::Into<crate::model::Policy>,
1874    {
1875        self.policy = v.map(|x| x.into());
1876        self
1877    }
1878}
1879
1880impl wkt::message::Message for UpdatePolicyRequest {
1881    fn typename() -> &'static str {
1882        "type.googleapis.com/google.cloud.binaryauthorization.v1.UpdatePolicyRequest"
1883    }
1884}
1885
1886/// Request message for
1887/// [BinauthzManagementServiceV1.CreateAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor].
1888///
1889/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor]: crate::client::BinauthzManagementServiceV1::create_attestor
1890#[derive(Clone, Default, PartialEq)]
1891#[non_exhaustive]
1892pub struct CreateAttestorRequest {
1893    /// Required. The parent of this
1894    /// [attestor][google.cloud.binaryauthorization.v1.Attestor].
1895    ///
1896    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1897    pub parent: std::string::String,
1898
1899    /// Required. The [attestors][google.cloud.binaryauthorization.v1.Attestor] ID.
1900    ///
1901    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1902    pub attestor_id: std::string::String,
1903
1904    /// Required. The initial
1905    /// [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service
1906    /// will overwrite the [attestor
1907    /// name][google.cloud.binaryauthorization.v1.Attestor.name] field with the
1908    /// resource name, in the format `projects/*/attestors/*`.
1909    ///
1910    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1911    /// [google.cloud.binaryauthorization.v1.Attestor.name]: crate::model::Attestor::name
1912    pub attestor: std::option::Option<crate::model::Attestor>,
1913
1914    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1915}
1916
1917impl CreateAttestorRequest {
1918    /// Creates a new default instance.
1919    pub fn new() -> Self {
1920        std::default::Default::default()
1921    }
1922
1923    /// Sets the value of [parent][crate::model::CreateAttestorRequest::parent].
1924    ///
1925    /// # Example
1926    /// ```ignore,no_run
1927    /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1928    /// let x = CreateAttestorRequest::new().set_parent("example");
1929    /// ```
1930    pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1931        self.parent = v.into();
1932        self
1933    }
1934
1935    /// Sets the value of [attestor_id][crate::model::CreateAttestorRequest::attestor_id].
1936    ///
1937    /// # Example
1938    /// ```ignore,no_run
1939    /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1940    /// let x = CreateAttestorRequest::new().set_attestor_id("example");
1941    /// ```
1942    pub fn set_attestor_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1943        self.attestor_id = v.into();
1944        self
1945    }
1946
1947    /// Sets the value of [attestor][crate::model::CreateAttestorRequest::attestor].
1948    ///
1949    /// # Example
1950    /// ```ignore,no_run
1951    /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1952    /// use google_cloud_binaryauthorization_v1::model::Attestor;
1953    /// let x = CreateAttestorRequest::new().set_attestor(Attestor::default()/* use setters */);
1954    /// ```
1955    pub fn set_attestor<T>(mut self, v: T) -> Self
1956    where
1957        T: std::convert::Into<crate::model::Attestor>,
1958    {
1959        self.attestor = std::option::Option::Some(v.into());
1960        self
1961    }
1962
1963    /// Sets or clears the value of [attestor][crate::model::CreateAttestorRequest::attestor].
1964    ///
1965    /// # Example
1966    /// ```ignore,no_run
1967    /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1968    /// use google_cloud_binaryauthorization_v1::model::Attestor;
1969    /// let x = CreateAttestorRequest::new().set_or_clear_attestor(Some(Attestor::default()/* use setters */));
1970    /// let x = CreateAttestorRequest::new().set_or_clear_attestor(None::<Attestor>);
1971    /// ```
1972    pub fn set_or_clear_attestor<T>(mut self, v: std::option::Option<T>) -> Self
1973    where
1974        T: std::convert::Into<crate::model::Attestor>,
1975    {
1976        self.attestor = v.map(|x| x.into());
1977        self
1978    }
1979}
1980
1981impl wkt::message::Message for CreateAttestorRequest {
1982    fn typename() -> &'static str {
1983        "type.googleapis.com/google.cloud.binaryauthorization.v1.CreateAttestorRequest"
1984    }
1985}
1986
1987/// Request message for
1988/// [BinauthzManagementServiceV1.GetAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor].
