From f554d3e336b60f11e141f91353020f11421b5c2c Mon Sep 17 00:00:00 2001 From: Google APIs Date: Tue, 1 May 2018 08:40:08 -0700 Subject: [PATCH] Synchronize new proto/yaml changes. PiperOrigin-RevId: 194941589 --- .../artman_websecurityscanner_v1alpha.yaml | 55 +++ .../v1alpha/crawled_url.proto | 43 +++ .../websecurityscanner/v1alpha/finding.proto | 141 +++++++ .../v1alpha/finding_addon.proto | 62 ++++ .../v1alpha/finding_type_stats.proto | 38 ++ .../v1alpha/scan_config.proto | 150 ++++++++ .../websecurityscanner/v1alpha/scan_run.proto | 108 ++++++ .../v1alpha/web_security_scanner.proto | 346 ++++++++++++++++++ .../v1alpha/websecurityscanner_gapic.yaml | 327 +++++++++++++++++ .../web_security_scanner_v1alpha.yaml | 17 + 10 files changed, 1287 insertions(+) create mode 100644 google/cloud/websecurityscanner/artman_websecurityscanner_v1alpha.yaml create mode 100644 google/cloud/websecurityscanner/v1alpha/crawled_url.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/finding.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/finding_addon.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/finding_type_stats.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/scan_config.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/scan_run.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/web_security_scanner.proto create mode 100644 google/cloud/websecurityscanner/v1alpha/websecurityscanner_gapic.yaml create mode 100644 google/cloud/websecurityscanner/web_security_scanner_v1alpha.yaml diff --git a/google/cloud/websecurityscanner/artman_websecurityscanner_v1alpha.yaml b/google/cloud/websecurityscanner/artman_websecurityscanner_v1alpha.yaml new file mode 100644 index 00000000..3bdb5291 --- /dev/null +++ b/google/cloud/websecurityscanner/artman_websecurityscanner_v1alpha.yaml @@ -0,0 +1,55 @@ +common: + api_name: websecurityscanner + api_version: v1alpha + organization_name: google-cloud + proto_deps: + - name: google-common-protos + src_proto_paths: + - v1alpha + service_yaml: web_security_scanner_v1alpha.yaml + gapic_yaml: v1alpha/websecurityscanner_gapic.yaml +artifacts: +- name: gapic_config + type: GAPIC_CONFIG +- name: java_gapic + type: GAPIC + language: JAVA + publish_targets: + - name: staging + type: GITHUB + location: git@github.com:googleapis/api-client-staging.git + directory_mappings: + - dest: generated/java/gapic-google-cloud-websecurityscanner-v1alpha + - name: grpc + dest: generated/java/grpc-google-cloud-websecurityscanner-v1alpha + - name: proto + dest: generated/java/proto-google-cloud-websecurityscanner-v1alpha + - name: java + type: GITHUB + location: git@github.com:GoogleCloudPlatform/google-cloud-java.git + directory_mappings: + - dest: google-cloud-websecurityscanner +- name: python_gapic + type: GAPIC + language: PYTHON +- name: nodejs_gapic + type: GAPIC + language: NODEJS +- name: php_gapic + type: GAPIC + language: PHP + publish_targets: + - name: staging + type: GITHUB + location: git@github.com:googleapis/api-client-staging.git + directory_mappings: + - dest: generated/php/google-cloud-websecurityscanner-v1alpha +- name: go_gapic + type: GAPIC + language: GO +- name: ruby_gapic + type: GAPIC + language: RUBY +- name: csharp_gapic + type: GAPIC + language: CSHARP diff --git a/google/cloud/websecurityscanner/v1alpha/crawled_url.proto b/google/cloud/websecurityscanner/v1alpha/crawled_url.proto new file mode 100644 index 00000000..8951e50b --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/crawled_url.proto @@ -0,0 +1,43 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "CrawledUrlProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web +// Security Scanner Service crawls the web applications, following all links +// within the scope of sites, to find the URLs to test against. +message CrawledUrl { + // Output only. + // The http method of the request that was used to visit the URL, in + // uppercase. + string http_method = 1; + + // Output only. + // The URL that was crawled. + string url = 2; + + // Output only. + // The body of the request that was used to visit the URL. + string body = 3; +} diff --git a/google/cloud/websecurityscanner/v1alpha/finding.proto b/google/cloud/websecurityscanner/v1alpha/finding.proto new file mode 100644 index 00000000..bdb15152 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/finding.proto @@ -0,0 +1,141 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; +import "google/cloud/websecurityscanner/v1alpha/finding_addon.