diff options
Diffstat (limited to 'third_party/googleapis/google/cloud/websecurityscanner/v1beta')
13 files changed, 1765 insertions, 0 deletions
diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/BUILD.bazel b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/BUILD.bazel new file mode 100644 index 0000000..cbbaf83 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/BUILD.bazel @@ -0,0 +1,355 @@ +# This file was automatically generated by BuildFileGenerator + +# This is an API workspace, having public visibility by default makes perfect sense. +package(default_visibility = ["//visibility:public"]) + +############################################################################## +# Common +############################################################################## +load("@rules_proto//proto:defs.bzl", "proto_library") +load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info") + +proto_library( + name = "websecurityscanner_proto", + srcs = [ + "crawled_url.proto", + "finding.proto", + "finding_addon.proto", + "finding_type_stats.proto", + "scan_config.proto", + "scan_config_error.proto", + "scan_run.proto", + "scan_run_error_trace.proto", + "scan_run_warning_trace.proto", + "web_security_scanner.proto", + ], + deps = [ + "//google/api:annotations_proto", + "//google/api:client_proto", + "//google/api:field_behavior_proto", + "//google/api:resource_proto", + "@com_google_protobuf//:empty_proto", + "@com_google_protobuf//:field_mask_proto", + "@com_google_protobuf//:timestamp_proto", + ], +) + +proto_library_with_info( + name = "websecurityscanner_proto_with_info", + deps = [ + ":websecurityscanner_proto", + "//google/cloud:common_resources_proto", + ], +) + +############################################################################## +# Java +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "java_gapic_assembly_gradle_pkg", + "java_gapic_library", + "java_gapic_test", + "java_grpc_library", + "java_proto_library", +) + +java_proto_library( + name = "websecurityscanner_java_proto", + deps = [":websecurityscanner_proto"], +) + +java_grpc_library( + name = "websecurityscanner_java_grpc", + srcs = [":websecurityscanner_proto"], + deps = [":websecurityscanner_java_proto"], +) + +java_gapic_library( + name = "websecurityscanner_java_gapic", + srcs = [":websecurityscanner_proto_with_info"], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + test_deps = [ + ":websecurityscanner_java_grpc", + ], + transport = "grpc+rest", + deps = [ + ":websecurityscanner_java_proto", + ], +) + +java_gapic_test( + name = "websecurityscanner_java_gapic_test_suite", + test_classes = [ + "com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClientHttpJsonTest", + "com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClientTest", + ], + runtime_deps = [":websecurityscanner_java_gapic_test"], +) + +# Open Source Packages +java_gapic_assembly_gradle_pkg( + name = "google-cloud-websecurityscanner-v1beta-java", + include_samples = True, + transport = "grpc+rest", + deps = [ + ":websecurityscanner_java_gapic", + ":websecurityscanner_java_grpc", + ":websecurityscanner_java_proto", + ":websecurityscanner_proto", + ], +) + +############################################################################## +# Go +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "go_gapic_assembly_pkg", + "go_gapic_library", + "go_proto_library", + "go_test", +) + +go_proto_library( + name = "websecurityscanner_go_proto", + compilers = ["@io_bazel_rules_go//proto:go_grpc"], + importpath = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta", + protos = [":websecurityscanner_proto"], + deps = [ + "//google/api:annotations_go_proto", + ], +) + +go_gapic_library( + name = "websecurityscanner_go_gapic", + srcs = [":websecurityscanner_proto_with_info"], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + importpath = "cloud.google.com/go/websecurityscanner/apiv1beta;websecurityscanner", + service_yaml = "websecurityscanner_v1beta.yaml", + transport = "grpc+rest", + deps = [ + ":websecurityscanner_go_proto", + ], +) + +go_test( + name = "websecurityscanner_go_gapic_test", + srcs = [":websecurityscanner_go_gapic_srcjar_test"], + embed = [":websecurityscanner_go_gapic"], + importpath = "cloud.google.com/go/websecurityscanner/apiv1beta", +) + +# Open Source Packages +go_gapic_assembly_pkg( + name = "gapi-cloud-websecurityscanner-v1beta-go", + deps = [ + ":websecurityscanner_go_gapic", + ":websecurityscanner_go_gapic_srcjar-test.srcjar", + ":websecurityscanner_go_proto", + ], +) + +############################################################################## +# Python +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "py_gapic_assembly_pkg", + "py_gapic_library", + "py_test", +) + +py_gapic_library( + name = "websecurityscanner_py_gapic", + srcs = [":websecurityscanner_proto"], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + transport = "grpc", +) + +py_test( + name = "websecurityscanner_py_gapic_test", + srcs = [ + "websecurityscanner_py_gapic_pytest.py", + "websecurityscanner_py_gapic_test.py", + ], + legacy_create_init = False, + deps = [":websecurityscanner_py_gapic"], +) + +py_gapic_assembly_pkg( + name = "websecurityscanner-v1beta-py", + deps = [ + ":websecurityscanner_py_gapic", + ], +) + +############################################################################## +# PHP +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "php_gapic_assembly_pkg", + "php_gapic_library", + "php_grpc_library", + "php_proto_library", +) + +php_proto_library( + name = "websecurityscanner_php_proto", + deps = [":websecurityscanner_proto"], +) + +php_grpc_library( + name = "websecurityscanner_php_grpc", + srcs = [":websecurityscanner_proto"], + deps = [":websecurityscanner_php_proto"], +) + +php_gapic_library( + name = "websecurityscanner_php_gapic", + srcs = [":websecurityscanner_proto_with_info"], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + deps = [ + ":websecurityscanner_php_grpc", + ":websecurityscanner_php_proto", + ], +) + +# Open Source Packages +php_gapic_assembly_pkg( + name = "google-cloud-websecurityscanner-v1beta-php", + deps = [ + ":websecurityscanner_php_gapic", + ":websecurityscanner_php_grpc", + ":websecurityscanner_php_proto", + ], +) + +############################################################################## +# Node.js +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "nodejs_gapic_assembly_pkg", + "nodejs_gapic_library", +) + +nodejs_gapic_library( + name = "websecurityscanner_nodejs_gapic", + package_name = "@google-cloud/web-security-scanner", + src = ":websecurityscanner_proto_with_info", + extra_protoc_parameters = ["metadata"], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + package = "google.cloud.websecurityscanner.v1beta", + service_yaml = "websecurityscanner_v1beta.yaml", + deps = [], +) + +nodejs_gapic_assembly_pkg( + name = "websecurityscanner-v1beta-nodejs", + deps = [ + ":websecurityscanner_nodejs_gapic", + ":websecurityscanner_proto", + ], +) + +############################################################################## +# Ruby +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "ruby_cloud_gapic_library", + "ruby_gapic_assembly_pkg", + "ruby_grpc_library", + "ruby_proto_library", +) + +ruby_proto_library( + name = "websecurityscanner_ruby_proto", + deps = [":websecurityscanner_proto"], +) + +ruby_grpc_library( + name = "websecurityscanner_ruby_grpc", + srcs = [":websecurityscanner_proto"], + deps = [":websecurityscanner_ruby_proto"], +) + +ruby_cloud_gapic_library( + name = "websecurityscanner_ruby_gapic", + srcs = [":websecurityscanner_proto_with_info"], + extra_protoc_parameters = [ + "ruby-cloud-gem-name=google-cloud-web_security_scanner-v1beta", + "ruby-cloud-env-prefix=WEB_SECURITY_SCANNER", + "ruby-cloud-product-url=https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/", + "ruby-cloud-api-id=websecurityscanner.googleapis.com", + "ruby-cloud-api-shortname=websecurityscanner", + ], + grpc_service_config = "websecurityscanner_grpc_service_config.json", + ruby_cloud_description = "Web Security Scanner scans your Compute and App Engine apps for common web vulnerabilities.", + ruby_cloud_title = "Web Security Scanner V1beta", + deps = [ + ":websecurityscanner_ruby_grpc", + ":websecurityscanner_ruby_proto", + ], +) + +# Open Source Packages +ruby_gapic_assembly_pkg( + name = "google-cloud-websecurityscanner-v1beta-ruby", + deps = [ + ":websecurityscanner_ruby_gapic", + ":websecurityscanner_ruby_grpc", + ":websecurityscanner_ruby_proto", + ], +) + +############################################################################## +# C# +############################################################################## +load( + "@com_google_googleapis_imports//:imports.bzl", + "csharp_gapic_assembly_pkg", + "csharp_gapic_library", + "csharp_grpc_library", + "csharp_proto_library", +) + +csharp_proto_library( + name = "websecurityscanner_csharp_proto", + deps = [":websecurityscanner_proto"], +) + +csharp_grpc_library( + name = "websecurityscanner_csharp_grpc", + srcs = [":websecurityscanner_proto"], + deps = [":websecurityscanner_csharp_proto"], +) + +csharp_gapic_library( + name = "websecurityscanner_csharp_gapic", + srcs = [":websecurityscanner_proto_with_info"], + common_resources_config = "@gax_dotnet//:Google.Api.Gax/ResourceNames/CommonResourcesConfig.json", + grpc_service_config = "websecurityscanner_grpc_service_config.json", + service_yaml = "websecurityscanner_v1beta.yaml", + deps = [ + ":websecurityscanner_csharp_grpc", + ":websecurityscanner_csharp_proto", + ], +) + +# Open Source Packages +csharp_gapic_assembly_pkg( + name = "google-cloud-websecurityscanner-v1beta-csharp", + deps = [ + ":websecurityscanner_csharp_gapic", + ":websecurityscanner_csharp_grpc", + ":websecurityscanner_csharp_proto", + ], +) + +############################################################################## +# C++ +############################################################################## +# Put your C++ rules here diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/crawled_url.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/crawled_url.proto new file mode 100644 index 0000000..cbfead4 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/crawled_url.proto @@ -0,0 +1,41 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "CrawledUrlProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web +// Security Scanner Service crawls the web applications, following all links +// within the scope of sites, to find the URLs to test against. +message CrawledUrl { + // The http method of the request that was used to visit the URL, in + // uppercase. + string http_method = 1; + + // The URL that was crawled. + string url = 2; + + // The body of the request that was used to visit the URL. + string body = 3; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding.proto new file mode 100644 index 0000000..999e092 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding.proto @@ -0,0 +1,98 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +import "google/api/resource.proto"; +import "google/cloud/websecurityscanner/v1beta/finding_addon.proto"; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// A Finding resource represents a vulnerability instance identified during a +// ScanRun. +message Finding { + option (google.api.resource) = { + type: "websecurityscanner.googleapis.com/Finding" + pattern: "projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}/findings/{finding}" + }; + + // The resource name of the Finding. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. + // The finding IDs are generated by the system. + string name = 1; + + // The type of the Finding. + // Detailed and up-to-date information on findings can be found here: + // https://cloud.google.com/security-scanner/docs/scan-result-details + string finding_type = 2; + + // The http method of the request that triggered the vulnerability, in + // uppercase. + string http_method = 3; + + // The URL produced by the server-side fuzzer and used in the request that + // triggered the vulnerability. + string fuzzed_url = 4; + + // The body of the request that triggered the vulnerability. + string body = 5; + + // The description of the vulnerability. + string description = 6; + + // The URL containing human-readable payload that user can leverage to + // reproduce the vulnerability. + string reproduction_url = 7; + + // If the vulnerability was originated from nested IFrame, the immediate + // parent IFrame is reported. + string frame_url = 8; + + // The URL where the browser lands when the vulnerability is detected. + string final_url = 9; + + // The tracking ID uniquely identifies a vulnerability instance across + // multiple ScanRuns. + string tracking_id = 10; + + // An addon containing information reported for a vulnerability with an HTML + // form, if any. + Form form = 16; + + // An addon containing information about outdated libraries. + OutdatedLibrary outdated_library = 11; + + // An addon containing detailed information regarding any resource causing the + // vulnerability such as JavaScript sources, image, audio files, etc. + ViolatingResource violating_resource = 12; + + // An addon containing information about vulnerable or missing HTTP headers. + VulnerableHeaders vulnerable_headers = 15; + + // An addon containing information about request parameters which were found + // to be vulnerable. + VulnerableParameters vulnerable_parameters = 13; + + // An addon containing information reported for an XSS, if any. + Xss xss = 14; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_addon.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_addon.proto new file mode 100644 index 0000000..c29f6ca --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_addon.proto @@ -0,0 +1,90 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingAddonProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// ! Information about a vulnerability with an HTML. +message Form { + // ! The URI where to send the form when it's submitted. + string action_uri = 1; + + // ! The names of form fields related to the vulnerability. + repeated string fields = 2; +} + +// Information reported for an outdated library. +message OutdatedLibrary { + // The name of the outdated library. + string library_name = 1; + + // The version number. + string version = 2; + + // URLs to learn more information about the vulnerabilities in the library. + repeated string learn_more_urls = 3; +} + +// Information regarding any resource causing the vulnerability such +// as JavaScript sources, image, audio files, etc. +message ViolatingResource { + // The MIME type of this resource. + string content_type = 1; + + // URL of this violating resource. + string resource_url = 2; +} + +// Information about vulnerable request parameters. +message VulnerableParameters { + // The vulnerable parameter names. + repeated string parameter_names = 1; +} + +// Information about vulnerable or missing HTTP Headers. +message VulnerableHeaders { + // Describes a HTTP Header. + message Header { + // Header name. + string name = 1; + + // Header value. + string value = 2; + } + + // List of vulnerable headers. + repeated Header headers = 1; + + // List of missing headers. + repeated Header missing_headers = 2; +} + +// Information reported for an XSS. +message Xss { + // Stack traces leading to the point where the XSS occurred. + repeated string stack_traces = 1; + + // An error message generated by a javascript breakage. + string error_message = 2; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto new file mode 100644 index 0000000..9b21576 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto @@ -0,0 +1,36 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "FindingTypeStatsProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// A FindingTypeStats resource represents stats regarding a specific FindingType +// of Findings under a given ScanRun. +message FindingTypeStats { + // The finding type associated with the stats. + string finding_type = 1; + + // The count of findings belonging to this finding type. + int32 finding_count = 2; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config.proto new file mode 100644 index 0000000..b25c619 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config.proto @@ -0,0 +1,193 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/websecurityscanner/v1beta/scan_run.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanConfigProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// A ScanConfig resource contains the configurations to launch a scan. +message ScanConfig { + option (google.api.resource) = { + type: "websecurityscanner.googleapis.com/ScanConfig" + pattern: "projects/{project}/scanConfigs/{scan_config}" + }; + + // Scan authentication configuration. + message Authentication { + // Describes authentication configuration that uses a Google account. + message GoogleAccount { + // Required. The user name of the Google account. + string username = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. Input only. The password of the Google account. The credential is stored encrypted + // and not returned in any response nor included in audit logs. + string password = 2 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = INPUT_ONLY + ]; + } + + // Describes authentication configuration that uses a custom account. + message CustomAccount { + // Required. The user name of the custom account. + string username = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. Input only. The password of the custom account. The credential is stored encrypted + // and not returned in any response nor included in audit logs. + string password = 2 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = INPUT_ONLY + ]; + + // Required. The login form URL of the