Skip to main content

types

Blob

A Blob resource.

id : string

Output only. ID of the blob.

digest : string

Content-addressable identifier of the blob.

size : int64

Size of the blob, specified in bytes.

urls : string

List of blob urls.

Image

An Image resource. For more information, see Docker image.

id : string

Output only. ID of the Docker image.

name : string

Name of the Docker image. The name is unique within the registry.

digest : string

Content-addressable identifier of the Docker image.

compressedSize : int64

Compressed size of the Docker image, specified in bytes.

config : Blob

Configuration of the Docker image.

layers : Blob

Layers of the Docker image.

tags : string

Tags of the Docker image.

Each tag is unique within the repository.

createdAt : google.protobuf.Timestamp

Output only. Creation timestamp in RFC3339 text format.

IpPermission

Action

  • ACTION_UNSPECIFIED

  • PULL

  • PUSH

action : Action
ip : string

IpPermissionDelta

action : IpPermissionAction

The action that is being performed on an ip permission.

ipPermission : IpPermission

Ip permission.

LifecyclePolicy

Status

  • STATUS_UNSPECIFIED

  • ACTIVE

    Policy is active and regularly deletes Docker images according to the established rules.

  • DISABLED

    Policy is disabled and does not delete Docker images in the repository. Policies in this status can be used for preparing and testing rules.

id : string

ID of the lifecycle policy.

name : string

Name of the lifecycle policy.

repositoryId : string

ID of the repository that the lifecycle policy belongs to. Required. The maximum string length in characters is 50.

description : string

Description of the lifecycle policy. The maximum string length in characters is 256.

status : Status

Status of lifecycle policy.

createdAt : google.protobuf.Timestamp

Creation timestamp.

rules : LifecycleRule

The rules of lifecycle policy.

LifecycleRule

description : string

Description of the lifecycle policy rule.

expirePeriod : google.protobuf.Duration

Period of time for automatic deletion. Period must be a multiple of 24 hours.

tagRegexp : string

Tag for specifying a filter in the form of a regular expression.

untagged : bool

Tag for applying the rule to Docker images without tags.

retainedTop : int64

Number of Docker images (falling under the specified filter by tags) that must be left, even if the expire_period has already expired.

PackageVulnerability

A PackageVulnerability resource.

name : string

Name of vulnerability in CVE database.

URL to the page with description of vulnerability.

package : string

The package name where vulnerability has been found.

source : string

The package manager name. Ex.: yum, rpm, dpkg.

version : string

The version of the package where vulnerability has been found.

fixedBy : string

The version of the package where vulnerability has been fixed.

origin : string

The place where vulnerability is originated (OS, lang package, etc.)

type : string

The type of vulnerability origin - name of OS if origin="os" or package type (jar, gobinary, etc.) if origin="lang"

PushRule

repositoryPrefixes : string

List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry

disabled : bool

Turns off scan rule.

Registry

A Registry resource. For more information, see the Registry section of the documentation.

Status

  • STATUS_UNSPECIFIED

  • CREATING

    Registry is being created.

  • ACTIVE

    Registry is ready to use.

  • DELETING

    Registry is being deleted.

id : string

Output only. ID of the registry.

folderId : string

ID of the folder that the registry belongs to.

name : string

Name of the registry.

status : Status

Output only. Status of the registry.

createdAt : google.protobuf.Timestamp

Output only. Creation timestamp in RFC3339 text format.

labels : string

Resource labels as key:value pairs. Maximum of 64 per resource.

Repository

A Repository resource. For more information, see Repository.

name : string

Name of the repository. The name is unique within the registry.

id : string

Output only. ID of the repository.

ScanPolicy

id : string

Output only. ID of the scan policy.

registryId : string

ID of the registry that the scan policy belongs to. Required. The maximum string length in characters is 50.

name : string

Name of the scan policy.

description : string

Description of the scan policy. The maximum string length in characters is 256.

rules : ScanRules

The rules of scan policy.

createdAt : google.protobuf.Timestamp

Output only. Creation timestamp.

disabled : bool

Turns off scan policy.

ScanResult

A ScanResult resource.

Status

  • STATUS_UNSPECIFIED

  • RUNNING

    Image scan is in progress.

  • READY

    Image has been scanned and result is ready.

  • ERROR

    Image scan is failed.

id : string

Output only. ID of the ScanResult.

imageId : string

Output only. ID of the Image that the ScanResult belongs to.

scannedAt : google.protobuf.Timestamp

Output only. The timestamp in RFC3339 text format when the scan been finished.

status : Status

Output only. The status of the ScanResult.

vulnerabilities : VulnerabilityStats

Output only. Summary information about vulnerabilities found.

ScanRules

pushRule : PushRule

Description of on-push scan rule.

scheduleRules : ScheduledRule

Description of time based rescan rule.

ScheduledRule

repositoryPrefixes : string

List of repositories that are scanned with rule. Child repositories are included into parent node. "*" - means all repositories in registry

rescanPeriod : google.protobuf.Duration

Period of time since last scan to trigger automatic rescan.

disabled : bool

Turns off scan rule.

Vulnerability

A Vulnerability resource.

Severity

  • SEVERITY_UNSPECIFIED

  • CRITICAL

    Critical severity is a world-burning problem, exploitable for nearly all users. Includes remote root privilege escalations, or massive data loss.

  • HIGH

    High severity is a real problem, exploitable for many users in a default installation. Includes serious remote denial of services, local root privilege escalations, or data loss.

  • MEDIUM

    Medium severity is a real security problem, and is exploitable for many users. Includes network daemon denial of service attacks, cross-site scripting, and gaining user privileges. Updates should be made soon for this priority of issue.

  • LOW

    Low severity is a security problem, but is hard to exploit due to environment, requires a user-assisted attack, a small install base, or does very little damage. These tend to be included in security updates only when higher priority issues require an update, or if many low priority issues have built up.

  • NEGLIGIBLE

    Negligible severity is technically a security problem, but is only theoretical in nature, requires a very special situation, has almost no install base, or does no real damage. These tend not to get backport from upstream, and will likely not be included in security updates unless there is an easy fix and some other issue causes an update.

  • UNDEFINED

    Unknown severity is either a security problem that has not been assigned to a priority yet or a priority that our system did not recognize.

severity : Severity

Output only. Severity of the Vulnerability.

One of vulnerability

Details of vulnerability depending on type. Only package vulnerability is supported at the moment.

  • package : PackageVulnerability

VulnerabilityStats

A VulnerabilityStats resource.

critical : int64

Count of CRITICAL vulnerabilities.

high : int64

Count of HIGH vulnerabilities.

medium : int64

Count of MEDIUM vulnerabilities.

low : int64

Count of LOW vulnerabilities.

negligible : int64

Count of NEGLIGIBLE vulnerabilities.

undefined : int64

Count of other vulnerabilities.