1989///
1990/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor]: crate::client::BinauthzManagementServiceV1::get_attestor
1991#[derive(Clone, Default, PartialEq)]
1992#[non_exhaustive]
1993pub struct GetAttestorRequest {
1994    /// Required. The name of the
1995    /// [attestor][google.cloud.binaryauthorization.v1.Attestor] to retrieve, in
1996    /// the format `projects/*/attestors/*`.
1997    ///
1998    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1999    pub name: std::string::String,
2000
2001    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2002}
2003
2004impl GetAttestorRequest {
2005    /// Creates a new default instance.
2006    pub fn new() -> Self {
2007        std::default::Default::default()
2008    }
2009
2010    /// Sets the value of [name][crate::model::GetAttestorRequest::name].
2011    ///
2012    /// # Example
2013    /// ```ignore,no_run
2014    /// # use google_cloud_binaryauthorization_v1::model::GetAttestorRequest;
2015    /// # let project_id = "project_id";
2016    /// # let attestor_id = "attestor_id";
2017    /// let x = GetAttestorRequest::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
2018    /// ```
2019    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2020        self.name = v.into();
2021        self
2022    }
2023}
2024
2025impl wkt::message::Message for GetAttestorRequest {
2026    fn typename() -> &'static str {
2027        "type.googleapis.com/google.cloud.binaryauthorization.v1.GetAttestorRequest"
2028    }
2029}
2030
2031/// Request message for
2032/// [BinauthzManagementServiceV1.UpdateAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor].
2033///
2034/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor]: crate::client::BinauthzManagementServiceV1::update_attestor
2035#[derive(Clone, Default, PartialEq)]
2036#[non_exhaustive]
2037pub struct UpdateAttestorRequest {
2038    /// Required. The updated
2039    /// [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service
2040    /// will overwrite the [attestor
2041    /// name][google.cloud.binaryauthorization.v1.Attestor.name] field with the
2042    /// resource name in the request URL, in the format `projects/*/attestors/*`.
2043    ///
2044    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2045    /// [google.cloud.binaryauthorization.v1.Attestor.name]: crate::model::Attestor::name
2046    pub attestor: std::option::Option<crate::model::Attestor>,
2047
2048    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2049}
2050
2051impl UpdateAttestorRequest {
2052    /// Creates a new default instance.
2053    pub fn new() -> Self {
2054        std::default::Default::default()
2055    }
2056
2057    /// Sets the value of [attestor][crate::model::UpdateAttestorRequest::attestor].
2058    ///
2059    /// # Example
2060    /// ```ignore,no_run
2061    /// # use google_cloud_binaryauthorization_v1::model::UpdateAttestorRequest;
2062    /// use google_cloud_binaryauthorization_v1::model::Attestor;
2063    /// let x = UpdateAttestorRequest::new().set_attestor(Attestor::default()/* use setters */);
2064    /// ```
2065    pub fn set_attestor<T>(mut self, v: T) -> Self
2066    where
2067        T: std::convert::Into<crate::model::Attestor>,
2068    {
2069        self.attestor = std::option::Option::Some(v.into());
2070        self
2071    }
2072
2073    /// Sets or clears the value of [attestor][crate::model::UpdateAttestorRequest::attestor].
2074    ///
2075    /// # Example
2076    /// ```ignore,no_run
2077    /// # use google_cloud_binaryauthorization_v1::model::UpdateAttestorRequest;
2078    /// use google_cloud_binaryauthorization_v1::model::Attestor;
2079    /// let x = UpdateAttestorRequest::new().set_or_clear_attestor(Some(Attestor::default()/* use setters */));
2080    /// let x = UpdateAttestorRequest::new().set_or_clear_attestor(None::<Attestor>);
2081    /// ```
2082    pub fn set_or_clear_attestor<T>(mut self, v: std::option::Option<T>) -> Self
2083    where
2084        T: std::convert::Into<crate::model::Attestor>,
2085    {
2086        self.attestor = v.map(|x| x.into());
2087        self
2088    }
2089}
2090
2091impl wkt::message::Message for UpdateAttestorRequest {
2092    fn typename() -> &'static str {
2093        "type.googleapis.com/google.cloud.binaryauthorization.v1.UpdateAttestorRequest"
2094    }
2095}
2096
2097/// Request message for
2098/// [BinauthzManagementServiceV1.ListAttestors][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors].