website. + string login_url = 3 [(google.api.field_behavior) = REQUIRED]; + } + + // Required. + // Authentication configuration + oneof authentication { + // Authentication using a Google account. + GoogleAccount google_account = 1; + + // Authentication using a custom account. + CustomAccount custom_account = 2; + } + } + + // Scan schedule configuration. + message Schedule { + // A timestamp indicates when the next run will be scheduled. The value is + // refreshed by the server after each run. If unspecified, it will default + // to current server time, which means the scan will be scheduled to start + // immediately. + google.protobuf.Timestamp schedule_time = 1; + + // Required. The duration of time between executions in days. + int32 interval_duration_days = 2 [(google.api.field_behavior) = REQUIRED]; + } + + // Type of user agents used for scanning. + enum UserAgent { + // The user agent is unknown. Service will default to CHROME_LINUX. + USER_AGENT_UNSPECIFIED = 0; + + // Chrome on Linux. This is the service default if unspecified. + CHROME_LINUX = 1; + + // Chrome on Android. + CHROME_ANDROID = 2; + + // Safari on IPhone. + SAFARI_IPHONE = 3; + } + + // Cloud platforms supported by Cloud Web Security Scanner. + enum TargetPlatform { + // The target platform is unknown. Requests with this enum value will be + // rejected with INVALID_ARGUMENT error. + TARGET_PLATFORM_UNSPECIFIED = 0; + + // Google App Engine service. + APP_ENGINE = 1; + + // Google Compute Engine service. + COMPUTE = 2; + } + + // Scan risk levels supported by Cloud Web Security Scanner. LOW impact + // scanning will minimize requests with the potential to modify data. To + // achieve the maximum scan coverage, NORMAL risk level is recommended. + enum RiskLevel { + // Use default, which is NORMAL. + RISK_LEVEL_UNSPECIFIED = 0; + + // Normal scanning (Recommended) + NORMAL = 1; + + // Lower impact scanning + LOW = 2; + } + + // Controls export of scan configurations and results to Cloud Security + // Command Center. + enum ExportToSecurityCommandCenter { + // Use default, which is ENABLED. + EXPORT_TO_SECURITY_COMMAND_CENTER_UNSPECIFIED = 0; + + // Export results of this scan to Cloud Security Command Center. + ENABLED = 1; + + // Do not export results of this scan to Cloud Security Command Center. + DISABLED = 2; + } + + // The resource name of the ScanConfig. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are + // generated by the system. + string name = 1; + + // Required. The user provided display name of the ScanConfig. + string display_name = 2 [(google.api.field_behavior) = REQUIRED]; + + // The maximum QPS during scanning. A valid value ranges from 5 to 20 + // inclusively. If the field is unspecified or its value is set 0, server will + // default to 15. Other values outside of [5, 20] range will be rejected with + // INVALID_ARGUMENT error. + int32 max_qps = 3; + + // Required. The starting URLs from which the scanner finds site pages. + repeated string starting_urls = 4 [(google.api.field_behavior) = REQUIRED]; + + // The authentication configuration. If specified, service will use the + // authentication configuration during scanning. + Authentication authentication = 5; + + // The user agent used during scanning. + UserAgent user_agent = 6; + + // The blacklist URL patterns as described in + // https://cloud.google.com/security-scanner/docs/excluded-urls + repeated string blacklist_patterns = 7; + + // The schedule of the ScanConfig. + Schedule schedule = 8; + + // Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be + // used as a default. + repeated TargetPlatform target_platforms = 9; + + // Controls export of scan configurations and results to Cloud Security + // Command Center. + ExportToSecurityCommandCenter export_to_security_command_center = 10; + + // Latest ScanRun if available. + ScanRun latest_run = 11; + + // The risk level selected for the scan + RiskLevel risk_level = 12; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config_error.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config_error.proto new file mode 100644 index 0000000..3920b74 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_config_error.proto @@ -0,0 +1,190 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanConfigErrorProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// Defines a custom error message used by CreateScanConfig and UpdateScanConfig +// APIs when scan configuration validation fails. It is also reported as part of +// a ScanRunErrorTrace message if scan validation fails due to a scan +// configuration error. +message ScanConfigError { + // Output only. + // Defines an error reason code. + // Next id: 44 + enum Code { + option allow_alias = true; + + // There is no error. + CODE_UNSPECIFIED = 0; + + // There is no error. + OK = 0; + + // Indicates an internal server error. + // Please DO NOT USE THIS ERROR CODE unless the root cause is truly unknown. + INTERNAL_ERROR = 1; + + // One of the seed URLs is an App Engine URL but we cannot validate the scan + // settings due to an App Engine API backend error. + APPENGINE_API_BACKEND_ERROR = 2; + + // One of the seed URLs is an App Engine URL but we cannot access the + // App Engine API to validate scan settings. + APPENGINE_API_NOT_ACCESSIBLE = 3; + + // One of the seed URLs is an App Engine URL but the Default Host of the + // App Engine is not set. + APPENGINE_DEFAULT_HOST_MISSING = 4; + + // Google corporate accounts can not be used for scanning. + CANNOT_USE_GOOGLE_COM_ACCOUNT = 6; + + // The account of the scan creator can not be used for scanning. + CANNOT_USE_OWNER_ACCOUNT = 7; + + // This scan targets Compute Engine, but we cannot validate scan settings + // due to a Compute Engine API backend error. + COMPUTE_API_BACKEND_ERROR = 8; + + // This scan targets Compute Engine, but we cannot access the Compute Engine + // API to validate the scan settings. + COMPUTE_API_NOT_ACCESSIBLE = 