|
- // Copyright 2019 Google LLC.
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
-
- // Code generated file. DO NOT EDIT.
-
- // Package binaryauthorization provides access to the Binary Authorization API.
- //
- // For product documentation, see: https://cloud.google.com/binary-authorization/
- //
- // Creating a client
- //
- // Usage example:
- //
- // import "google.golang.org/api/binaryauthorization/v1beta1"
- // ...
- // ctx := context.Background()
- // binaryauthorizationService, err := binaryauthorization.NewService(ctx)
- //
- // In this example, Google Application Default Credentials are used for authentication.
- //
- // For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
- //
- // Other authentication options
- //
- // To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
- //
- // binaryauthorizationService, err := binaryauthorization.NewService(ctx, option.WithAPIKey("AIza..."))
- //
- // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
- //
- // config := &oauth2.Config{...}
- // // ...
- // token, err := config.Exchange(ctx, ...)
- // binaryauthorizationService, err := binaryauthorization.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
- //
- // See https://godoc.org/google.golang.org/api/option/ for details on options.
- package binaryauthorization // import "google.golang.org/api/binaryauthorization/v1beta1"
-
- import (
- "bytes"
- "context"
- "encoding/json"
- "errors"
- "fmt"
- "io"
- "net/http"
- "net/url"
- "strconv"
- "strings"
-
- gensupport "google.golang.org/api/gensupport"
- googleapi "google.golang.org/api/googleapi"
- option "google.golang.org/api/option"
- htransport "google.golang.org/api/transport/http"
- )
-
- // Always reference these packages, just in case the auto-generated code
- // below doesn't.
- var _ = bytes.NewBuffer
- var _ = strconv.Itoa
- var _ = fmt.Sprintf
- var _ = json.NewDecoder
- var _ = io.Copy
- var _ = url.Parse
- var _ = gensupport.MarshalJSON
- var _ = googleapi.Version
- var _ = errors.New
- var _ = strings.Replace
- var _ = context.Canceled
-
- const apiId = "binaryauthorization:v1beta1"
- const apiName = "binaryauthorization"
- const apiVersion = "v1beta1"
- const basePath = "https://binaryauthorization.googleapis.com/"
-
- // OAuth2 scopes used by this API.
- const (
- // View and manage your data across Google Cloud Platform services
- CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
- )
-
- // NewService creates a new Service.
- func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
- scopesOption := option.WithScopes(
- "https://www.googleapis.com/auth/cloud-platform",
- )
- // NOTE: prepend, so we don't override user-specified scopes.
- opts = append([]option.ClientOption{scopesOption}, opts...)
- client, endpoint, err := htransport.NewClient(ctx, opts...)
- if err != nil {
- return nil, err
- }
- s, err := New(client)
- if err != nil {
- return nil, err
- }
- if endpoint != "" {
- s.BasePath = endpoint
- }
- return s, nil
- }
-
- // New creates a new Service. It uses the provided http.Client for requests.
- //
- // Deprecated: please use NewService instead.
- // To provide a custom HTTP client, use option.WithHTTPClient.
- // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
- func New(client *http.Client) (*Service, error) {
- if client == nil {
- return nil, errors.New("client is nil")
- }
- s := &Service{client: client, BasePath: basePath}
- s.Projects = NewProjectsService(s)
- return s, nil
- }
-
- type Service struct {
- client *http.Client
- BasePath string // API endpoint base URL
- UserAgent string // optional additional User-Agent fragment
-
- Projects *ProjectsService
- }
-
- func (s *Service) userAgent() string {
- if s.UserAgent == "" {
- return googleapi.UserAgent
- }
- return googleapi.UserAgent + " " + s.UserAgent
- }
-
- func NewProjectsService(s *Service) *ProjectsService {
- rs := &ProjectsService{s: s}
- rs.Attestors = NewProjectsAttestorsService(s)
- rs.Policy = NewProjectsPolicyService(s)
- return rs
- }
-
- type ProjectsService struct {
- s *Service
-
- Attestors *ProjectsAttestorsService
-
- Policy *ProjectsPolicyService
- }
-
- func NewProjectsAttestorsService(s *Service) *ProjectsAttestorsService {
- rs := &ProjectsAttestorsService{s: s}
- return rs
- }
-
- type ProjectsAttestorsService struct {
- s *Service
- }
-
- func NewProjectsPolicyService(s *Service) *ProjectsPolicyService {
- rs := &ProjectsPolicyService{s: s}
- return rs
- }
-
- type ProjectsPolicyService struct {
- s *Service
- }
-
- // AdmissionRule: An admission rule specifies either that all container
- // images
- // used in a pod creation request must be attested to by one or
- // more
- // attestors, that all pod creations will be allowed, or that all
- // pod creations will be denied.
- //
- // Images matching an admission whitelist pattern
- // are exempted from admission rules and will never block a pod
- // creation.
- type AdmissionRule struct {
- // EnforcementMode: Required. The action when a pod creation is denied
- // by the admission rule.
- //
- // Possible values:
- // "ENFORCEMENT_MODE_UNSPECIFIED" - Do not use.
- // "ENFORCED_BLOCK_AND_AUDIT_LOG" - Enforce the admission rule by
- // blocking the pod creation.
- // "DRYRUN_AUDIT_LOG_ONLY" - Dryrun mode: Audit logging only. This
- // will allow the pod creation as if
- // the admission request had specified break-glass.
- EnforcementMode string `json:"enforcementMode,omitempty"`
-
- // EvaluationMode: Required. How this admission rule will be evaluated.
- //
- // Possible values:
- // "EVALUATION_MODE_UNSPECIFIED" - Do not use.
- // "ALWAYS_ALLOW" - This rule allows all all pod creations.
- // "REQUIRE_ATTESTATION" - This rule allows a pod creation if all the
- // attestors listed in
- // 'require_attestations_by' have valid attestations for all of
- // the
- // images in the pod spec.
- // "ALWAYS_DENY" - This rule denies all pod creations.
- EvaluationMode string `json:"evaluationMode,omitempty"`
-
- // RequireAttestationsBy: Optional. The resource names of the attestors
- // that must attest to
- // a container image, in the format `projects/*/attestors/*`.
- // Each
- // attestor must exist before a policy can reference it. To add an
- // attestor
- // to a policy the principal issuing the policy change request must be
- // able
- // to read the attestor resource.
- //
- // Note: this field must be non-empty when the evaluation_mode field
- // specifies
- // REQUIRE_ATTESTATION, otherwise it must be empty.
- RequireAttestationsBy []string `json:"requireAttestationsBy,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "EnforcementMode") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "EnforcementMode") to
- // include in API requests with the JSON null value. By default, fields
- // with empty values are omitted from API requests. However, any field
- // with an empty value appearing in NullFields will be sent to the
- // server as null. It is an error if a field in this list has a
- // non-empty value. This may be used to include null fields in Patch
- // requests.