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// A Finding resource represents a vulnerability instance identified during a +// ScanRun. +message Finding { + // Types of Findings. + enum FindingType { + // The invalid finding type. + FINDING_TYPE_UNSPECIFIED = 0; + + // A page that was served over HTTPS also resources over HTTP. A + // man-in-the-middle attacker could tamper with the HTTP resource and gain + // full access to the website that loads the resource or to monitor the + // actions taken by the user. + MIXED_CONTENT = 1; + + // The version of an included library is known to contain a security issue. + // The scanner checks the version of library in use against a known list of + // vulnerable libraries. False positives are possible if the version + // detection fails or if the library has been manually patched. + OUTDATED_LIBRARY = 2; + + // This type of vulnerability occurs when the value of a request parameter + // is reflected at the beginning of the response, for example, in requests + // using JSONP. Under certain circumstances, an attacker may be able to + // supply an alphanumeric-only Flash file in the vulnerable parameter + // causing the browser to execute the Flash file as if it originated on the + // vulnerable server. + ROSETTA_FLASH = 5; + + // A cross-site scripting (XSS) bug is found via JavaScript callback. For + // detailed explanations on XSS, see + // https://www.google.com/about/appsecurity/learning/xss/. + XSS_CALLBACK = 3; + + // A potential cross-site scripting (XSS) bug due to JavaScript breakage. + // In some circumstances, the application under test might modify the test + // string before it is parsed by the browser. When the browser attempts to + // runs this modified test string, it will likely break and throw a + // JavaScript execution error, thus an injection issue is occurring. + // However, it may not be exploitable. Manual verification is needed to see + // if the test string modifications can be evaded and confirm that the issue + // is in fact an XSS vulnerability. For detailed explanations on XSS, see + // https://www.google.com/about/appsecurity/learning/xss/. + XSS_ERROR = 4; + + // An application appears to be transmitting a password field in clear text. + // An attacker can eavesdrop network traffic and sniff the password field. + CLEAR_TEXT_PASSWORD = 6; + } + + // Output only. + // The resource name of the Finding. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. + // The finding IDs are generated by the system. + string name = 1; + + // Output only. + // The type of the Finding. + FindingType finding_type = 2; + + // Output only. + // The http method of the request that triggered the vulnerability, in + // uppercase. + string http_method = 3; + + // Output only. + // The URL produced by the server-side fuzzer and used in the request that + // triggered the vulnerability. + string fuzzed_url = 4; + + // Output only. + // The body of the request that triggered the vulnerability. + string body = 5; + + // Output only. + // The description of the vulnerability. + string description = 6; + + // Output only. + // The URL containing human-readable payload that user can leverage to + // reproduce the vulnerability. + string reproduction_url = 7; + + // Output only. + // If the vulnerability was originated from nested IFrame, the immediate + // parent IFrame is reported. + string frame_url = 8; + + // Output only. + // The URL where the browser lands when the vulnerability is detected. + string final_url = 9; + + // Output only. + // The tracking ID uniquely identifies a vulnerability instance across + // multiple ScanRuns. + string tracking_id = 10; + + // Output only. + // An addon containing information about outdated libraries. + OutdatedLibrary outdated_library = 11; + + // Output only. + // An addon containing detailed information regarding any resource causing the + // vulnerability such as JavaScript sources, image, audio files, etc. + ViolatingResource violating_resource = 12; + + // Output only. + // An addon containing information about request parameters which were found + // to be vulnerable. + VulnerableParameters vulnerable_parameters = 13; + + // Output only. + // An addon containing information reported for an XSS, if any. + Xss xss = 14; +} diff --git a/google/cloud/websecurityscanner/v1alpha/finding_addon.proto b/google/cloud/websecurityscanner/v1alpha/finding_addon.proto new file mode 100644 index 00000000..d0777f64 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/finding_addon.proto @@ -0,0 +1,62 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingAddonProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// Information