9; + + // The Custom Login URL does not belong to the current project. + CUSTOM_LOGIN_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 10; + + // The Custom Login URL is malformed (can not be parsed). + CUSTOM_LOGIN_URL_MALFORMED = 11; + + // The Custom Login URL is mapped to a non-routable IP address in DNS. + CUSTOM_LOGIN_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 12; + + // The Custom Login URL is mapped to an IP address which is not reserved for + // the current project. + CUSTOM_LOGIN_URL_MAPPED_TO_UNRESERVED_ADDRESS = 13; + + // The Custom Login URL has a non-routable IP address. + CUSTOM_LOGIN_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 14; + + // The Custom Login URL has an IP address which is not reserved for the + // current project. + CUSTOM_LOGIN_URL_HAS_UNRESERVED_IP_ADDRESS = 15; + + // Another scan with the same name (case-sensitive) already exists. + DUPLICATE_SCAN_NAME = 16; + + // A field is set to an invalid value. + INVALID_FIELD_VALUE = 18; + + // There was an error trying to authenticate to the scan target. + FAILED_TO_AUTHENTICATE_TO_TARGET = 19; + + // Finding type value is not specified in the list findings request. + FINDING_TYPE_UNSPECIFIED = 20; + + // Scan targets Compute Engine, yet current project was not whitelisted for + // Google Compute Engine Scanning Alpha access. + FORBIDDEN_TO_SCAN_COMPUTE = 21; + + // User tries to update managed scan + FORBIDDEN_UPDATE_TO_MANAGED_SCAN = 43; + + // The supplied filter is malformed. For example, it can not be parsed, does + // not have a filter type in expression, or the same filter type appears + // more than once. + MALFORMED_FILTER = 22; + + // The supplied resource name is malformed (can not be parsed). + MALFORMED_RESOURCE_NAME = 23; + + // The current project is not in an active state. + PROJECT_INACTIVE = 24; + + // A required field is not set. + REQUIRED_FIELD = 25; + + // Project id, scanconfig id, scanrun id, or finding id are not consistent + // with each other in resource name. + RESOURCE_NAME_INCONSISTENT = 26; + + // The scan being requested to start is already running. + SCAN_ALREADY_RUNNING = 27; + + // The scan that was requested to be stopped is not running. + SCAN_NOT_RUNNING = 28; + + // One of the seed URLs does not belong to the current project. + SEED_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 29; + + // One of the seed URLs is malformed (can not be parsed). + SEED_URL_MALFORMED = 30; + + // One of the seed URLs is mapped to a non-routable IP address in DNS. + SEED_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 31; + + // One of the seed URLs is mapped to an IP address which is not reserved + // for the current project. + SEED_URL_MAPPED_TO_UNRESERVED_ADDRESS = 32; + + // One of the seed URLs has on-routable IP address. + SEED_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 33; + + // One of the seed URLs has an IP address that is not reserved + // for the current project. + SEED_URL_HAS_UNRESERVED_IP_ADDRESS = 35; + + // The Cloud Security Scanner service account is not configured under the + // project. + SERVICE_ACCOUNT_NOT_CONFIGURED = 36; + + // A project has reached the maximum number of scans. + TOO_MANY_SCANS = 37; + + // Resolving the details of the current project fails. + UNABLE_TO_RESOLVE_PROJECT_INFO = 38; + + // One or more blacklist patterns were in the wrong format. + UNSUPPORTED_BLACKLIST_PATTERN_FORMAT = 39; + + // The supplied filter is not supported. + UNSUPPORTED_FILTER = 40; + + // The supplied finding type is not supported. For example, we do not + // provide findings of the given finding type. + UNSUPPORTED_FINDING_TYPE = 41; + + // The URL scheme of one or more of the supplied URLs is not supported. + UNSUPPORTED_URL_SCHEME = 42; + } + + // Indicates the reason code for a configuration failure. + Code code = 1; + + // Indicates the full name of the ScanConfig field that triggers this error, + // for example "scan_config.max_qps". This field is provided for + // troubleshooting purposes only and its actual value can change in the + // future. + string field_name = 2; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run.proto new file mode 100644 index 0000000..48800d2 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run.proto @@ -0,0 +1,117 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +import "google/api/resource.proto"; +import "google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto"; +import "google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanRunProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// A ScanRun is a output-only resource representing an actual run of the scan. +// Next id: 12 +message ScanRun { + option (google.api.resource) = { + type: "websecurityscanner.googleapis.com/ScanRun" + pattern: "projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}" + }; + + // Types of ScanRun execution state. + enum ExecutionState { + // Represents an invalid state caused by internal server error. This value + // should never be returned. + EXECUTION_STATE_UNSPECIFIED = 0; + + // The scan is waiting in the queue. + QUEUED = 1; + + // The scan is in progress. + SCANNING = 2; + + // The scan is either finished or stopped by user. + FINISHED = 3; + } + + // Types of ScanRun result state. + enum ResultState { + // Default value. This value is returned when the ScanRun is not yet + // finished. + RESULT_STATE_UNSPECIFIED = 0; + + // The scan finished without errors. + SUCCESS = 1; + + // The scan finished with errors. + ERROR = 2; + + // The scan was terminated by user. + KILLED = 3; + } + + // The resource name of the ScanRun. The name follows the format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + // The ScanRun IDs are generated by the system. + string name = 1; + + // The execution state of the ScanRun. + ExecutionState execution_state = 2; + + // The result state of the ScanRun. This field is only available after the + // execution state