- NullFields []string `json:"-"`
- }
-
- func (s *AdmissionRule) MarshalJSON() ([]byte, error) {
- type NoMethod AdmissionRule
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // AdmissionWhitelistPattern: An admission whitelist pattern exempts
- // images
- // from checks by admission rules.
- type AdmissionWhitelistPattern struct {
- // NamePattern: An image name pattern to whitelist, in the form
- // `registry/path/to/image`.
- // This supports a trailing `*` as a wildcard, but this is allowed only
- // in
- // text after the `registry/` part.
- NamePattern string `json:"namePattern,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "NamePattern") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "NamePattern") to include
- // in API requests with the JSON null value. By default, fields with
- // empty values are omitted from API requests. However, any field with
- // an empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *AdmissionWhitelistPattern) MarshalJSON() ([]byte, error) {
- type NoMethod AdmissionWhitelistPattern
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // Attestor: An attestor that attests to container image
- // artifacts. An existing attestor cannot be modified except
- // where
- // indicated.
- type Attestor struct {
- // Description: Optional. A descriptive comment. This field may be
- // updated.
- // The field may be displayed in chooser dialogs.
- Description string `json:"description,omitempty"`
-
- // Name: Required. The resource name, in the
- // format:
- // `projects/*/attestors/*`. This field may not be updated.
- Name string `json:"name,omitempty"`
-
- // UpdateTime: Output only. Time when the attestor was last updated.
- UpdateTime string `json:"updateTime,omitempty"`
-
- // UserOwnedDrydockNote: A Drydock ATTESTATION_AUTHORITY Note, created
- // by the user.
- UserOwnedDrydockNote *UserOwnedDrydockNote `json:"userOwnedDrydockNote,omitempty"`
-
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
-
- // ForceSendFields is a list of field names (e.g. "Description") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Description") to include
- // in API requests with the JSON null value. By default, fields with
- // empty values are omitted from API requests. However, any field with
- // an empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *Attestor) MarshalJSON() ([]byte, error) {
- type NoMethod Attestor
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // AttestorPublicKey: An attestor public key that will be used to
- // verify
- // attestations signed by this attestor.
- type AttestorPublicKey struct {
- // AsciiArmoredPgpPublicKey: ASCII-armored representation of a PGP
- // public key, as the entire output by
- // the command `gpg --export --armor foo@example.com` (either LF or
- // CRLF
- // line endings).
- // When using this field, `id` should be left blank. The BinAuthz
- // API
- // handlers will calculate the ID and fill it in automatically.
- // BinAuthz
- // computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented
- // as
- // upper-case hex. If `id` is provided by the caller, it will
- // be
- // overwritten by the API-calculated ID.
- AsciiArmoredPgpPublicKey string `json:"asciiArmoredPgpPublicKey,omitempty"`
-
- // Comment: Optional. A descriptive comment. This field may be updated.
- Comment string `json:"comment,omitempty"`
-
- // Id: The ID of this public key.
- // Signatures verified by BinAuthz must include the ID of the public key
- // that
- // can be used to verify them, and that ID must match the contents of
- // this
- // field exactly.
- // Additional restrictions on this field can be imposed based on which
- // public
- // key type is encapsulated. See the documentation on `public_key` cases
- // below
- // for details.
- Id string `json:"id,omitempty"`
-
- // ForceSendFields is a list of field names (e.g.
- // "AsciiArmoredPgpPublicKey") to unconditionally include in API
- // requests. By default, fields with empty values are omitted from API
- // requests. However, any non-pointer, non-interface field appearing in
- // ForceSendFields will be sent to the server regardless of whether the
- // field is empty or not. This may be used to include empty fields in
- // Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "AsciiArmoredPgpPublicKey")
- // to include in API requests with the JSON null value. By default,
- // fields with empty values are omitted from API requests. However, any
- // field with an empty value appearing in NullFields will be sent to the
- // server as null. It is an error if a field in this list has a
- // non-empty value. This may be used to include null fields in Patch
- // requests.
- NullFields []string `json:"-"`
- }
-
- func (s *AttestorPublicKey) MarshalJSON() ([]byte, error) {
- type NoMethod AttestorPublicKey
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // Binding: Associates `members` with a `role`.
- type Binding struct {
- // Condition: Unimplemented. The condition that is associated with this
- // binding.
- // NOTE: an unsatisfied condition will not allow user access via
- // current
- // binding. Different bindings, including their conditions, are
- // examined
- // independently.
- Condition *Expr `json:"condition,omitempty"`
-
- // Members: Specifies the identities requesting access for a Cloud
- // Platform resource.
- // `members` can have the following values:
- //
- // * `allUsers`: A special identifier that represents anyone who is
- // on the internet; with or without a Google account.
- //
- // * `allAuthenticatedUsers`: A special identifier that represents
- // anyone
- // who is authenticated with a Google account or a service
- // account.
- //
- // * `user:{emailid}`: An email address that represents a specific
- // Google
- // account. For example, `alice@gmail.com` .
- //
- //
- // * `serviceAccount:{emailid}`: An email address that represents a
- // service
- // account. For example,
- // `my-other-app@appspot.gserviceaccount.com`.
- //
- // * `group:{emailid}`: An email address that represents a Google
- // group.
- // For example, `admins@example.com`.
- //
- //
- // * `domain:{domain}`: The G Suite domain (primary) that represents all
- // the
- // users of that domain. For example, `google.com` or
- // `example.com`.
- //
- //
- Members []string `json:"members,omitempty"`
-
- // Role: Role that is assigned to `members`.
- // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- Role string `json:"role,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "Condition") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Condition") to include in
- // API requests with the JSON null value. By default, fields with empty
- // values are omitted from API requests. However, any field with an
- // empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *Binding) MarshalJSON() ([]byte, error) {
- type NoMethod Binding
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // Empty: A generic empty message that you can re-use to avoid defining
- // duplicated
- // empty messages in your APIs. A typical example is to use it as the
- // request
- // or the response type of an API method. For instance:
- //
- // service Foo {
- // rpc Bar(google.protobuf.Empty) returns
- // (google.protobuf.Empty);
- // }
- //
- // The JSON representation for `Empty` is empty JSON object `{}`.
- type Empty struct {
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
- }
-
- // Expr: Represents an expression text. Example:
- //
- // title: "User account presence"
- // description: "Determines whether the request has a user account"
- // expression: "size(request.user) > 0"
- type Expr struct {
- // Description: An optional description of the expression. This is a
- // longer text which
- // describes the expression, e.g. when hovered over it in a UI.
