Wondering what’s next for npm?Check out our public roadmap! »

    @google-cloud/containeranalysis
    TypeScript icon, indicating that this package has built-in type declarations

    3.1.4 • Public • Published

    Google Cloud Platform logo

    Google Container Analysis: Node.js Client

    release level npm version codecov

    Container Analysis API client for Node.js

    A comprehensive list of changes in each version may be found in the CHANGELOG.

    Read more about the client libraries for Cloud APIs, including the older Google APIs Client Libraries, in Client Libraries Explained.

    Table of contents:

    Quickstart

    Before you begin

    1. Select or create a Cloud Platform project.
    2. Enable billing for your project.
    3. Enable the Google Container Analysis API.
    4. Set up authentication with a service account so you can access the API from your local workstation.

    Installing the client library

    npm install @google-cloud/containeranalysis

    Using the client library

    /**
     * TODO(developer): Uncomment these variables before running the sample
     */
    // const projectId = 'your-project-id', // Your GCP Project ID
    // const noteId = 'my-note-id' // Id of the note
    
    // Import the library and create a client
    const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis');
    const client = new ContainerAnalysisClient();
    // Fetch an instance of a Grafeas client:
    // see: https://googleapis.dev/nodejs/grafeas/latest
    const grafeasClient = client.getGrafeasClient();
    
    // Construct request
    // Associate the Note with a metadata type
    // https://cloud.google.com/container-registry/docs/container-analysis#supported_metadata_types
    // Here, we use the type "vulnerabiltity"
    const formattedParent = grafeasClient.projectPath(projectId);
    
    // Creates and returns a new Note
    const [note] = await grafeasClient.createNote({
      parent: formattedParent,
      noteId: noteId,
      note: {
        vulnerability: {
          details: [
            {
              affectedCpeUri: 'foo.uri',
              affectedPackage: 'foo',
              minAffectedVersion: {
                kind: 'MINIMUM',
              },
              fixedVersion: {
                kind: 'MAXIMUM',
              },
            },
          ],
        },
      },
    });
    
    console.log(`Note ${note.name} created.`);

    Samples

    Samples are in the samples/ directory. Each sample's README.md has instructions for running its sample.

    Sample Source Code Try it
    Create Note source code Open in Cloud Shell
    Create Occurrence source code Open in Cloud Shell
    Delete Note source code Open in Cloud Shell
    Delete Occurrence source code Open in Cloud Shell
    Get Discovery Info source code Open in Cloud Shell
    Get Note source code Open in Cloud Shell
    Get Occurrence source code Open in Cloud Shell
    Get High Vulnerabilities for Image source code Open in Cloud Shell
    Occurrence PubSub source code Open in Cloud Shell
    Occurrences for Image source code Open in Cloud Shell
    Occurrences for Note source code Open in Cloud Shell
    Poll Discovery Occurrence Finished source code Open in Cloud Shell
    Quickstart source code Open in Cloud Shell
    Vulnerability Occurrences for Image source code Open in Cloud Shell

    The Google Container Analysis Node.js Client API Reference documentation also contains samples.

    Supported Node.js Versions

    Our client libraries follow the Node.js release schedule. Libraries are compatible with all current active and maintenance versions of Node.js.

    Client libraries targeting some end-of-life versions of Node.js are available, and can be installed via npm dist-tags. The dist-tags follow the naming convention legacy-(version).

    Legacy Node.js versions are supported as a best effort:

    • Legacy versions will not be tested in continuous integration.
    • Some security patches may not be able to be backported.
    • Dependencies will not be kept up-to-date, and features will not be backported.

    Legacy tags available

    • legacy-8: install client libraries from this dist-tag for versions compatible with Node.js 8.

    Versioning

    This library follows Semantic Versioning.

    This library is considered to be General Availability (GA). This means it is stable; the code surface will not change in backwards-incompatible ways unless absolutely necessary (e.g. because of critical security issues) or with an extensive deprecation period. Issues and requests against GA libraries are addressed with the highest priority.

    More Information: Google Cloud Platform Launch Stages

    Contributing

    Contributions welcome! See the Contributing Guide.

    Please note that this README.md, the samples/README.md, and a variety of configuration files in this repository (including .nycrc and tsconfig.json) are generated from a central template. To edit one of these files, make an edit to its template in this directory.

    License

    Apache Version 2.0

    See LICENSE

    Install

    npm i @google-cloud/containeranalysis

    DownloadsWeekly Downloads

    2,444

    Version

    3.1.4

    License

    Apache-2.0

    Unpacked Size

    4.74 MB

    Total Files

    54

    Last publish

    Collaborators

    • avatar
    • avatar
    • avatar
    • avatar