reaches "FINISHED". + ResultState result_state = 3; + + // The time at which the ScanRun started. + google.protobuf.Timestamp start_time = 4; + + // The time at which the ScanRun reached termination state - that the ScanRun + // is either finished or stopped by user. + google.protobuf.Timestamp end_time = 5; + + // The number of URLs crawled during this ScanRun. If the scan is in progress, + // the value represents the number of URLs crawled up to now. + int64 urls_crawled_count = 6; + + // The number of URLs tested during this ScanRun. If the scan is in progress, + // the value represents the number of URLs tested up to now. The number of + // URLs tested is usually larger than the number URLS crawled because + // typically a crawled URL is tested with multiple test payloads. + int64 urls_tested_count = 7; + + // Whether the scan run has found any vulnerabilities. + bool has_vulnerabilities = 8; + + // The percentage of total completion ranging from 0 to 100. + // If the scan is in queue, the value is 0. + // If the scan is running, the value ranges from 0 to 100. + // If the scan is finished, the value is 100. + int32 progress_percent = 9; + + // If result_state is an ERROR, this field provides the primary reason for + // scan's termination and more details, if such are available. + ScanRunErrorTrace error_trace = 10; + + // A list of warnings, if such are encountered during this scan run. + repeated ScanRunWarningTrace warning_traces = 11; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto new file mode 100644 index 0000000..acbdef2 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto @@ -0,0 +1,76 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +import "google/cloud/websecurityscanner/v1beta/scan_config_error.proto"; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanRunErrorTraceProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// Output only. +// Defines an error trace message for a ScanRun. +message ScanRunErrorTrace { + // Output only. + // Defines an error reason code. + // Next id: 7 + enum Code { + // Default value is never used. + CODE_UNSPECIFIED = 0; + + // Indicates that the scan run failed due to an internal server error. + INTERNAL_ERROR = 1; + + // Indicates a scan configuration error, usually due to outdated ScanConfig + // settings, such as starting_urls or the DNS configuration. + SCAN_CONFIG_ISSUE = 2; + + // Indicates an authentication error, usually due to outdated ScanConfig + // authentication settings. + AUTHENTICATION_CONFIG_ISSUE = 3; + + // Indicates a scan operation timeout, usually caused by a very large site. + TIMED_OUT_WHILE_SCANNING = 4; + + // Indicates that a scan encountered excessive redirects, either to + // authentication or some other page outside of the scan scope. + TOO_MANY_REDIRECTS = 5; + + // Indicates that a scan encountered numerous errors from the web site + // pages. When available, most_common_http_error_code field indicates the + // most common HTTP error code encountered during the scan. + TOO_MANY_HTTP_ERRORS = 6; + } + + // Indicates the error reason code. + Code code = 1; + + // If the scan encounters SCAN_CONFIG_ISSUE error, this field has the error + // message encountered during scan configuration validation that is performed + // before each scan run. + ScanConfigError scan_config_error = 2; + + // If the scan encounters TOO_MANY_HTTP_ERRORS, this field indicates the most + // common HTTP error code, if such is available. For example, if this code is + // 404, the scan has encountered too many NOT_FOUND responses. + int32 most_common_http_error_code = 3; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto new file mode 100644 index 0000000..6ee6b34 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto @@ -0,0 +1,59 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "ScanRunWarningTraceProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// Output only. +// Defines a warning trace message for ScanRun. Warning traces provide customers +// with useful information that helps make the scanning process more effective. +message ScanRunWarningTrace { + // Output only. + // Defines a warning message code. + // Next id: 6 + enum Code { + // Default value is never used. + CODE_UNSPECIFIED = 0; + + // Indicates that a scan discovered an unexpectedly low number of URLs. This + // is sometimes caused by complex navigation features or by using a single + // URL for numerous pages. + INSUFFICIENT_CRAWL_RESULTS = 1; + + // Indicates that a scan discovered too many URLs to test, or excessive + // redundant URLs. + TOO_MANY_CRAWL_RESULTS = 2; + + // Indicates that too many tests have been generated for the scan. Customer + // should try reducing the number of starting URLs, increasing the QPS rate, + // or narrowing down the scope of the scan using the excluded patterns. + TOO_MANY_FUZZ_TASKS = 3; + + // Indicates that a scan is blocked by IAP. + BLOCKED_BY_IAP = 4; + } + + // Indicates the warning code. + Code code = 1; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto new file mode 100644 index 0000000..79be175 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto @@ -0,0 +1,413 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.websecurityscanner.v1beta; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/websecurityscanner/v1beta/crawled_url.proto"; +import "google/cloud/websecurityscanner/v1beta/finding.proto"; +import "google/cloud/websecurityscanner/v1beta/finding_type_stats.proto"; +import "google/cloud/websecurityscanner/v1beta/scan_config.proto"; +import "google/cloud/websecurityscanner/v1beta/scan_run.