Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
GET /v1/nodes/{clusterId}
Code | Message | Datatype |
---|---|---|
200 |
A successful response. |
|
0 |
An unexpected error response. |
Enum Values |
---|
UNKNOWN_VULNERABILITY |
IMAGE_VULNERABILITY |
K8S_VULNERABILITY |
ISTIO_VULNERABILITY |
NODE_VULNERABILITY |
OPENSHIFT_VULNERABILITY |
Any
contains an arbitrary serialized protocol buffer message along with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.
Example 1: Pack and unpack a message in C++.
Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
Example 2: Pack and unpack a message in Java.
Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); }
Example 3: Pack and unpack a message in Python.
foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... }
The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".
The JSON representation of an Any
value uses the regular
representation of the deserialized, embedded message, with an
additional field @type
which contains the type URL. Example:
package google.profile; message Person { string first_name = 1; string last_name = 2; }
{ "@type": "type.googleapis.com/google.profile.Person", "firstName": <string>, "lastName": <string> }
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
value
which holds the custom JSON in addition to the @type
field. Example (for message [google.protobuf.Duration][]):
{ "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" }
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
typeUrl |
String |
A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in |
|||
value |
byte[] |
Must be a valid serialized protocol buffer of the above specified type. |
byte |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
error |
String |
||||
code |
Integer |
int32 |
|||
message |
String |
||||
details |
List of ProtobufAny |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
cve |
String |
||||
summary |
String |
||||
link |
String |
||||
publishedOn |
Date |
This indicates the timestamp when the cve was first published in the cve feeds. |
date-time |
||
createdAt |
Date |
Time when the CVE was first seen in the system. |
date-time |
||
lastModified |
Date |
date-time |
|||
scoreVersion |
V2, V3, UNKNOWN, |
||||
cvssV2 |
|||||
cvssV3 |
|||||
references |
List of StorageCVEInfoReference |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
URI |
String |
||||
tags |
List of |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
vector |
String |
||||
attackVector |
ATTACK_LOCAL, ATTACK_ADJACENT, ATTACK_NETWORK, |
||||
accessComplexity |
ACCESS_HIGH, ACCESS_MEDIUM, ACCESS_LOW, |
||||
authentication |
AUTH_MULTIPLE, AUTH_SINGLE, AUTH_NONE, |
||||
confidentiality |
IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, |
||||
integrity |
IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, |
||||
availability |
IMPACT_NONE, IMPACT_PARTIAL, IMPACT_COMPLETE, |
||||
exploitabilityScore |
Float |
float |
|||
impactScore |
Float |
float |
|||
score |
Float |
float |
|||
severity |
UNKNOWN, LOW, MEDIUM, HIGH, |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
vector |
String |
||||
exploitabilityScore |
Float |
float |
|||
impactScore |
Float |
float |
|||
attackVector |
ATTACK_LOCAL, ATTACK_ADJACENT, ATTACK_NETWORK, ATTACK_PHYSICAL, |
||||
attackComplexity |
COMPLEXITY_LOW, COMPLEXITY_HIGH, |
||||
privilegesRequired |
PRIVILEGE_NONE, PRIVILEGE_LOW, PRIVILEGE_HIGH, |
||||
userInteraction |
UI_NONE, UI_REQUIRED, |
||||
scope |
UNCHANGED, CHANGED, |
||||
confidentiality |
IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, |
||||
integrity |
IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, |
||||
availability |
IMPACT_NONE, IMPACT_LOW, IMPACT_HIGH, |
||||
score |
Float |
float |
|||
severity |
UNKNOWN, NONE, LOW, MEDIUM, HIGH, CRITICAL, |
Enum Values |
---|
UNKNOWN_CONTAINER_RUNTIME |
DOCKER_CONTAINER_RUNTIME |
CRIO_CONTAINER_RUNTIME |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
type |
UNKNOWN_CONTAINER_RUNTIME, DOCKER_CONTAINER_RUNTIME, CRIO_CONTAINER_RUNTIME, |
||||
version |