- Description string `json:"description,omitempty"`
-
- // Expression: Textual representation of an expression in
- // Common Expression Language syntax.
- //
- // The application context of the containing message determines
- // which
- // well-known feature set of CEL is supported.
- Expression string `json:"expression,omitempty"`
-
- // Location: An optional string indicating the location of the
- // expression for error
- // reporting, e.g. a file name and a position in the file.
- Location string `json:"location,omitempty"`
-
- // Title: An optional title for the expression, i.e. a short string
- // describing
- // its purpose. This can be used e.g. in UIs which allow to enter
- // the
- // expression.
- Title string `json:"title,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "Description") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Description") to include
- // in API requests with the JSON null value. By default, fields with
- // empty values are omitted from API requests. However, any field with
- // an empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *Expr) MarshalJSON() ([]byte, error) {
- type NoMethod Expr
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // IamPolicy: Defines an Identity and Access Management (IAM) policy. It
- // is used to
- // specify access control policies for Cloud Platform resources.
- //
- //
- // A `Policy` consists of a list of `bindings`. A `binding` binds a list
- // of
- // `members` to a `role`, where the members can be user accounts, Google
- // groups,
- // Google domains, and service accounts. A `role` is a named list of
- // permissions
- // defined by IAM.
- //
- // **JSON Example**
- //
- // {
- // "bindings": [
- // {
- // "role": "roles/owner",
- // "members": [
- // "user:mike@example.com",
- // "group:admins@example.com",
- // "domain:google.com",
- //
- // "serviceAccount:my-other-app@appspot.gserviceaccount.com"
- // ]
- // },
- // {
- // "role": "roles/viewer",
- // "members": ["user:sean@example.com"]
- // }
- // ]
- // }
- //
- // **YAML Example**
- //
- // bindings:
- // - members:
- // - user:mike@example.com
- // - group:admins@example.com
- // - domain:google.com
- // - serviceAccount:my-other-app@appspot.gserviceaccount.com
- // role: roles/owner
- // - members:
- // - user:sean@example.com
- // role: roles/viewer
- //
- //
- // For a description of IAM and its features, see the
- // [IAM developer's guide](https://cloud.google.com/iam/docs).
- type IamPolicy struct {
- // Bindings: Associates a list of `members` to a `role`.
- // `bindings` with no members will result in an error.
- Bindings []*Binding `json:"bindings,omitempty"`
-
- // Etag: `etag` is used for optimistic concurrency control as a way to
- // help
- // prevent simultaneous updates of a policy from overwriting each
- // other.
- // It is strongly suggested that systems make use of the `etag` in
- // the
- // read-modify-write cycle to perform policy updates in order to avoid
- // race
- // conditions: An `etag` is returned in the response to `getIamPolicy`,
- // and
- // systems are expected to put that etag in the request to
- // `setIamPolicy` to
- // ensure that their change will be applied to the same version of the
- // policy.
- //
- // If no `etag` is provided in the call to `setIamPolicy`, then the
- // existing
- // policy is overwritten blindly.
- Etag string `json:"etag,omitempty"`
-
- // Version: Deprecated.
- Version int64 `json:"version,omitempty"`
-
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
-
- // ForceSendFields is a list of field names (e.g. "Bindings") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Bindings") to include in
- // API requests with the JSON null value. By default, fields with empty
- // values are omitted from API requests. However, any field with an
- // empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *IamPolicy) MarshalJSON() ([]byte, error) {
- type NoMethod IamPolicy
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // ListAttestorsResponse: Response message for
- // BinauthzManagementService.ListAttestors.
- type ListAttestorsResponse struct {
- // Attestors: The list of attestors.
- Attestors []*Attestor `json:"attestors,omitempty"`
-
- // NextPageToken: A token to retrieve the next page of results. Pass
- // this value in the
- // ListAttestorsRequest.page_token field in the subsequent call to
- // the
- // `ListAttestors` method to retrieve the next page of results.
- NextPageToken string `json:"nextPageToken,omitempty"`
-
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
-
- // ForceSendFields is a list of field names (e.g. "Attestors") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Attestors") to include in
- // API requests with the JSON null value. By default, fields with empty
- // values are omitted from API requests. However, any field with an
- // empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *ListAttestorsResponse) MarshalJSON() ([]byte, error) {
- type NoMethod ListAttestorsResponse
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // Policy: A policy for container image binary authorization.
- type Policy struct {
- // AdmissionWhitelistPatterns: Optional. Admission policy whitelisting.
- // A matching admission request will
- // always be permitted. This feature is typically used to exclude Google
- // or
- // third-party infrastructure images from Binary Authorization policies.
- AdmissionWhitelistPatterns []*AdmissionWhitelistPattern `json:"admissionWhitelistPatterns,omitempty"`
-
- // ClusterAdmissionRules: Optional. Per-cluster admission rules. Cluster
- // spec format:
- // `location.clusterId`. There can be at most one admission rule per
- // cluster
- // spec.
- // A `location` is either a compute zone (e.g. us-central1-a) or a
- // region
- // (e.g. us-central1).
- // For `clusterId` syntax restrictions
- // see
- // https://cloud.google.com/container-engine/reference/rest/v1/projec
- // ts.zones.clusters.
- ClusterAdmissionRules map[string]AdmissionRule `json:"clusterAdmissionRules,omitempty"`
-
- // DefaultAdmissionRule: Required. Default admission rule for a cluster
- // without a per-cluster, per-
- // kubernetes-service-account, or per-istio-service-identity admission
- // rule.
- DefaultAdmissionRule *AdmissionRule `json:"defaultAdmissionRule,omitempty"`
-
- // Description: Optional. A descriptive comment.
- Description string `json:"description,omitempty"`
-
- // Name: Output only. The resource name, in the format
- // `projects/*/policy`. There is
- // at most one policy per project.
- Name string `json:"name,omitempty"`
-
- // UpdateTime: Output only. Time when the policy was last updated.
- UpdateTime string `json:"updateTime,omitempty"`
-
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
-
- // ForceSendFields is a list of field names (e.g.
- // "AdmissionWhitelistPatterns") to unconditionally include in API
- // requests. By default, fields with empty values are omitted from API
- // requests. However, any non-pointer, non-interface field appearing in
- // ForceSendFields will be sent to the server regardless of whether the
- // field is empty or not. This may be used to include empty fields in
- // Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g.
- // "AdmissionWhitelistPatterns") to include in API requests with the
- // JSON null value. By default, fields with empty values are omitted
- // from API requests. However, any field with an empty value appearing
- // in NullFields will be sent to the server as null. It is an error if a
- // field in this list has a non-empty value. This may be used to include
- // null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *Policy) MarshalJSON() ([]byte, error) {
- type NoMethod Policy
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // SetIamPolicyRequest: Request message for `SetIamPolicy` method.