2099///
2100/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors]: crate::client::BinauthzManagementServiceV1::list_attestors
2101#[derive(Clone, Default, PartialEq)]
2102#[non_exhaustive]
2103pub struct ListAttestorsRequest {
2104    /// Required. The resource name of the project associated with the
2105    /// [attestors][google.cloud.binaryauthorization.v1.Attestor], in the format
2106    /// `projects/*`.
2107    ///
2108    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2109    pub parent: std::string::String,
2110
2111    /// Requested page size. The server may return fewer results than requested. If
2112    /// unspecified, the server will pick an appropriate default.
2113    pub page_size: i32,
2114
2115    /// A token identifying a page of results the server should return. Typically,
2116    /// this is the value of
2117    /// [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token]
2118    /// returned from the previous call to the `ListAttestors` method.
2119    ///
2120    /// [google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token]: crate::model::ListAttestorsResponse::next_page_token
2121    pub page_token: std::string::String,
2122
2123    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2124}
2125
2126impl ListAttestorsRequest {
2127    /// Creates a new default instance.
2128    pub fn new() -> Self {
2129        std::default::Default::default()
2130    }
2131
2132    /// Sets the value of [parent][crate::model::ListAttestorsRequest::parent].
2133    ///
2134    /// # Example
2135    /// ```ignore,no_run
2136    /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2137    /// let x = ListAttestorsRequest::new().set_parent("example");
2138    /// ```
2139    pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2140        self.parent = v.into();
2141        self
2142    }
2143
2144    /// Sets the value of [page_size][crate::model::ListAttestorsRequest::page_size].
2145    ///
2146    /// # Example
2147    /// ```ignore,no_run
2148    /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2149    /// let x = ListAttestorsRequest::new().set_page_size(42);
2150    /// ```
2151    pub fn set_page_size<T: std::convert::Into<i32>>(mut self, v: T) -> Self {
2152        self.page_size = v.into();
2153        self
2154    }
2155
2156    /// Sets the value of [page_token][crate::model::ListAttestorsRequest::page_token].
2157    ///
2158    /// # Example
2159    /// ```ignore,no_run
2160    /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2161    /// let x = ListAttestorsRequest::new().set_page_token("example");
2162    /// ```
2163    pub fn set_page_token<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2164        self.page_token = v.into();
2165        self
2166    }
2167}
2168
2169impl wkt::message::Message for ListAttestorsRequest {
2170    fn typename() -> &'static str {
2171        "type.googleapis.com/google.cloud.binaryauthorization.v1.ListAttestorsRequest"
2172    }
2173}
2174
2175/// Response message for
2176/// [BinauthzManagementServiceV1.ListAttestors][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors].
2177///
2178/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors]: crate::client::BinauthzManagementServiceV1::list_attestors
2179#[derive(Clone, Default, PartialEq)]
2180#[non_exhaustive]
2181pub struct ListAttestorsResponse {
2182    /// The list of [attestors][google.cloud.binaryauthorization.v1.Attestor].
2183    ///
2184    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2185    pub attestors: std::vec::Vec<crate::model::Attestor>,
2186
2187    /// A token to retrieve the next page of results. Pass this value in the
2188    /// [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token]
2189    /// field in the subsequent call to the `ListAttestors` method to retrieve the
2190    /// next page of results.
2191    ///
2192    /// [google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token]: crate::model::ListAttestorsRequest::page_token
2193    pub next_page_token: std::string::String,
2194
2195    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2196}
2197
2198impl ListAttestorsResponse {
2199    /// Creates a new default instance.
2200    pub fn new() -> Self {
2201        std::default::Default::default()
2202    }
2203
2204    /// Sets the value of [attestors][crate::model::ListAttestorsResponse::attestors].
