NAME gcloud artifacts vulnerabilities load-vex - load VEX data from a CSAF file into Artifact Analysis SYNOPSIS gcloud artifacts vulnerabilities load-vex --source=SOURCE --uri=URI [--location=LOCATION] [--project=PROJECT] [GCLOUD_WIDE_FLAG ...] DESCRIPTION Command loads VEX data from a Common Security Advisory Framework (CSAF) file into Artifact Analysis as VulnerabilityAssessment Notes. VEX data tells Artifact Analysis whether vulnerabilities are relevant and how. EXAMPLES To load a CSAF security advisory file given an artifact in Artifact Registry and the file on disk, run: $ gcloud artifacts vulnerabilities load-vex \ --uri=us-east1-docker.pkg.dev/project123/repository123/\ someimage@sha256:49765698074d6d7baa82f --source=/path/to/vex/file To load a CSAF security advisory file given an artifact with a tag and a file on disk, run: $ gcloud artifacts vulnerabilities load-vex \ --uri=us-east1-docker.pkg.dev/project123/repository123/\ someimage:latest --source=/path/to/vex/file REQUIRED FLAGS --source=SOURCE The path of the VEX file. --uri=URI The path of the artifact in Artifact Registry. A 'gcr.io' image can also be used if redirection is enabled in Artifact Registry. Make sure 'artifactregistry.projectsettings.get' permission is granted to the current gcloud user to verify the redirection status. OPTIONAL FLAGS --location=LOCATION If specified, all requests to Artifact Analysis for occurrences will go to location specified --project=PROJECT The parent project to load security advisory into. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details.