- type SetIamPolicyRequest struct {
- // Policy: REQUIRED: The complete policy to be applied to the
- // `resource`. The size of
- // the policy is limited to a few 10s of KB. An empty policy is a
- // valid policy but certain Cloud Platform services (such as
- // Projects)
- // might reject them.
- Policy *IamPolicy `json:"policy,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "Policy") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Policy") to include in API
- // requests with the JSON null value. By default, fields with empty
- // values are omitted from API requests. However, any field with an
- // empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
- type NoMethod SetIamPolicyRequest
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // TestIamPermissionsRequest: Request message for `TestIamPermissions`
- // method.
- type TestIamPermissionsRequest struct {
- // Permissions: The set of permissions to check for the `resource`.
- // Permissions with
- // wildcards (such as '*' or 'storage.*') are not allowed. For
- // more
- // information see
- // [IAM
- // Overview](https://cloud.google.com/iam/docs/overview#permissions).
- Permissions []string `json:"permissions,omitempty"`
-
- // ForceSendFields is a list of field names (e.g. "Permissions") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Permissions") to include
- // in API requests with the JSON null value. By default, fields with
- // empty values are omitted from API requests. However, any field with
- // an empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
- type NoMethod TestIamPermissionsRequest
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // TestIamPermissionsResponse: Response message for `TestIamPermissions`
- // method.
- type TestIamPermissionsResponse struct {
- // Permissions: A subset of `TestPermissionsRequest.permissions` that
- // the caller is
- // allowed.
- Permissions []string `json:"permissions,omitempty"`
-
- // ServerResponse contains the HTTP response code and headers from the
- // server.
- googleapi.ServerResponse `json:"-"`
-
- // ForceSendFields is a list of field names (e.g. "Permissions") to
- // unconditionally include in API requests. By default, fields with
- // empty values are omitted from API requests. However, any non-pointer,
- // non-interface field appearing in ForceSendFields will be sent to the
- // server regardless of whether the field is empty or not. This may be
- // used to include empty fields in Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g. "Permissions") to include
- // in API requests with the JSON null value. By default, fields with
- // empty values are omitted from API requests. However, any field with
- // an empty value appearing in NullFields will be sent to the server as
- // null. It is an error if a field in this list has a non-empty value.
- // This may be used to include null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
- type NoMethod TestIamPermissionsResponse
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // UserOwnedDrydockNote: An user owned drydock note references a
- // Drydock
- // ATTESTATION_AUTHORITY Note created by the user.
- type UserOwnedDrydockNote struct {
- // DelegationServiceAccountEmail: Output only. This field will contain
- // the service account email address
- // that this Attestor will use as the principal when querying
- // Container
- // Analysis. Attestor administrators must grant this service account
- // the
- // IAM role needed to read attestations from the note_reference
- // in
- // Container Analysis
- // (`containeranalysis.notes.occurrences.viewer`).
- //
- // This email address is fixed for the lifetime of the Attestor, but
- // callers
- // should not make any other assumptions about the service account
- // email;
- // future versions may use an email based on a different naming pattern.
- DelegationServiceAccountEmail string `json:"delegationServiceAccountEmail,omitempty"`
-
- // NoteReference: Required. The Drydock resource name of a
- // ATTESTATION_AUTHORITY Note,
- // created by the user, in the format: `projects/*/notes/*` (or the
- // legacy
- // `providers/*/notes/*`). This field may not be updated.
- //
- // An attestation by this attestor is stored as a
- // Drydock
- // ATTESTATION_AUTHORITY Occurrence that names a container image and
- // that
- // links to this Note. Drydock is an external dependency.
- NoteReference string `json:"noteReference,omitempty"`
-
- // PublicKeys: Optional. Public keys that verify attestations signed by
- // this
- // attestor. This field may be updated.
- //
- // If this field is non-empty, one of the specified public keys
- // must
- // verify that an attestation was signed by this attestor for the
- // image specified in the admission request.
- //
- // If this field is empty, this attestor always returns that no
- // valid attestations exist.
- PublicKeys []*AttestorPublicKey `json:"publicKeys,omitempty"`
-
- // ForceSendFields is a list of field names (e.g.
- // "DelegationServiceAccountEmail") to unconditionally include in API
- // requests. By default, fields with empty values are omitted from API
- // requests. However, any non-pointer, non-interface field appearing in
- // ForceSendFields will be sent to the server regardless of whether the
- // field is empty or not. This may be used to include empty fields in
- // Patch requests.
- ForceSendFields []string `json:"-"`
-
- // NullFields is a list of field names (e.g.
- // "DelegationServiceAccountEmail") to include in API requests with the
- // JSON null value. By default, fields with empty values are omitted
- // from API requests. However, any field with an empty value appearing
- // in NullFields will be sent to the server as null. It is an error if a
- // field in this list has a non-empty value. This may be used to include
- // null fields in Patch requests.
- NullFields []string `json:"-"`
- }
-
- func (s *UserOwnedDrydockNote) MarshalJSON() ([]byte, error) {
- type NoMethod UserOwnedDrydockNote
- raw := NoMethod(*s)
- return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
- }
-
- // method id "binaryauthorization.projects.getPolicy":
-
- type ProjectsGetPolicyCall struct {
- s *Service
- name string
- urlParams_ gensupport.URLParams
- ifNoneMatch_ string
- ctx_ context.Context
- header_ http.Header
- }
-
- // GetPolicy: Gets the policy for this project. Returns a default
- // policy if the project does not have one.
- func (r *ProjectsService) GetPolicy(name string) *ProjectsGetPolicyCall {
- c := &ProjectsGetPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.name = name
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsGetPolicyCall) Fields(s ...googleapi.Field) *ProjectsGetPolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // IfNoneMatch sets the optional parameter which makes the operation
- // fail if the object's ETag matches the given value. This is useful for
- // getting updates only after the object has changed since the last
- // request. Use googleapi.IsNotModified to check whether the response
- // error from Do is the result of In-None-Match.
- func (c *ProjectsGetPolicyCall) IfNoneMatch(entityTag string) *ProjectsGetPolicyCall {
- c.ifNoneMatch_ = entityTag
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsGetPolicyCall) Context(ctx context.Context) *ProjectsGetPolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsGetPolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsGetPolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- if c.ifNoneMatch_ != "" {
- reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
- }
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("GET", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "name": c.name,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.getPolicy" call.
- // Exactly one of *Policy or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Policy.ServerResponse.Header or (if a response was returned at all)
- // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
- // check whether the returned error was because http.StatusNotModified
- // was returned.