2205    ///
2206    /// # Example
2207    /// ```ignore,no_run
2208    /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsResponse;
2209    /// use google_cloud_binaryauthorization_v1::model::Attestor;
2210    /// let x = ListAttestorsResponse::new()
2211    ///     .set_attestors([
2212    ///         Attestor::default()/* use setters */,
2213    ///         Attestor::default()/* use (different) setters */,
2214    ///     ]);
2215    /// ```
2216    pub fn set_attestors<T, V>(mut self, v: T) -> Self
2217    where
2218        T: std::iter::IntoIterator<Item = V>,
2219        V: std::convert::Into<crate::model::Attestor>,
2220    {
2221        use std::iter::Iterator;
2222        self.attestors = v.into_iter().map(|i| i.into()).collect();
2223        self
2224    }
2225
2226    /// Sets the value of [next_page_token][crate::model::ListAttestorsResponse::next_page_token].
2227    ///
2228    /// # Example
2229    /// ```ignore,no_run
2230    /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsResponse;
2231    /// let x = ListAttestorsResponse::new().set_next_page_token("example");
2232    /// ```
2233    pub fn set_next_page_token<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2234        self.next_page_token = v.into();
2235        self
2236    }
2237}
2238
2239impl wkt::message::Message for ListAttestorsResponse {
2240    fn typename() -> &'static str {
2241        "type.googleapis.com/google.cloud.binaryauthorization.v1.ListAttestorsResponse"
2242    }
2243}
2244
2245#[doc(hidden)]
2246impl google_cloud_gax::paginator::internal::PageableResponse for ListAttestorsResponse {
2247    type PageItem = crate::model::Attestor;
2248
2249    fn items(self) -> std::vec::Vec<Self::PageItem> {
2250        self.attestors
2251    }
2252
2253    fn next_page_token(&self) -> std::string::String {
2254        use std::clone::Clone;
2255        self.next_page_token.clone()
2256    }
2257}
2258
2259/// Request message for
2260/// [BinauthzManagementServiceV1.DeleteAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor].
2261///
2262/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor]: crate::client::BinauthzManagementServiceV1::delete_attestor
2263#[derive(Clone, Default, PartialEq)]
2264#[non_exhaustive]
2265pub struct DeleteAttestorRequest {
2266    /// Required. The name of the
2267    /// [attestors][google.cloud.binaryauthorization.v1.Attestor] to delete, in the
2268    /// format `projects/*/attestors/*`.
2269    ///
2270    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2271    pub name: std::string::String,
2272
2273    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2274}
2275
2276impl DeleteAttestorRequest {
2277    /// Creates a new default instance.
2278    pub fn new() -> Self {
2279        std::default::Default::default()
2280    }
2281
2282    /// Sets the value of [name][crate::model::DeleteAttestorRequest::name].
2283    ///
2284    /// # Example
2285    /// ```ignore,no_run
2286    /// # use google_cloud_binaryauthorization_v1::model::DeleteAttestorRequest;
2287    /// # let project_id = "project_id";
2288    /// # let attestor_id = "attestor_id";
2289    /// let x = DeleteAttestorRequest::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
2290    /// ```
2291    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2292        self.name = v.into();
2293        self
2294    }
2295}
2296
2297impl wkt::message::Message for DeleteAttestorRequest {
2298    fn typename() -> &'static str {
2299        "type.googleapis.com/google.cloud.binaryauthorization.v1.DeleteAttestorRequest"
2300    }
2301}
2302
2303/// Request to read the current system policy.
2304#[derive(Clone, Default, PartialEq)]
2305#[non_exhaustive]
2306pub struct GetSystemPolicyRequest {
2307    /// Required. The resource name, in the format `locations/*/policy`.
2308    /// Note that the system policy is not associated with a project.
2309    pub name: std::string::String,
2310
2311    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2312}
2313
2314impl GetSystemPolicyRequest {
2315    /// Creates a new default instance.
2316    pub fn new() -> Self {
2317        std::default::Default::default()
2318    }
2319
2320    /// Sets the value of [name][crate::model::GetSystemPolicyRequest::name].
