google_cloud_binaryauthorization_v1/model.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16
17#![allow(rustdoc::bare_urls)]
18#![allow(rustdoc::broken_intra_doc_links)]
19#![allow(rustdoc::invalid_html_tags)]
20#![allow(rustdoc::redundant_explicit_links)]
21#![no_implicit_prelude]
22extern crate async_trait;
23extern crate bytes;
24extern crate gaxi;
25extern crate google_cloud_gax;
26extern crate google_cloud_grafeas_v1;
27extern crate google_cloud_iam_v1;
28extern crate serde;
29extern crate serde_json;
30extern crate serde_with;
31extern crate std;
32extern crate tracing;
33extern crate wkt;
34
35mod debug;
36mod deserialize;
37mod serialize;
38
39/// A [policy][google.cloud.binaryauthorization.v1.Policy] for container image
40/// binary authorization.
41///
42/// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
43#[derive(Clone, Default, PartialEq)]
44#[non_exhaustive]
45pub struct Policy {
46 /// Output only. The resource name, in the format `projects/*/policy`. There is
47 /// at most one policy per project.
48 pub name: std::string::String,
49
50 /// Optional. A descriptive comment.
51 pub description: std::string::String,
52
53 /// Optional. Controls the evaluation of a Google-maintained global admission
54 /// policy for common system-level images. Images not covered by the global
55 /// policy will be subject to the project admission policy. This setting
56 /// has no effect when specified inside a global admission policy.
57 pub global_policy_evaluation_mode: crate::model::policy::GlobalPolicyEvaluationMode,
58
59 /// Optional. Admission policy allowlisting. A matching admission request will
60 /// always be permitted. This feature is typically used to exclude Google or
61 /// third-party infrastructure images from Binary Authorization policies.
62 pub admission_whitelist_patterns: std::vec::Vec<crate::model::AdmissionWhitelistPattern>,
63
64 /// Optional. A valid policy has only one of the following rule maps non-empty,
65 /// i.e. only one of `cluster_admission_rules`,
66 /// `kubernetes_namespace_admission_rules`,
67 /// `kubernetes_service_account_admission_rules`,
68 /// or `istio_service_identity_admission_rules` can be non-empty.
69 /// Per-cluster admission rules. Cluster spec format:
70 /// `location.clusterId`. There can be at most one admission rule per cluster
71 /// spec.
72 /// A `location` is either a compute zone (e.g. us-central1-a) or a region
73 /// (e.g. us-central1).
74 /// For `clusterId` syntax restrictions see
75 /// <https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters>.
76 pub cluster_admission_rules:
77 std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
78
79 /// Optional. Per-kubernetes-namespace admission rules. K8s namespace spec
80 /// format:
81 /// `[a-z.-]+`, e.g. `some-namespace`
82 pub kubernetes_namespace_admission_rules:
83 std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
84
85 /// Optional. Per-kubernetes-service-account admission rules. Service account
86 /// spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
87 pub kubernetes_service_account_admission_rules:
88 std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
89
90 /// Optional. Per-istio-service-identity admission rules. Istio service
91 /// identity spec format:
92 /// `spiffe://<domain>/ns/<namespace>/sa/<serviceaccount>` or
93 /// `<domain>/ns/<namespace>/sa/<serviceaccount>`
94 /// e.g. `spiffe://example.com/ns/test-ns/sa/default`
95 pub istio_service_identity_admission_rules:
96 std::collections::HashMap<std::string::String, crate::model::AdmissionRule>,
97
98 /// Required. Default admission rule for a cluster without a per-cluster, per-
99 /// kubernetes-service-account, or per-istio-service-identity admission rule.
100 pub default_admission_rule: std::option::Option<crate::model::AdmissionRule>,
101
102 /// Output only. Time when the policy was last updated.
103 pub update_time: std::option::Option<wkt::Timestamp>,
104
105 /// Optional. A checksum, returned by the server, that can be sent on update
106 /// requests to ensure the policy has an up-to-date value before attempting to
107 /// update it. See <https://google.aip.dev/154>.
108 pub etag: std::string::String,
109
110 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
111}
112
113impl Policy {
114 /// Creates a new default instance.
115 pub fn new() -> Self {
116 std::default::Default::default()
117 }
118
119 /// Sets the value of [name][crate::model::Policy::name].
120 ///
121 /// # Example
122 /// ```ignore,no_run
123 /// # use google_cloud_binaryauthorization_v1::model::Policy;
124 /// # let project_id = "project_id";
125 /// let x = Policy::new().set_name(format!("projects/{project_id}/policy"));
126 /// ```
127 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
128 self.name = v.into();
129 self
130 }
131
132 /// Sets the value of [description][crate::model::Policy::description].
133 ///
134 /// # Example
135 /// ```ignore,no_run
136 /// # use google_cloud_binaryauthorization_v1::model::Policy;
137 /// let x = Policy::new().set_description("example");
138 /// ```
139 pub fn set_description<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
140 self.description = v.into();
141 self
142 }
143
144 /// Sets the value of [global_policy_evaluation_mode][crate::model::Policy::global_policy_evaluation_mode].
145 ///
146 /// # Example
147 /// ```ignore,no_run
148 /// # use google_cloud_binaryauthorization_v1::model::Policy;
149 /// use google_cloud_binaryauthorization_v1::model::policy::GlobalPolicyEvaluationMode;
150 /// let x0 = Policy::new().set_global_policy_evaluation_mode(GlobalPolicyEvaluationMode::Enable);
151 /// let x1 = Policy::new().set_global_policy_evaluation_mode(GlobalPolicyEvaluationMode::Disable);
152 /// ```
153 pub fn set_global_policy_evaluation_mode<
154 T: std::convert::Into<crate::model::policy::GlobalPolicyEvaluationMode>,
155 >(
156 mut self,
157 v: T,
158 ) -> Self {
159 self.global_policy_evaluation_mode = v.into();
160 self
161 }
162
163 /// Sets the value of [admission_whitelist_patterns][crate::model::Policy::admission_whitelist_patterns].
164 ///
165 /// # Example
166 /// ```ignore,no_run
167 /// # use google_cloud_binaryauthorization_v1::model::Policy;
168 /// use google_cloud_binaryauthorization_v1::model::AdmissionWhitelistPattern;
169 /// let x = Policy::new()
170 /// .set_admission_whitelist_patterns([
171 /// AdmissionWhitelistPattern::default()/* use setters */,
172 /// AdmissionWhitelistPattern::default()/* use (different) setters */,
173 /// ]);
174 /// ```
175 pub fn set_admission_whitelist_patterns<T, V>(mut self, v: T) -> Self
176 where
177 T: std::iter::IntoIterator<Item = V>,
178 V: std::convert::Into<crate::model::AdmissionWhitelistPattern>,
179 {
180 use std::iter::Iterator;
181 self.admission_whitelist_patterns = v.into_iter().map(|i| i.into()).collect();
182 self
183 }
184
185 /// Sets the value of [cluster_admission_rules][crate::model::Policy::cluster_admission_rules].
186 ///
187 /// # Example
188 /// ```ignore,no_run
189 /// # use google_cloud_binaryauthorization_v1::model::Policy;
190 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
191 /// let x = Policy::new().set_cluster_admission_rules([
192 /// ("key0", AdmissionRule::default()/* use setters */),
193 /// ("key1", AdmissionRule::default()/* use (different) setters */),
194 /// ]);
195 /// ```
196 pub fn set_cluster_admission_rules<T, K, V>(mut self, v: T) -> Self
197 where
198 T: std::iter::IntoIterator<Item = (K, V)>,
199 K: std::convert::Into<std::string::String>,
200 V: std::convert::Into<crate::model::AdmissionRule>,
201 {
202 use std::iter::Iterator;
203 self.cluster_admission_rules = v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
204 self
205 }
206
207 /// Sets the value of [kubernetes_namespace_admission_rules][crate::model::Policy::kubernetes_namespace_admission_rules].
208 ///
209 /// # Example
210 /// ```ignore,no_run
211 /// # use google_cloud_binaryauthorization_v1::model::Policy;
212 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
213 /// let x = Policy::new().set_kubernetes_namespace_admission_rules([
214 /// ("key0", AdmissionRule::default()/* use setters */),
215 /// ("key1", AdmissionRule::default()/* use (different) setters */),
216 /// ]);
217 /// ```
218 pub fn set_kubernetes_namespace_admission_rules<T, K, V>(mut self, v: T) -> Self
219 where
220 T: std::iter::IntoIterator<Item = (K, V)>,
221 K: std::convert::Into<std::string::String>,
222 V: std::convert::Into<crate::model::AdmissionRule>,
223 {
224 use std::iter::Iterator;
225 self.kubernetes_namespace_admission_rules =
226 v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
227 self
228 }
229
230 /// Sets the value of [kubernetes_service_account_admission_rules][crate::model::Policy::kubernetes_service_account_admission_rules].
231 ///
232 /// # Example
233 /// ```ignore,no_run
234 /// # use google_cloud_binaryauthorization_v1::model::Policy;
235 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
236 /// let x = Policy::new().set_kubernetes_service_account_admission_rules([
237 /// ("key0", AdmissionRule::default()/* use setters */),
238 /// ("key1", AdmissionRule::default()/* use (different) setters */),
239 /// ]);
240 /// ```
241 pub fn set_kubernetes_service_account_admission_rules<T, K, V>(mut self, v: T) -> Self
242 where
243 T: std::iter::IntoIterator<Item = (K, V)>,
244 K: std::convert::Into<std::string::String>,
245 V: std::convert::Into<crate::model::AdmissionRule>,
246 {
247 use std::iter::Iterator;
248 self.kubernetes_service_account_admission_rules =
249 v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
250 self
251 }
252
253 /// Sets the value of [istio_service_identity_admission_rules][crate::model::Policy::istio_service_identity_admission_rules].
254 ///
255 /// # Example
256 /// ```ignore,no_run
257 /// # use google_cloud_binaryauthorization_v1::model::Policy;
258 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
259 /// let x = Policy::new().set_istio_service_identity_admission_rules([
260 /// ("key0", AdmissionRule::default()/* use setters */),
261 /// ("key1", AdmissionRule::default()/* use (different) setters */),
262 /// ]);
263 /// ```
264 pub fn set_istio_service_identity_admission_rules<T, K, V>(mut self, v: T) -> Self
265 where
266 T: std::iter::IntoIterator<Item = (K, V)>,
267 K: std::convert::Into<std::string::String>,
268 V: std::convert::Into<crate::model::AdmissionRule>,
269 {
270 use std::iter::Iterator;
271 self.istio_service_identity_admission_rules =
272 v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
273 self
274 }
275
276 /// Sets the value of [default_admission_rule][crate::model::Policy::default_admission_rule].
277 ///
278 /// # Example
279 /// ```ignore,no_run
280 /// # use google_cloud_binaryauthorization_v1::model::Policy;
281 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
282 /// let x = Policy::new().set_default_admission_rule(AdmissionRule::default()/* use setters */);
283 /// ```
284 pub fn set_default_admission_rule<T>(mut self, v: T) -> Self
285 where
286 T: std::convert::Into<crate::model::AdmissionRule>,
287 {
288 self.default_admission_rule = std::option::Option::Some(v.into());
289 self
290 }
291
292 /// Sets or clears the value of [default_admission_rule][crate::model::Policy::default_admission_rule].
293 ///
294 /// # Example
295 /// ```ignore,no_run
296 /// # use google_cloud_binaryauthorization_v1::model::Policy;
297 /// use google_cloud_binaryauthorization_v1::model::AdmissionRule;
298 /// let x = Policy::new().set_or_clear_default_admission_rule(Some(AdmissionRule::default()/* use setters */));
299 /// let x = Policy::new().set_or_clear_default_admission_rule(None::<AdmissionRule>);
300 /// ```
301 pub fn set_or_clear_default_admission_rule<T>(mut self, v: std::option::Option<T>) -> Self
302 where
303 T: std::convert::Into<crate::model::AdmissionRule>,
304 {
305 self.default_admission_rule = v.map(|x| x.into());
306 self
307 }
308
309 /// Sets the value of [update_time][crate::model::Policy::update_time].
310 ///
311 /// # Example
312 /// ```ignore,no_run
313 /// # use google_cloud_binaryauthorization_v1::model::Policy;
314 /// use wkt::Timestamp;
315 /// let x = Policy::new().set_update_time(Timestamp::default()/* use setters */);
316 /// ```
317 pub fn set_update_time<T>(mut self, v: T) -> Self
318 where
319 T: std::convert::Into<wkt::Timestamp>,
320 {
321 self.update_time = std::option::Option::Some(v.into());
322 self
323 }
324
325 /// Sets or clears the value of [update_time][crate::model::Policy::update_time].