String |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
name |
String |
||||
version |
String |
||||
vulns |
List of StorageEmbeddedVulnerability |
||||
vulnerabilities |
List of StorageNodeVulnerability |
||||
priority |
String |
int64 |
|||
topCvss |
Float |
float |
|||
riskScore |
Float |
float |
Next Tag: 21
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
cve |
String |
||||
cvss |
Float |
float |
|||
summary |
String |
||||
link |
String |
||||
fixedBy |
String |
||||
scoreVersion |
V2, V3, |
||||
cvssV2 |
|||||
cvssV3 |
|||||
publishedOn |
Date |
date-time |
|||
lastModified |
Date |
date-time |
|||
vulnerabilityType |
UNKNOWN_VULNERABILITY, IMAGE_VULNERABILITY, K8S_VULNERABILITY, ISTIO_VULNERABILITY, NODE_VULNERABILITY, OPENSHIFT_VULNERABILITY, |
||||
vulnerabilityTypes |
|||||
suppressed |
Boolean |
||||
suppressActivation |
Date |
date-time |
|||
suppressExpiry |
Date |
date-time |
|||
firstSystemOccurrence |
Date |
Time when the CVE was first seen, for this specific distro, in the system. |
date-time |
||
firstImageOccurrence |
Date |
Time when the CVE was first seen in this image. |
date-time |
||
severity |
UNKNOWN_VULNERABILITY_SEVERITY, LOW_VULNERABILITY_SEVERITY, MODERATE_VULNERABILITY_SEVERITY, IMPORTANT_VULNERABILITY_SEVERITY, CRITICAL_VULNERABILITY_SEVERITY, |
||||
state |
OBSERVED, DEFERRED, FALSE_POSITIVE, |
Node represents information about a node in the cluster. next available tag: 28
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
A unique ID identifying this node. |
|||
name |
String |
The (host)name of the node. Might or might not be the same as ID. |
|||
taints |
List of StorageTaint |
||||
clusterId |
String |
||||
clusterName |
String |
||||
labels |
Map of |
||||
annotations |
Map of |
||||
joinedAt |
Date |
date-time |
|||
internalIpAddresses |
List of |
||||
externalIpAddresses |
List of |
||||
containerRuntimeVersion |
String |
||||
containerRuntime |
|||||
kernelVersion |
String |
||||
operatingSystem |
String |
From NodeInfo. Operating system reported by the node (ex: linux). |
|||
osImage |
String |
From NodeInfo. OS image reported by the node from /etc/os-release. |
|||
kubeletVersion |
String |
||||
kubeProxyVersion |
String |
||||
lastUpdated |
Date |
date-time |
|||
k8sUpdated |
Date |
Time we received an update from Kubernetes. |
date-time |
||
scan |
|||||
components |
Integer |
int32 |
|||
cves |
Integer |
int32 |
|||
fixableCves |
Integer |
int32 |
|||
priority |
String |
int64 |
|||
riskScore |
Float |
float |
|||
topCvss |
Float |
float |
|||
notes |
List of StorageNodeNote |
Next tag: 5
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
scanTime |
Date |
date-time |
|||
operatingSystem |
String |
||||
components |
List of StorageEmbeddedNodeScanComponent |
||||
notes |
List of StorageNodeScanNote |
Enum Values |
---|
UNSET |
UNSUPPORTED |
KERNEL_UNSUPPORTED |
CERTIFIED_RHEL_CVES_UNAVAILABLE |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
cveBaseInfo |
|||||
cvss |
Float |
float |
|||
severity |
UNKNOWN_VULNERABILITY_SEVERITY, LOW_VULNERABILITY_SEVERITY, MODERATE_VULNERABILITY_SEVERITY, IMPORTANT_VULNERABILITY_SEVERITY, CRITICAL_VULNERABILITY_SEVERITY, |
||||
fixedBy |
String |
||||
snoozed |
Boolean |
||||
snoozeStart |
Date |
date-time |
|||
snoozeExpiry |
Date |
date-time |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
key |
String |
||||
value |
String |
||||
taintEffect |
UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT, |
Enum Values |
---|
UNKNOWN_TAINT_EFFECT |
NO_SCHEDULE_TAINT_EFFECT |
PREFER_NO_SCHEDULE_TAINT_EFFECT |
NO_EXECUTE_TAINT_EFFECT |
Enum Values |
---|
UNKNOWN_VULNERABILITY_SEVERITY |
LOW_VULNERABILITY_SEVERITY |
MODERATE_VULNERABILITY_SEVERITY |
IMPORTANT_VULNERABILITY_SEVERITY |
CRITICAL_VULNERABILITY_SEVERITY |
VulnerabilityState indicates if vulnerability is being observed or deferred(/suppressed). By default, it vulnerabilities are observed.
Enum Values |
---|
OBSERVED |
DEFERRED |
FALSE_POSITIVE |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
nodes |
List of StorageNode |