Container analysis update (GoogleCloudPlatform#1402)

* refactored container analysis
* added new samples

container-registry/container-analysis/src/main/java/com/example/containeranalysis/CreateNote.java

@@ -0,0 +1,60 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_create_note]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.ProjectName;
+import io.grafeas.v1beta1.Note;
+import io.grafeas.v1beta1.vulnerability.Severity;
+import io.grafeas.v1beta1.vulnerability.Vulnerability;
+import io.grafeas.v1beta1.vulnerability.Vulnerability.Detail;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+
+public class CreateNote {
+
+  // Creates and returns a new Note
+  public static Note createNote(String noteId, String projectId)
+      throws IOException, InterruptedException {
+    // String noteId = "my-note";
+    // String projectId = "my-project-id";
+    final String projectName = ProjectName.format(projectId);
+
+    Note.Builder noteBuilder = Note.newBuilder();
+    // Associate the Note with the metadata type
+    // https://cloud.google.com/container-registry/docs/container-analysis#supported_metadata_types
+    // Here, we use the type "vulnerability"
+    Vulnerability.Builder vulBuilder = Vulnerability.newBuilder();
+    noteBuilder.setVulnerability(vulBuilder);
+    // Set additional information specific to your new vulnerability note
+    Detail.Builder detailsBuilder = Detail.newBuilder();
+    detailsBuilder.setDescription("my new vulnerability note");
+    vulBuilder.setSeverity(Severity.LOW);
+    vulBuilder.addDetails(detailsBuilder);
+    // Build the Note object
+    Note newNote = noteBuilder.build();
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    Note result = client.createNote(projectName, noteId, newNote);
+    return result;
+  }
+}
+// [END containeranalysis_create_note]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/CreateOccurrence.java

@@ -0,0 +1,60 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_create_occurrence]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.NoteName;
+import com.google.containeranalysis.v1beta1.ProjectName;
+import io.grafeas.v1beta1.Occurrence;
+import io.grafeas.v1beta1.Resource;
+import io.grafeas.v1beta1.vulnerability.Details;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class CreateOccurrence {
+  // Creates and returns a new Occurrence associated with an existing Note
+  public static Occurrence createOccurrence(String resourceUrl, String noteId, 
+      String occProjectId, String noteProjectId) throws IOException, InterruptedException {
+    // String resourceUrl = "https://gcr.io/project/image@sha256:123";
+    // String noteId = "my-note";
+    // String occProjectId = "my-project-id";
+    // String noteProjectId = "my-project-id";
+    final NoteName noteName = NoteName.of(noteProjectId, noteId);
+    final String occProjectName = ProjectName.format(occProjectId);
+
+    Occurrence.Builder occBuilder = Occurrence.newBuilder();
+    occBuilder.setNoteName(noteName.toString());
+    // Associate the Occurrence with the metadata type (should match the parent Note's type)
+    // https://cloud.google.com/container-registry/docs/container-analysis#supported_metadata_types
+    // Here, we use the type "vulnerability"
+    Details.Builder detailsBuilder = Details.newBuilder();
+    occBuilder.setVulnerability(detailsBuilder);
+    // Attach the occurrence to the associated image uri
+    Resource.Builder resourceBuilder = Resource.newBuilder();
+    resourceBuilder.setUri(resourceUrl);
+    occBuilder.setResource(resourceBuilder);
+    Occurrence newOcc = occBuilder.build();
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    Occurrence result = client.createOccurrence(occProjectName, newOcc);
+    return result;
+  }
+}
+// [END containeranalysis_create_occurrence]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/DeleteNote.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_delete_note]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.NoteName;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class DeleteNote {
+  // Deletes an existing Note from the server
+  public static void deleteNote(String noteId, String projectId) 
+      throws IOException, InterruptedException {
+    // String noteId = "my-note";
+    // String projectId = "my-project-id";
+    final NoteName noteName = NoteName.of(projectId, noteId);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    client.deleteNote(noteName);
+  }
+}
+// [END containeranalysis_delete_note]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/DeleteOccurrence.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_delete_occurrence]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.OccurrenceName;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class DeleteOccurrence {
+  // Deletes an existing Occurrence from the server
+  public static void deleteOccurrence(String occurrenceId, String projectId) 
+      throws IOException, InterruptedException {
+    // String occurrenceId = "123-456-789";
+    // String projectId = "my-project-id";
+    final OccurrenceName occurrenceName = OccurrenceName.of(projectId, occurrenceId);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    client.deleteOccurrence(occurrenceName);
+  }
+}
+// [END containeranalysis_delete_occurrence]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/GetDiscoveryInfo.java