326 ///
327 /// # Example
328 /// ```ignore,no_run
329 /// # use google_cloud_binaryauthorization_v1::model::Policy;
330 /// use wkt::Timestamp;
331 /// let x = Policy::new().set_or_clear_update_time(Some(Timestamp::default()/* use setters */));
332 /// let x = Policy::new().set_or_clear_update_time(None::<Timestamp>);
333 /// ```
334 pub fn set_or_clear_update_time<T>(mut self, v: std::option::Option<T>) -> Self
335 where
336 T: std::convert::Into<wkt::Timestamp>,
337 {
338 self.update_time = v.map(|x| x.into());
339 self
340 }
341
342 /// Sets the value of [etag][crate::model::Policy::etag].
343 ///
344 /// # Example
345 /// ```ignore,no_run
346 /// # use google_cloud_binaryauthorization_v1::model::Policy;
347 /// let x = Policy::new().set_etag("example");
348 /// ```
349 pub fn set_etag<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
350 self.etag = v.into();
351 self
352 }
353}
354
355impl wkt::message::Message for Policy {
356 fn typename() -> &'static str {
357 "type.googleapis.com/google.cloud.binaryauthorization.v1.Policy"
358 }
359}
360
361/// Defines additional types related to [Policy].
362pub mod policy {
363 #[allow(unused_imports)]
364 use super::*;
365
366 /// Enum for [GlobalPolicyEvaluationMode].
367 ///
368 /// # Working with unknown values
369 ///
370 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
371 /// additional enum variants at any time. Adding new variants is not considered
372 /// a breaking change. Applications should write their code in anticipation of:
373 ///
374 /// - New values appearing in future releases of the client library, **and**
375 /// - New values received dynamically, without application changes.
376 ///
377 /// Please consult the [Working with enums] section in the user guide for some
378 /// guidelines.
379 ///
380 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
381 #[derive(Clone, Debug, PartialEq)]
382 #[non_exhaustive]
383 pub enum GlobalPolicyEvaluationMode {
384 /// Not specified: `DISABLE` is assumed.
385 Unspecified,
386 /// Enables system policy evaluation.
387 Enable,
388 /// Disables system policy evaluation.
389 Disable,
390 /// If set, the enum was initialized with an unknown value.
391 ///
392 /// Applications can examine the value using [GlobalPolicyEvaluationMode::value] or
393 /// [GlobalPolicyEvaluationMode::name].
394 UnknownValue(global_policy_evaluation_mode::UnknownValue),
395 }
396
397 #[doc(hidden)]
398 pub mod global_policy_evaluation_mode {
399 #[allow(unused_imports)]
400 use super::*;
401 #[derive(Clone, Debug, PartialEq)]
402 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
403 }
404
405 impl GlobalPolicyEvaluationMode {
406 /// Gets the enum value.
407 ///
408 /// Returns `None` if the enum contains an unknown value deserialized from
409 /// the string representation of enums.
410 pub fn value(&self) -> std::option::Option<i32> {
411 match self {
412 Self::Unspecified => std::option::Option::Some(0),
413 Self::Enable => std::option::Option::Some(1),
414 Self::Disable => std::option::Option::Some(2),
415 Self::UnknownValue(u) => u.0.value(),
416 }
417 }
418
419 /// Gets the enum value as a string.
420 ///
421 /// Returns `None` if the enum contains an unknown value deserialized from
422 /// the integer representation of enums.
423 pub fn name(&self) -> std::option::Option<&str> {
424 match self {
425 Self::Unspecified => {
426 std::option::Option::Some("GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED")
427 }
428 Self::Enable => std::option::Option::Some("ENABLE"),
429 Self::Disable => std::option::Option::Some("DISABLE"),
430 Self::UnknownValue(u) => u.0.name(),
431 }
432 }
433 }
434
435 impl std::default::Default for GlobalPolicyEvaluationMode {
436 fn default() -> Self {
437 use std::convert::From;
438 Self::from(0)
439 }
440 }
441
442 impl std::fmt::Display for GlobalPolicyEvaluationMode {
443 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
444 wkt::internal::display_enum(f, self.name(), self.value())
445 }
446 }
447
448 impl std::convert::From<i32> for GlobalPolicyEvaluationMode {
449 fn from(value: i32) -> Self {
450 match value {
451 0 => Self::Unspecified,
452 1 => Self::Enable,
453 2 => Self::Disable,
454 _ => Self::UnknownValue(global_policy_evaluation_mode::UnknownValue(
455 wkt::internal::UnknownEnumValue::Integer(value),
456 )),
457 }
458 }
459 }
460
461 impl std::convert::From<&str> for GlobalPolicyEvaluationMode {
462 fn from(value: &str) -> Self {
463 use std::string::ToString;
464 match value {
465 "GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED" => Self::Unspecified,
466 "ENABLE" => Self::Enable,
467 "DISABLE" => Self::Disable,
468 _ => Self::UnknownValue(global_policy_evaluation_mode::UnknownValue(
469 wkt::internal::UnknownEnumValue::String(value.to_string()),
470 )),
471 }
472 }
473 }
474
475 impl serde::ser::Serialize for GlobalPolicyEvaluationMode {
476 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
477 where
478 S: serde::Serializer,
479 {
480 match self {
481 Self::Unspecified => serializer.serialize_i32(0),
482 Self::Enable => serializer.serialize_i32(1),
483 Self::Disable => serializer.serialize_i32(2),
484 Self::UnknownValue(u) => u.0.serialize(serializer),
485 }
486 }
487 }
488
489 impl<'de> serde::de::Deserialize<'de> for GlobalPolicyEvaluationMode {
490 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
491 where
492 D: serde::Deserializer<'de>,
493 {
494 deserializer.deserialize_any(
495 wkt::internal::EnumVisitor::<GlobalPolicyEvaluationMode>::new(
496 ".google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode",
497 ),
498 )
499 }
500 }
501}
502
503/// An [admission allowlist
504/// pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]
505/// exempts images from checks by [admission
506/// rules][google.cloud.binaryauthorization.v1.AdmissionRule].
507///
508/// [google.cloud.binaryauthorization.v1.AdmissionRule]: crate::model::AdmissionRule
509/// [google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]: crate::model::AdmissionWhitelistPattern
510#[derive(Clone, Default, PartialEq)]
511#[non_exhaustive]
512pub struct AdmissionWhitelistPattern {
513 /// An image name pattern to allowlist, in the form `registry/path/to/image`.
514 /// This supports a trailing `*` wildcard, but this is allowed only in
515 /// text after the `registry/` part. This also supports a trailing `**`
516 /// wildcard which matches subdirectories of a given entry.
517 pub name_pattern: std::string::String,
518
519 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
520}
521
522impl AdmissionWhitelistPattern {
523 /// Creates a new default instance.
524 pub fn new() -> Self {
525 std::default::Default::default()
526 }
527
528 /// Sets the value of [name_pattern][crate::model::AdmissionWhitelistPattern::name_pattern].
529 ///
530 /// # Example
531 /// ```ignore,no_run
532 /// # use google_cloud_binaryauthorization_v1::model::AdmissionWhitelistPattern;
533 /// let x = AdmissionWhitelistPattern::new().set_name_pattern("example");
534 /// ```
535 pub fn set_name_pattern<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
536 self.name_pattern = v.into();
537 self
538 }
539}
540
541impl wkt::message::Message for AdmissionWhitelistPattern {
542 fn typename() -> &'static str {
543 "type.googleapis.com/google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern"
544 }
545}
546
547/// An [admission rule][google.cloud.binaryauthorization.v1.AdmissionRule]
548/// specifies either that all container images used in a pod creation request
549/// must be attested to by one or more
550/// [attestors][google.cloud.binaryauthorization.v1.Attestor], that all pod
551/// creations will be allowed, or that all pod creations will be denied.
552///
553/// Images matching an [admission allowlist
554/// pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] are
555/// exempted from admission rules and will never block a pod creation.
556///
557/// [google.cloud.binaryauthorization.v1.AdmissionRule]: crate::model::AdmissionRule
558/// [google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern]: crate::model::AdmissionWhitelistPattern
559/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
560#[derive(Clone, Default, PartialEq)]
561#[non_exhaustive]
562pub struct AdmissionRule {
563 /// Required. How this admission rule will be evaluated.
564 pub evaluation_mode: crate::model::admission_rule::EvaluationMode,
565
566 /// Optional. The resource names of the attestors that must attest to
567 /// a container image, in the format `projects/*/attestors/*`. Each
568 /// attestor must exist before a policy can reference it. To add an attestor
569 /// to a policy the principal issuing the policy change request must be able
570 /// to read the attestor resource.
571 ///
572 /// Note: this field must be non-empty when the `evaluation_mode` field
573 /// specifies `REQUIRE_ATTESTATION`, otherwise it must be empty.
574 pub require_attestations_by: std::vec::Vec<std::string::String>,
575
576 /// Required. The action when a pod creation is denied by the admission rule.
577 pub enforcement_mode: crate::model::admission_rule::EnforcementMode,
578
579 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
580}
581
582impl AdmissionRule {
583 /// Creates a new default instance.
584 pub fn new() -> Self {
585 std::default::Default::default()
586 }
587
588 /// Sets the value of [evaluation_mode][crate::model::AdmissionRule::evaluation_mode].
589 ///
590 /// # Example
591 /// ```ignore,no_run
592 /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
593 /// use google_cloud_binaryauthorization_v1::model::admission_rule::EvaluationMode;
594 /// let x0 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::AlwaysAllow);
595 /// let x1 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::RequireAttestation);
596 /// let x2 = AdmissionRule::new().set_evaluation_mode(EvaluationMode::AlwaysDeny);
597 /// ```
598 pub fn set_evaluation_mode<
599 T: std::convert::Into<crate::model::admission_rule::EvaluationMode>,
600 >(
601 mut self,
602 v: T,
603 ) -> Self {
604 self.evaluation_mode = v.into();
605 self
606 }
607
608 /// Sets the value of [require_attestations_by][crate::model::AdmissionRule::require_attestations_by].
609 ///
610 /// # Example
611 /// ```ignore,no_run
612 /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
613 /// let x = AdmissionRule::new().set_require_attestations_by(["a", "b", "c"]);
614 /// ```
615 pub fn set_require_attestations_by<T, V>(mut self, v: T) -> Self
616 where
617 T: std::iter::IntoIterator<Item = V>,
618 V: std::convert::Into<std::string::String>,
619 {
620 use std::iter::Iterator;
621 self.require_attestations_by = v.into_iter().map(|i| i.into()).collect();
622 self
623 }
624
625 /// Sets the value of [enforcement_mode][crate::model::AdmissionRule::enforcement_mode].
626 ///
627 /// # Example
628 /// ```ignore,no_run
629 /// # use google_cloud_binaryauthorization_v1::model::AdmissionRule;
630 /// use google_cloud_binaryauthorization_v1::model::admission_rule::EnforcementMode;
631 /// let x0 = AdmissionRule::new().set_enforcement_mode(EnforcementMode::EnforcedBlockAndAuditLog);
632 /// let x1 = AdmissionRule::new().set_enforcement_mode(EnforcementMode::DryrunAuditLogOnly);
633 /// ```
634 pub fn set_enforcement_mode<
635 T: std::convert::Into<crate::model::admission_rule::EnforcementMode>,
636 >(
637 mut self,
638 v: T,
639 ) -> Self {
640 self.enforcement_mode = v.into();
641 self
642 }
643}
644
645impl wkt::message::Message for AdmissionRule {
646 fn typename() -> &'static str {
647 "type.googleapis.com/google.cloud.binaryauthorization.v1.AdmissionRule"
648 }
649}
650
651/// Defines additional types related to [AdmissionRule].
652pub mod admission_rule {
653 #[allow(unused_imports)]
654 use super::*;
655
656 /// Enum for [EvaluationMode].
657 ///
658 /// # Working with unknown values
659 ///
660 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
661 /// additional enum variants at any time. Adding new variants is not considered
662 /// a breaking change. Applications should write their code in anticipation of:
663 ///
664 /// - New values appearing in future releases of the client library, **and**
665 /// - New values received dynamically, without application changes.
666 ///
667 /// Please consult the [Working with enums] section in the user guide for some
668 /// guidelines.
669 ///
670 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
671 #[derive(Clone, Debug, PartialEq)]
672 #[non_exhaustive]
673 pub enum EvaluationMode {
674 /// Do not use.
675 Unspecified,
676 /// This rule allows all pod creations.
677 AlwaysAllow,
678 /// This rule allows a pod creation if all the attestors listed in
679 /// `require_attestations_by` have valid attestations for all of the
680 /// images in the pod spec.
681 RequireAttestation,
682 /// This rule denies all pod creations.
683 AlwaysDeny,
684 /// If set, the enum was initialized with an unknown value.
685 ///
686 /// Applications can examine the value using [EvaluationMode::value] or
687 /// [EvaluationMode::name].
688 UnknownValue(evaluation_mode::UnknownValue),
689 }
690
691 #[doc(hidden)]
692 pub mod evaluation_mode {
693 #[allow(unused_imports)]
694 use super::*;
695 #[derive(Clone, Debug, PartialEq)]
696 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
697 }
698
699 impl EvaluationMode {
700 /// Gets the enum value.
