// Copyright 2018 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.devtools.containeranalysis.v1alpha1;

import "google/api/annotations.proto";

option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1alpha1;containeranalysis";
option java_multiple_files = true;
option java_package = "com.google.containeranalysis.v1alpha1";
option objc_class_prefix = "GCA";

// DockerImage holds types defining base image notes
// and derived image occurrences.
message DockerImage {
  // Layer holds metadata specific to a layer of a Docker image.
  message Layer {
    // Instructions from dockerfile
    enum Directive {
      // Default value for unsupported/missing directive
      DIRECTIVE_UNSPECIFIED = 0;

      // https://docs.docker.com/reference/builder/#maintainer
      MAINTAINER = 1;

      // https://docs.docker.com/reference/builder/#run
      RUN = 2;

      // https://docs.docker.com/reference/builder/#cmd
      CMD = 3;

      // https://docs.docker.com/reference/builder/#label
      LABEL = 4;

      // https://docs.docker.com/reference/builder/#expose
      EXPOSE = 5;

      // https://docs.docker.com/reference/builder/#env
      ENV = 6;

      // https://docs.docker.com/reference/builder/#add
      ADD = 7;

      // https://docs.docker.com/reference/builder/#copy
      COPY = 8;

      // https://docs.docker.com/reference/builder/#entrypoint
      ENTRYPOINT = 9;

      // https://docs.docker.com/reference/builder/#volume
      VOLUME = 10;

      // https://docs.docker.com/reference/builder/#user
      USER = 11;

      // https://docs.docker.com/reference/builder/#workdir
      WORKDIR = 12;

      // https://docs.docker.com/reference/builder/#arg
      ARG = 13;

      // https://docs.docker.com/reference/builder/#onbuild
      ONBUILD = 14;

      // https://docs.docker.com/reference/builder/#stopsignal
      STOPSIGNAL = 15;

      // https://docs.docker.com/reference/builder/#healthcheck
      HEALTHCHECK = 16;

      // https://docs.docker.com/reference/builder/#shell
      SHELL = 17;
    }

    // The recovered Dockerfile directive used to construct this layer.
    Directive directive = 1;

    // The recovered arguments to the Dockerfile directive.
    string arguments = 2;
  }

  // A set of properties that uniquely identify a given Docker image.
  message Fingerprint {
    // The layer-id of the final layer in the Docker image's v1
    // representation.
    // This field can be used as a filter in list requests.
    string v1_name = 1;

    // The ordered list of v2 blobs that represent a given image.
    repeated string v2_blob = 2;

    // Output only. The name of the image's v2 blobs computed via:
    //   [bottom] := v2_blob[bottom]
    //   [N] := sha256(v2_blob[N] + " " + v2_name[N+1])
    // Only the name of the final blob is kept.
    // This field can be used as a filter in list requests.
    string v2_name = 3;
  }

  // Basis describes the base image portion (Note) of the DockerImage
  // relationship.  Linked occurrences are derived from this or an
  // equivalent image via:
  //   FROM <Basis.resource_url>
  // Or an equivalent reference, e.g. a tag of the resource_url.
  message Basis {
    // The resource_url for the resource representing the basis of
    // associated occurrence images.
    string resource_url = 1;

    // The fingerprint of the base image.
    Fingerprint fingerprint = 2;
  }

  // Derived describes the derived image portion (Occurrence) of the
  // DockerImage relationship.  This image would be produced from a Dockerfile
  // with FROM <DockerImage.Basis in attached Note>.
  message Derived {
    // The fingerprint of the derived image.
    Fingerprint fingerprint = 1;

    // Output only. The number of layers by which this image differs from the
    // associated image basis.
    uint32 distance = 2;

    // This contains layer-specific metadata, if populated it has length
    // "distance" and is ordered with [distance] being the layer immediately
    // following the base image and [1] being the final layer.
    repeated Layer layer_info = 3;

    // Output only. This contains the base image URL for the derived image
    // occurrence.
    string base_resource_url = 4;
  }
}