Class: Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client

Inherits:
Object
  • Object
show all
Includes:
Paths
Defined in:
lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb

Overview

REST client for the BinauthzManagementService service.

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.

This API implements a REST model with the following objects:

Defined Under Namespace

Classes: Configuration

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Paths

#attestor_path, #policy_path, #project_path

Constructor Details

#initialize {|config| ... } ⇒ Client

Create a new BinauthzManagementService REST client object.

Examples:


# Create a client using the default configuration
client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new

# Create a client using a custom configuration
client = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.new do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the BinauthzManagementService client.

Yield Parameters:



149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 149

def initialize
  # Create the configuration object
  @config = Configuration.new Client.configure

  # Yield the configuration if needed
  yield @config if block_given?

  # Create credentials
  credentials = @config.credentials
  # Use self-signed JWT if the endpoint is unchanged from default,
  # but only if the default endpoint does not have a region prefix.
  enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
                           !@config.endpoint.split(".").first.include?("-")
  credentials ||= Credentials.default scope: @config.scope,
                                      enable_self_signed_jwt: enable_self_signed_jwt
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
    credentials = Credentials.new credentials, scope: @config.scope
  end

  @quota_project_id = @config.quota_project
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id

  @binauthz_management_service_stub = ::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
end

Class Method Details

.configure {|config| ... } ⇒ Client::Configuration

Configure the BinauthzManagementService Client class.

See Configuration for a description of the configuration fields.

Examples:


# Modify the configuration for all BinauthzManagementService clients
::Google::Cloud::BinaryAuthorization::V1::BinauthzManagementService::Rest::Client.configure do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 64

def self.configure
  @configure ||= begin
    namespace = ["Google", "Cloud", "BinaryAuthorization", "V1"]
    parent_config = while namespace.any?
                      parent_name = namespace.join "::"
                      parent_const = const_get parent_name
                      break parent_const.configure if parent_const.respond_to? :configure
                      namespace.pop
                    end
    default_config = Client::Configuration.new parent_config

    default_config.rpcs.get_policy.timeout = 600.0
    default_config.rpcs.get_policy.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.update_policy.timeout = 600.0
    default_config.rpcs.update_policy.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.create_attestor.timeout = 600.0

    default_config.rpcs.get_attestor.timeout = 600.0
    default_config.rpcs.get_attestor.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.update_attestor.timeout = 600.0
    default_config.rpcs.update_attestor.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.list_attestors.timeout = 600.0
    default_config.rpcs.list_attestors.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config.rpcs.delete_attestor.timeout = 600.0
    default_config.rpcs.delete_attestor.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
    }

    default_config
  end
  yield @configure if block_given?
  @configure
end

Instance Method Details

#configure {|config| ... } ⇒ Client::Configuration

Configure the BinauthzManagementService Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on configure.

See Configuration for a description of the configuration fields.

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



128
129
130
131
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 128

def configure
  yield @config if block_given?
  @config
end

#create_attestor(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor #create_attestor(parent: nil, attestor_id: nil, attestor: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

Creates an attestor, and returns a copy of the new attestor. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.

Overloads:

  • #create_attestor(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

    Pass arguments to create_attestor via a request object, either of type CreateAttestorRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #create_attestor(parent: nil, attestor_id: nil, attestor: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

    Pass arguments to create_attestor via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 349

def create_attestor request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::CreateAttestorRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.create_attestor.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_attestor.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.create_attestor.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.create_attestor request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_attestor(request, options = nil) ⇒ ::Google::Protobuf::Empty #delete_attestor(name: nil) ⇒ ::Google::Protobuf::Empty

Deletes an attestor. Returns NOT_FOUND if the attestor does not exist.

Overloads:

  • #delete_attestor(request, options = nil) ⇒ ::Google::Protobuf::Empty

    Pass arguments to delete_attestor via a request object, either of type DeleteAttestorRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #delete_attestor(name: nil) ⇒ ::Google::Protobuf::Empty

    Pass arguments to delete_attestor via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the attestors to delete, in the format projects/*/attestors/*.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 614

def delete_attestor request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::DeleteAttestorRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete_attestor.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete_attestor.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete_attestor.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.delete_attestor request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_attestor(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor #get_attestor(name: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

Gets an attestor. Returns NOT_FOUND if the attestor does not exist.

Overloads:

  • #get_attestor(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

    Pass arguments to get_attestor via a request object, either of type GetAttestorRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_attestor(name: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

    Pass arguments to get_attestor via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the attestor to retrieve, in the format projects/*/attestors/*.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 413

def get_attestor request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetAttestorRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_attestor.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_attestor.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_attestor.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.get_attestor request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_policy(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy #get_policy(name: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy

A policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy.

Gets the policy for this project. Returns a default policy if the project does not have one.

Overloads:

  • #get_policy(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy

    Pass arguments to get_policy via a request object, either of type GetPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_policy(name: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy

    Pass arguments to get_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the policy to retrieve, in the format projects/*/policy.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 210

def get_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::GetPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.get_policy request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_attestors(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor> #list_attestors(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>

Lists attestors. Returns INVALID_ARGUMENT if the project does not exist.

Overloads:

  • #list_attestors(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>

    Pass arguments to list_attestors via a request object, either of type ListAttestorsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #list_attestors(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1::Attestor>

    Pass arguments to list_attestors via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The resource name of the project associated with the attestors, in the format projects/*.

    • page_size (::Integer) (defaults to: nil)

      Requested page size. The server may return fewer results than requested. If unspecified, the server will pick an appropriate default.

    • page_token (::String) (defaults to: nil)

      A token identifying a page of results the server should return. Typically, this is the value of ListAttestorsResponse.next_page_token returned from the previous call to the ListAttestors method.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 549

def list_attestors request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::ListAttestorsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_attestors.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_attestors.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_attestors.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.list_attestors request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @binauthz_management_service_stub, :list_attestors, "attestors", request, result, options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_attestor(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor #update_attestor(attestor: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Attestor

Updates an attestor. Returns NOT_FOUND if the attestor does not exist.

Overloads:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 478

def update_attestor request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdateAttestorRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_attestor.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_attestor.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_attestor.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.update_attestor request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_policy(request, options = nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy #update_policy(policy: nil) ⇒ ::Google::Cloud::BinaryAuthorization::V1::Policy

Creates or updates a project's policy, and returns a copy of the new policy. A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.

Overloads:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
 
# File 'lib/google/cloud/binary_authorization/v1/binauthz_management_service/rest/client.rb', line 278

def update_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1::UpdatePolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::BinaryAuthorization::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @binauthz_management_service_stub.update_policy request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end