701 ///
702 /// Returns `None` if the enum contains an unknown value deserialized from
703 /// the string representation of enums.
704 pub fn value(&self) -> std::option::Option<i32> {
705 match self {
706 Self::Unspecified => std::option::Option::Some(0),
707 Self::AlwaysAllow => std::option::Option::Some(1),
708 Self::RequireAttestation => std::option::Option::Some(2),
709 Self::AlwaysDeny => std::option::Option::Some(3),
710 Self::UnknownValue(u) => u.0.value(),
711 }
712 }
713
714 /// Gets the enum value as a string.
715 ///
716 /// Returns `None` if the enum contains an unknown value deserialized from
717 /// the integer representation of enums.
718 pub fn name(&self) -> std::option::Option<&str> {
719 match self {
720 Self::Unspecified => std::option::Option::Some("EVALUATION_MODE_UNSPECIFIED"),
721 Self::AlwaysAllow => std::option::Option::Some("ALWAYS_ALLOW"),
722 Self::RequireAttestation => std::option::Option::Some("REQUIRE_ATTESTATION"),
723 Self::AlwaysDeny => std::option::Option::Some("ALWAYS_DENY"),
724 Self::UnknownValue(u) => u.0.name(),
725 }
726 }
727 }
728
729 impl std::default::Default for EvaluationMode {
730 fn default() -> Self {
731 use std::convert::From;
732 Self::from(0)
733 }
734 }
735
736 impl std::fmt::Display for EvaluationMode {
737 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
738 wkt::internal::display_enum(f, self.name(), self.value())
739 }
740 }
741
742 impl std::convert::From<i32> for EvaluationMode {
743 fn from(value: i32) -> Self {
744 match value {
745 0 => Self::Unspecified,
746 1 => Self::AlwaysAllow,
747 2 => Self::RequireAttestation,
748 3 => Self::AlwaysDeny,
749 _ => Self::UnknownValue(evaluation_mode::UnknownValue(
750 wkt::internal::UnknownEnumValue::Integer(value),
751 )),
752 }
753 }
754 }
755
756 impl std::convert::From<&str> for EvaluationMode {
757 fn from(value: &str) -> Self {
758 use std::string::ToString;
759 match value {
760 "EVALUATION_MODE_UNSPECIFIED" => Self::Unspecified,
761 "ALWAYS_ALLOW" => Self::AlwaysAllow,
762 "REQUIRE_ATTESTATION" => Self::RequireAttestation,
763 "ALWAYS_DENY" => Self::AlwaysDeny,
764 _ => Self::UnknownValue(evaluation_mode::UnknownValue(
765 wkt::internal::UnknownEnumValue::String(value.to_string()),
766 )),
767 }
768 }
769 }
770
771 impl serde::ser::Serialize for EvaluationMode {
772 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
773 where
774 S: serde::Serializer,
775 {
776 match self {
777 Self::Unspecified => serializer.serialize_i32(0),
778 Self::AlwaysAllow => serializer.serialize_i32(1),
779 Self::RequireAttestation => serializer.serialize_i32(2),
780 Self::AlwaysDeny => serializer.serialize_i32(3),
781 Self::UnknownValue(u) => u.0.serialize(serializer),
782 }
783 }
784 }
785
786 impl<'de> serde::de::Deserialize<'de> for EvaluationMode {
787 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
788 where
789 D: serde::Deserializer<'de>,
790 {
791 deserializer.deserialize_any(wkt::internal::EnumVisitor::<EvaluationMode>::new(
792 ".google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode",
793 ))
794 }
795 }
796
797 /// Defines the possible actions when a pod creation is denied by an admission
798 /// rule.
799 ///
800 /// # Working with unknown values
801 ///
802 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
803 /// additional enum variants at any time. Adding new variants is not considered
804 /// a breaking change. Applications should write their code in anticipation of:
805 ///
806 /// - New values appearing in future releases of the client library, **and**
807 /// - New values received dynamically, without application changes.
808 ///
809 /// Please consult the [Working with enums] section in the user guide for some
810 /// guidelines.
811 ///
812 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
813 #[derive(Clone, Debug, PartialEq)]
814 #[non_exhaustive]
815 pub enum EnforcementMode {
816 /// Do not use.
817 Unspecified,
818 /// Enforce the admission rule by blocking the pod creation.
819 EnforcedBlockAndAuditLog,
820 /// Dryrun mode: Audit logging only. This will allow the pod creation as if
821 /// the admission request had specified break-glass.
822 DryrunAuditLogOnly,
823 /// If set, the enum was initialized with an unknown value.
824 ///
825 /// Applications can examine the value using [EnforcementMode::value] or
826 /// [EnforcementMode::name].
827 UnknownValue(enforcement_mode::UnknownValue),
828 }
829
830 #[doc(hidden)]
831 pub mod enforcement_mode {
832 #[allow(unused_imports)]
833 use super::*;
834 #[derive(Clone, Debug, PartialEq)]
835 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
836 }
837
838 impl EnforcementMode {
839 /// Gets the enum value.
840 ///
841 /// Returns `None` if the enum contains an unknown value deserialized from
842 /// the string representation of enums.
843 pub fn value(&self) -> std::option::Option<i32> {
844 match self {
845 Self::Unspecified => std::option::Option::Some(0),
846 Self::EnforcedBlockAndAuditLog => std::option::Option::Some(1),
847 Self::DryrunAuditLogOnly => std::option::Option::Some(2),
848 Self::UnknownValue(u) => u.0.value(),
849 }
850 }
851
852 /// Gets the enum value as a string.
853 ///
854 /// Returns `None` if the enum contains an unknown value deserialized from
855 /// the integer representation of enums.
856 pub fn name(&self) -> std::option::Option<&str> {
857 match self {
858 Self::Unspecified => std::option::Option::Some("ENFORCEMENT_MODE_UNSPECIFIED"),
859 Self::EnforcedBlockAndAuditLog => {
860 std::option::Option::Some("ENFORCED_BLOCK_AND_AUDIT_LOG")
861 }
862 Self::DryrunAuditLogOnly => std::option::Option::Some("DRYRUN_AUDIT_LOG_ONLY"),
863 Self::UnknownValue(u) => u.0.name(),
864 }
865 }
866 }
867
868 impl std::default::Default for EnforcementMode {
869 fn default() -> Self {
870 use std::convert::From;
871 Self::from(0)
872 }
873 }
874
875 impl std::fmt::Display for EnforcementMode {
876 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
877 wkt::internal::display_enum(f, self.name(), self.value())
878 }
879 }
880
881 impl std::convert::From<i32> for EnforcementMode {
882 fn from(value: i32) -> Self {
883 match value {
884 0 => Self::Unspecified,
885 1 => Self::EnforcedBlockAndAuditLog,
886 2 => Self::DryrunAuditLogOnly,
887 _ => Self::UnknownValue(enforcement_mode::UnknownValue(
888 wkt::internal::UnknownEnumValue::Integer(value),
889 )),
890 }
891 }
892 }
893
894 impl std::convert::From<&str> for EnforcementMode {
895 fn from(value: &str) -> Self {
896 use std::string::ToString;
897 match value {
898 "ENFORCEMENT_MODE_UNSPECIFIED" => Self::Unspecified,
899 "ENFORCED_BLOCK_AND_AUDIT_LOG" => Self::EnforcedBlockAndAuditLog,
900 "DRYRUN_AUDIT_LOG_ONLY" => Self::DryrunAuditLogOnly,
901 _ => Self::UnknownValue(enforcement_mode::UnknownValue(
902 wkt::internal::UnknownEnumValue::String(value.to_string()),
903 )),
904 }
905 }
906 }
907
908 impl serde::ser::Serialize for EnforcementMode {
909 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
910 where
911 S: serde::Serializer,
912 {
913 match self {
914 Self::Unspecified => serializer.serialize_i32(0),
915 Self::EnforcedBlockAndAuditLog => serializer.serialize_i32(1),
916 Self::DryrunAuditLogOnly => serializer.serialize_i32(2),
917 Self::UnknownValue(u) => u.0.serialize(serializer),
918 }
919 }
920 }
921
922 impl<'de> serde::de::Deserialize<'de> for EnforcementMode {
923 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
924 where
925 D: serde::Deserializer<'de>,
926 {
927 deserializer.deserialize_any(wkt::internal::EnumVisitor::<EnforcementMode>::new(
928 ".google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode",
929 ))
930 }
931 }
932}
933
934/// An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to
935/// container image artifacts. An existing attestor cannot be modified except
936/// where indicated.
937///
938/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
939#[derive(Clone, Default, PartialEq)]
940#[non_exhaustive]
941pub struct Attestor {
942 /// Required. The resource name, in the format:
943 /// `projects/*/attestors/*`. This field may not be updated.
944 pub name: std::string::String,
945
946 /// Optional. A descriptive comment. This field may be updated.
947 /// The field may be displayed in chooser dialogs.
948 pub description: std::string::String,
949
950 /// Output only. Time when the attestor was last updated.
951 pub update_time: std::option::Option<wkt::Timestamp>,
952
953 /// Optional. A checksum, returned by the server, that can be sent on update
954 /// requests to ensure the attestor has an up-to-date value before attempting
955 /// to update it. See <https://google.aip.dev/154>.
956 pub etag: std::string::String,
957
958 #[allow(missing_docs)]
959 pub attestor_type: std::option::Option<crate::model::attestor::AttestorType>,
960
961 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
962}
963
964impl Attestor {
965 /// Creates a new default instance.
966 pub fn new() -> Self {
967 std::default::Default::default()
968 }
969
970 /// Sets the value of [name][crate::model::Attestor::name].
971 ///
972 /// # Example
973 /// ```ignore,no_run
974 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
975 /// # let project_id = "project_id";
976 /// # let attestor_id = "attestor_id";
977 /// let x = Attestor::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
978 /// ```
979 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
980 self.name = v.into();
981 self
982 }
983
984 /// Sets the value of [description][crate::model::Attestor::description].
985 ///
986 /// # Example
987 /// ```ignore,no_run
988 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
989 /// let x = Attestor::new().set_description("example");
990 /// ```
991 pub fn set_description<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
992 self.description = v.into();
993 self
994 }
995
996 /// Sets the value of [update_time][crate::model::Attestor::update_time].
997 ///
998 /// # Example
999 /// ```ignore,no_run
1000 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1001 /// use wkt::Timestamp;
1002 /// let x = Attestor::new().set_update_time(Timestamp::default()/* use setters */);
1003 /// ```
1004 pub fn set_update_time<T>(mut self, v: T) -> Self
1005 where
1006 T: std::convert::Into<wkt::Timestamp>,
1007 {
1008 self.update_time = std::option::Option::Some(v.into());
1009 self
1010 }
1011
1012 /// Sets or clears the value of [update_time][crate::model::Attestor::update_time].
1013 ///
1014 /// # Example
1015 /// ```ignore,no_run
1016 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1017 /// use wkt::Timestamp;
1018 /// let x = Attestor::new().set_or_clear_update_time(Some(Timestamp::default()/* use setters */));
1019 /// let x = Attestor::new().set_or_clear_update_time(None::<Timestamp>);
1020 /// ```
1021 pub fn set_or_clear_update_time<T>(mut self, v: std::option::Option<T>) -> Self
1022 where
1023 T: std::convert::Into<wkt::Timestamp>,
1024 {
1025 self.update_time = v.map(|x| x.into());
1026 self
1027 }
1028
1029 /// Sets the value of [etag][crate::model::Attestor::etag].
1030 ///
1031 /// # Example
1032 /// ```ignore,no_run
1033 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1034 /// let x = Attestor::new().set_etag("example");
1035 /// ```
1036 pub fn set_etag<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1037 self.etag = v.into();
1038 self
1039 }
1040
1041 /// Sets the value of [attestor_type][crate::model::Attestor::attestor_type].
1042 ///
1043 /// Note that all the setters affecting `attestor_type` are mutually
1044 /// exclusive.
1045 ///
1046 /// # Example
1047 /// ```ignore,no_run
1048 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1049 /// use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1050 /// let x = Attestor::new().set_attestor_type(Some(
1051 /// google_cloud_binaryauthorization_v1::model::attestor::AttestorType::UserOwnedGrafeasNote(UserOwnedGrafeasNote::default().into())));
1052 /// ```
1053 pub fn set_attestor_type<
1054 T: std::convert::Into<std::option::Option<crate::model::attestor::AttestorType>>,
1055 >(
1056 mut self,
1057 v: T,
1058 ) -> Self {
1059 self.attestor_type = v.into();
1060 self
1061 }
1062
1063 /// The value of [attestor_type][crate::model::Attestor::attestor_type]
1064 /// if it holds a `UserOwnedGrafeasNote`, `None` if the field is not set or
1065 /// holds a different branch.