reported for an outdated library. +message OutdatedLibrary { + // The name of the outdated library. + string library_name = 1; + + // The version number. + string version = 2; + + // URLs to learn more information about the vulnerabilities in the library. + repeated string learn_more_urls = 3; +} + +// Information regarding any resource causing the vulnerability such +// as JavaScript sources, image, audio files, etc. +message ViolatingResource { + // The MIME type of this resource. + string content_type = 1; + + // URL of this violating resource. + string resource_url = 2; +} + +// Information about vulnerable request parameters. +message VulnerableParameters { + // The vulnerable parameter names. + repeated string parameter_names = 1; +} + +// Information reported for an XSS. +message Xss { + // Stack traces leading to the point where the XSS occurred. + repeated string stack_traces = 1; + + // An error message generated by a javascript breakage. + string error_message = 2; +} diff --git a/google/cloud/websecurityscanner/v1alpha/finding_type_stats.proto b/google/cloud/websecurityscanner/v1alpha/finding_type_stats.proto new file mode 100644 index 00000000..6b324482 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/finding_type_stats.proto @@ -0,0 +1,38 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; +import "google/cloud/websecurityscanner/v1alpha/finding.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingTypeStatsProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// A FindingTypeStats resource represents stats regarding a specific FindingType +// of Findings under a given ScanRun. +message FindingTypeStats { + // Output only. + // The finding type associated with the stats. + Finding.FindingType finding_type = 1; + + // Output only. + // The count of findings belonging to this finding type. + int32 finding_count = 2; +} diff --git a/google/cloud/websecurityscanner/v1alpha/scan_config.proto b/google/cloud/websecurityscanner/v1alpha/scan_config.proto new file mode 100644 index 00000000..ffebe6fd --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/scan_config.proto @@ -0,0 +1,150 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanConfigProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// A ScanConfig resource contains the configurations to launch a scan. +message ScanConfig { + // Scan authentication configuration. + message Authentication { + // Describes authentication configuration that uses a Google account. + message GoogleAccount { + // Required. + // The user name of the Google account. + string username = 1; + + // Input only. + // Required. + // The password of the Google account. The credential is stored encrypted + // and not returned in any response. + string password = 2; + } + + // Describes authentication configuration that uses a custom account. + message CustomAccount { + // Required. + // The user name of the custom account. + string username = 1; + + // Input only. + // Required. + // The password of the custom account. The credential is stored encrypted + // and not returned in any response. + string password = 2; + + // Required. + // The login form URL of the website. + string login_url = 3; + } + + // Required. + // Authentication configuration + oneof authentication { + // Authentication using a Google account. + GoogleAccount google_account = 1; + + // Authentication using a custom account. + CustomAccount custom_account = 2; + } + } + + // Scan schedule configuration. + message Schedule { + // A timestamp indicates when the next run will be scheduled. The value is + // refreshed by the server after each run. If unspecified, it will default + // to current server time, which means the scan will be scheduled to start + // immediately. + google.protobuf.Timestamp schedule_time = 1; + + // Required. + // The duration of time between executions in days. + int32 interval_duration_days = 2; + } + + // Type of user agents used for scanning. + enum UserAgent { + // The user agent is unknown. Service will default to CHROME_LINUX. + USER_AGENT_UNSPECIFIED = 0; + + // Chrome on Linux. This is the service default if unspecified. + CHROME_LINUX = 1; + + // Chrome on Android. + CHROME_ANDROID = 2; + + // Safari on IPhone. + SAFARI_IPHONE = 3; + } + + // Cloud platforms supported by Cloud Web Security Scanner. + enum TargetPlatform { + // The target platform is unknown. Requests with this enum value will be + // rejected with INVALID_ARGUMENT error. + TARGET_PLATFORM_UNSPECIFIED = 0; + + // Google App Engine service. + APP_ENGINE = 1; + + // Google Compute Engine service. + COMPUTE = 2; + } + + // The resource name of the ScanConfig. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are + // generated by the system. + string name = 1; + + // Required. + // The user provided display name of the ScanConfig. + string display_name = 2; + + // The maximum QPS during scanning. A valid value ranges from 5 to 20 + // inclusively. If the field is unspecified or its value is set 0, server will + // default to 15. Other values outside of [5, 20] range will be rejected with + // INVALID_ARGUMENT error. + int32 max_qps = 3; + + // Required. + // The starting URLs from which the scanner finds site pages. + repeated string starting_urls = 4; + + // The authentication configuration. If specified, service will use the + // authentication configuration during scanning. + Authentication authentication = 5; + + // The user agent used during scanning. + UserAgent user_agent = 6; + + // The blacklist URL patterns as described in + // https://cloud.google.com/security-scanner/docs/excluded-urls + repeated string blacklist_patterns = 7; + + // The schedule of the ScanConfig. + Schedule schedule = 8; + + // Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be + // used as a default. + repeated TargetPlatform target_platforms = 9; +} diff --git a/google/cloud/websecurityscanner/v1alpha/scan_run.proto b/google/cloud/websecurityscanner/v1alpha/scan_run.proto new file mode 100644 index 00000000..13b7e757 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/scan_run.proto @@ -0,0 +1,108 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanRunProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// A ScanRun is a output-only resource representing an actual run of the scan. +message ScanRun { + // Types of ScanRun execution state. + enum ExecutionState { + // Represents an invalid state caused by internal server error. This value + // should never be returned. + EXECUTION_STATE_UNSPECIFIED = 0; + + // The scan is waiting in the queue. + QUEUED = 1; + + // The scan is in progress. + SCANNING = 2; + + // The scan is either finished or stopped by user. + FINISHED = 3; + } + + // Types of ScanRun result state. + enum ResultState { + // Default value. This value is returned when the ScanRun is not yet + // finished. + RESULT_STATE_UNSPECIFIED = 0; + + // The scan finished without errors. + SUCCESS = 1; + + // The scan finished with errors. + ERROR = 2; + + // The scan was terminated by user. + KILLED = 3; + } + + // Output only. + // The resource name of the ScanRun. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + // The ScanRun IDs are generated by the system. + string name = 1; + + // Output only. + // The execution state of the ScanRun. + ExecutionState execution_state = 2; + + // Output only. + // The result state of the ScanRun. This field is only available after the + // execution state reaches "FINISHED". + ResultState result_state = 3; + + // Output only. + // The time at which the ScanRun started. + google.protobuf.Timestamp start_time = 4; + + // Output only. + // The time at which the ScanRun reached termination state - that the ScanRun + // is either finished or stopped by user. + google.protobuf.Timestamp end_time = 5; + + // Output only. + // The number of URLs crawled during this ScanRun. If the scan is in progress, + // the value represents the number of URLs crawled up to now. + int64 urls_crawled_count = 6; + + // Output only. + // The number of URLs tested during this ScanRun. If the scan is in progress, + // the value represents the number of URLs tested up to now. The number of + // URLs tested is usually larger than the number URLS crawled because + // typically a crawled URL is tested with multiple test payloads. + int64 urls_tested_count = 7; + + // Output only. + // Whether the scan run has found any vulnerabilities. + bool has_vulnerabilities = 8; + + // Output only. + // The percentage of total completion ranging from 0 to 100. + // If the scan is in queue, the value is 0. + // If the scan is running, the value ranges from 0 to 100. + // If the scan is finished, the value is 100. + int32 progress_percent = 9; +} diff --git a/google/cloud/websecurityscanner/v1alpha/web_security_scanner.proto b/google/cloud/websecurityscanner/v1alpha/web_security_scanner.proto new file mode 100644 index 00000000..b2337535 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/web_security_scanner.proto @@ -0,0 +1,346 @@ +// Copyright 2018 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1alpha; + +import "google/api/annotations.proto"; +import "google/cloud/websecurityscanner/v1alpha/crawled_url.proto"; +import "google/cloud/websecurityscanner/v1alpha/finding.proto"; +import "google/cloud/websecurityscanner/v1alpha/finding_type_stats.proto"; +import "google/cloud/websecurityscanner/v1alpha/scan_config.proto"; +import "google/cloud/websecurityscanner/v1alpha/scan_run.