2321    ///
2322    /// # Example
2323    /// ```ignore,no_run
2324    /// # use google_cloud_binaryauthorization_v1::model::GetSystemPolicyRequest;
2325    /// # let project_id = "project_id";
2326    /// let x = GetSystemPolicyRequest::new().set_name(format!("projects/{project_id}/policy"));
2327    /// ```
2328    pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2329        self.name = v.into();
2330        self
2331    }
2332}
2333
2334impl wkt::message::Message for GetSystemPolicyRequest {
2335    fn typename() -> &'static str {
2336        "type.googleapis.com/google.cloud.binaryauthorization.v1.GetSystemPolicyRequest"
2337    }
2338}
2339
2340/// Request message for
2341/// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence].
2342///
2343/// [google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]: crate::client::ValidationHelperV1::validate_attestation_occurrence
2344#[derive(Clone, Default, PartialEq)]
2345#[non_exhaustive]
2346pub struct ValidateAttestationOccurrenceRequest {
2347    /// Required. The resource name of the
2348    /// [Attestor][google.cloud.binaryauthorization.v1.Attestor] of the
2349    /// [occurrence][grafeas.v1.Occurrence], in the format
2350    /// `projects/*/attestors/*`.
2351    ///
2352    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2353    pub attestor: std::string::String,
2354
2355    /// Required. An [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to
2356    /// be checked that it can be verified by the `Attestor`. It does not have to
2357    /// be an existing entity in Container Analysis. It must otherwise be a valid
2358    /// `AttestationOccurrence`.
2359    ///
2360    /// [grafeas.v1.AttestationOccurrence]: google_cloud_grafeas_v1::model::AttestationOccurrence
2361    pub attestation: std::option::Option<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2362
2363    /// Required. The resource name of the [Note][grafeas.v1.Note] to which the
2364    /// containing [Occurrence][grafeas.v1.Occurrence] is associated.
2365    pub occurrence_note: std::string::String,
2366
2367    /// Required. The URI of the artifact (e.g. container image) that is the
2368    /// subject of the containing [Occurrence][grafeas.v1.Occurrence].
2369    pub occurrence_resource_uri: std::string::String,
2370
2371    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2372}
2373
2374impl ValidateAttestationOccurrenceRequest {
2375    /// Creates a new default instance.
2376    pub fn new() -> Self {
2377        std::default::Default::default()
2378    }
2379
2380    /// Sets the value of [attestor][crate::model::ValidateAttestationOccurrenceRequest::attestor].
2381    ///
2382    /// # Example
2383    /// ```ignore,no_run
2384    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2385    /// let x = ValidateAttestationOccurrenceRequest::new().set_attestor("example");
2386    /// ```
2387    pub fn set_attestor<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2388        self.attestor = v.into();
2389        self
2390    }
2391
2392    /// Sets the value of [attestation][crate::model::ValidateAttestationOccurrenceRequest::attestation].
2393    ///
2394    /// # Example
2395    /// ```ignore,no_run
2396    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2397    /// use google_cloud_grafeas_v1::model::AttestationOccurrence;
2398    /// let x = ValidateAttestationOccurrenceRequest::new().set_attestation(AttestationOccurrence::default()/* use setters */);
2399    /// ```
2400    pub fn set_attestation<T>(mut self, v: T) -> Self
2401    where
2402        T: std::convert::Into<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2403    {
2404        self.attestation = std::option::Option::Some(v.into());
2405        self
2406    }
2407
2408    /// Sets or clears the value of [attestation][crate::model::ValidateAttestationOccurrenceRequest::attestation].
2409    ///
2410    /// # Example
2411    /// ```ignore,no_run
2412    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2413    /// use google_cloud_grafeas_v1::model::AttestationOccurrence;
2414    /// let x = ValidateAttestationOccurrenceRequest::new().set_or_clear_attestation(Some(AttestationOccurrence::default()/* use setters */));
2415    /// let x = ValidateAttestationOccurrenceRequest::new().set_or_clear_attestation(None::<AttestationOccurrence>);
2416    /// ```
2417    pub fn set_or_clear_attestation<T>(mut self, v: std::option::Option<T>) -> Self
2418    where
2419        T: std::convert::Into<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2420    {
2421        self.attestation = v.map(|x| x.into());
2422        self
2423    }
2424
2425    /// Sets the value of [occurrence_note][crate::model::ValidateAttestationOccurrenceRequest::occurrence_note].