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_discovery_info]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.ProjectName;
+import io.grafeas.v1beta1.Occurrence;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class GetDiscoveryInfo {
+  // Retrieves and prints the Discovery Occurrence created for a specified image
+  // The Discovery Occurrence contains information about the initial scan on the image
+  public static void getDiscoveryInfo(String resourceUrl, String projectId) 
+      throws IOException, InterruptedException {
+    // String resourceUrl = "https://gcr.io/project/image@sha256:123";
+    // String projectId = "my-project-id";
+    String filterStr = "kind=\"DISCOVERY\" AND resourceUrl=\"" + resourceUrl + "\"";
+    final String projectName = ProjectName.format(projectId);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    for (Occurrence o : client.listOccurrences(projectName, filterStr).iterateAll()) {
+      System.out.println(o);
+    }
+  }
+}
+// [END containeranalysis_discovery_info]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/GetNote.java

@@ -0,0 +1,42 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_get_note]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.NoteName;
+import io.grafeas.v1beta1.Note;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class GetNote {  
+  // Retrieves and prints a specified Note from the server
+  public static Note getNote(String noteId, String projectId) 
+      throws IOException, InterruptedException {
+    // String noteId = "my-note";
+    // String projectId = "my-project-id";
+    final NoteName noteName = NoteName.of(projectId, noteId);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    Note n = client.getNote(noteName);
+    System.out.println(n);
+    return n;
+  }
+}
+// [END containeranalysis_get_note]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/GetOccurrence.java

@@ -0,0 +1,42 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_get_occurrence]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.OccurrenceName;
+import io.grafeas.v1beta1.Occurrence;
+import java.io.IOException;
+import java.lang.InterruptedException;
+
+public class GetOccurrence {
+  // Retrieves and prints a specified Occurrence from the server
+  public static Occurrence getOccurrence(String occurrenceId, String projectId) 
+      throws IOException, InterruptedException {
+    // String occurrenceId = "123-456-789";
+    // String projectId = "my-project-id";
+    final OccurrenceName occurrenceName = OccurrenceName.of(projectId, occurrenceId);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    Occurrence occ = client.getOccurrence(occurrenceName);
+    System.out.println(occ);
+    return occ;
+  }
+}
+// [END containeranalysis_get_occurrence]

container-registry/container-analysis/src/main/java/com/example/containeranalysis/HighVulnerabilitiesForImage.java

@@ -0,0 +1,50 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.containeranalysis;
+
+// [START containeranalysis_filter_vulnerability_occurrences]
+import com.google.cloud.devtools.containeranalysis.v1beta1.GrafeasV1Beta1Client;
+import com.google.containeranalysis.v1beta1.ProjectName;
+import io.grafeas.v1beta1.Occurrence;
+import io.grafeas.v1beta1.vulnerability.Severity;
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+
+public class HighVulnerabilitiesForImage {
+  // Retrieve a list of vulnerability occurrences with a severity level of 'HIGH' or greater
+  public static List<Occurrence> findHighSeverityVulnerabilitiesForImage(String resourceUrl,
+      String projectId) throws IOException {
+    // String resourceUrl = "https://gcr.io/project/image@sha256:123";
+    // String projectId = "my-project-id";
+    final String projectName = ProjectName.format(projectId);
+    String filterStr = String.format("kind=\"VULNERABILITY\" AND resourceUrl=\"%s\"", resourceUrl);
+
+    // Initialize client that will be used to send requests. After completing all of your requests, 
+    // call the "close" method on the client to safely clean up any remaining background resources.
+    GrafeasV1Beta1Client client = GrafeasV1Beta1Client.create();
+    LinkedList<Occurrence> vulnerabilitylist = new LinkedList<Occurrence>();
+    for (Occurrence o : client.listOccurrences(projectName, filterStr).iterateAll()) {
+      Severity severity = o.getVulnerability().getSeverity();
+      if (severity == Severity.HIGH || severity == Severity.CRITICAL) {
+        vulnerabilitylist.add(o);
+      }
+    }
+    return vulnerabilitylist;
+  }
+}
+// [END containeranalysis_filter_vulnerability_occurrences]