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1alpha;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "WebSecurityScannerProto"; +option java_package = "com.google.cloud.websecurityscanner.v1alpha"; + + +// Cloud Web Security Scanner Service identifies security vulnerabilities in web +// applications hosted on Google Cloud Platform. It crawls your application, and +// attempts to exercise as many user inputs and event handlers as possible. +service WebSecurityScanner { + // Creates a new ScanConfig. + rpc CreateScanConfig(CreateScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + post: "/v1alpha/{parent=projects/*}/scanConfigs" + body: "scan_config" + }; + } + + // Deletes an existing ScanConfig and its child resources. + rpc DeleteScanConfig(DeleteScanConfigRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1alpha/{name=projects/*/scanConfigs/*}" + }; + } + + // Gets a ScanConfig. + rpc GetScanConfig(GetScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + get: "/v1alpha/{name=projects/*/scanConfigs/*}" + }; + } + + // Lists ScanConfigs under a given project. + rpc ListScanConfigs(ListScanConfigsRequest) returns (ListScanConfigsResponse) { + option (google.api.http) = { + get: "/v1alpha/{parent=projects/*}/scanConfigs" + }; + } + + // Updates a ScanConfig. This method support partial update of a ScanConfig. + rpc UpdateScanConfig(UpdateScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + patch: "/v1alpha/{scan_config.name=projects/*/scanConfigs/*}" + body: "scan_config" + }; + } + + // Start a ScanRun according to the given ScanConfig. + rpc StartScanRun(StartScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + post: "/v1alpha/{name=projects/*/scanConfigs/*}:start" + body: "*" + }; + } + + // Gets a ScanRun. + rpc GetScanRun(GetScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + get: "/v1alpha/{name=projects/*/scanConfigs/*/scanRuns/*}" + }; + } + + // Lists ScanRuns under a given ScanConfig, in descending order of ScanRun + // stop time. + rpc ListScanRuns(ListScanRunsRequest) returns (ListScanRunsResponse) { + option (google.api.http) = { + get: "/v1alpha/{parent=projects/*/scanConfigs/*}/scanRuns" + }; + } + + // Stops a ScanRun. The stopped ScanRun is returned. + rpc StopScanRun(StopScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + post: "/v1alpha/{name=projects/*/scanConfigs/*/scanRuns/*}:stop" + body: "*" + }; + } + + // List CrawledUrls under a given ScanRun. + rpc ListCrawledUrls(ListCrawledUrlsRequest) returns (ListCrawledUrlsResponse) { + option (google.api.http) = { + get: "/v1alpha/{parent=projects/*/scanConfigs/*/scanRuns/*}/crawledUrls" + }; + } + + // Gets a Finding. + rpc GetFinding(GetFindingRequest) returns (Finding) { + option (google.api.http) = { + get: "/v1alpha/{name=projects/*/scanConfigs/*/scanRuns/*/findings/*}" + }; + } + + // List Findings under a given ScanRun. + rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { + option (google.api.http) = { + get: "/v1alpha/{parent=projects/*/scanConfigs/*/scanRuns/*}/findings" + }; + } + + // List all FindingTypeStats under a given ScanRun. + rpc ListFindingTypeStats(ListFindingTypeStatsRequest) returns (ListFindingTypeStatsResponse) { + option (google.api.http) = { + get: "/v1alpha/{parent=projects/*/scanConfigs/*/scanRuns/*}/findingTypeStats" + }; + } +} + +// Request for the `CreateScanConfig` method. +message CreateScanConfigRequest { + // Required. + // The parent resource name where the scan is created, which should be a + // project resource name in the format 'projects/{projectId}'. + string parent = 1; + + // Required. + // The ScanConfig to be created. + ScanConfig scan_config = 2; +} + +// Request for the `DeleteScanConfig` method. +message DeleteScanConfigRequest { + // Required. + // The resource name of the ScanConfig to be deleted. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1; +} + +// Request for the `GetScanConfig` method. +message GetScanConfigRequest { + // Required. + // The resource name of the ScanConfig to be returned. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1; +} + +// Request for the `ListScanConfigs` method. +message ListScanConfigsRequest { + // Required. + // The parent resource name, which should be a project resource name in the + // format 'projects/{projectId}'. + string parent = 1; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of ScanConfigs to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Request for the `UpdateScanConfigRequest` method. +message UpdateScanConfigRequest { + // Required. + // The ScanConfig to be updated. The name field must be set to identify the + // resource to be updated. The values of fields not covered by the mask + // will be ignored. + ScanConfig scan_config = 2; + + // Required. + // The update mask applies to the resource. For the `FieldMask` definition, + // see + // https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask + google.protobuf.FieldMask update_mask = 3; +} + +// Response for the `ListScanConfigs` method. +message ListScanConfigsResponse { + // The list of ScanConfigs returned. + repeated ScanConfig scan_configs = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `StartScanRun` method. +message StartScanRunRequest { + // Required. + // The resource name of the ScanConfig to be used. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1; +} + +// Request for the `GetScanRun` method. +message GetScanRunRequest { + // Required. + // The resource name of the ScanRun to be returned. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string name = 1; +} + +// Request for the `ListScanRuns` method. +message ListScanRunsRequest { + // Required. + // The parent resource name, which should be a scan resource name in the + // format 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string parent = 1; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of ScanRuns to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Response for the `ListScanRuns` method. +message ListScanRunsResponse { + // The list of ScanRuns returned. + repeated ScanRun scan_runs = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `StopScanRun` method. +message StopScanRunRequest { + // Required. + // The resource name of the ScanRun to be stopped. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string name = 1; +} + +// Request for the `ListCrawledUrls` method. +message ListCrawledUrlsRequest { + // Required. + // The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of CrawledUrls to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Response for the `ListCrawledUrls` method. +message ListCrawledUrlsResponse { + // The list of CrawledUrls returned. + repeated CrawledUrl crawled_urls = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `GetFinding` method. +message GetFindingRequest { + // Required. + // The resource name of the Finding to be returned. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. + string name = 1; +} + +// Request for the `ListFindings` method. +message ListFindingsRequest { + // Required. + // The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1; + + // The filter expression. The expression must be in the format: + // . + // Supported field: 'finding_type'. + // Supported operator: '='. + string filter = 2; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 3; + + // The maximum number of Findings to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 4; +} + +// Response for the `ListFindings` method. +message ListFindingsResponse { + // The list of Findings returned. + repeated Finding findings = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `ListFindingTypeStats` method. +message ListFindingTypeStatsRequest { + // Required. + // The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1; +} + +// Response for the `ListFindingTypeStats` method. +message ListFindingTypeStatsResponse { + // The list of FindingTypeStats returned. + repeated FindingTypeStats finding_type_stats = 1; +} diff --git a/google/cloud/websecurityscanner/v1alpha/websecurityscanner_gapic.yaml b/google/cloud/websecurityscanner/v1alpha/websecurityscanner_gapic.yaml new file mode 100644 index 00000000..59b6f9e4 --- /dev/null +++ b/google/cloud/websecurityscanner/v1alpha/websecurityscanner_gapic.yaml @@ -0,0 +1,327 @@ +type: com.google.api.codegen.ConfigProto +config_schema_version: 1.0.0 +# The settings of generated code in a specific language. +language_settings: + java: + package_name: com.google.cloud.websecurityscanner.v1alpha + python: + package_name: google.cloud.websecurityscanner_v1alpha.gapic + go: + package_name: cloud.google.com/go/cloud/websecurityscanner/apiv1alpha + csharp: + package_name: Google.Cloud.Websecurityscanner.V1alpha + ruby: + package_name: Google::Cloud::Websecurityscanner::V1alpha + php: + package_name: Google\Cloud\Websecurityscanner\V1alpha + nodejs: + package_name: websecurityscanner.v1alpha +# The configuration for the license header to put on generated files. +license_header: + # The file containing the copyright line(s). + copyright_file: copyright-google.txt + # The file containing the raw license header without any copyright line(s). + license_file: license-header-apache-2.0.txt +# A list of API interface configurations. +interfaces: + # The fully qualified name of the API interface. +- name: google.cloud.websecurityscanner.v1alpha.WebSecurityScanner + # A list of resource collection configurations. + # Consists of a name_pattern and an entity_name. + # The name_pattern is a pattern to describe the names of the resources of this + # collection, using the platform's conventions for URI patterns. A generator + # may use this to generate methods to compose and decompose such names. The + # pattern should use named placeholders as in `shelves/{shelf}/books/{book}`; + # those will be taken as hints for the parameter names of the generated + # methods. If empty, no name methods are generated. + # The entity_name is the name to be used as a basis for generated methods and + # classes. + collections: + - name_pattern: projects/{project} + entity_name: project + - name_pattern: projects/{project}/scanConfigs/{scan_config} + entity_name: scan_config + - name_pattern: projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run} + entity_name: scan_run + - name_pattern: projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}/findings/{finding} + entity_name: finding + # Definition for retryable codes. + retry_codes_def: + - name: idempotent + retry_codes: + - UNAVAILABLE + - DEADLINE_EXCEEDED + - name: non_idempotent + retry_codes: [] + # Definition for retry/backoff parameters. + retry_params_def: + - name: default + initial_retry_delay_millis: 100 + retry_delay_multiplier: 1.3 + max_retry_delay_millis: 60000 + initial_rpc_timeout_millis: 20000 + rpc_timeout_multiplier: 1 + max_rpc_timeout_millis: 20000 + total_timeout_millis: 600000 + # A list of method configurations. + # Common properties: + # + # name - The simple name of the method. + # + # flattening - Specifies the configuration for parameter flattening. + # Describes the parameter groups for which a generator should produce method + # overloads which allow a client to directly pass request message fields as + # method parameters. This information may or may not be used, depending on + # the target language. + # Consists of groups, which each represent a list of parameters to be + # flattened. Each parameter listed must be a field of the request message. + # + # required_fields - Fields that are always required for a request to be + # valid. + # + # request_object_method - Turns on or off the generation of a method whose + # sole parameter is a request object. Not all languages will generate this + # method. + # + # resource_name_treatment - An enum that specifies how to treat the resource + # name formats defined in the field_name_patterns and + # response_field_name_patterns fields. + # UNSET: default value + # NONE: the collection configs will not be used by the generated code. + # VALIDATE: string fields will be validated by the client against the + # specified resource name formats. + # STATIC_TYPES: the client will use generated types for resource names. + # + # page_streaming - Specifies the configuration for paging. + # Describes information for generating a method which transforms a paging + # list RPC into a stream of resources. + # Consists of a request and a response. + # The request specifies request information of the list method. It defines + # which fields match the paging pattern in the request. The request consists + # of a page_size_field and a token_field. The page_size_field is the name of + # the optional field specifying the maximum number of elements to be + # returned in the response. The token_field is the name of the field in the + # request containing the page token. + # The response specifies response information of the list method. It defines + # which fields match the paging pattern in the response. The response + # consists of a token_field and a resources_field. The token_field is the + # name of the field in the response containing the next page token. The + # resources_field is the name of the field in the response containing the + # list of resources belonging to the page. + # + # retry_codes_name - Specifies the configuration for retryable codes. The + # name must be defined in interfaces.retry_codes_def. + # + # retry_params_name - Specifies the configuration for retry/backoff + # parameters. The name must be defined in interfaces.retry_params_def. + # + # field_name_patterns - Maps the field name of the request type to + # entity_name of interfaces.collections. + # Specifies the string pattern that the field must follow. + # + # timeout_millis - Specifies the default timeout for a non-retrying call. If + # the call is retrying, refer to retry_params_name instead. + methods: + - name: CreateScanConfig + flattening: + groups: + - parameters: + - parent + - scan_config + required_fields: + - parent + - scan_config + request_object_method: true + retry_codes_name: non_idempotent + retry_params_name: default + field_name_patterns: + parent: project + timeout_millis: 60000 + - name: DeleteScanConfig + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + name: scan_config + timeout_millis: 60000 + - name: GetScanConfig + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + name: scan_config + timeout_millis: 60000 + - name: ListScanConfigs + flattening: + groups: + - parameters: + - parent + required_fields: + - parent + request_object_method: true + page_streaming: + request: + page_size_field: page_size + token_field: page_token + response: + token_field: next_page_token + resources_field: scan_configs + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: project + timeout_millis: 60000 + - name: UpdateScanConfig + flattening: + groups: + - parameters: + - scan_config + - update_mask + required_fields: + - scan_config + - update_mask + request_object_method: true + retry_codes_name: non_idempotent + retry_params_name: default + field_name_patterns: + scan_config.name: scan_config + timeout_millis: 60000 + - name: StartScanRun + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: non_idempotent + retry_params_name: default + field_name_patterns: + name: scan_config + timeout_millis: 60000 + - name: GetScanRun + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + name: scan_run + timeout_millis: 60000 + - name: ListScanRuns + flattening: + groups: + - parameters: + - parent + required_fields: + - parent + request_object_method: true + page_streaming: + request: + page_size_field: page_size + token_field: page_token + response: + token_field: next_page_token + resources_field: scan_runs + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: scan_config + timeout_millis: 60000 + - name: StopScanRun + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: non_idempotent + retry_params_name: default + field_name_patterns: + name: scan_run + timeout_millis: 60000 + - name: ListCrawledUrls + flattening: + groups: + - parameters: + - parent + required_fields: + - parent + request_object_method: true + page_streaming: + request: + page_size_field: page_size + token_field: page_token + response: + token_field: next_page_token + resources_field: crawled_urls + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: scan_run + timeout_millis: 60000 + - name: GetFinding + flattening: + groups: + - parameters: + - name + required_fields: + - name + request_object_method: false + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + name: finding + timeout_millis: 60000 + - name: ListFindings + flattening: + groups: + - parameters: + - parent + - filter + required_fields: + - parent + - filter + request_object_method: true + page_streaming: + request: + page_size_field: page_size + token_field: page_token + response: + token_field: next_page_token + resources_field: findings + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: scan_run + timeout_millis: 60000 + - name: ListFindingTypeStats + flattening: + groups: + - parameters: + - parent + required_fields: + - parent + request_object_method: false + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: scan_run + timeout_millis: 60000 diff --git a/google/cloud/websecurityscanner/web_security_scanner_v1alpha.yaml b/google/cloud/websecurityscanner/web_security_scanner_v1alpha.yaml new file mode 100644 index 00000000..a31df929 --- /dev/null +++ b/google/cloud/websecurityscanner/web_security_scanner_v1alpha.yaml @@ -0,0 +1,17 @@ +type: google.api.Service +config_version: 3 +name: websecurityscanner.googleapis.com +title: Web Security Scanner API + +apis: +- name: google.cloud.websecurityscanner.v1alpha.WebSecurityScanner + +documentation: + summary: Web Security Scanner API (under development). + +authentication: + rules: + - selector: '*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform