feat: Added container field to findings attributes (#353)

- [ ] Regenerate this pull request now.

feat: Added kubernetes field to findings attribute. This field is populated only when the container is a kubernetes cluster explicitly

PiperOrigin-RevId: 462248767

Source-Link: googleapis/googleapis@dd2b0d2

Source-Link: googleapis/googleapis-gen@0be13cf
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMGJlMTNjZjUzY2E0NTU1NTQ4OWQ3MzQxOWQxMDUzYTcwOWE4ZGVjZCJ9

packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py

@@ -26,6 +26,7 @@
 from google.cloud.securitycenter_v1.types.compliance import Compliance
 from google.cloud.securitycenter_v1.types.connection import Connection
 from google.cloud.securitycenter_v1.types.contact_details import Contact, ContactDetails
+from google.cloud.securitycenter_v1.types.container import Container
 from google.cloud.securitycenter_v1.types.exfiltration import (
     ExfilResource,
     Exfiltration,
@@ -36,6 +37,8 @@
 from google.cloud.securitycenter_v1.types.folder import Folder
 from google.cloud.securitycenter_v1.types.iam_binding import IamBinding
 from google.cloud.securitycenter_v1.types.indicator import Indicator
+from google.cloud.securitycenter_v1.types.kubernetes import Kubernetes
+from google.cloud.securitycenter_v1.types.label import Label
 from google.cloud.securitycenter_v1.types.mitre_attack import MitreAttack
 from google.cloud.securitycenter_v1.types.mute_config import MuteConfig
 from google.cloud.securitycenter_v1.types.notification_config import NotificationConfig
@@ -115,6 +118,7 @@
     "Connection",
     "Contact",
     "ContactDetails",
+    "Container",
     "ExfilResource",
     "Exfiltration",
     "ExternalSystem",
@@ -123,6 +127,8 @@
     "Folder",
     "IamBinding",
     "Indicator",
+    "Kubernetes",
+    "Label",
     "MitreAttack",
     "MuteConfig",
     "NotificationConfig",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py

@@ -21,13 +21,16 @@
 from .types.compliance import Compliance
 from .types.connection import Connection
 from .types.contact_details import Contact, ContactDetails
+from .types.container import Container
 from .types.exfiltration import ExfilResource, Exfiltration
 from .types.external_system import ExternalSystem
 from .types.file import File
 from .types.finding import Finding
 from .types.folder import Folder
 from .types.iam_binding import IamBinding
 from .types.indicator import Indicator
+from .types.kubernetes import Kubernetes
+from .types.label import Label
 from .types.mitre_attack import MitreAttack
 from .types.mute_config import MuteConfig
 from .types.notification_config import NotificationConfig
@@ -96,6 +99,7 @@
     "Connection",
     "Contact",
     "ContactDetails",
+    "Container",
     "CreateBigQueryExportRequest",
     "CreateFindingRequest",
     "CreateMuteConfigRequest",
@@ -126,6 +130,8 @@
     "GroupResult",
     "IamBinding",
     "Indicator",
+    "Kubernetes",
+    "Label",
     "ListAssetsRequest",
     "ListAssetsResponse",
     "ListBigQueryExportsRequest",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py

@@ -45,9 +45,15 @@
     bigquery_export,
     compliance,
     connection,
+    container,
     exfiltration,
 )
-from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack
+from google.cloud.securitycenter_v1.types import (
+    iam_binding,
+    indicator,
+    kubernetes,
+    mitre_attack,
+)
 from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import external_system as gcs_external_system
 from google.cloud.securitycenter_v1.types import (

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py

@@ -48,9 +48,15 @@
     bigquery_export,
     compliance,
     connection,
+    container,
     exfiltration,
 )
-from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack
+from google.cloud.securitycenter_v1.types import (
+    iam_binding,
+    indicator,
+    kubernetes,
+    mitre_attack,
+)
 from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import external_system as gcs_external_system
 from google.cloud.securitycenter_v1.types import (

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py

@@ -19,13 +19,16 @@
 from .compliance import Compliance
 from .connection import Connection
 from .contact_details import Contact, ContactDetails
+from .container import Container
 from .exfiltration import ExfilResource, Exfiltration
 from .external_system import ExternalSystem
 from .file import File
 from .finding import Finding
 from .folder import Folder
 from .iam_binding import IamBinding
 from .indicator import Indicator
+from .kubernetes import Kubernetes
+from .label import Label
 from .mitre_attack import MitreAttack
 from .mute_config import MuteConfig
 from .notification_config import NotificationConfig
@@ -92,6 +95,7 @@
     "Connection",
     "Contact",
     "ContactDetails",
+    "Container",
     "ExfilResource",
     "Exfiltration",
     "ExternalSystem",
@@ -100,6 +104,8 @@
     "Folder",
     "IamBinding",
     "Indicator",
+    "Kubernetes",
+    "Label",
     "MitreAttack",
     "MuteConfig",
     "NotificationConfig",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/container.py

@@ -0,0 +1,67 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import proto  # type: ignore
+
+from google.cloud.securitycenter_v1.types import label
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v1",
+    manifest={
+        "Container",
+    },
+)
+
+
+class Container(proto.Message):
+    r"""Container associated with the finding.
+
+    Attributes:
+        name (str):
+            Container name.
+        uri (str):
+            Container image URI provided when configuring
+            a pod/container. May identify a container image
+            version using mutable tags.
+        image_id (str):
+            Optional container image id, when provided by
+            the container runtime. Uniquely identifies the
+            container image launched using a container image
+            digest.
+        labels (Sequence[google.cloud.securitycenter_v1.types.Label]):
+            Container labels, as provided by the
+            container runtime.
+    """
+
+    name = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    uri = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+    image_id = proto.Field(
+        proto.STRING,
+        number=3,
+    )
+    labels = proto.RepeatedField(
+        proto.MESSAGE,
+        number=4,
+        message=label.Label,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py

@@ -17,14 +17,20 @@
 from google.protobuf import timestamp_pb2  # type: ignore
 import proto  # type: ignore
 
-from google.cloud.securitycenter_v1.types import compliance, connection, contact_details
+from google.cloud.securitycenter_v1.types import (
+    compliance,
+    connection,
+    contact_details,
+    container,
+)
 from google.cloud.securitycenter_v1.types import exfiltration as gcs_exfiltration
 from google.cloud.securitycenter_v1.types import mitre_attack as gcs_mitre_attack
 from google.cloud.securitycenter_v1.types import security_marks as gcs_security_marks
 from google.cloud.securitycenter_v1.types import vulnerability as gcs_vulnerability
 from google.cloud.securitycenter_v1.types import access as gcs_access
 from google.cloud.securitycenter_v1.types import external_system, iam_binding
 from google.cloud.securitycenter_v1.types import indicator as gcs_indicator
+from google.cloud.securitycenter_v1.types import kubernetes as gcs_kubernetes
 from google.cloud.securitycenter_v1.types import process
 
 __protobuf__ = proto.module(
@@ -188,6 +194,13 @@ class Finding(proto.Message):
             Finding.
         next_steps (str):
             Next steps associate to the finding.
+        containers (Sequence[google.cloud.securitycenter_v1.types.Container]):
+            Containers associated with the finding.
+            containers provides information for both
+            Kubernetes and non-Kubernetes containers.
+        kubernetes (google.cloud.securitycenter_v1.types.Kubernetes):
+            Kubernetes resources associated with the
+            finding.
     """
 
     class State(proto.Enum):
@@ -359,6 +372,16 @@ class FindingClass(proto.Enum):
         proto.STRING,
         number=40,
     )
+    containers = proto.RepeatedField(
+        proto.MESSAGE,
+        number=42,
+        message=container.Container,
+    )
+    kubernetes = proto.Field(
+        proto.MESSAGE,
+        number=43,
+        message=gcs_kubernetes.Kubernetes,
+    )
 
 
 __all__ = tuple(sorted(__protobuf__.manifest))