2426    ///
2427    /// # Example
2428    /// ```ignore,no_run
2429    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2430    /// let x = ValidateAttestationOccurrenceRequest::new().set_occurrence_note("example");
2431    /// ```
2432    pub fn set_occurrence_note<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2433        self.occurrence_note = v.into();
2434        self
2435    }
2436
2437    /// Sets the value of [occurrence_resource_uri][crate::model::ValidateAttestationOccurrenceRequest::occurrence_resource_uri].
2438    ///
2439    /// # Example
2440    /// ```ignore,no_run
2441    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2442    /// let x = ValidateAttestationOccurrenceRequest::new().set_occurrence_resource_uri("example");
2443    /// ```
2444    pub fn set_occurrence_resource_uri<T: std::convert::Into<std::string::String>>(
2445        mut self,
2446        v: T,
2447    ) -> Self {
2448        self.occurrence_resource_uri = v.into();
2449        self
2450    }
2451}
2452
2453impl wkt::message::Message for ValidateAttestationOccurrenceRequest {
2454    fn typename() -> &'static str {
2455        "type.googleapis.com/google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest"
2456    }
2457}
2458
2459/// Response message for
2460/// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence].
2461///
2462/// [google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]: crate::client::ValidationHelperV1::validate_attestation_occurrence
2463#[derive(Clone, Default, PartialEq)]
2464#[non_exhaustive]
2465pub struct ValidateAttestationOccurrenceResponse {
2466    /// The result of the Attestation validation.
2467    pub result: crate::model::validate_attestation_occurrence_response::Result,
2468
2469    /// The reason for denial if the Attestation couldn't be validated.
2470    pub denial_reason: std::string::String,
2471
2472    pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2473}
2474
2475impl ValidateAttestationOccurrenceResponse {
2476    /// Creates a new default instance.
2477    pub fn new() -> Self {
2478        std::default::Default::default()
2479    }
2480
2481    /// Sets the value of [result][crate::model::ValidateAttestationOccurrenceResponse::result].
2482    ///
2483    /// # Example
2484    /// ```ignore,no_run
2485    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceResponse;
2486    /// use google_cloud_binaryauthorization_v1::model::validate_attestation_occurrence_response::Result;
2487    /// let x0 = ValidateAttestationOccurrenceResponse::new().set_result(Result::Verified);
2488    /// let x1 = ValidateAttestationOccurrenceResponse::new().set_result(Result::AttestationNotVerifiable);
2489    /// ```
2490    pub fn set_result<
2491        T: std::convert::Into<crate::model::validate_attestation_occurrence_response::Result>,
2492    >(
2493        mut self,
2494        v: T,
2495    ) -> Self {
2496        self.result = v.into();
2497        self
2498    }
2499
2500    /// Sets the value of [denial_reason][crate::model::ValidateAttestationOccurrenceResponse::denial_reason].
2501    ///
2502    /// # Example
2503    /// ```ignore,no_run
2504    /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceResponse;
2505    /// let x = ValidateAttestationOccurrenceResponse::new().set_denial_reason("example");
2506    /// ```
2507    pub fn set_denial_reason<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2508        self.denial_reason = v.into();
2509        self
2510    }
2511}
2512
2513impl wkt::message::Message for ValidateAttestationOccurrenceResponse {
2514    fn typename() -> &'static str {
2515        "type.googleapis.com/google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse"
2516    }
2517}
2518
2519/// Defines additional types related to [ValidateAttestationOccurrenceResponse].
2520pub mod validate_attestation_occurrence_response {
2521    #[allow(unused_imports)]
2522    use super::*;
2523
2524    /// The enum returned in the `result` field.
2525    ///
2526    /// # Working with unknown values
2527    ///
2528    /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
2529    /// additional enum variants at any time. Adding new variants is not considered
2530    /// a breaking change. Applications should write their code in anticipation of:
2531    ///
2532    /// - New values appearing in future releases of the client library, **and**
2533    /// - New values received dynamically, without application changes.
2534    ///
2535    /// Please consult the [Working with enums] section in the user guide for some
2536    /// guidelines.