1066 pub fn user_owned_grafeas_note(
1067 &self,
1068 ) -> std::option::Option<&std::boxed::Box<crate::model::UserOwnedGrafeasNote>> {
1069 #[allow(unreachable_patterns)]
1070 self.attestor_type.as_ref().and_then(|v| match v {
1071 crate::model::attestor::AttestorType::UserOwnedGrafeasNote(v) => {
1072 std::option::Option::Some(v)
1073 }
1074 _ => std::option::Option::None,
1075 })
1076 }
1077
1078 /// Sets the value of [attestor_type][crate::model::Attestor::attestor_type]
1079 /// to hold a `UserOwnedGrafeasNote`.
1080 ///
1081 /// Note that all the setters affecting `attestor_type` are
1082 /// mutually exclusive.
1083 ///
1084 /// # Example
1085 /// ```ignore,no_run
1086 /// # use google_cloud_binaryauthorization_v1::model::Attestor;
1087 /// use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1088 /// let x = Attestor::new().set_user_owned_grafeas_note(UserOwnedGrafeasNote::default()/* use setters */);
1089 /// assert!(x.user_owned_grafeas_note().is_some());
1090 /// ```
1091 pub fn set_user_owned_grafeas_note<
1092 T: std::convert::Into<std::boxed::Box<crate::model::UserOwnedGrafeasNote>>,
1093 >(
1094 mut self,
1095 v: T,
1096 ) -> Self {
1097 self.attestor_type = std::option::Option::Some(
1098 crate::model::attestor::AttestorType::UserOwnedGrafeasNote(v.into()),
1099 );
1100 self
1101 }
1102}
1103
1104impl wkt::message::Message for Attestor {
1105 fn typename() -> &'static str {
1106 "type.googleapis.com/google.cloud.binaryauthorization.v1.Attestor"
1107 }
1108}
1109
1110/// Defines additional types related to [Attestor].
1111pub mod attestor {
1112 #[allow(unused_imports)]
1113 use super::*;
1114
1115 #[allow(missing_docs)]
1116 #[derive(Clone, Debug, PartialEq)]
1117 #[non_exhaustive]
1118 pub enum AttestorType {
1119 /// This specifies how an attestation will be read, and how it will be used
1120 /// during policy enforcement.
1121 UserOwnedGrafeasNote(std::boxed::Box<crate::model::UserOwnedGrafeasNote>),
1122 }
1123}
1124
1125/// An [user owned Grafeas
1126/// note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] references a
1127/// Grafeas Attestation.Authority Note created by the user.
1128///
1129/// [google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote]: crate::model::UserOwnedGrafeasNote
1130#[derive(Clone, Default, PartialEq)]
1131#[non_exhaustive]
1132pub struct UserOwnedGrafeasNote {
1133 /// Required. The Grafeas resource name of a Attestation.Authority Note,
1134 /// created by the user, in the format: `projects/[PROJECT_ID]/notes/*`. This
1135 /// field may not be updated. A project ID must be used, not a project number.
1136 ///
1137 /// An attestation by this attestor is stored as a Grafeas
1138 /// Attestation.Authority Occurrence that names a container image and that
1139 /// links to this Note. Grafeas is an external dependency.
1140 pub note_reference: std::string::String,
1141
1142 /// Optional. Public keys that verify attestations signed by this
1143 /// attestor. This field may be updated.
1144 ///
1145 /// If this field is non-empty, one of the specified public keys must
1146 /// verify that an attestation was signed by this attestor for the
1147 /// image specified in the admission request.
1148 ///
1149 /// If this field is empty, this attestor always returns that no
1150 /// valid attestations exist.
1151 pub public_keys: std::vec::Vec<crate::model::AttestorPublicKey>,
1152
1153 /// Output only. This field will contain the service account email address
1154 /// that this attestor will use as the principal when querying Container
1155 /// Analysis. Attestor administrators must grant this service account the
1156 /// IAM role needed to read attestations from the
1157 /// [note_reference][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote.note_reference]
1158 /// in Container Analysis (`containeranalysis.notes.occurrences.viewer`).
1159 ///
1160 /// This email address is fixed for the lifetime of the attestor, but callers
1161 /// should not make any other assumptions about the service account email;
1162 /// future versions may use an email based on a different naming pattern.
1163 ///
1164 /// [google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote.note_reference]: crate::model::UserOwnedGrafeasNote::note_reference
1165 pub delegation_service_account_email: std::string::String,
1166
1167 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1168}
1169
1170impl UserOwnedGrafeasNote {
1171 /// Creates a new default instance.
1172 pub fn new() -> Self {
1173 std::default::Default::default()
1174 }
1175
1176 /// Sets the value of [note_reference][crate::model::UserOwnedGrafeasNote::note_reference].
1177 ///
1178 /// # Example
1179 /// ```ignore,no_run
1180 /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1181 /// let x = UserOwnedGrafeasNote::new().set_note_reference("example");
1182 /// ```
1183 pub fn set_note_reference<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1184 self.note_reference = v.into();
1185 self
1186 }
1187
1188 /// Sets the value of [public_keys][crate::model::UserOwnedGrafeasNote::public_keys].
1189 ///
1190 /// # Example
1191 /// ```ignore,no_run
1192 /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1193 /// use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1194 /// let x = UserOwnedGrafeasNote::new()
1195 /// .set_public_keys([
1196 /// AttestorPublicKey::default()/* use setters */,
1197 /// AttestorPublicKey::default()/* use (different) setters */,
1198 /// ]);
1199 /// ```
1200 pub fn set_public_keys<T, V>(mut self, v: T) -> Self
1201 where
1202 T: std::iter::IntoIterator<Item = V>,
1203 V: std::convert::Into<crate::model::AttestorPublicKey>,
1204 {
1205 use std::iter::Iterator;
1206 self.public_keys = v.into_iter().map(|i| i.into()).collect();
1207 self
1208 }
1209
1210 /// Sets the value of [delegation_service_account_email][crate::model::UserOwnedGrafeasNote::delegation_service_account_email].
1211 ///
1212 /// # Example
1213 /// ```ignore,no_run
1214 /// # use google_cloud_binaryauthorization_v1::model::UserOwnedGrafeasNote;
1215 /// let x = UserOwnedGrafeasNote::new().set_delegation_service_account_email("example");
1216 /// ```
1217 pub fn set_delegation_service_account_email<T: std::convert::Into<std::string::String>>(
1218 mut self,
1219 v: T,
1220 ) -> Self {
1221 self.delegation_service_account_email = v.into();
1222 self
1223 }
1224}
1225
1226impl wkt::message::Message for UserOwnedGrafeasNote {
1227 fn typename() -> &'static str {
1228 "type.googleapis.com/google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote"
1229 }
1230}
1231
1232/// A public key in the PkixPublicKey
1233/// [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public keys of
1234/// this type are typically textually encoded using the PEM format.
1235#[derive(Clone, Default, PartialEq)]
1236#[non_exhaustive]
1237pub struct PkixPublicKey {
1238 /// A PEM-encoded public key, as described in
1239 /// <https://tools.ietf.org/html/rfc7468#section-13>
1240 pub public_key_pem: std::string::String,
1241
1242 /// The signature algorithm used to verify a message against a signature using
1243 /// this key.
1244 /// These signature algorithm must match the structure and any object
1245 /// identifiers encoded in `public_key_pem` (i.e. this algorithm must match
1246 /// that of the public key).
1247 pub signature_algorithm: crate::model::pkix_public_key::SignatureAlgorithm,
1248
1249 /// Optional. The ID of this public key.
1250 /// Signatures verified by Binary Authorization must include the ID of the
1251 /// public key that can be used to verify them. The ID must match exactly
1252 /// contents of the `key_id` field exactly.
1253 ///
1254 /// The ID may be explicitly provided by the caller, but it MUST be a valid
1255 /// RFC3986 URI. If `key_id` is left blank and this `PkixPublicKey` is not used
1256 /// in the context of a wrapper (see next paragraph), a default key ID will be
1257 /// computed based on the digest of the DER encoding of the public key.
1258 ///
1259 /// If this `PkixPublicKey` is used in the context of a wrapper that has its
1260 /// own notion of key ID (e.g. `AttestorPublicKey`), then this field can
1261 /// either match that value exactly, or be left blank, in which case it behaves
1262 /// exactly as though it is equal to that wrapper value.
1263 pub key_id: std::string::String,
1264
1265 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1266}
1267
1268impl PkixPublicKey {
1269 /// Creates a new default instance.
1270 pub fn new() -> Self {
1271 std::default::Default::default()
1272 }
1273
1274 /// Sets the value of [public_key_pem][crate::model::PkixPublicKey::public_key_pem].
1275 ///
1276 /// # Example
1277 /// ```ignore,no_run
1278 /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1279 /// let x = PkixPublicKey::new().set_public_key_pem("example");
1280 /// ```
1281 pub fn set_public_key_pem<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1282 self.public_key_pem = v.into();
1283 self
1284 }
1285
1286 /// Sets the value of [signature_algorithm][crate::model::PkixPublicKey::signature_algorithm].
1287 ///
1288 /// # Example
1289 /// ```ignore,no_run
1290 /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1291 /// use google_cloud_binaryauthorization_v1::model::pkix_public_key::SignatureAlgorithm;
1292 /// let x0 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaPss2048Sha256);
1293 /// let x1 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaSignPss2048Sha256);
1294 /// let x2 = PkixPublicKey::new().set_signature_algorithm(SignatureAlgorithm::RsaPss3072Sha256);
1295 /// ```
1296 pub fn set_signature_algorithm<
1297 T: std::convert::Into<crate::model::pkix_public_key::SignatureAlgorithm>,
1298 >(
1299 mut self,
1300 v: T,
1301 ) -> Self {
1302 self.signature_algorithm = v.into();
1303 self
1304 }
1305
1306 /// Sets the value of [key_id][crate::model::PkixPublicKey::key_id].
1307 ///
1308 /// # Example
1309 /// ```ignore,no_run
1310 /// # use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1311 /// let x = PkixPublicKey::new().set_key_id("example");
1312 /// ```
1313 pub fn set_key_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1314 self.key_id = v.into();
1315 self
1316 }
1317}
1318
1319impl wkt::message::Message for PkixPublicKey {
1320 fn typename() -> &'static str {
1321 "type.googleapis.com/google.cloud.binaryauthorization.v1.PkixPublicKey"
1322 }
1323}
1324
1325/// Defines additional types related to [PkixPublicKey].
1326pub mod pkix_public_key {
1327 #[allow(unused_imports)]
1328 use super::*;
1329
1330 /// Represents a signature algorithm and other information necessary to verify
1331 /// signatures with a given public key.
1332 /// This is based primarily on the public key types supported by Tink's
1333 /// PemKeyType, which is in turn based on KMS's supported signing
1334 /// [algorithms](https://cloud.google.com/kms/docs/algorithms). In the future,
1335 /// Binary Authorization might support additional public key types
1336 /// independently of Tink and/or KMS.
1337 ///
1338 /// # Working with unknown values
1339 ///
1340 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
1341 /// additional enum variants at any time. Adding new variants is not considered
1342 /// a breaking change. Applications should write their code in anticipation of:
1343 ///
1344 /// - New values appearing in future releases of the client library, **and**
1345 /// - New values received dynamically, without application changes.
1346 ///
1347 /// Please consult the [Working with enums] section in the user guide for some
1348 /// guidelines.
1349 ///
1350 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
1351 #[derive(Clone, Debug, PartialEq)]
1352 #[non_exhaustive]
1353 pub enum SignatureAlgorithm {
1354 /// Not specified.
1355 Unspecified,
1356 /// RSASSA-PSS 2048 bit key with a SHA256 digest.
1357 RsaPss2048Sha256,
1358 /// RSASSA-PSS 2048 bit key with a SHA256 digest.
1359 RsaSignPss2048Sha256,
1360 /// RSASSA-PSS 3072 bit key with a SHA256 digest.
1361 RsaPss3072Sha256,
1362 /// RSASSA-PSS 3072 bit key with a SHA256 digest.
1363 RsaSignPss3072Sha256,
1364 /// RSASSA-PSS 4096 bit key with a SHA256 digest.
1365 RsaPss4096Sha256,
1366 /// RSASSA-PSS 4096 bit key with a SHA256 digest.
1367 RsaSignPss4096Sha256,
1368 /// RSASSA-PSS 4096 bit key with a SHA512 digest.
1369 RsaPss4096Sha512,
1370 /// RSASSA-PSS 4096 bit key with a SHA512 digest.
1371 RsaSignPss4096Sha512,
1372 /// RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
1373 RsaSignPkcs12048Sha256,
1374 /// RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
1375 RsaSignPkcs13072Sha256,
1376 /// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
1377 RsaSignPkcs14096Sha256,
1378 /// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
1379 RsaSignPkcs14096Sha512,
1380 /// ECDSA on the NIST P-256 curve with a SHA256 digest.
1381 EcdsaP256Sha256,
1382 /// ECDSA on the NIST P-256 curve with a SHA256 digest.
1383 EcSignP256Sha256,
1384 /// ECDSA on the NIST P-384 curve with a SHA384 digest.
1385 EcdsaP384Sha384,
1386 /// ECDSA on the NIST P-384 curve with a SHA384 digest.
1387 EcSignP384Sha384,
1388 /// ECDSA on the NIST P-521 curve with a SHA512 digest.
1389 EcdsaP521Sha512,
1390 /// ECDSA on the NIST P-521 curve with a SHA512 digest.
1391 EcSignP521Sha512,
1392 /// ML-DSA-65 Post-Quantum Cryptography signature algorithm.
1393 MlDsa65,
1394 /// If set, the enum was initialized with an unknown value.
1395 ///
1396 /// Applications can examine the value using [SignatureAlgorithm::value] or
1397 /// [SignatureAlgorithm::name].
1398 UnknownValue(signature_algorithm::UnknownValue),
1399 }
1400
1401 #[doc(hidden)]
1402 pub mod signature_algorithm {
1403 #[allow(unused_imports)]
1404 use super::*;
1405 #[derive(Clone, Debug, PartialEq)]
1406 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
1407 }
1408
1409 impl SignatureAlgorithm {
1410 /// Gets the enum value.
1411 ///
1412 /// Returns `None` if the enum contains an unknown value deserialized from
1413 /// the string representation of enums.
1414 pub fn value(&self) -> std::option::Option<i32> {
1415 match self {
1416 Self::Unspecified => std::option::Option::Some(0),
1417 Self::RsaPss2048Sha256 => std::option::Option::Some(1),
1418 Self::RsaSignPss2048Sha256 => std::option::Option::Some(1),
1419 Self::RsaPss3072Sha256 => std::option::Option::Some(2),
1420 Self::RsaSignPss3072Sha256 => std::option::Option::Some(2),
1421 Self::RsaPss4096Sha256 => std::option::Option::Some(3),
1422 Self::RsaSignPss4096Sha256 => std::option::Option::Some(3),
1423 Self::RsaPss4096Sha512 => std::option::Option::Some(4),
1424 Self::RsaSignPss4096Sha512 => std::option::Option::Some(4),
1425 Self::RsaSignPkcs12048Sha256 => std::option::Option::Some(5),
1426 Self::RsaSignPkcs13072Sha256 => std::option::Option::Some(6),
1427 Self::RsaSignPkcs14096Sha256 => std::option::Option::Some(7),
1428 Self::RsaSignPkcs14096Sha512 => std::option::Option::Some(8),
1429 Self::EcdsaP256Sha256 => std::option::Option::Some(9),
1430 Self::EcSignP256Sha256 => std::option::Option::Some(9),
1431 Self::EcdsaP384Sha384 => std::option::Option::Some(10),
1432 Self::EcSignP384Sha384 => std::option::Option::Some(10),
1433 Self::EcdsaP521Sha512 => std::option::Option::Some(11),
1434 Self::EcSignP521Sha512 => std::option::Option::Some(11),
1435 Self::MlDsa65 => std::option::Option::Some(13),
1436 Self::UnknownValue(u) => u.0.value(),
1437 }
1438 }
1439
1440 /// Gets the enum value as a string.
1441 ///
1442 /// Returns `None` if the enum contains an unknown value deserialized from
1443 /// the integer representation of enums.
1444 pub fn name(&self) -> std::option::Option<&str> {
1445 match self {
1446 Self::Unspecified => std::option::Option::Some("SIGNATURE_ALGORITHM_UNSPECIFIED"),
1447 Self::RsaPss2048Sha256 => std::option::Option::Some("RSA_PSS_2048_SHA256"),
1448 Self::RsaSignPss2048Sha256 => std::option::Option::Some("RSA_SIGN_PSS_2048_SHA256"),
1449 Self::RsaPss3072Sha256 => std::option::Option::Some("RSA_PSS_3072_SHA256"),
1450 Self::RsaSignPss3072Sha256 => std::option::Option::Some("RSA_SIGN_PSS_3072_SHA256"),
1451 Self::RsaPss4096Sha256 => std::option::Option::Some("RSA_PSS_4096_SHA256"),
1452 Self::RsaSignPss4096Sha256 => std::option::Option::Some("RSA_SIGN_PSS_4096_SHA256"),
1453 Self::RsaPss4096Sha512 => std::option::Option::Some("RSA_PSS_4096_SHA512"),
1454 Self::RsaSignPss4096Sha512 => std::option::Option::Some("RSA_SIGN_PSS_4096_SHA512"),
1455 Self::RsaSignPkcs12048Sha256 => {
1456 std::option::Option::Some("RSA_SIGN_PKCS1_2048_SHA256")
1457 }
1458 Self::RsaSignPkcs13072Sha256 => {
1459 std::option::Option::Some("RSA_SIGN_PKCS1_3072_SHA256")
1460 }
1461 Self::RsaSignPkcs14096Sha256 => {
1462 std::option::Option::Some("RSA_SIGN_PKCS1_4096_SHA256")
1463 }
1464 Self::RsaSignPkcs14096Sha512 => {
1465 std::option::Option::Some("RSA_SIGN_PKCS1_4096_SHA512")
1466 }
1467 Self::EcdsaP256Sha256 => std::option::Option::Some("ECDSA_P256_SHA256"),
1468 Self::EcSignP256Sha256 => std::option::Option::Some("EC_SIGN_P256_SHA256"),
1469 Self::EcdsaP384Sha384 => std::option::Option::Some("ECDSA_P384_SHA384"),
1470 Self::EcSignP384Sha384 => std::option::Option::Some("EC_SIGN_P384_SHA384"),
1471 Self::EcdsaP521Sha512 => std::option::Option::Some("ECDSA_P521_SHA512"),
1472 Self::EcSignP521Sha512 => std::option::Option::Some("EC_SIGN_P521_SHA512"),
1473 Self::MlDsa65 => std::option::Option::Some("ML_DSA_65"),
1474 Self::UnknownValue(u) => u.0.name(),
1475 }
1476 }
1477 }
1478
1479 impl std::default::Default for SignatureAlgorithm {
1480 fn default() -> Self {
1481 use std::convert::From;
1482 Self::from(0)
1483 }
1484 }
1485
1486 impl std::fmt::Display for SignatureAlgorithm {
1487 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
1488 wkt::internal::display_enum(f, self.name(), self.value())
1489 }
1490 }
1491
1492 impl std::convert::From<i32> for SignatureAlgorithm {
1493 fn from(value: i32) -> Self {
1494 match value {
1495 0 => Self::Unspecified,
1496 1 => Self::RsaPss2048Sha256,
1497 2 => Self::RsaPss3072Sha256,
1498 3 => Self::RsaPss4096Sha256,
1499 4 => Self::RsaPss4096Sha512,
1500 5 => Self::RsaSignPkcs12048Sha256,
1501 6 => Self::RsaSignPkcs13072Sha256,
1502 7 => Self::RsaSignPkcs14096Sha256,
1503 8 => Self::RsaSignPkcs14096Sha512,
1504 9 => Self::EcdsaP256Sha256,
1505 10 => Self::EcdsaP384Sha384,
1506 11 => Self::EcdsaP521Sha512,
1507 13 => Self::MlDsa65,
1508 _ => Self::UnknownValue(signature_algorithm::UnknownValue(
1509 wkt::internal::UnknownEnumValue::Integer(value),
1510 )),
1511 }
1512 }
1513 }
1514
1515 impl std::convert::From<&str> for SignatureAlgorithm {
1516 fn from(value: &str) -> Self {
1517 use std::string::ToString;
1518 match value {
1519 "SIGNATURE_ALGORITHM_UNSPECIFIED" => Self::Unspecified,
1520 "RSA_PSS_2048_SHA256" => Self::RsaPss2048Sha256,
1521 "RSA_SIGN_PSS_2048_SHA256" => Self::RsaSignPss2048Sha256,
1522 "RSA_PSS_3072_SHA256" => Self::RsaPss3072Sha256,
1523 "RSA_SIGN_PSS_3072_SHA256" => Self::RsaSignPss3072Sha256,
1524 "RSA_PSS_4096_SHA256" => Self::RsaPss4096Sha256,
1525 "RSA_SIGN_PSS_4096_SHA256" => Self::RsaSignPss4096Sha256,
1526 "RSA_PSS_4096_SHA512" => Self::RsaPss4096Sha512,
1527 "RSA_SIGN_PSS_4096_SHA512" => Self::RsaSignPss4096Sha512,
1528 "RSA_SIGN_PKCS1_2048_SHA256" => Self::RsaSignPkcs12048Sha256,
1529 "RSA_SIGN_PKCS1_3072_SHA256" => Self::RsaSignPkcs13072Sha256,
1530 "RSA_SIGN_PKCS1_4096_SHA256" => Self::RsaSignPkcs14096Sha256,
1531 "RSA_SIGN_PKCS1_4096_SHA512" => Self::RsaSignPkcs14096Sha512,
1532 "ECDSA_P256_SHA256" => Self::EcdsaP256Sha256,
1533 "EC_SIGN_P256_SHA256" => Self::EcSignP256Sha256,
1534 "ECDSA_P384_SHA384" => Self::EcdsaP384Sha384,
1535 "EC_SIGN_P384_SHA384" => Self::EcSignP384Sha384,
1536 "ECDSA_P521_SHA512" => Self::EcdsaP521Sha512,
1537 "EC_SIGN_P521_SHA512" => Self::EcSignP521Sha512,
1538 "ML_DSA_65" => Self::MlDsa65,
1539 _ => Self::UnknownValue(signature_algorithm::UnknownValue(
1540 wkt::internal::UnknownEnumValue::String(value.to_string()),
1541 )),
1542 }
1543 }
1544 }
1545
1546 impl serde::ser::Serialize for SignatureAlgorithm {
1547 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
1548 where
1549 S: serde::Serializer,
1550 {
1551 match self {
1552 Self::Unspecified => serializer.serialize_i32(0),
1553 Self::RsaPss2048Sha256 => serializer.serialize_i32(1),
1554 Self::RsaSignPss2048Sha256 => serializer.serialize_i32(1),
1555 Self::RsaPss3072Sha256 => serializer.serialize_i32(2),
1556 Self::RsaSignPss3072Sha256 => serializer.serialize_i32(2),
1557 Self::RsaPss4096Sha256 => serializer.serialize_i32(3),
1558 Self::RsaSignPss4096Sha256 => serializer.serialize_i32(3),
1559 Self::RsaPss4096Sha512 => serializer.serialize_i32(4),
1560 Self::RsaSignPss4096Sha512 => serializer.serialize_i32(4),
1561 Self::RsaSignPkcs12048Sha256 => serializer.serialize_i32(5),
1562 Self::RsaSignPkcs13072Sha256 => serializer.serialize_i32(6),
1563 Self::RsaSignPkcs14096Sha256 => serializer.serialize_i32(7),
1564 Self::RsaSignPkcs14096Sha512 => serializer.serialize_i32(8),
1565 Self::EcdsaP256Sha256 => serializer.serialize_i32(9),
1566 Self::EcSignP256Sha256 => serializer.serialize_i32(9),
1567 Self::EcdsaP384Sha384 => serializer.serialize_i32(10),
1568 Self::EcSignP384Sha384 => serializer.serialize_i32(10),
1569 Self::EcdsaP521Sha512 => serializer.serialize_i32(11),
1570 Self::EcSignP521Sha512 => serializer.serialize_i32(11),
1571 Self::MlDsa65 => serializer.serialize_i32(13),
1572 Self::UnknownValue(u) => u.0.serialize(serializer),
1573 }
1574 }
1575 }
1576
1577 impl<'de> serde::de::Deserialize<'de> for SignatureAlgorithm {
1578 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
1579 where
1580 D: serde::Deserializer<'de>,
1581 {
1582 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SignatureAlgorithm>::new(
1583 ".google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm",
1584 ))
1585 }
1586 }
1587}
1588
1589/// An [attestor public
1590/// key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that will be used
1591/// to verify attestations signed by this attestor.
1592///
1593/// [google.cloud.binaryauthorization.v1.AttestorPublicKey]: crate::model::AttestorPublicKey
1594#[derive(Clone, Default, PartialEq)]
1595#[non_exhaustive]
1596pub struct AttestorPublicKey {
1597 /// Optional. A descriptive comment. This field may be updated.
1598 pub comment: std::string::String,
1599
1600 /// The ID of this public key.
1601 /// Signatures verified by Binary Authorization must include the ID of the
1602 /// public key that can be used to verify them, and that ID must match the
1603 /// contents of this field exactly. Additional restrictions on this field can
1604 /// be imposed based on which public key type is encapsulated. See the
1605 /// documentation on `public_key` cases below for details.
1606 pub id: std::string::String,
1607
1608 #[allow(missing_docs)]
1609 pub public_key: std::option::Option<crate::model::attestor_public_key::PublicKey>,
1610
1611 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1612}
1613
1614impl AttestorPublicKey {
1615 /// Creates a new default instance.
1616 pub fn new() -> Self {
1617 std::default::Default::default()
1618 }
1619
1620 /// Sets the value of [comment][crate::model::AttestorPublicKey::comment].
