1 // Copyright 2018 Google Inc.
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
7 // http://www.apache.org/licenses/LICENSE-2.0
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
17 package google.devtools.containeranalysis.v1alpha1;
19 import "google/api/annotations.proto";
20 import "google/devtools/containeranalysis/v1alpha1/source_context.proto";
21 import "google/protobuf/timestamp.proto";
23 option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1alpha1;containeranalysis";
24 option java_multiple_files = true;
25 option java_package = "com.google.containeranalysis.v1alpha1";
26 option objc_class_prefix = "GCA";
28 // Provenance of a build. Contains all information needed to verify the full
29 // details about the build from source to completion.
30 message BuildProvenance {
31 // Unique identifier of the build.
35 string project_id = 2;
37 // Commands requested by the build.
38 repeated Command commands = 5;
40 // Output of the build.
41 repeated Artifact built_artifacts = 6;
43 // Time at which the build was created.
44 google.protobuf.Timestamp create_time = 7;
46 // Time at which execution of the build was started.
47 google.protobuf.Timestamp start_time = 8;
49 // Time at which execution of the build was finished.
50 google.protobuf.Timestamp finish_time = 9;
52 // E-mail address of the user who initiated this build. Note that this was the
53 // user's e-mail address at the time the build was initiated; this address may
54 // not represent the same end-user for all time.
57 // Google Cloud Storage bucket where logs were written.
58 string logs_bucket = 13;
60 // Details of the Source input to the build.
61 Source source_provenance = 14;
63 // Trigger identifier if the build was triggered automatically; empty if not.
64 string trigger_id = 15;
66 // Special options applied to this build. This is a catch-all field where
67 // build providers can enter any desired additional details.
68 map<string, string> build_options = 16;
70 // Version string of the builder at the time this build was executed.
71 string builder_version = 17;
74 // Source describes the location of the source used for the build.
76 // Source location information.
78 // If provided, get the source from this location in in Google Cloud
80 StorageSource storage_source = 1;
82 // If provided, get source from this location in a Cloud Repo.
83 RepoSource repo_source = 2;
86 // If provided, the input binary artifacts for the build came from this
88 StorageSource artifact_storage_source = 4;
90 // Hash(es) of the build source, which can be used to verify that the original
91 // source integrity was maintained in the build.
93 // The keys to this map are file paths used as build source and the values
94 // contain the hash values for those files.
96 // If the build source came in a single package such as a gzipped tarfile
97 // (.tar.gz), the FileHash will be for the single path to that file.
98 map<string, FileHashes> file_hashes = 3;
100 // If provided, the source code used for the build came from this location.
101 SourceContext context = 7;
103 // If provided, some of the source code used for the build may be found in
104 // these locations, in the case where the source repository had multiple
105 // remotes or submodules. This list will not include the context specified in
106 // the context field.
107 repeated SourceContext additional_contexts = 8;
110 // Container message for hashes of byte content of files, used in Source
111 // messages to verify integrity of source input to the build.
113 // Collection of file hashes.
114 repeated Hash file_hash = 1;
117 // Container message for hash values.
119 // Specifies the hash algorithm, if any.
121 // No hash requested.
128 // The type of hash that was performed.
135 // StorageSource describes the location of the source in an archive file in
136 // Google Cloud Storage.
137 message StorageSource {
138 // Google Cloud Storage bucket containing source (see [Bucket Name
140 // (https://cloud.google.com/storage/docs/bucket-naming#requirements)).
143 // Google Cloud Storage object containing source.
146 // Google Cloud Storage generation for the object.
147 int64 generation = 3;
150 // RepoSource describes the location of the source in a Google Cloud Source
153 // ID of the project that owns the repo.
154 string project_id = 1;
157 string repo_name = 2;
159 // A revision within the source repository must be specified in
160 // one of these ways.
162 // Name of the branch to build.
163 string branch_name = 3;
165 // Name of the tag to build.
168 // Explicit commit SHA to build.
169 string commit_sha = 5;
173 // Command describes a step performed as part of the build pipeline.
175 // Name of the command, as presented on the command line, or if the command is
176 // packaged as a Docker container, as presented to `docker pull`.
179 // Environment variables set before running this Command.
180 repeated string env = 2;
182 // Command-line arguments used when executing this Command.
183 repeated string args = 3;
185 // Working directory (relative to project source root) used when running
189 // Optional unique identifier for this Command, used in wait_for to reference
190 // this Command as a dependency.
193 // The ID(s) of the Command(s) that this Command depends on.
194 repeated string wait_for = 6;
197 // Artifact describes a build product.
199 // Name of the artifact. This may be the path to a binary or jar file, or in
200 // the case of a container build, the name used to push the container image to
201 // Google Container Registry, as presented to `docker push`.
203 // This field is deprecated in favor of the plural `names` field; it continues
204 // to exist here to allow existing BuildProvenance serialized to json in
205 // google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to
206 // deserialize back into proto.
209 // Hash or checksum value of a binary, or Docker Registry 2.0 digest of a
213 // Artifact ID, if any; for container images, this will be a URL by digest
214 // like gcr.io/projectID/imagename@sha256:123456
217 // Related artifact names. This may be the path to a binary or jar file, or in
218 // the case of a container build, the name used to push the container image to
219 // Google Container Registry, as presented to `docker push`. Note that a
220 // single Artifact ID can have multiple names, for example if two tags are
221 // applied to one image.
222 repeated string names = 4;