This is a cache of https://docs.openshift.com/acs/4.5/api/ImageIntegrationService.html. It is a snapshot of the page at 2024-11-20T18:11:33.916+0000.
ImageIntegrationService | API reference | Red Hat Advanced Cluster Security for Kubernetes 4.5
×

DeleteImageIntegration

DELETE /v1/imageintegrations/{id}

DeleteImageIntegration removes a image integration given its ID.

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Return Type

Object

Content Type

  • application/json

Responses

Table 1. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

GetImageIntegration

GET /v1/imageintegrations/{id}

GetImageIntegration returns the image integration given its ID.

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Content Type

  • application/json

Responses

Table 2. HTTP Response Codes
Code Message Datatype

200

A successful response.

StorageImageIntegration

0

An unexpected error response.

RuntimeError

Samples

GetImageIntegrations

GET /v1/imageintegrations

GetImageIntegrations returns all image integrations that match the request filters.

Description

Parameters

Query Parameters

Name Description Required Default Pattern

name

-

null

cluster

-

null

Content Type

  • application/json

Responses

Table 3. HTTP Response Codes
Code Message Datatype

200

A successful response.

V1GetImageIntegrationsResponse

0

An unexpected error response.

RuntimeError

Samples

PostImageIntegration

POST /v1/imageintegrations

PostImageIntegration creates a image integration.

Description

Parameters

Body Parameter

Name Description Required Default Pattern

body

StorageImageIntegration

X

Content Type

  • application/json

Responses

Table 4. HTTP Response Codes
Code Message Datatype

200

A successful response.

StorageImageIntegration

0

An unexpected error response.

RuntimeError

Samples

PutImageIntegration

PUT /v1/imageintegrations/{id}

PutImageIntegration modifies a given image integration, without using stored credential reconciliation.

Description

Parameters

Path Parameters

Name Description Required Default Pattern

id

X

null

Body Parameter

Name Description Required Default Pattern

body

StorageImageIntegration

X

Return Type

Object

Content Type

  • application/json

Responses

Table 5. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

TestImageIntegration

POST /v1/imageintegrations/test

TestImageIntegration checks if the given image integration is correctly configured, without using stored credential reconciliation.

Description

Parameters

Body Parameter

Name Description Required Default Pattern

body

StorageImageIntegration

X

Return Type

Object

Content Type

  • application/json

Responses

Table 6. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

TestUpdatedImageIntegration

POST /v1/imageintegrations/test/updated

TestUpdatedImageIntegration checks if the given image integration is correctly configured, with optional stored credential reconciliation.

Description

Parameters

Body Parameter

Name Description Required Default Pattern

body

V1UpdateImageIntegrationRequest

X

Return Type

Object

Content Type

  • application/json

Responses

Table 7. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

UpdateImageIntegration

PATCH /v1/imageintegrations/{config.id}

UpdateImageIntegration modifies a given image integration, with optional stored credential reconciliation.

Description

Parameters

Path Parameters

Name Description Required Default Pattern

config.id

X

null

Body Parameter

Name Description Required Default Pattern

body

V1UpdateImageIntegrationRequest

X

Return Type

Object

Content Type

  • application/json

Responses

Table 8. HTTP Response Codes
Code Message Datatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

Samples

Common object reference

ECRConfigAuthorizationData

An authorization data represents the IAM authentication credentials and can be used to access any Amazon ECR registry that the IAM principal has access to.

Field Name Required Nullable Type Description Format

username

String

password

String

expiresAt

Date

date-time

ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field Name Required Nullable Type Description Format

typeUrl

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

value

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

QuayConfigRobotAccount

Robot account is Quay's named tokens that can be granted permissions on multiple repositories under an organization. It's Quay's recommended authentication model when possible (i.e. registry integration)
Field Name Required Nullable Type Description Format

username

String

password

String

The server will mask the value of this password in responses and logs.

RuntimeError

Field Name Required Nullable Type Description Format

error

String

code

Integer

int32

message

String

details

List of ProtobufAny

StorageAzureConfig

Field Name Required Nullable Type Description Format

endpoint

String

username

String

password

String

The password for the integration. The server will mask the value of this credential in responses and logs.

wifEnabled

Boolean

StorageClairConfig

Field Name Required Nullable Type Description Format

endpoint

String

insecure

Boolean

StorageClairV4Config

Field Name Required Nullable Type Description Format

endpoint

String

insecure

Boolean

StorageClairifyConfig

Field Name Required Nullable Type Description Format

endpoint

String

grpcEndpoint

String

numConcurrentScans

Integer

int32

StorageDockerConfig

Field Name Required Nullable Type Description Format

endpoint

String

username

String

password

String

The password for the integration. The server will mask the value of this credential in responses and logs.

insecure

Boolean

StorageECRConfig

Field Name Required Nullable Type Description Format

registryId

String

accessKeyId

String

The access key ID for the integration. The server will mask the value of this credential in responses and logs.

secretAccessKey

String

The secret access key for the integration. The server will mask the value of this credential in responses and logs.

region

String

useIam

Boolean

endpoint

String

useAssumeRole

Boolean

assumeRoleId

String

assumeRoleExternalId

String

authorizationData

ECRConfigAuthorizationData

StorageGoogleConfig

Field Name Required Nullable Type Description Format

endpoint

String

serviceAccount

String

The service account for the integration. The server will mask the value of this credential in responses and logs.

project

String

wifEnabled

Boolean

StorageIBMRegistryConfig

Field Name Required Nullable Type Description Format

endpoint

String

apiKey

String

The API key for the integration. The server will mask the value of this credential in responses and logs.

StorageImageIntegration

Next Tag: 25
Field Name Required Nullable Type Description Format

id

String

name

String

type

String

categories

List of StorageImageIntegrationCategory

clairify

StorageClairifyConfig

scannerV4

StorageScannerV4Config

docker

StorageDockerConfig

quay

StorageQuayConfig

ecr

StorageECRConfig

google

StorageGoogleConfig

clair

StorageClairConfig

clairV4

StorageClairV4Config

ibm

StorageIBMRegistryConfig

azure

StorageAzureConfig

autogenerated

Boolean

clusterId

String

skipTestIntegration

Boolean

source

StorageImageIntegrationSource

StorageImageIntegrationCategory

  • NODE_SCANNER: Image and Node integrations are currently done on the same form in the UI so the image integration is also currently used for node integrations. This decision was made because we currently only support one node scanner (our scanner).

Enum Values

REGISTRY

SCANNER

NODE_SCANNER

StorageImageIntegrationSource

Field Name Required Nullable Type Description Format

clusterId

String

namespace

String

imagePullSecretName

String

StorageQuayConfig

Field Name Required Nullable Type Description Format

endpoint

String

oauthToken

String

The OAuth token for the integration. Required if this is a scanner integration. The server will mask the value of this credential in responses and logs.

insecure

Boolean

registryRobotCredentials

QuayConfigRobotAccount

StorageScannerV4Config

Field Name Required Nullable Type Description Format

numConcurrentScans

Integer

int32

indexerEndpoint

String

matcherEndpoint

String

V1GetImageIntegrationsResponse

Field Name Required Nullable Type Description Format

integrations

List of StorageImageIntegration

V1UpdateImageIntegrationRequest

Field Name Required Nullable Type Description Format

config

StorageImageIntegration

updatePassword

Boolean

When false, use the stored credentials of an existing image integration given its ID.