- func (c *ProjectsGetPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Policy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Gets the policy for this project. Returns a default\npolicy if the project does not have one.",
- // "flatPath": "v1beta1/projects/{projectsId}/policy",
- // "httpMethod": "GET",
- // "id": "binaryauthorization.projects.getPolicy",
- // "parameterOrder": [
- // "name"
- // ],
- // "parameters": {
- // "name": {
- // "description": "Required. The resource name of the policy to retrieve,\nin the format `projects/*/policy`.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/policy$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+name}",
- // "response": {
- // "$ref": "Policy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.updatePolicy":
-
- type ProjectsUpdatePolicyCall struct {
- s *Service
- name string
- policy *Policy
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // UpdatePolicy: Creates or updates a project's policy, and returns a
- // copy of the
- // new policy. A policy is always updated as a whole, to avoid
- // race
- // conditions with concurrent policy enforcement (or
- // management!)
- // requests. Returns NOT_FOUND if the project does not exist,
- // INVALID_ARGUMENT
- // if the request is malformed.
- func (r *ProjectsService) UpdatePolicy(name string, policy *Policy) *ProjectsUpdatePolicyCall {
- c := &ProjectsUpdatePolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.name = name
- c.policy = policy
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsUpdatePolicyCall) Fields(s ...googleapi.Field) *ProjectsUpdatePolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsUpdatePolicyCall) Context(ctx context.Context) *ProjectsUpdatePolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsUpdatePolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsUpdatePolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.policy)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("PUT", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "name": c.name,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.updatePolicy" call.
- // Exactly one of *Policy or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Policy.ServerResponse.Header or (if a response was returned at all)
- // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
- // check whether the returned error was because http.StatusNotModified
- // was returned.
- func (c *ProjectsUpdatePolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Policy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Creates or updates a project's policy, and returns a copy of the\nnew policy. A policy is always updated as a whole, to avoid race\nconditions with concurrent policy enforcement (or management!)\nrequests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT\nif the request is malformed.",
- // "flatPath": "v1beta1/projects/{projectsId}/policy",
- // "httpMethod": "PUT",
- // "id": "binaryauthorization.projects.updatePolicy",
- // "parameterOrder": [
- // "name"
- // ],
- // "parameters": {
- // "name": {
- // "description": "Output only. The resource name, in the format `projects/*/policy`. There is\nat most one policy per project.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/policy$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+name}",
- // "request": {
- // "$ref": "Policy"
- // },
- // "response": {
- // "$ref": "Policy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.create":
-
- type ProjectsAttestorsCreateCall struct {
- s *Service
- parent string
- attestor *Attestor
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // Create: Creates an attestor, and returns a copy of the new
- // attestor. Returns NOT_FOUND if the project does not
- // exist,
- // INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if
- // the
- // attestor already exists.
- func (r *ProjectsAttestorsService) Create(parent string, attestor *Attestor) *ProjectsAttestorsCreateCall {
- c := &ProjectsAttestorsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.parent = parent
- c.attestor = attestor
- return c
- }
-
- // AttestorId sets the optional parameter "attestorId": Required. The
- // attestors ID.
- func (c *ProjectsAttestorsCreateCall) AttestorId(attestorId string) *ProjectsAttestorsCreateCall {
- c.urlParams_.Set("attestorId", attestorId)
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsCreateCall) Fields(s ...googleapi.Field) *ProjectsAttestorsCreateCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsCreateCall) Context(ctx context.Context) *ProjectsAttestorsCreateCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsCreateCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsCreateCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.attestor)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/attestors")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("POST", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "parent": c.parent,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.create" call.
- // Exactly one of *Attestor or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Attestor.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsAttestorsCreateCall) Do(opts ...googleapi.CallOption) (*Attestor, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Attestor{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Creates an attestor, and returns a copy of the new\nattestor. Returns NOT_FOUND if the project does not exist,\nINVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the\nattestor already exists.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors",
- // "httpMethod": "POST",
- // "id": "binaryauthorization.projects.attestors.create",
- // "parameterOrder": [
- // "parent"
- // ],
- // "parameters": {
- // "attestorId": {
- // "description": "Required. The attestors ID.",
- // "location": "query",
- // "type": "string"
- // },
- // "parent": {
- // "description": "Required. The parent of this attestor.",
- // "location": "path",
- // "pattern": "^projects/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+parent}/attestors",
- // "request": {
- // "$ref": "Attestor"
- // },
- // "response": {
- // "$ref": "Attestor"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.delete":
-
- type ProjectsAttestorsDeleteCall struct {
- s *Service
- name string
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // Delete: Deletes an attestor. Returns NOT_FOUND if the
- // attestor does not exist.
- func (r *ProjectsAttestorsService) Delete(name string) *ProjectsAttestorsDeleteCall {
- c := &ProjectsAttestorsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.name = name
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsDeleteCall) Fields(s ...googleapi.Field) *ProjectsAttestorsDeleteCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsDeleteCall) Context(ctx context.Context) *ProjectsAttestorsDeleteCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsDeleteCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsDeleteCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("DELETE", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "name": c.name,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.delete" call.
- // Exactly one of *Empty or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Empty.ServerResponse.Header or (if a response was returned at all)
- // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
- // check whether the returned error was because http.StatusNotModified
- // was returned.
- func (c *ProjectsAttestorsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Empty{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Deletes an attestor. Returns NOT_FOUND if the\nattestor does not exist.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}",
- // "httpMethod": "DELETE",
- // "id": "binaryauthorization.projects.attestors.delete",
- // "parameterOrder": [
- // "name"
- // ],
- // "parameters": {
- // "name": {
- // "description": "Required. The name of the attestors to delete, in the format\n`projects/*/attestors/*`.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+name}",
- // "response": {
- // "$ref": "Empty"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.get":
-
- type ProjectsAttestorsGetCall struct {
- s *Service
- name string
- urlParams_ gensupport.URLParams
- ifNoneMatch_ string
- ctx_ context.Context
- header_ http.Header
- }
-
- // Get: Gets an attestor.
- // Returns NOT_FOUND if the attestor does not exist.
- func (r *ProjectsAttestorsService) Get(name string) *ProjectsAttestorsGetCall {
- c := &ProjectsAttestorsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.name = name
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsGetCall) Fields(s ...googleapi.Field) *ProjectsAttestorsGetCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // IfNoneMatch sets the optional parameter which makes the operation
- // fail if the object's ETag matches the given value. This is useful for
- // getting updates only after the object has changed since the last
- // request. Use googleapi.IsNotModified to check whether the response
- // error from Do is the result of In-None-Match.
