feat: Add VULNERABILITY_ASSESSMENT Note type (#238)

* feat: Add VULNERABILITY_ASSESSMENT Note type to grafeas v1 API, adds Vex_Assessment derived from the Note to resources' occurrences, VEX notes now be written to add CVE assessments PiperOrigin-RevId: 515727862 Source-Link: googleapis/googleapis@a4e6205 Source-Link: https://github.com/googleapis/googleapis-gen/commit/3bc42dca2900815c165cf7d3419ff70df05dfb90 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiM2JjNDJkY2EyOTAwODE1YzE2NWNmN2QzNDE5ZmY3MGRmMDVkZmI5MCJ9 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
googleapis · Mar 14, 2023 · 16848a7 · 16848a7
1 parent c1c2e7c
commit 16848a7
Show file tree

Hide file tree

Showing 10 changed files with 673 additions and 0 deletions.
diff --git a/grafeas/grafeas/__init__.py b/grafeas/grafeas/__init__.py
@@ -105,6 +105,7 @@
 from grafeas.grafeas_v1.types.upgrade import UpgradeNote
 from grafeas.grafeas_v1.types.upgrade import UpgradeOccurrence
 from grafeas.grafeas_v1.types.upgrade import WindowsUpdate
+from grafeas.grafeas_v1.types.vex import VulnerabilityAssessmentNote
 from grafeas.grafeas_v1.types.vulnerability import VulnerabilityNote
 from grafeas.grafeas_v1.types.vulnerability import VulnerabilityOccurrence
 
@@ -195,6 +196,7 @@
     "UpgradeNote",
     "UpgradeOccurrence",
     "WindowsUpdate",
+    "VulnerabilityAssessmentNote",
     "VulnerabilityNote",
     "VulnerabilityOccurrence",
 )
diff --git a/grafeas/grafeas_v1/__init__.py b/grafeas/grafeas_v1/__init__.py
@@ -105,6 +105,7 @@
 from .types.upgrade import UpgradeNote
 from .types.upgrade import UpgradeOccurrence
 from .types.upgrade import WindowsUpdate
+from .types.vex import VulnerabilityAssessmentNote
 from .types.vulnerability import VulnerabilityNote
 from .types.vulnerability import VulnerabilityOccurrence
 
@@ -194,6 +195,7 @@
     "UpgradeNote",
     "UpgradeOccurrence",
     "Version",
+    "VulnerabilityAssessmentNote",
     "VulnerabilityNote",
     "VulnerabilityOccurrence",
     "WindowsUpdate",

diff --git a/grafeas/grafeas_v1/services/grafeas/async_client.py b/grafeas/grafeas_v1/services/grafeas/async_client.py
@@ -56,6 +56,7 @@
 from grafeas.grafeas_v1.types import image
 from grafeas.grafeas_v1.types import package
 from grafeas.grafeas_v1.types import upgrade
+from grafeas.grafeas_v1.types import vex
 from grafeas.grafeas_v1.types import vulnerability
 from .transports.base import GrafeasTransport, DEFAULT_CLIENT_INFO
 from .transports.grpc_asyncio import GrafeasGrpcAsyncIOTransport

diff --git a/grafeas/grafeas_v1/services/grafeas/client.py b/grafeas/grafeas_v1/services/grafeas/client.py
@@ -60,6 +60,7 @@
 from grafeas.grafeas_v1.types import image
 from grafeas.grafeas_v1.types import package
 from grafeas.grafeas_v1.types import upgrade
+from grafeas.grafeas_v1.types import vex
 from grafeas.grafeas_v1.types import vulnerability
 from .transports.base import GrafeasTransport, DEFAULT_CLIENT_INFO
 from .transports.grpc import GrafeasGrpcTransport

diff --git a/grafeas/grafeas_v1/types/__init__.py b/grafeas/grafeas_v1/types/__init__.py
@@ -130,6 +130,9 @@
     UpgradeOccurrence,
     WindowsUpdate,
 )
+from .vex import (
+    VulnerabilityAssessmentNote,
+)
 from .vulnerability import (
     VulnerabilityNote,
     VulnerabilityOccurrence,
@@ -220,6 +223,7 @@
     "UpgradeNote",
     "UpgradeOccurrence",
     "WindowsUpdate",
+    "VulnerabilityAssessmentNote",
     "VulnerabilityNote",
     "VulnerabilityOccurrence",
 )
diff --git a/grafeas/grafeas_v1/types/common.py b/grafeas/grafeas_v1/types/common.py
@@ -67,6 +67,8 @@ class NoteKind(proto.Enum):
             This represents a Compliance Note
         DSSE_ATTESTATION (10):
             This represents a DSSE attestation Note
+        VULNERABILITY_ASSESSMENT (11):
+            This represents a Vulnerability Assessment.
     """
     NOTE_KIND_UNSPECIFIED = 0
     VULNERABILITY = 1
@@ -79,6 +81,7 @@ class NoteKind(proto.Enum):
     UPGRADE = 8
     COMPLIANCE = 9
     DSSE_ATTESTATION = 10
+    VULNERABILITY_ASSESSMENT = 11
 
 
 class RelatedUrl(proto.Message):

diff --git a/grafeas/grafeas_v1/types/grafeas.py b/grafeas/grafeas_v1/types/grafeas.py
@@ -31,6 +31,7 @@
 from grafeas.grafeas_v1.types import image as g_image
 from grafeas.grafeas_v1.types import package as g_package
 from grafeas.grafeas_v1.types import upgrade as g_upgrade
+from grafeas.grafeas_v1.types import vex
 from grafeas.grafeas_v1.types import vulnerability as g_vulnerability
 
 
@@ -327,6 +328,10 @@ class Note(proto.Message):
         dsse_attestation (grafeas.grafeas_v1.types.DSSEAttestationNote):
             A note describing a dsse attestation note.
 
+            This field is a member of `oneof`_ ``type``.
+        vulnerability_assessment (grafeas.grafeas_v1.types.VulnerabilityAssessmentNote):
+            A note describing a vulnerability assessment.
+
             This field is a member of `oneof`_ ``type``.
     """
 
@@ -431,6 +436,12 @@ class Note(proto.Message):
         oneof="type",
         message=g_dsse_attestation.DSSEAttestationNote,
     )
+    vulnerability_assessment: vex.VulnerabilityAssessmentNote = proto.Field(
+        proto.MESSAGE,
+        number=20,
+        oneof="type",
+        message=vex.VulnerabilityAssessmentNote,
+    )
 
 
 class GetOccurrenceRequest(proto.Message):