1621 ///
1622 /// # Example
1623 /// ```ignore,no_run
1624 /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1625 /// let x = AttestorPublicKey::new().set_comment("example");
1626 /// ```
1627 pub fn set_comment<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1628 self.comment = v.into();
1629 self
1630 }
1631
1632 /// Sets the value of [id][crate::model::AttestorPublicKey::id].
1633 ///
1634 /// # Example
1635 /// ```ignore,no_run
1636 /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1637 /// let x = AttestorPublicKey::new().set_id("example");
1638 /// ```
1639 pub fn set_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1640 self.id = v.into();
1641 self
1642 }
1643
1644 /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key].
1645 ///
1646 /// Note that all the setters affecting `public_key` are mutually
1647 /// exclusive.
1648 ///
1649 /// # Example
1650 /// ```ignore,no_run
1651 /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1652 /// use google_cloud_binaryauthorization_v1::model::attestor_public_key::PublicKey;
1653 /// let x = AttestorPublicKey::new().set_public_key(Some(PublicKey::AsciiArmoredPgpPublicKey("example".to_string())));
1654 /// ```
1655 pub fn set_public_key<
1656 T: std::convert::Into<std::option::Option<crate::model::attestor_public_key::PublicKey>>,
1657 >(
1658 mut self,
1659 v: T,
1660 ) -> Self {
1661 self.public_key = v.into();
1662 self
1663 }
1664
1665 /// The value of [public_key][crate::model::AttestorPublicKey::public_key]
1666 /// if it holds a `AsciiArmoredPgpPublicKey`, `None` if the field is not set or
1667 /// holds a different branch.
1668 pub fn ascii_armored_pgp_public_key(&self) -> std::option::Option<&std::string::String> {
1669 #[allow(unreachable_patterns)]
1670 self.public_key.as_ref().and_then(|v| match v {
1671 crate::model::attestor_public_key::PublicKey::AsciiArmoredPgpPublicKey(v) => {
1672 std::option::Option::Some(v)
1673 }
1674 _ => std::option::Option::None,
1675 })
1676 }
1677
1678 /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key]
1679 /// to hold a `AsciiArmoredPgpPublicKey`.
1680 ///
1681 /// Note that all the setters affecting `public_key` are
1682 /// mutually exclusive.
1683 ///
1684 /// # Example
1685 /// ```ignore,no_run
1686 /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1687 /// let x = AttestorPublicKey::new().set_ascii_armored_pgp_public_key("example");
1688 /// assert!(x.ascii_armored_pgp_public_key().is_some());
1689 /// assert!(x.pkix_public_key().is_none());
1690 /// ```
1691 pub fn set_ascii_armored_pgp_public_key<T: std::convert::Into<std::string::String>>(
1692 mut self,
1693 v: T,
1694 ) -> Self {
1695 self.public_key = std::option::Option::Some(
1696 crate::model::attestor_public_key::PublicKey::AsciiArmoredPgpPublicKey(v.into()),
1697 );
1698 self
1699 }
1700
1701 /// The value of [public_key][crate::model::AttestorPublicKey::public_key]
1702 /// if it holds a `PkixPublicKey`, `None` if the field is not set or
1703 /// holds a different branch.
1704 pub fn pkix_public_key(
1705 &self,
1706 ) -> std::option::Option<&std::boxed::Box<crate::model::PkixPublicKey>> {
1707 #[allow(unreachable_patterns)]
1708 self.public_key.as_ref().and_then(|v| match v {
1709 crate::model::attestor_public_key::PublicKey::PkixPublicKey(v) => {
1710 std::option::Option::Some(v)
1711 }
1712 _ => std::option::Option::None,
1713 })
1714 }
1715
1716 /// Sets the value of [public_key][crate::model::AttestorPublicKey::public_key]
1717 /// to hold a `PkixPublicKey`.
1718 ///
1719 /// Note that all the setters affecting `public_key` are
1720 /// mutually exclusive.
1721 ///
1722 /// # Example
1723 /// ```ignore,no_run
1724 /// # use google_cloud_binaryauthorization_v1::model::AttestorPublicKey;
1725 /// use google_cloud_binaryauthorization_v1::model::PkixPublicKey;
1726 /// let x = AttestorPublicKey::new().set_pkix_public_key(PkixPublicKey::default()/* use setters */);
1727 /// assert!(x.pkix_public_key().is_some());
1728 /// assert!(x.ascii_armored_pgp_public_key().is_none());
1729 /// ```
1730 pub fn set_pkix_public_key<
1731 T: std::convert::Into<std::boxed::Box<crate::model::PkixPublicKey>>,
1732 >(
1733 mut self,
1734 v: T,
1735 ) -> Self {
1736 self.public_key = std::option::Option::Some(
1737 crate::model::attestor_public_key::PublicKey::PkixPublicKey(v.into()),
1738 );
1739 self
1740 }
1741}
1742
1743impl wkt::message::Message for AttestorPublicKey {
1744 fn typename() -> &'static str {
1745 "type.googleapis.com/google.cloud.binaryauthorization.v1.AttestorPublicKey"
1746 }
1747}
1748
1749/// Defines additional types related to [AttestorPublicKey].
1750pub mod attestor_public_key {
1751 #[allow(unused_imports)]
1752 use super::*;
1753
1754 #[allow(missing_docs)]
1755 #[derive(Clone, Debug, PartialEq)]
1756 #[non_exhaustive]
1757 pub enum PublicKey {
1758 /// ASCII-armored representation of a PGP public key, as the entire output by
1759 /// the command `gpg --export --armor foo@example.com` (either LF or CRLF
1760 /// line endings).
1761 /// When using this field, `id` should be left blank. The Binary
1762 /// Authorization API handlers will calculate the ID and fill it in
1763 /// automatically. Binary Authorization computes this ID as the OpenPGP
1764 /// RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is
1765 /// provided by the caller, it will be overwritten by the API-calculated ID.
1766 AsciiArmoredPgpPublicKey(std::string::String),
1767 /// A raw PKIX SubjectPublicKeyInfo format public key.
1768 ///
1769 /// NOTE: `id` may be explicitly provided by the caller when using this
1770 /// type of public key, but it MUST be a valid RFC3986 URI. If `id` is left
1771 /// blank, a default one will be computed based on the digest of the DER
1772 /// encoding of the public key.
1773 PkixPublicKey(std::boxed::Box<crate::model::PkixPublicKey>),
1774 }
1775}
1776
1777/// Request message for
1778/// [BinauthzManagementServiceV1.GetPolicy][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy].
1779///
1780/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy]: crate::client::BinauthzManagementServiceV1::get_policy
1781#[derive(Clone, Default, PartialEq)]
1782#[non_exhaustive]
1783pub struct GetPolicyRequest {
1784 /// Required. The resource name of the
1785 /// [policy][google.cloud.binaryauthorization.v1.Policy] to retrieve, in the
1786 /// format `projects/*/policy`.
1787 ///
1788 /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
1789 pub name: std::string::String,
1790
1791 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1792}
1793
1794impl GetPolicyRequest {
1795 /// Creates a new default instance.
1796 pub fn new() -> Self {
1797 std::default::Default::default()
1798 }
1799
1800 /// Sets the value of [name][crate::model::GetPolicyRequest::name].
1801 ///
1802 /// # Example
1803 /// ```ignore,no_run
1804 /// # use google_cloud_binaryauthorization_v1::model::GetPolicyRequest;
1805 /// # let project_id = "project_id";
1806 /// let x = GetPolicyRequest::new().set_name(format!("projects/{project_id}/policy"));
1807 /// ```
1808 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1809 self.name = v.into();
1810 self
1811 }
1812}
1813
1814impl wkt::message::Message for GetPolicyRequest {
1815 fn typename() -> &'static str {
1816 "type.googleapis.com/google.cloud.binaryauthorization.v1.GetPolicyRequest"
1817 }
1818}
1819
1820/// Request message for
1821/// [BinauthzManagementServiceV1.UpdatePolicy][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy].
1822///
1823/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy]: crate::client::BinauthzManagementServiceV1::update_policy
1824#[derive(Clone, Default, PartialEq)]
1825#[non_exhaustive]
1826pub struct UpdatePolicyRequest {
1827 /// Required. A new or updated
1828 /// [policy][google.cloud.binaryauthorization.v1.Policy] value. The service
1829 /// will overwrite the [policy
1830 /// name][google.cloud.binaryauthorization.v1.Policy.name] field with the
1831 /// resource name in the request URL, in the format `projects/*/policy`.
1832 ///
1833 /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
1834 /// [google.cloud.binaryauthorization.v1.Policy.name]: crate::model::Policy::name
1835 pub policy: std::option::Option<crate::model::Policy>,
1836
1837 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1838}
1839
1840impl UpdatePolicyRequest {
1841 /// Creates a new default instance.
1842 pub fn new() -> Self {
1843 std::default::Default::default()
1844 }
1845
1846 /// Sets the value of [policy][crate::model::UpdatePolicyRequest::policy].
1847 ///
1848 /// # Example
1849 /// ```ignore,no_run
1850 /// # use google_cloud_binaryauthorization_v1::model::UpdatePolicyRequest;
1851 /// use google_cloud_binaryauthorization_v1::model::Policy;
1852 /// let x = UpdatePolicyRequest::new().set_policy(Policy::default()/* use setters */);
1853 /// ```
1854 pub fn set_policy<T>(mut self, v: T) -> Self
1855 where
1856 T: std::convert::Into<crate::model::Policy>,
1857 {
1858 self.policy = std::option::Option::Some(v.into());
1859 self
1860 }
1861
1862 /// Sets or clears the value of [policy][crate::model::UpdatePolicyRequest::policy].
1863 ///
1864 /// # Example
1865 /// ```ignore,no_run
1866 /// # use google_cloud_binaryauthorization_v1::model::UpdatePolicyRequest;
1867 /// use google_cloud_binaryauthorization_v1::model::Policy;
1868 /// let x = UpdatePolicyRequest::new().set_or_clear_policy(Some(Policy::default()/* use setters */));
1869 /// let x = UpdatePolicyRequest::new().set_or_clear_policy(None::<Policy>);
1870 /// ```
1871 pub fn set_or_clear_policy<T>(mut self, v: std::option::Option<T>) -> Self
1872 where
1873 T: std::convert::Into<crate::model::Policy>,
1874 {
1875 self.policy = v.map(|x| x.into());
1876 self
1877 }
1878}
1879
1880impl wkt::message::Message for UpdatePolicyRequest {
1881 fn typename() -> &'static str {
1882 "type.googleapis.com/google.cloud.binaryauthorization.v1.UpdatePolicyRequest"
1883 }
1884}
1885
1886/// Request message for
1887/// [BinauthzManagementServiceV1.CreateAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor].
1888///
1889/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor]: crate::client::BinauthzManagementServiceV1::create_attestor
1890#[derive(Clone, Default, PartialEq)]
1891#[non_exhaustive]
1892pub struct CreateAttestorRequest {
1893 /// Required. The parent of this
1894 /// [attestor][google.cloud.binaryauthorization.v1.Attestor].
1895 ///
1896 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1897 pub parent: std::string::String,
1898
1899 /// Required. The [attestors][google.cloud.binaryauthorization.v1.Attestor] ID.
1900 ///
1901 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1902 pub attestor_id: std::string::String,
1903
1904 /// Required. The initial
1905 /// [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service
1906 /// will overwrite the [attestor
1907 /// name][google.cloud.binaryauthorization.v1.Attestor.name] field with the
1908 /// resource name, in the format `projects/*/attestors/*`.
1909 ///
1910 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1911 /// [google.cloud.binaryauthorization.v1.Attestor.name]: crate::model::Attestor::name
1912 pub attestor: std::option::Option<crate::model::Attestor>,
1913
1914 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1915}
1916
1917impl CreateAttestorRequest {
1918 /// Creates a new default instance.
1919 pub fn new() -> Self {
1920 std::default::Default::default()
1921 }
1922
1923 /// Sets the value of [parent][crate::model::CreateAttestorRequest::parent].
1924 ///
1925 /// # Example
1926 /// ```ignore,no_run
1927 /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1928 /// let x = CreateAttestorRequest::new().set_parent("example");
1929 /// ```
1930 pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1931 self.parent = v.into();
1932 self
1933 }
1934
1935 /// Sets the value of [attestor_id][crate::model::CreateAttestorRequest::attestor_id].
1936 ///
1937 /// # Example
1938 /// ```ignore,no_run
1939 /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1940 /// let x = CreateAttestorRequest::new().set_attestor_id("example");
1941 /// ```
1942 pub fn set_attestor_id<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1943 self.attestor_id = v.into();
1944 self
1945 }
1946
1947 /// Sets the value of [attestor][crate::model::CreateAttestorRequest::attestor].
1948 ///
1949 /// # Example
1950 /// ```ignore,no_run
1951 /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1952 /// use google_cloud_binaryauthorization_v1::model::Attestor;
1953 /// let x = CreateAttestorRequest::new().set_attestor(Attestor::default()/* use setters */);
1954 /// ```
1955 pub fn set_attestor<T>(mut self, v: T) -> Self
1956 where
1957 T: std::convert::Into<crate::model::Attestor>,
1958 {
1959 self.attestor = std::option::Option::Some(v.into());
1960 self
1961 }
1962
1963 /// Sets or clears the value of [attestor][crate::model::CreateAttestorRequest::attestor].
1964 ///
1965 /// # Example
1966 /// ```ignore,no_run
1967 /// # use google_cloud_binaryauthorization_v1::model::CreateAttestorRequest;
1968 /// use google_cloud_binaryauthorization_v1::model::Attestor;
1969 /// let x = CreateAttestorRequest::new().set_or_clear_attestor(Some(Attestor::default()/* use setters */));
1970 /// let x = CreateAttestorRequest::new().set_or_clear_attestor(None::<Attestor>);
1971 /// ```
1972 pub fn set_or_clear_attestor<T>(mut self, v: std::option::Option<T>) -> Self
1973 where
1974 T: std::convert::Into<crate::model::Attestor>,
1975 {
1976 self.attestor = v.map(|x| x.into());
1977 self
1978 }
1979}
1980
1981impl wkt::message::Message for CreateAttestorRequest {
1982 fn typename() -> &'static str {
1983 "type.googleapis.com/google.cloud.binaryauthorization.v1.CreateAttestorRequest"
1984 }
1985}
1986
1987/// Request message for
1988/// [BinauthzManagementServiceV1.GetAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor].
1989///
1990/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor]: crate::client::BinauthzManagementServiceV1::get_attestor
1991#[derive(Clone, Default, PartialEq)]
1992#[non_exhaustive]
1993pub struct GetAttestorRequest {
1994 /// Required. The name of the
1995 /// [attestor][google.cloud.binaryauthorization.v1.Attestor] to retrieve, in
1996 /// the format `projects/*/attestors/*`.
1997 ///
1998 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
1999 pub name: std::string::String,
2000
2001 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2002}
2003
2004impl GetAttestorRequest {
2005 /// Creates a new default instance.
2006 pub fn new() -> Self {
2007 std::default::Default::default()
2008 }
2009
2010 /// Sets the value of [name][crate::model::GetAttestorRequest::name].
2011 ///
2012 /// # Example
2013 /// ```ignore,no_run
2014 /// # use google_cloud_binaryauthorization_v1::model::GetAttestorRequest;
2015 /// # let project_id = "project_id";
2016 /// # let attestor_id = "attestor_id";
2017 /// let x = GetAttestorRequest::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
2018 /// ```
2019 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2020 self.name = v.into();
2021 self
2022 }
2023}
2024
2025impl wkt::message::Message for GetAttestorRequest {
2026 fn typename() -> &'static str {
2027 "type.googleapis.com/google.cloud.binaryauthorization.v1.GetAttestorRequest"
2028 }
2029}
2030
2031/// Request message for
2032/// [BinauthzManagementServiceV1.UpdateAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor].
2033///
2034/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor]: crate::client::BinauthzManagementServiceV1::update_attestor
2035#[derive(Clone, Default, PartialEq)]
2036#[non_exhaustive]
2037pub struct UpdateAttestorRequest {
2038 /// Required. The updated
2039 /// [attestor][google.cloud.binaryauthorization.v1.Attestor] value. The service
2040 /// will overwrite the [attestor
2041 /// name][google.cloud.binaryauthorization.v1.Attestor.name] field with the
2042 /// resource name in the request URL, in the format `projects/*/attestors/*`.
2043 ///
2044 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2045 /// [google.cloud.binaryauthorization.v1.Attestor.name]: crate::model::Attestor::name
2046 pub attestor: std::option::Option<crate::model::Attestor>,
2047
2048 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2049}
2050
2051impl UpdateAttestorRequest {
2052 /// Creates a new default instance.
2053 pub fn new() -> Self {
2054 std::default::Default::default()
2055 }
2056
2057 /// Sets the value of [attestor][crate::model::UpdateAttestorRequest::attestor].
2058 ///
2059 /// # Example
2060 /// ```ignore,no_run
2061 /// # use google_cloud_binaryauthorization_v1::model::UpdateAttestorRequest;
2062 /// use google_cloud_binaryauthorization_v1::model::Attestor;
2063 /// let x = UpdateAttestorRequest::new().set_attestor(Attestor::default()/* use setters */);
2064 /// ```
2065 pub fn set_attestor<T>(mut self, v: T) -> Self
2066 where
2067 T: std::convert::Into<crate::model::Attestor>,
2068 {
2069 self.attestor = std::option::Option::Some(v.into());
2070 self
2071 }
2072
2073 /// Sets or clears the value of [attestor][crate::model::UpdateAttestorRequest::attestor].
2074 ///
2075 /// # Example
2076 /// ```ignore,no_run
2077 /// # use google_cloud_binaryauthorization_v1::model::UpdateAttestorRequest;
2078 /// use google_cloud_binaryauthorization_v1::model::Attestor;
2079 /// let x = UpdateAttestorRequest::new().set_or_clear_attestor(Some(Attestor::default()/* use setters */));
2080 /// let x = UpdateAttestorRequest::new().set_or_clear_attestor(None::<Attestor>);
2081 /// ```
2082 pub fn set_or_clear_attestor<T>(mut self, v: std::option::Option<T>) -> Self
2083 where
2084 T: std::convert::Into<crate::model::Attestor>,
2085 {
2086 self.attestor = v.map(|x| x.into());
2087 self
2088 }
2089}
2090
2091impl wkt::message::Message for UpdateAttestorRequest {
2092 fn typename() -> &'static str {
2093 "type.googleapis.com/google.cloud.binaryauthorization.v1.UpdateAttestorRequest"
2094 }
2095}
2096
2097/// Request message for
2098/// [BinauthzManagementServiceV1.ListAttestors][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors].
2099///
2100/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors]: crate::client::BinauthzManagementServiceV1::list_attestors
2101#[derive(Clone, Default, PartialEq)]
2102#[non_exhaustive]
2103pub struct ListAttestorsRequest {
2104 /// Required. The resource name of the project associated with the
2105 /// [attestors][google.cloud.binaryauthorization.v1.Attestor], in the format
2106 /// `projects/*`.
2107 ///
2108 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2109 pub parent: std::string::String,
2110
2111 /// Requested page size. The server may return fewer results than requested. If
2112 /// unspecified, the server will pick an appropriate default.
2113 pub page_size: i32,
2114
2115 /// A token identifying a page of results the server should return. Typically,
2116 /// this is the value of
2117 /// [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token]
2118 /// returned from the previous call to the `ListAttestors` method.
2119 ///
2120 /// [google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token]: crate::model::ListAttestorsResponse::next_page_token
2121 pub page_token: std::string::String,
2122
2123 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2124}
2125
2126impl ListAttestorsRequest {
2127 /// Creates a new default instance.
2128 pub fn new() -> Self {
2129 std::default::Default::default()
2130 }
2131
2132 /// Sets the value of [parent][crate::model::ListAttestorsRequest::parent].
2133 ///
2134 /// # Example
2135 /// ```ignore,no_run
2136 /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2137 /// let x = ListAttestorsRequest::new().set_parent("example");
2138 /// ```
2139 pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2140 self.parent = v.into();
2141 self
2142 }
2143
2144 /// Sets the value of [page_size][crate::model::ListAttestorsRequest::page_size].
2145 ///
2146 /// # Example
2147 /// ```ignore,no_run
2148 /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2149 /// let x = ListAttestorsRequest::new().set_page_size(42);
2150 /// ```
2151 pub fn set_page_size<T: std::convert::Into<i32>>(mut self, v: T) -> Self {
2152 self.page_size = v.into();
2153 self
2154 }
2155
2156 /// Sets the value of [page_token][crate::model::ListAttestorsRequest::page_token].
2157 ///
2158 /// # Example
2159 /// ```ignore,no_run
2160 /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsRequest;
2161 /// let x = ListAttestorsRequest::new().set_page_token("example");
2162 /// ```
2163 pub fn set_page_token<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2164 self.page_token = v.into();
2165 self
2166 }
2167}
2168
2169impl wkt::message::Message for ListAttestorsRequest {
2170 fn typename() -> &'static str {
2171 "type.googleapis.com/google.cloud.binaryauthorization.v1.ListAttestorsRequest"
2172 }
2173}
2174
2175/// Response message for
2176/// [BinauthzManagementServiceV1.ListAttestors][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors].
2177///
2178/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors]: crate::client::BinauthzManagementServiceV1::list_attestors
2179#[derive(Clone, Default, PartialEq)]
2180#[non_exhaustive]
2181pub struct ListAttestorsResponse {
2182 /// The list of [attestors][google.cloud.binaryauthorization.v1.Attestor].
2183 ///
2184 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2185 pub attestors: std::vec::Vec<crate::model::Attestor>,
2186
2187 /// A token to retrieve the next page of results. Pass this value in the
2188 /// [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token]
2189 /// field in the subsequent call to the `ListAttestors` method to retrieve the
2190 /// next page of results.
2191 ///
2192 /// [google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token]: crate::model::ListAttestorsRequest::page_token
2193 pub next_page_token: std::string::String,
2194
2195 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2196}
2197
2198impl ListAttestorsResponse {
2199 /// Creates a new default instance.
2200 pub fn new() -> Self {
2201 std::default::Default::default()
2202 }
2203
2204 /// Sets the value of [attestors][crate::model::ListAttestorsResponse::attestors].
2205 ///
2206 /// # Example
2207 /// ```ignore,no_run
2208 /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsResponse;
2209 /// use google_cloud_binaryauthorization_v1::model::Attestor;
2210 /// let x = ListAttestorsResponse::new()
2211 /// .set_attestors([
2212 /// Attestor::default()/* use setters */,
2213 /// Attestor::default()/* use (different) setters */,
2214 /// ]);
2215 /// ```
2216 pub fn set_attestors<T, V>(mut self, v: T) -> Self
2217 where
2218 T: std::iter::IntoIterator<Item = V>,
2219 V: std::convert::Into<crate::model::Attestor>,
2220 {
2221 use std::iter::Iterator;
2222 self.attestors = v.into_iter().map(|i| i.into()).collect();
2223 self
2224 }
2225
2226 /// Sets the value of [next_page_token][crate::model::ListAttestorsResponse::next_page_token].
2227 ///
2228 /// # Example
2229 /// ```ignore,no_run
2230 /// # use google_cloud_binaryauthorization_v1::model::ListAttestorsResponse;
2231 /// let x = ListAttestorsResponse::new().set_next_page_token("example");
2232 /// ```
2233 pub fn set_next_page_token<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2234 self.next_page_token = v.into();
2235 self
2236 }
2237}
2238
2239impl wkt::message::Message for ListAttestorsResponse {
2240 fn typename() -> &'static str {
2241 "type.googleapis.com/google.cloud.binaryauthorization.v1.ListAttestorsResponse"
2242 }
2243}
2244
2245#[doc(hidden)]
2246impl google_cloud_gax::paginator::internal::PageableResponse for ListAttestorsResponse {
2247 type PageItem = crate::model::Attestor;
2248
2249 fn items(self) -> std::vec::Vec<Self::PageItem> {
2250 self.attestors
2251 }
2252
2253 fn next_page_token(&self) -> std::string::String {
2254 use std::clone::Clone;
2255 self.next_page_token.clone()
2256 }
2257}
2258
2259/// Request message for
2260/// [BinauthzManagementServiceV1.DeleteAttestor][google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor].
2261///
2262/// [google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor]: crate::client::BinauthzManagementServiceV1::delete_attestor
2263#[derive(Clone, Default, PartialEq)]
2264#[non_exhaustive]
2265pub struct DeleteAttestorRequest {
2266 /// Required. The name of the
2267 /// [attestors][google.cloud.binaryauthorization.v1.Attestor] to delete, in the
2268 /// format `projects/*/attestors/*`.
2269 ///
2270 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2271 pub name: std::string::String,
2272
2273 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2274}
2275
2276impl DeleteAttestorRequest {
2277 /// Creates a new default instance.
2278 pub fn new() -> Self {
2279 std::default::Default::default()
2280 }
2281
2282 /// Sets the value of [name][crate::model::DeleteAttestorRequest::name].
2283 ///
2284 /// # Example
2285 /// ```ignore,no_run
2286 /// # use google_cloud_binaryauthorization_v1::model::DeleteAttestorRequest;
2287 /// # let project_id = "project_id";
2288 /// # let attestor_id = "attestor_id";
2289 /// let x = DeleteAttestorRequest::new().set_name(format!("projects/{project_id}/attestors/{attestor_id}"));
2290 /// ```
2291 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2292 self.name = v.into();
2293 self
2294 }
2295}
2296
2297impl wkt::message::Message for DeleteAttestorRequest {
2298 fn typename() -> &'static str {
2299 "type.googleapis.com/google.cloud.binaryauthorization.v1.DeleteAttestorRequest"
2300 }
2301}
2302
2303/// Request to read the current system policy.
2304#[derive(Clone, Default, PartialEq)]
2305#[non_exhaustive]
2306pub struct GetSystemPolicyRequest {
2307 /// Required. The resource name, in the format `locations/*/policy`.
2308 /// Note that the system policy is not associated with a project.
2309 pub name: std::string::String,
2310
2311 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2312}
2313
2314impl GetSystemPolicyRequest {
2315 /// Creates a new default instance.
2316 pub fn new() -> Self {
2317 std::default::Default::default()
2318 }
2319
2320 /// Sets the value of [name][crate::model::GetSystemPolicyRequest::name].
2321 ///
2322 /// # Example
2323 /// ```ignore,no_run
2324 /// # use google_cloud_binaryauthorization_v1::model::GetSystemPolicyRequest;
2325 /// # let project_id = "project_id";
2326 /// let x = GetSystemPolicyRequest::new().set_name(format!("projects/{project_id}/policy"));
2327 /// ```
2328 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2329 self.name = v.into();
2330 self
2331 }
2332}
2333
2334impl wkt::message::Message for GetSystemPolicyRequest {
2335 fn typename() -> &'static str {
2336 "type.googleapis.com/google.cloud.binaryauthorization.v1.GetSystemPolicyRequest"
2337 }
2338}
2339
2340/// Request message for
2341/// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence].
2342///
2343/// [google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]: crate::client::ValidationHelperV1::validate_attestation_occurrence
2344#[derive(Clone, Default, PartialEq)]
2345#[non_exhaustive]
2346pub struct ValidateAttestationOccurrenceRequest {
2347 /// Required. The resource name of the
2348 /// [Attestor][google.cloud.binaryauthorization.v1.Attestor] of the
2349 /// [occurrence][grafeas.v1.Occurrence], in the format
2350 /// `projects/*/attestors/*`.
2351 ///
2352 /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
2353 pub attestor: std::string::String,
2354
2355 /// Required. An [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to
2356 /// be checked that it can be verified by the `Attestor`. It does not have to
2357 /// be an existing entity in Container Analysis. It must otherwise be a valid
2358 /// `AttestationOccurrence`.
2359 ///
2360 /// [grafeas.v1.AttestationOccurrence]: google_cloud_grafeas_v1::model::AttestationOccurrence
2361 pub attestation: std::option::Option<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2362
2363 /// Required. The resource name of the [Note][grafeas.v1.Note] to which the
2364 /// containing [Occurrence][grafeas.v1.Occurrence] is associated.
2365 pub occurrence_note: std::string::String,
2366
2367 /// Required. The URI of the artifact (e.g. container image) that is the
2368 /// subject of the containing [Occurrence][grafeas.v1.Occurrence].
2369 pub occurrence_resource_uri: std::string::String,
2370
2371 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2372}
2373
2374impl ValidateAttestationOccurrenceRequest {
2375 /// Creates a new default instance.
2376 pub fn new() -> Self {
2377 std::default::Default::default()
2378 }
2379
2380 /// Sets the value of [attestor][crate::model::ValidateAttestationOccurrenceRequest::attestor].
2381 ///
2382 /// # Example
2383 /// ```ignore,no_run
2384 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2385 /// let x = ValidateAttestationOccurrenceRequest::new().set_attestor("example");
2386 /// ```
2387 pub fn set_attestor<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2388 self.attestor = v.into();
2389 self
2390 }
2391
2392 /// Sets the value of [attestation][crate::model::ValidateAttestationOccurrenceRequest::attestation].
2393 ///
2394 /// # Example
2395 /// ```ignore,no_run
2396 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2397 /// use google_cloud_grafeas_v1::model::AttestationOccurrence;
2398 /// let x = ValidateAttestationOccurrenceRequest::new().set_attestation(AttestationOccurrence::default()/* use setters */);
2399 /// ```
2400 pub fn set_attestation<T>(mut self, v: T) -> Self
2401 where
2402 T: std::convert::Into<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2403 {
2404 self.attestation = std::option::Option::Some(v.into());
2405 self
2406 }
2407
2408 /// Sets or clears the value of [attestation][crate::model::ValidateAttestationOccurrenceRequest::attestation].
2409 ///
2410 /// # Example
2411 /// ```ignore,no_run
2412 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2413 /// use google_cloud_grafeas_v1::model::AttestationOccurrence;
2414 /// let x = ValidateAttestationOccurrenceRequest::new().set_or_clear_attestation(Some(AttestationOccurrence::default()/* use setters */));
2415 /// let x = ValidateAttestationOccurrenceRequest::new().set_or_clear_attestation(None::<AttestationOccurrence>);
2416 /// ```
2417 pub fn set_or_clear_attestation<T>(mut self, v: std::option::Option<T>) -> Self
2418 where
2419 T: std::convert::Into<google_cloud_grafeas_v1::model::AttestationOccurrence>,
2420 {
2421 self.attestation = v.map(|x| x.into());
2422 self
2423 }
2424
2425 /// Sets the value of [occurrence_note][crate::model::ValidateAttestationOccurrenceRequest::occurrence_note].
2426 ///
2427 /// # Example
2428 /// ```ignore,no_run
2429 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2430 /// let x = ValidateAttestationOccurrenceRequest::new().set_occurrence_note("example");
2431 /// ```
2432 pub fn set_occurrence_note<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2433 self.occurrence_note = v.into();
2434 self
2435 }
2436
2437 /// Sets the value of [occurrence_resource_uri][crate::model::ValidateAttestationOccurrenceRequest::occurrence_resource_uri].
2438 ///
2439 /// # Example
2440 /// ```ignore,no_run
2441 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceRequest;
2442 /// let x = ValidateAttestationOccurrenceRequest::new().set_occurrence_resource_uri("example");
2443 /// ```
2444 pub fn set_occurrence_resource_uri<T: std::convert::Into<std::string::String>>(
2445 mut self,
2446 v: T,
2447 ) -> Self {
2448 self.occurrence_resource_uri = v.into();
2449 self
2450 }
2451}
2452
2453impl wkt::message::Message for ValidateAttestationOccurrenceRequest {
2454 fn typename() -> &'static str {
2455 "type.googleapis.com/google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest"
2456 }
2457}
2458
2459/// Response message for
2460/// [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence].
2461///
2462/// [google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]: crate::client::ValidationHelperV1::validate_attestation_occurrence
2463#[derive(Clone, Default, PartialEq)]
2464#[non_exhaustive]
2465pub struct ValidateAttestationOccurrenceResponse {
2466 /// The result of the Attestation validation.
2467 pub result: crate::model::validate_attestation_occurrence_response::Result,
2468
2469 /// The reason for denial if the Attestation couldn't be validated.
2470 pub denial_reason: std::string::String,
2471
2472 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2473}
2474
2475impl ValidateAttestationOccurrenceResponse {
2476 /// Creates a new default instance.
2477 pub fn new() -> Self {
2478 std::default::Default::default()
2479 }
2480
2481 /// Sets the value of [result][crate::model::ValidateAttestationOccurrenceResponse::result].
2482 ///
2483 /// # Example
2484 /// ```ignore,no_run
2485 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceResponse;
2486 /// use google_cloud_binaryauthorization_v1::model::validate_attestation_occurrence_response::Result;
2487 /// let x0 = ValidateAttestationOccurrenceResponse::new().set_result(Result::Verified);
2488 /// let x1 = ValidateAttestationOccurrenceResponse::new().set_result(Result::AttestationNotVerifiable);
2489 /// ```
2490 pub fn set_result<
2491 T: std::convert::Into<crate::model::validate_attestation_occurrence_response::Result>,
2492 >(
2493 mut self,
2494 v: T,
2495 ) -> Self {
2496 self.result = v.into();
2497 self
2498 }
2499
2500 /// Sets the value of [denial_reason][crate::model::ValidateAttestationOccurrenceResponse::denial_reason].
2501 ///
2502 /// # Example
2503 /// ```ignore,no_run
2504 /// # use google_cloud_binaryauthorization_v1::model::ValidateAttestationOccurrenceResponse;
2505 /// let x = ValidateAttestationOccurrenceResponse::new().set_denial_reason("example");
2506 /// ```
2507 pub fn set_denial_reason<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2508 self.denial_reason = v.into();
2509 self
2510 }
2511}
2512
2513impl wkt::message::Message for ValidateAttestationOccurrenceResponse {
2514 fn typename() -> &'static str {
2515 "type.googleapis.com/google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse"
2516 }
2517}
2518
2519/// Defines additional types related to [ValidateAttestationOccurrenceResponse].
2520pub mod validate_attestation_occurrence_response {
2521 #[allow(unused_imports)]
2522 use super::*;
2523
2524 /// The enum returned in the `result` field.
2525 ///
2526 /// # Working with unknown values
2527 ///
2528 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
2529 /// additional enum variants at any time. Adding new variants is not considered
2530 /// a breaking change. Applications should write their code in anticipation of:
2531 ///
2532 /// - New values appearing in future releases of the client library, **and**
2533 /// - New values received dynamically, without application changes.
2534 ///
2535 /// Please consult the [Working with enums] section in the user guide for some
2536 /// guidelines.
2537 ///
2538 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
2539 #[derive(Clone, Debug, PartialEq)]
2540 #[non_exhaustive]
2541 pub enum Result {
2542 /// Unspecified.
2543 Unspecified,
2544 /// The Attestation was able to verified by the Attestor.
2545 Verified,
2546 /// The Attestation was not able to verified by the Attestor.
2547 AttestationNotVerifiable,
2548 /// If set, the enum was initialized with an unknown value.
2549 ///
2550 /// Applications can examine the value using [Result::value] or
2551 /// [Result::name].
2552 UnknownValue(result::UnknownValue),
2553 }
2554
2555 #[doc(hidden)]
2556 pub mod result {
2557 #[allow(unused_imports)]
2558 use super::*;
2559 #[derive(Clone, Debug, PartialEq)]
2560 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
2561 }
2562
2563 impl Result {
2564 /// Gets the enum value.
2565 ///
2566 /// Returns `None` if the enum contains an unknown value deserialized from
2567 /// the string representation of enums.
2568 pub fn value(&self) -> std::option::Option<i32> {
2569 match self {
2570 Self::Unspecified => std::option::Option::Some(0),
2571 Self::Verified => std::option::Option::Some(1),
2572 Self::AttestationNotVerifiable => std::option::Option::Some(2),
2573 Self::UnknownValue(u) => u.0.value(),
2574 }
2575 }
2576
2577 /// Gets the enum value as a string.
2578 ///
2579 /// Returns `None` if the enum contains an unknown value deserialized from
2580 /// the integer representation of enums.
2581 pub fn name(&self) -> std::option::Option<&str> {
2582 match self {
2583 Self::Unspecified => std::option::Option::Some("RESULT_UNSPECIFIED"),
2584 Self::Verified => std::option::Option::Some("VERIFIED"),
2585 Self::AttestationNotVerifiable => {
2586 std::option::Option::Some("ATTESTATION_NOT_VERIFIABLE")
2587 }
2588 Self::UnknownValue(u) => u.0.name(),
2589 }
2590 }
2591 }
2592
2593 impl std::default::Default for Result {
2594 fn default() -> Self {
2595 use std::convert::From;
2596 Self::from(0)
2597 }
2598 }
2599
2600 impl std::fmt::Display for Result {
2601 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
2602 wkt::internal::display_enum(f, self.name(), self.value())
2603 }
2604 }
2605
2606 impl std::convert::From<i32> for Result {
2607 fn from(value: i32) -> Self {
2608 match value {
2609 0 => Self::Unspecified,
2610 1 => Self::Verified,
2611 2 => Self::AttestationNotVerifiable,
2612 _ => Self::UnknownValue(result::UnknownValue(
2613 wkt::internal::UnknownEnumValue::Integer(value),
2614 )),
2615 }
2616 }
2617 }
2618
2619 impl std::convert::From<&str> for Result {
2620 fn from(value: &str) -> Self {
2621 use std::string::ToString;
2622 match value {
2623 "RESULT_UNSPECIFIED" => Self::Unspecified,
2624 "VERIFIED" => Self::Verified,
2625 "ATTESTATION_NOT_VERIFIABLE" => Self::AttestationNotVerifiable,
2626 _ => Self::UnknownValue(result::UnknownValue(
2627 wkt::internal::UnknownEnumValue::String(value.to_string()),
2628 )),
2629 }
2630 }
2631 }
2632
2633 impl serde::ser::Serialize for Result {
2634 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
2635 where
2636 S: serde::Serializer,
2637 {
2638 match self {
2639 Self::Unspecified => serializer.serialize_i32(0),
2640 Self::Verified => serializer.serialize_i32(1),
2641 Self::AttestationNotVerifiable => serializer.serialize_i32(2),
2642 Self::UnknownValue(u) => u.0.serialize(serializer),
2643 }
2644 }
2645 }
2646
2647 impl<'de> serde::de::Deserialize<'de> for Result {
2648 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
2649 where
2650 D: serde::Deserializer<'de>,
2651 {
2652 deserializer.deserialize_any(wkt::internal::EnumVisitor::<Result>::new(
2653 ".google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result",
2654 ))
2655 }
2656 }
2657}