Container Registry API, gRPC: ScanPolicyService
A set of methods for managing scan policy resources.
| Call | Description |
|---|---|
| Get | Returns the specified scan policy. |
| GetByRegistry | Returns scan policy for the registry if any exists. |
| Create | Creates a scan policy for the specified registry. |
| Update | Updates the specified scan policy. |
| Delete | Deletes the specified scan policy. |
Calls ScanPolicyService
Get
Returns the specified scan policy.
rpc Get (GetScanPolicyRequest) returns (ScanPolicy)
GetScanPolicyRequest
| Field | Description |
|---|---|
| scan_policy_id | string Required. ID of the scan policy. The maximum string length in characters is 50. |
ScanPolicy
| Field | Description |
|---|---|
| id | string Output only. ID of the scan policy. |
| registry_id | string ID of the registry that the scan policy belongs to. Required. The maximum string length in characters is 50. |
| name | string Name of the scan policy. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules The rules of scan policy. |
| created_at | google.protobuf.Timestamp Output only. Creation timestamp. |
| disabled | bool Turns off scan policy. |
ScanRules
| Field | Description |
|---|---|
| push_rule | PushRule Description of on-push scan rule. |
| schedule_rules[] | ScheduledRule Description of time based rescan rule. |
PushRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| disabled | bool Turns off scan rule. |
ScheduledRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| rescan_period | google.protobuf.Duration Required. Period of time since last scan to trigger automatic rescan. |
| disabled | bool Turns off scan rule. |
GetByRegistry
Returns scan policy for the registry if any exists.
rpc GetByRegistry (GetScanPolicyByRegistryRequest) returns (ScanPolicy)
GetScanPolicyByRegistryRequest
| Field | Description |
|---|---|
| registry_id | string Required. ID of the registry with scan policy. The maximum string length in characters is 50. |
ScanPolicy
| Field | Description |
|---|---|
| id | string Output only. ID of the scan policy. |
| registry_id | string ID of the registry that the scan policy belongs to. Required. The maximum string length in characters is 50. |
| name | string Name of the scan policy. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules The rules of scan policy. |
| created_at | google.protobuf.Timestamp Output only. Creation timestamp. |
| disabled | bool Turns off scan policy. |
ScanRules
| Field | Description |
|---|---|
| push_rule | PushRule Description of on-push scan rule. |
| schedule_rules[] | ScheduledRule Description of time based rescan rule. |
PushRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| disabled | bool Turns off scan rule. |
ScheduledRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| rescan_period | google.protobuf.Duration Required. Period of time since last scan to trigger automatic rescan. |
| disabled | bool Turns off scan rule. |
Create
Creates a scan policy for the specified registry.
rpc Create (CreateScanPolicyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:CreateScanPolicyMetadata
Operation.response:ScanPolicy
CreateScanPolicyRequest
| Field | Description |
|---|---|
| registry_id | string Required. ID of the scan policy registry. The maximum string length in characters is 50. |
| name | string Name of the scan policy. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9]. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules Rules of the scan policy. |
ScanRules
| Field | Description |
|---|---|
| push_rule | PushRule Description of on-push scan rule. |
| schedule_rules[] | ScheduledRule Description of time based rescan rule. |
PushRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| disabled | bool Turns off scan rule. |
ScheduledRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| rescan_period | google.protobuf.Duration Required. Period of time since last scan to trigger automatic rescan. |
| disabled | bool Turns off scan rule. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<CreateScanPolicyMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<ScanPolicy> if operation finished successfully. |
CreateScanPolicyMetadata
| Field | Description |
|---|---|
| scan_policy_id | string ID of created scan policy resource. |
ScanPolicy
| Field | Description |
|---|---|
| id | string Output only. ID of the scan policy. |
| registry_id | string ID of the registry that the scan policy belongs to. Required. The maximum string length in characters is 50. |
| name | string Name of the scan policy. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules The rules of scan policy. |
| created_at | google.protobuf.Timestamp Output only. Creation timestamp. |
| disabled | bool Turns off scan policy. |
Update
Updates the specified scan policy.
rpc Update (UpdateScanPolicyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateScanPolicyMetadata
Operation.response:ScanPolicy
UpdateScanPolicyRequest
| Field | Description |
|---|---|
| scan_policy_id | string Required. ID of the scan policy. The maximum string length in characters is 50. |
| update_mask | google.protobuf.FieldMask Field mask that specifies which fields of the scan policy resource are going to be updated. |
| name | string Name of the scan policy. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9]. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules Rules of the scan policy. |
ScanRules
| Field | Description |
|---|---|
| push_rule | PushRule Description of on-push scan rule. |
| schedule_rules[] | ScheduledRule Description of time based rescan rule. |
PushRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| disabled | bool Turns off scan rule. |
ScheduledRule
| Field | Description |
|---|---|
| repository_prefixes[] | string List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry The number of elements must be greater than 0. Each value must match the regular expression \\*|[a-z0-9]+(?:[._-][a-z0-9]+)*(/([a-z0-9]+(?:[._-][a-z0-9]+)*))*. |
| rescan_period | google.protobuf.Duration Required. Period of time since last scan to trigger automatic rescan. |
| disabled | bool Turns off scan rule. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<UpdateScanPolicyMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<ScanPolicy> if operation finished successfully. |
UpdateScanPolicyMetadata
| Field | Description |
|---|---|
| scan_policy_id | string ID of the scan policy resource that is updated. |
ScanPolicy
| Field | Description |
|---|---|
| id | string Output only. ID of the scan policy. |
| registry_id | string ID of the registry that the scan policy belongs to. Required. The maximum string length in characters is 50. |
| name | string Name of the scan policy. |
| description | string Description of the scan policy. The maximum string length in characters is 256. |
| rules | ScanRules The rules of scan policy. |
| created_at | google.protobuf.Timestamp Output only. Creation timestamp. |
| disabled | bool Turns off scan policy. |
Delete
Deletes the specified scan policy.
rpc Delete (DeleteScanPolicyRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteScanPolicyMetadata
Operation.response:google.protobuf.Empty
DeleteScanPolicyRequest
| Field | Description |
|---|---|
| scan_policy_id | string Required. ID of the scan policy. The maximum string length in characters is 50. |
Operation
| Field | Description |
|---|---|
| id | string ID of the operation. |
| description | string Description of the operation. 0-256 characters long. |
| created_at | google.protobuf.Timestamp Creation timestamp. |
| created_by | string ID of the user or service account who initiated the operation. |
| modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
| done | bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available. |
| metadata | google.protobuf.Any<DeleteScanPolicyMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
| result | oneof: error or responseThe operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set. |
| error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
| response | google.protobuf.Any<google.protobuf.Empty> if operation finished successfully. |
DeleteScanPolicyMetadata
| Field | Description |
|---|---|
| scan_policy_id | string ID of the scan policy resource that is deleted. |