2537    ///
2538    /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
2539    #[derive(Clone, Debug, PartialEq)]
2540    #[non_exhaustive]
2541    pub enum Result {
2542        /// Unspecified.
2543        Unspecified,
2544        /// The Attestation was able to verified by the Attestor.
2545        Verified,
2546        /// The Attestation was not able to verified by the Attestor.
2547        AttestationNotVerifiable,
2548        /// If set, the enum was initialized with an unknown value.
2549        ///
2550        /// Applications can examine the value using [Result::value] or
2551        /// [Result::name].
2552        UnknownValue(result::UnknownValue),
2553    }
2554
2555    #[doc(hidden)]
2556    pub mod result {
2557        #[allow(unused_imports)]
2558        use super::*;
2559        #[derive(Clone, Debug, PartialEq)]
2560        pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
2561    }
2562
2563    impl Result {
2564        /// Gets the enum value.
2565        ///
2566        /// Returns `None` if the enum contains an unknown value deserialized from
2567        /// the string representation of enums.
2568        pub fn value(&self) -> std::option::Option<i32> {
2569            match self {
2570                Self::Unspecified => std::option::Option::Some(0),
2571                Self::Verified => std::option::Option::Some(1),
2572                Self::AttestationNotVerifiable => std::option::Option::Some(2),
2573                Self::UnknownValue(u) => u.0.value(),
2574            }
2575        }
2576
2577        /// Gets the enum value as a string.
2578        ///
2579        /// Returns `None` if the enum contains an unknown value deserialized from
2580        /// the integer representation of enums.
2581        pub fn name(&self) -> std::option::Option<&str> {
2582            match self {
2583                Self::Unspecified => std::option::Option::Some("RESULT_UNSPECIFIED"),
2584                Self::Verified => std::option::Option::Some("VERIFIED"),
2585                Self::AttestationNotVerifiable => {
2586                    std::option::Option::Some("ATTESTATION_NOT_VERIFIABLE")
2587                }
2588                Self::UnknownValue(u) => u.0.name(),
2589            }
2590        }
2591    }
2592
2593    impl std::default::Default for Result {
2594        fn default() -> Self {
2595            use std::convert::From;
2596            Self::from(0)
2597        }
2598    }
2599
2600    impl std::fmt::Display for Result {
2601        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
2602            wkt::internal::display_enum(f, self.name(), self.value())
2603        }
2604    }
2605
2606    impl std::convert::From<i32> for Result {
2607        fn from(value: i32) -> Self {
2608            match value {
2609                0 => Self::Unspecified,
2610                1 => Self::Verified,
2611                2 => Self::AttestationNotVerifiable,
2612                _ => Self::UnknownValue(result::UnknownValue(
2613                    wkt::internal::UnknownEnumValue::Integer(value),
2614                )),
2615            }
2616        }
2617    }
2618
2619    impl std::convert::From<&str> for Result {
2620        fn from(value: &str) -> Self {
2621            use std::string::ToString;
2622            match value {
2623                "RESULT_UNSPECIFIED" => Self::Unspecified,
2624                "VERIFIED" => Self::Verified,
2625                "ATTESTATION_NOT_VERIFIABLE" => Self::AttestationNotVerifiable,
2626                _ => Self::UnknownValue(result::UnknownValue(
2627                    wkt::internal::UnknownEnumValue::String(value.to_string()),
2628                )),
2629            }
2630        }
2631    }
2632
2633    impl serde::ser::Serialize for Result {
2634        fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
2635        where
2636            S: serde::Serializer,
2637        {
2638            match self {
2639                Self::Unspecified => serializer.serialize_i32(0),
2640                Self::Verified => serializer.serialize_i32(1),
2641                Self::AttestationNotVerifiable => serializer.serialize_i32(2),
2642                Self::UnknownValue(u) => u.0.serialize(serializer),
2643            }
2644        }
2645    }
2646
2647    impl<'de> serde::de::Deserialize<'de> for Result {
2648        fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
2649        where
2650            D: serde::Deserializer<'de>,
2651        {
2652            deserializer.deserialize_any(wkt::internal::EnumVisitor::<Result>::new(
2653                ".google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result",
2654            ))
2655        }
2656    }
2657}