- func (c *ProjectsAttestorsGetCall) IfNoneMatch(entityTag string) *ProjectsAttestorsGetCall {
- c.ifNoneMatch_ = entityTag
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsGetCall) Context(ctx context.Context) *ProjectsAttestorsGetCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsGetCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsGetCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- if c.ifNoneMatch_ != "" {
- reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
- }
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("GET", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "name": c.name,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.get" call.
- // Exactly one of *Attestor or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Attestor.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsAttestorsGetCall) Do(opts ...googleapi.CallOption) (*Attestor, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Attestor{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Gets an attestor.\nReturns NOT_FOUND if the attestor does not exist.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}",
- // "httpMethod": "GET",
- // "id": "binaryauthorization.projects.attestors.get",
- // "parameterOrder": [
- // "name"
- // ],
- // "parameters": {
- // "name": {
- // "description": "Required. The name of the attestor to retrieve, in the format\n`projects/*/attestors/*`.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+name}",
- // "response": {
- // "$ref": "Attestor"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.getIamPolicy":
-
- type ProjectsAttestorsGetIamPolicyCall struct {
- s *Service
- resource string
- urlParams_ gensupport.URLParams
- ifNoneMatch_ string
- ctx_ context.Context
- header_ http.Header
- }
-
- // GetIamPolicy: Gets the access control policy for a resource.
- // Returns an empty policy if the resource exists and does not have a
- // policy
- // set.
- func (r *ProjectsAttestorsService) GetIamPolicy(resource string) *ProjectsAttestorsGetIamPolicyCall {
- c := &ProjectsAttestorsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsAttestorsGetIamPolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // IfNoneMatch sets the optional parameter which makes the operation
- // fail if the object's ETag matches the given value. This is useful for
- // getting updates only after the object has changed since the last
- // request. Use googleapi.IsNotModified to check whether the response
- // error from Do is the result of In-None-Match.
- func (c *ProjectsAttestorsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsAttestorsGetIamPolicyCall {
- c.ifNoneMatch_ = entityTag
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsGetIamPolicyCall) Context(ctx context.Context) *ProjectsAttestorsGetIamPolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsGetIamPolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- if c.ifNoneMatch_ != "" {
- reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
- }
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("GET", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.getIamPolicy" call.
- // Exactly one of *IamPolicy or error will be non-nil. Any non-2xx
- // status code is an error. Response headers are in either
- // *IamPolicy.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsAttestorsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*IamPolicy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &IamPolicy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Gets the access control policy for a resource.\nReturns an empty policy if the resource exists and does not have a policy\nset.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}:getIamPolicy",
- // "httpMethod": "GET",
- // "id": "binaryauthorization.projects.attestors.getIamPolicy",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:getIamPolicy",
- // "response": {
- // "$ref": "IamPolicy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.list":
-
- type ProjectsAttestorsListCall struct {
- s *Service
- parent string
- urlParams_ gensupport.URLParams
- ifNoneMatch_ string
- ctx_ context.Context
- header_ http.Header
- }
-
- // List: Lists attestors.
- // Returns INVALID_ARGUMENT if the project does not exist.
- func (r *ProjectsAttestorsService) List(parent string) *ProjectsAttestorsListCall {
- c := &ProjectsAttestorsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.parent = parent
- return c
- }
-
- // PageSize sets the optional parameter "pageSize": Requested page size.
- // The server may return fewer results than requested. If
- // unspecified, the server will pick an appropriate default.
- func (c *ProjectsAttestorsListCall) PageSize(pageSize int64) *ProjectsAttestorsListCall {
- c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
- return c
- }
-
- // PageToken sets the optional parameter "pageToken": A token
- // identifying a page of results the server should return.
- // Typically,
- // this is the value of ListAttestorsResponse.next_page_token
- // returned
- // from the previous call to the `ListAttestors` method.
- func (c *ProjectsAttestorsListCall) PageToken(pageToken string) *ProjectsAttestorsListCall {
- c.urlParams_.Set("pageToken", pageToken)
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsListCall) Fields(s ...googleapi.Field) *ProjectsAttestorsListCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // IfNoneMatch sets the optional parameter which makes the operation
- // fail if the object's ETag matches the given value. This is useful for
- // getting updates only after the object has changed since the last
- // request. Use googleapi.IsNotModified to check whether the response
- // error from Do is the result of In-None-Match.
- func (c *ProjectsAttestorsListCall) IfNoneMatch(entityTag string) *ProjectsAttestorsListCall {
- c.ifNoneMatch_ = entityTag
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsListCall) Context(ctx context.Context) *ProjectsAttestorsListCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsListCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsListCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- if c.ifNoneMatch_ != "" {
- reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
- }
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}/attestors")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("GET", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "parent": c.parent,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.list" call.
- // Exactly one of *ListAttestorsResponse or error will be non-nil. Any
- // non-2xx status code is an error. Response headers are in either
- // *ListAttestorsResponse.ServerResponse.Header or (if a response was
- // returned at all) in error.(*googleapi.Error).Header. Use
- // googleapi.IsNotModified to check whether the returned error was
- // because http.StatusNotModified was returned.
- func (c *ProjectsAttestorsListCall) Do(opts ...googleapi.CallOption) (*ListAttestorsResponse, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &ListAttestorsResponse{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Lists attestors.\nReturns INVALID_ARGUMENT if the project does not exist.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors",
- // "httpMethod": "GET",
- // "id": "binaryauthorization.projects.attestors.list",
- // "parameterOrder": [
- // "parent"
- // ],
- // "parameters": {
- // "pageSize": {
- // "description": "Requested page size. The server may return fewer results than requested. If\nunspecified, the server will pick an appropriate default.",
- // "format": "int32",
- // "location": "query",
- // "type": "integer"
- // },
- // "pageToken": {
- // "description": "A token identifying a page of results the server should return. Typically,\nthis is the value of ListAttestorsResponse.next_page_token returned\nfrom the previous call to the `ListAttestors` method.",
- // "location": "query",
- // "type": "string"
- // },
- // "parent": {
- // "description": "Required. The resource name of the project associated with the\nattestors, in the format `projects/*`.",
- // "location": "path",
- // "pattern": "^projects/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+parent}/attestors",
- // "response": {
- // "$ref": "ListAttestorsResponse"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // Pages invokes f for each page of results.
- // A non-nil error returned from f will halt the iteration.
- // The provided context supersedes any context provided to the Context method.
- func (c *ProjectsAttestorsListCall) Pages(ctx context.Context, f func(*ListAttestorsResponse) error) error {
- c.ctx_ = ctx
- defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
- for {
- x, err := c.Do()
- if err != nil {
- return err
- }
- if err := f(x); err != nil {
- return err
- }
- if x.NextPageToken == "" {
- return nil
- }
- c.PageToken(x.NextPageToken)
- }
- }
-
- // method id "binaryauthorization.projects.attestors.setIamPolicy":
-
- type ProjectsAttestorsSetIamPolicyCall struct {
- s *Service
- resource string
- setiampolicyrequest *SetIamPolicyRequest
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // SetIamPolicy: Sets the access control policy on the specified
- // resource. Replaces any
- // existing policy.
- func (r *ProjectsAttestorsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsAttestorsSetIamPolicyCall {
- c := &ProjectsAttestorsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- c.setiampolicyrequest = setiampolicyrequest
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsAttestorsSetIamPolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsSetIamPolicyCall) Context(ctx context.Context) *ProjectsAttestorsSetIamPolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsSetIamPolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("POST", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.setIamPolicy" call.
- // Exactly one of *IamPolicy or error will be non-nil. Any non-2xx
- // status code is an error. Response headers are in either
- // *IamPolicy.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsAttestorsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*IamPolicy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &IamPolicy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Sets the access control policy on the specified resource. Replaces any\nexisting policy.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}:setIamPolicy",
- // "httpMethod": "POST",
- // "id": "binaryauthorization.projects.attestors.setIamPolicy",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:setIamPolicy",
- // "request": {
- // "$ref": "SetIamPolicyRequest"
- // },
- // "response": {
- // "$ref": "IamPolicy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.testIamPermissions":
-
- type ProjectsAttestorsTestIamPermissionsCall struct {
- s *Service
- resource string
- testiampermissionsrequest *TestIamPermissionsRequest
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // TestIamPermissions: Returns permissions that a caller has on the
- // specified resource.
- // If the resource does not exist, this will return an empty set
- // of
- // permissions, not a NOT_FOUND error.
- //
- // Note: This operation is designed to be used for building
- // permission-aware
- // UIs and command-line tools, not for authorization checking. This
- // operation
- // may "fail open" without warning.
- func (r *ProjectsAttestorsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsAttestorsTestIamPermissionsCall {
- c := &ProjectsAttestorsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- c.testiampermissionsrequest = testiampermissionsrequest
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsAttestorsTestIamPermissionsCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsAttestorsTestIamPermissionsCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsTestIamPermissionsCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("POST", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.testIamPermissions" call.
- // Exactly one of *TestIamPermissionsResponse or error will be non-nil.
- // Any non-2xx status code is an error. Response headers are in either
- // *TestIamPermissionsResponse.ServerResponse.Header or (if a response
- // was returned at all) in error.(*googleapi.Error).Header. Use
- // googleapi.IsNotModified to check whether the returned error was
- // because http.StatusNotModified was returned.
- func (c *ProjectsAttestorsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &TestIamPermissionsResponse{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Returns permissions that a caller has on the specified resource.\nIf the resource does not exist, this will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: This operation is designed to be used for building permission-aware\nUIs and command-line tools, not for authorization checking. This operation\nmay \"fail open\" without warning.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}:testIamPermissions",
- // "httpMethod": "POST",
- // "id": "binaryauthorization.projects.attestors.testIamPermissions",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:testIamPermissions",
- // "request": {
- // "$ref": "TestIamPermissionsRequest"
- // },
- // "response": {
- // "$ref": "TestIamPermissionsResponse"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.attestors.update":
-
- type ProjectsAttestorsUpdateCall struct {
- s *Service
- name string
- attestor *Attestor
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // Update: Updates an attestor.
- // Returns NOT_FOUND if the attestor does not exist.
- func (r *ProjectsAttestorsService) Update(name string, attestor *Attestor) *ProjectsAttestorsUpdateCall {
- c := &ProjectsAttestorsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.name = name
- c.attestor = attestor
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsAttestorsUpdateCall) Fields(s ...googleapi.Field) *ProjectsAttestorsUpdateCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsAttestorsUpdateCall) Context(ctx context.Context) *ProjectsAttestorsUpdateCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsAttestorsUpdateCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsAttestorsUpdateCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.attestor)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("PUT", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "name": c.name,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.attestors.update" call.
- // Exactly one of *Attestor or error will be non-nil. Any non-2xx status
- // code is an error. Response headers are in either
- // *Attestor.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsAttestorsUpdateCall) Do(opts ...googleapi.CallOption) (*Attestor, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &Attestor{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Updates an attestor.\nReturns NOT_FOUND if the attestor does not exist.",
- // "flatPath": "v1beta1/projects/{projectsId}/attestors/{attestorsId}",
- // "httpMethod": "PUT",
- // "id": "binaryauthorization.projects.attestors.update",
- // "parameterOrder": [
- // "name"
- // ],
- // "parameters": {
- // "name": {
- // "description": "Required. The resource name, in the format:\n`projects/*/attestors/*`. This field may not be updated.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/attestors/[^/]+$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+name}",
- // "request": {
- // "$ref": "Attestor"
- // },
- // "response": {
- // "$ref": "Attestor"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.policy.getIamPolicy":
-
- type ProjectsPolicyGetIamPolicyCall struct {
- s *Service
- resource string
- urlParams_ gensupport.URLParams
- ifNoneMatch_ string
- ctx_ context.Context
- header_ http.Header
- }
-
- // GetIamPolicy: Gets the access control policy for a resource.
- // Returns an empty policy if the resource exists and does not have a
- // policy
- // set.
- func (r *ProjectsPolicyService) GetIamPolicy(resource string) *ProjectsPolicyGetIamPolicyCall {
- c := &ProjectsPolicyGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsPolicyGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsPolicyGetIamPolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // IfNoneMatch sets the optional parameter which makes the operation
- // fail if the object's ETag matches the given value. This is useful for
- // getting updates only after the object has changed since the last
- // request. Use googleapi.IsNotModified to check whether the response
- // error from Do is the result of In-None-Match.
- func (c *ProjectsPolicyGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsPolicyGetIamPolicyCall {
- c.ifNoneMatch_ = entityTag
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsPolicyGetIamPolicyCall) Context(ctx context.Context) *ProjectsPolicyGetIamPolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsPolicyGetIamPolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsPolicyGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- if c.ifNoneMatch_ != "" {
- reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
- }
- var body io.Reader = nil
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("GET", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.policy.getIamPolicy" call.
- // Exactly one of *IamPolicy or error will be non-nil. Any non-2xx
- // status code is an error. Response headers are in either
- // *IamPolicy.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsPolicyGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*IamPolicy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &IamPolicy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Gets the access control policy for a resource.\nReturns an empty policy if the resource exists and does not have a policy\nset.",
- // "flatPath": "v1beta1/projects/{projectsId}/policy:getIamPolicy",
- // "httpMethod": "GET",
- // "id": "binaryauthorization.projects.policy.getIamPolicy",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/policy$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:getIamPolicy",
- // "response": {
- // "$ref": "IamPolicy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.policy.setIamPolicy":
-
- type ProjectsPolicySetIamPolicyCall struct {
- s *Service
- resource string
- setiampolicyrequest *SetIamPolicyRequest
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // SetIamPolicy: Sets the access control policy on the specified
- // resource. Replaces any
- // existing policy.
- func (r *ProjectsPolicyService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsPolicySetIamPolicyCall {
- c := &ProjectsPolicySetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- c.setiampolicyrequest = setiampolicyrequest
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsPolicySetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsPolicySetIamPolicyCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsPolicySetIamPolicyCall) Context(ctx context.Context) *ProjectsPolicySetIamPolicyCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsPolicySetIamPolicyCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsPolicySetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("POST", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.policy.setIamPolicy" call.
- // Exactly one of *IamPolicy or error will be non-nil. Any non-2xx
- // status code is an error. Response headers are in either
- // *IamPolicy.ServerResponse.Header or (if a response was returned at
- // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
- // to check whether the returned error was because
- // http.StatusNotModified was returned.
- func (c *ProjectsPolicySetIamPolicyCall) Do(opts ...googleapi.CallOption) (*IamPolicy, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &IamPolicy{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Sets the access control policy on the specified resource. Replaces any\nexisting policy.",
- // "flatPath": "v1beta1/projects/{projectsId}/policy:setIamPolicy",
- // "httpMethod": "POST",
- // "id": "binaryauthorization.projects.policy.setIamPolicy",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/policy$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:setIamPolicy",
- // "request": {
- // "$ref": "SetIamPolicyRequest"
- // },
- // "response": {
- // "$ref": "IamPolicy"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
-
- // method id "binaryauthorization.projects.policy.testIamPermissions":
-
- type ProjectsPolicyTestIamPermissionsCall struct {
- s *Service
- resource string
- testiampermissionsrequest *TestIamPermissionsRequest
- urlParams_ gensupport.URLParams
- ctx_ context.Context
- header_ http.Header
- }
-
- // TestIamPermissions: Returns permissions that a caller has on the
- // specified resource.
- // If the resource does not exist, this will return an empty set
- // of
- // permissions, not a NOT_FOUND error.
- //
- // Note: This operation is designed to be used for building
- // permission-aware
- // UIs and command-line tools, not for authorization checking. This
- // operation
- // may "fail open" without warning.
- func (r *ProjectsPolicyService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsPolicyTestIamPermissionsCall {
- c := &ProjectsPolicyTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
- c.resource = resource
- c.testiampermissionsrequest = testiampermissionsrequest
- return c
- }
-
- // Fields allows partial responses to be retrieved. See
- // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
- // for more information.
- func (c *ProjectsPolicyTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsPolicyTestIamPermissionsCall {
- c.urlParams_.Set("fields", googleapi.CombineFields(s))
- return c
- }
-
- // Context sets the context to be used in this call's Do method. Any
- // pending HTTP request will be aborted if the provided context is
- // canceled.
- func (c *ProjectsPolicyTestIamPermissionsCall) Context(ctx context.Context) *ProjectsPolicyTestIamPermissionsCall {
- c.ctx_ = ctx
- return c
- }
-
- // Header returns an http.Header that can be modified by the caller to
- // add HTTP headers to the request.
- func (c *ProjectsPolicyTestIamPermissionsCall) Header() http.Header {
- if c.header_ == nil {
- c.header_ = make(http.Header)
- }
- return c.header_
- }
-
- func (c *ProjectsPolicyTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
- reqHeaders := make(http.Header)
- for k, v := range c.header_ {
- reqHeaders[k] = v
- }
- reqHeaders.Set("User-Agent", c.s.userAgent())
- var body io.Reader = nil
- body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
- if err != nil {
- return nil, err
- }
- reqHeaders.Set("Content-Type", "application/json")
- c.urlParams_.Set("alt", alt)
- c.urlParams_.Set("prettyPrint", "false")
- urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
- urls += "?" + c.urlParams_.Encode()
- req, err := http.NewRequest("POST", urls, body)
- if err != nil {
- return nil, err
- }
- req.Header = reqHeaders
- googleapi.Expand(req.URL, map[string]string{
- "resource": c.resource,
- })
- return gensupport.SendRequest(c.ctx_, c.s.client, req)
- }
-
- // Do executes the "binaryauthorization.projects.policy.testIamPermissions" call.
- // Exactly one of *TestIamPermissionsResponse or error will be non-nil.
- // Any non-2xx status code is an error. Response headers are in either
- // *TestIamPermissionsResponse.ServerResponse.Header or (if a response
- // was returned at all) in error.(*googleapi.Error).Header. Use
- // googleapi.IsNotModified to check whether the returned error was
- // because http.StatusNotModified was returned.
- func (c *ProjectsPolicyTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
- gensupport.SetOptions(c.urlParams_, opts...)
- res, err := c.doRequest("json")
- if res != nil && res.StatusCode == http.StatusNotModified {
- if res.Body != nil {
- res.Body.Close()
- }
- return nil, &googleapi.Error{
- Code: res.StatusCode,
- Header: res.Header,
- }
- }
- if err != nil {
- return nil, err
- }
- defer googleapi.CloseBody(res)
- if err := googleapi.CheckResponse(res); err != nil {
- return nil, err
- }
- ret := &TestIamPermissionsResponse{
- ServerResponse: googleapi.ServerResponse{
- Header: res.Header,
- HTTPStatusCode: res.StatusCode,
- },
- }
- target := &ret
- if err := gensupport.DecodeResponse(target, res); err != nil {
- return nil, err
- }
- return ret, nil
- // {
- // "description": "Returns permissions that a caller has on the specified resource.\nIf the resource does not exist, this will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: This operation is designed to be used for building permission-aware\nUIs and command-line tools, not for authorization checking. This operation\nmay \"fail open\" without warning.",
- // "flatPath": "v1beta1/projects/{projectsId}/policy:testIamPermissions",
- // "httpMethod": "POST",
- // "id": "binaryauthorization.projects.policy.testIamPermissions",
- // "parameterOrder": [
- // "resource"
- // ],
- // "parameters": {
- // "resource": {
- // "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.",
- // "location": "path",
- // "pattern": "^projects/[^/]+/policy$",
- // "required": true,
- // "type": "string"
- // }
- // },
- // "path": "v1beta1/{+resource}:testIamPermissions",
- // "request": {
- // "$ref": "TestIamPermissionsRequest"
- // },
- // "response": {
- // "$ref": "TestIamPermissionsResponse"
- // },
- // "scopes": [
- // "https://www.googleapis.com/auth/cloud-platform"
- // ]
- // }
-
- }
|