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; + +option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1Beta"; +option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner"; +option java_multiple_files = true; +option java_outer_classname = "WebSecurityScannerProto"; +option java_package = "com.google.cloud.websecurityscanner.v1beta"; +option php_namespace = "Google\\Cloud\\WebSecurityScanner\\V1beta"; +option ruby_package = "Google::Cloud::WebSecurityScanner::V1beta"; + +// Cloud Web Security Scanner Service identifies security vulnerabilities in web +// applications hosted on Google Cloud Platform. It crawls your application, and +// attempts to exercise as many user inputs and event handlers as possible. +service WebSecurityScanner { + option (google.api.default_host) = "websecurityscanner.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Creates a new ScanConfig. + rpc CreateScanConfig(CreateScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + post: "/v1beta/{parent=projects/*}/scanConfigs" + body: "scan_config" + }; + option (google.api.method_signature) = "parent,scan_config"; + } + + // Deletes an existing ScanConfig and its child resources. + rpc DeleteScanConfig(DeleteScanConfigRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1beta/{name=projects/*/scanConfigs/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Gets a ScanConfig. + rpc GetScanConfig(GetScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + get: "/v1beta/{name=projects/*/scanConfigs/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Lists ScanConfigs under a given project. + rpc ListScanConfigs(ListScanConfigsRequest) returns (ListScanConfigsResponse) { + option (google.api.http) = { + get: "/v1beta/{parent=projects/*}/scanConfigs" + }; + option (google.api.method_signature) = "parent"; + } + + // Updates a ScanConfig. This method support partial update of a ScanConfig. + rpc UpdateScanConfig(UpdateScanConfigRequest) returns (ScanConfig) { + option (google.api.http) = { + patch: "/v1beta/{scan_config.name=projects/*/scanConfigs/*}" + body: "scan_config" + }; + option (google.api.method_signature) = "scan_config,update_mask"; + } + + // Start a ScanRun according to the given ScanConfig. + rpc StartScanRun(StartScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + post: "/v1beta/{name=projects/*/scanConfigs/*}:start" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // Gets a ScanRun. + rpc GetScanRun(GetScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + get: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Lists ScanRuns under a given ScanConfig, in descending order of ScanRun + // stop time. + rpc ListScanRuns(ListScanRunsRequest) returns (ListScanRunsResponse) { + option (google.api.http) = { + get: "/v1beta/{parent=projects/*/scanConfigs/*}/scanRuns" + }; + option (google.api.method_signature) = "parent"; + } + + // Stops a ScanRun. The stopped ScanRun is returned. + rpc StopScanRun(StopScanRunRequest) returns (ScanRun) { + option (google.api.http) = { + post: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*}:stop" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // List CrawledUrls under a given ScanRun. + rpc ListCrawledUrls(ListCrawledUrlsRequest) returns (ListCrawledUrlsResponse) { + option (google.api.http) = { + get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/crawledUrls" + }; + option (google.api.method_signature) = "parent"; + } + + // Gets a Finding. + rpc GetFinding(GetFindingRequest) returns (Finding) { + option (google.api.http) = { + get: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*/findings/*}" + }; + option (google.api.method_signature) = "name"; + } + + // List Findings under a given ScanRun. + rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { + option (google.api.http) = { + get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/findings" + }; + option (google.api.method_signature) = "parent,filter"; + } + + // List all FindingTypeStats under a given ScanRun. + rpc ListFindingTypeStats(ListFindingTypeStatsRequest) returns (ListFindingTypeStatsResponse) { + option (google.api.http) = { + get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/findingTypeStats" + }; + option (google.api.method_signature) = "parent"; + } +} + +// Request for the `CreateScanConfig` method. +message CreateScanConfigRequest { + // Required. The parent resource name where the scan is created, which should be a + // project resource name in the format 'projects/{projectId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Required. The ScanConfig to be created. + ScanConfig scan_config = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request for the `DeleteScanConfig` method. +message DeleteScanConfigRequest { + // Required. The resource name of the ScanConfig to be deleted. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanConfig" + } + ]; +} + +// Request for the `GetScanConfig` method. +message GetScanConfigRequest { + // Required. The resource name of the ScanConfig to be returned. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanConfig" + } + ]; +} + +// Request for the `ListScanConfigs` method. +message ListScanConfigsRequest { + // Required. The parent resource name, which should be a project resource name in the + // format 'projects/{projectId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of ScanConfigs to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Request for the `UpdateScanConfigRequest` method. +message UpdateScanConfigRequest { + // Required. The ScanConfig to be updated. The name field must be set to identify the + // resource to be updated. The values of fields not covered by the mask + // will be ignored. + ScanConfig scan_config = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The update mask applies to the resource. For the `FieldMask` definition, + // see + // https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask + google.protobuf.FieldMask update_mask = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Response for the `ListScanConfigs` method. +message ListScanConfigsResponse { + // The list of ScanConfigs returned. + repeated ScanConfig scan_configs = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `StartScanRun` method. +message StartScanRunRequest { + // Required. The resource name of the ScanConfig to be used. The name follows the + // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanConfig" + } + ]; +} + +// Request for the `GetScanRun` method. +message GetScanRunRequest { + // Required. The resource name of the ScanRun to be returned. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanRun" + } + ]; +} + +// Request for the `ListScanRuns` method. +message ListScanRunsRequest { + // Required. The parent resource name, which should be a scan resource name in the + // format 'projects/{projectId}/scanConfigs/{scanConfigId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanConfig" + } + ]; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of ScanRuns to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Response for the `ListScanRuns` method. +message ListScanRunsResponse { + // The list of ScanRuns returned. + repeated ScanRun scan_runs = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `StopScanRun` method. +message StopScanRunRequest { + // Required. The resource name of the ScanRun to be stopped. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanRun" + } + ]; +} + +// Request for the `ListCrawledUrls` method. +message ListCrawledUrlsRequest { + // Required. The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanRun" + } + ]; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 2; + + // The maximum number of CrawledUrls to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 3; +} + +// Response for the `ListCrawledUrls` method. +message ListCrawledUrlsResponse { + // The list of CrawledUrls returned. + repeated CrawledUrl crawled_urls = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `GetFinding` method. +message GetFindingRequest { + // Required. The resource name of the Finding to be returned. The name follows the + // format of + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/Finding" + } + ]; +} + +// Request for the `ListFindings` method. +message ListFindingsRequest { + // Required. The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanRun" + } + ]; + + // Required. The filter expression. The expression must be in the format: <field> + // <operator> <value>. + // Supported field: 'finding_type'. + // Supported operator: '='. + string filter = 2 [(google.api.field_behavior) = REQUIRED]; + + // A token identifying a page of results to be returned. This should be a + // `next_page_token` value returned from a previous List request. + // If unspecified, the first page of results is returned. + string page_token = 3; + + // The maximum number of Findings to return, can be limited by server. + // If not specified or not positive, the implementation will select a + // reasonable value. + int32 page_size = 4; +} + +// Response for the `ListFindings` method. +message ListFindingsResponse { + // The list of Findings returned. + repeated Finding findings = 1; + + // Token to retrieve the next page of results, or empty if there are no + // more results in the list. + string next_page_token = 2; +} + +// Request for the `ListFindingTypeStats` method. +message ListFindingTypeStatsRequest { + // Required. The parent resource name, which should be a scan run resource name in the + // format + // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "websecurityscanner.googleapis.com/ScanRun" + } + ]; +} + +// Response for the `ListFindingTypeStats` method. +message ListFindingTypeStatsResponse { + // The list of FindingTypeStats returned. + repeated FindingTypeStats finding_type_stats = 1; +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_grpc_service_config.json b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_grpc_service_config.json new file mode 100755 index 0000000..09e5247 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_grpc_service_config.json @@ -0,0 +1,75 @@ +{ + "methodConfig": [ + { + "name": [ + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "CreateScanConfig" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "UpdateScanConfig" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "StartScanRun" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "StopScanRun" + } + ], + "timeout": "600s" + }, + { + "name": [ + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "DeleteScanConfig" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "GetScanConfig" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "ListScanConfigs" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "GetScanRun" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "ListScanRuns" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "GetFinding" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "ListFindings" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "ListFindingTypeStats" + }, + { + "service": "google.cloud.websecurityscanner.v1beta.WebSecurityScanner", + "method": "ListCrawledUrls" + } + ], + "timeout": "600s", + "retryPolicy": { + "initialBackoff": "0.100s", + "maxBackoff": "60s", + "backoffMultiplier": 1.3, + "retryableStatusCodes": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + } + } + ] +} diff --git a/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_v1beta.yaml b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_v1beta.yaml new file mode 100644 index 0000000..8e89581 --- /dev/null +++ b/third_party/googleapis/google/cloud/websecurityscanner/v1beta/websecurityscanner_v1beta.yaml @@ -0,0 +1,22 @@ +type: google.api.Service +config_version: 3 +name: websecurityscanner.googleapis.com +title: Web Security Scanner API + +apis: +- name: google.cloud.websecurityscanner.v1beta.WebSecurityScanner + +documentation: + summary: Scans your Compute and App Engine apps for common web vulnerabilities. + +backend: + rules: + - selector: 'google.cloud.websecurityscanner.v1beta.WebSecurityScanner.*' + deadline: 60.0 + +authentication: + rules: + - selector: 'google.cloud.websecurityscanner.v1beta.WebSecurityScanner.*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform |