davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/__init__.py Normal file
View File

@@ -0,0 +1,14 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

76
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/endpoint_util.py Normal file
View File

@@ -0,0 +1,76 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities for regionalizing Assured Workloads API endpoints."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import contextlib
import re
from googlecloudsdk.api_lib.assured import util
from googlecloudsdk.api_lib.util import apis
from googlecloudsdk.core import log
from googlecloudsdk.core import properties
from six.moves.urllib import parse
ENV_NETLOC_REGEX_PATTERN = r'((staging|autopush|dev)-)?(assuredworkloads.*)'
@contextlib.contextmanager
def AssuredWorkloadsEndpointOverridesFromRegion(release_track, region):
"""Context manager to regionalize Assured endpoints using a provided region.
Args:
release_track: str, Release track of the command being called.
region: str, Region to use for regionalizing the Assured endpoint.
Yields:
None.
"""
used_endpoint = GetEffectiveAssuredWorkloadsEndpoint(release_track, region)
old_endpoint = properties.VALUES.api_endpoint_overrides.assuredworkloads.Get()
try:
log.status.Print('Using endpoint [{}]'.format(used_endpoint))
if region:
properties.VALUES.api_endpoint_overrides.assuredworkloads.Set(
used_endpoint)
yield
finally:
old_endpoint = properties.VALUES.api_endpoint_overrides.assuredworkloads.Set(
old_endpoint)
def GetEffectiveAssuredWorkloadsEndpoint(release_track, region):
"""Returns regional Assured Workloads endpoint, or global if region not set."""
endpoint = apis.GetEffectiveApiEndpoint(util.API_NAME,
util.GetApiVersion(release_track))
if region:
return DeriveAssuredWorkloadsRegionalEndpoint(endpoint, region)
return endpoint
def DeriveAssuredWorkloadsRegionalEndpoint(endpoint, region):
scheme, netloc, path, params, query, fragment = parse.urlparse(endpoint)
m = re.match(ENV_NETLOC_REGEX_PATTERN, netloc)
env = m.group(1)
netloc_suffix = m.group(3)
if env:
netloc = '{}{}-{}'.format(env, region, netloc_suffix)
else:
netloc = '{}-{}'.format(region, netloc_suffix)
return parse.urlunparse((scheme, netloc, path, params, query, fragment))

401
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/message_util.py Normal file
View File

@@ -0,0 +1,401 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities for constructing Assured api messages."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.assured import util
from googlecloudsdk.calliope import base as calliope_base
from googlecloudsdk.command_lib.util.apis import arg_utils
ReleaseTrack = calliope_base.ReleaseTrack
def GetMessages(release_track):
return util.GetMessagesModule(release_track)
def GetWorkloadMessage(release_track):
return WORKLOAD_MAP.get(release_track)
def GetComplianceRegimesEnum(release_track):
return GetWorkloadMessage(release_track).ComplianceRegimeValueValuesEnum
def GetPartnersEnum(release_track):
return GetWorkloadMessage(release_track).PartnerValueValuesEnum
def GetKmsSettings(release_track):
return KMS_SETTINGS_MAP.get(release_track)
def GetResourceSettings(release_track):
return RESOURCE_SETTINGS_MAP.get(release_track)
def GetPartnerPermissions(release_track):
return PARTNER_PERMISSIONS_MAP.get(release_track)
def CreateAssuredParent(organization_id, location):
return 'organizations/{}/locations/{}'.format(organization_id, location)
def CreateAssuredWorkload(
display_name=None,
compliance_regime=None,
partner=None,
partner_services_billing_account=None,
partner_permissions=None,
billing_account=None,
next_rotation_time=None,
rotation_period=None,
labels=None,
etag=None,
provisioned_resources_parent=None,
resource_settings=None,
enable_sovereign_controls=None,
violation_notifications_enabled=None,
release_track=ReleaseTrack.GA,
):
"""Construct an Assured Workload message for Assured Workloads Beta API requests.
Args:
display_name: str, display name of the Assured Workloads environment.
compliance_regime: str, the compliance regime, which is one of:
FEDRAMP_MODERATE, FEDRAMP_HIGH, IL4 or CJIS.
partner: str, the partner regime/controls.
partner_services_billing_account: str, the billing account of the partner
service in the form: billingAccounts/{BILLING_ACCOUNT_ID}
partner_permissions: dict, dictionary of permission names and values for the
partner regime.
billing_account: str, the billing account of the Assured Workloads
environment in the form: billingAccounts/{BILLING_ACCOUNT_ID}
next_rotation_time: str, the next key rotation time for the Assured
Workloads environment, for example: 2020-12-30T10:15:00.00Z
rotation_period: str, the time between key rotations, for example: 172800s.
labels: dict, dictionary of label keys and values of the Assured Workloads
environment.
etag: str, the etag of the Assured Workloads environment.
provisioned_resources_parent: str, parent of provisioned projects, e.g.
folders/{FOLDER_ID}.
resource_settings: list of key=value pairs to set customized resource
settings, which can be one of the following: consumer-project-id,
consumer-project-name, encryption-keys-project-id,
encryption-keys-project-name or keyring-id, for example:
consumer-project-id={ID1},encryption-keys-project-id={ID2}
enable_sovereign_controls: bool, whether to enable sovereign controls for
the Assured Workloads environment.
violation_notifications_enabled: bool, whether email notifications are
enabled or disabled
release_track: ReleaseTrack, gcloud release track being used
Returns:
A populated Assured Workloads message for the Assured Workloads Beta API.
"""
workload_message = GetWorkloadMessage(release_track)
workload = workload_message()
if etag:
workload.etag = etag
if billing_account:
workload.billingAccount = billing_account
if display_name:
workload.displayName = display_name
if violation_notifications_enabled:
workload.violationNotificationsEnabled = GetViolationNotificationsEnabled(
violation_notifications_enabled
)
if labels:
workload.labels = CreateLabels(labels, workload_message)
if compliance_regime:
workload.complianceRegime = arg_utils.ChoiceToEnum(
compliance_regime, GetComplianceRegimesEnum(release_track)
)
if partner:
workload.partner = arg_utils.ChoiceToEnum(
partner, GetPartnersEnum(release_track)
)
if partner_services_billing_account:
workload.partnerServicesBillingAccount = partner_services_billing_account
if partner_permissions:
workload.partnerPermissions = GetPartnerPermissions(release_track)(
dataLogsViewer=partner_permissions['data-logs-viewer']
)
if provisioned_resources_parent:
workload.provisionedResourcesParent = provisioned_resources_parent
if next_rotation_time and rotation_period:
workload.kmsSettings = GetKmsSettings(release_track)(
nextRotationTime=next_rotation_time, rotationPeriod=rotation_period
)
if resource_settings:
workload.resourceSettings = CreateResourceSettingsList(
resource_settings, release_track
)
if enable_sovereign_controls:
workload.enableSovereignControls = enable_sovereign_controls
return workload
def CreateAssuredWorkloadsParent(organization_id, location, workload_id):
return 'organizations/{}/locations/{}/workloads/{}'.format(
organization_id, location, workload_id
)
def GetViolationNotificationsEnabled(violation_notifications_enabled):
if violation_notifications_enabled.lower() == 'true':
return True
if violation_notifications_enabled.lower() == 'false':
return False
else:
return violation_notifications_enabled
def CreateLabels(labels, workload_message):
workload_labels = []
for key, value in labels.items():
new_label = workload_message.LabelsValue.AdditionalProperty(
key=key, value=value
)
workload_labels.append(new_label)
return workload_message.LabelsValue(additionalProperties=workload_labels)
def CreateResourceSettingsList(resource_settings, release_track):
"""Construct a list of ResourceSettings for Assured Workload object.
Args:
resource_settings: a list of key=value pairs of customized resource
settings.
release_track: ReleaseTrack, gcloud release track being used.
Returns:
A list of ResourceSettings for the Assured Workload object.
"""
resource_settings_dict = {}
for key, value in resource_settings.items():
resource_type = GetResourceType(key, release_track)
resource_settings = (
resource_settings_dict[resource_type]
if resource_type in resource_settings_dict
else CreateResourceSettings(resource_type, release_track)
)
if key.endswith('-id'):
resource_settings.resourceId = value
elif key.endswith('-name'):
resource_settings.displayName = value
resource_settings_dict[resource_type] = resource_settings
return list(resource_settings_dict.values())
def GetResourceType(key, release_track):
"""Returns a resource settings type from the key.
Args:
key: str, the setting name, which can be one of the following -
consumer-project-id, consumer-project-name, encryption-keys-project-id,
encryption-keys-project-name or keyring-id.
release_track: ReleaseTrack, gcloud release track being used.
"""
resource_settings_message = GetResourceSettings(release_track)
if key.startswith('consumer-project'):
return (
resource_settings_message.ResourceTypeValueValuesEnum.CONSUMER_PROJECT
)
elif key.startswith('encryption-keys-project'):
return (
resource_settings_message.ResourceTypeValueValuesEnum.ENCRYPTION_KEYS_PROJECT
)
elif key.startswith('keyring'):
return resource_settings_message.ResourceTypeValueValuesEnum.KEYRING
def CreateResourceSettings(resource_type, release_track):
resource_settings_message = GetResourceSettings(release_track)
return resource_settings_message(resourceType=resource_type)
def CreateUpdateMask(display_name, labels, violation_notifications_enabled):
update_mask = []
if display_name:
update_mask.append('workload.display_name')
if labels:
update_mask.append('workload.labels')
if violation_notifications_enabled:
update_mask.append('workload.violation_notifications_enabled')
return ','.join(update_mask)
def CreateCreateRequest(
external_id, parent, workload, release_track=ReleaseTrack.GA
):
"""Construct an Assured Workload Create Request for Assured Workloads API requests.
Args:
external_id: str, the identifier that identifies this Assured Workloads
environment externally.
parent: str, the parent organization of the Assured Workloads environment to
be created, in the form: organizations/{ORG_ID}/locations/{LOCATION}.
workload: Workload, new Assured Workloads environment containing the values
to be used.
release_track: ReleaseTrack, gcloud release track being used
Returns:
A populated Assured Workloads Update Request for the Assured Workloads API.
"""
if release_track == ReleaseTrack.GA:
return util.GetMessagesModule(
release_track
).AssuredworkloadsOrganizationsLocationsWorkloadsCreateRequest(
externalId=external_id,
parent=parent,
googleCloudAssuredworkloadsV1Workload=workload,
)
else:
return util.GetMessagesModule(
release_track
).AssuredworkloadsOrganizationsLocationsWorkloadsCreateRequest(
externalId=external_id,
parent=parent,
googleCloudAssuredworkloadsV1beta1Workload=workload,
)
def CreateUpdateRequest(
workload, name, update_mask, release_track=ReleaseTrack.GA
):
"""Construct an Assured Workload Update Request for Assured Workloads API requests.
Args:
workload: googleCloudAssuredworkloadsV1beta1Workload, new Assured Workloads
environment containing the new configuration values to be used.
name: str, the name for the Assured Workloads environment being updated in
the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}.
update_mask: str, list of the fields to be updated, for example,
workload.display_name,workload.labels
release_track: ReleaseTrack, gcloud release track being used
Returns:
A populated Assured Workloads Update Request for the Assured Workloads API.
"""
messages = util.GetMessagesModule(release_track)
if release_track == ReleaseTrack.GA:
return messages.AssuredworkloadsOrganizationsLocationsWorkloadsPatchRequest(
googleCloudAssuredworkloadsV1Workload=workload,
name=name,
updateMask=update_mask,
)
else:
return messages.AssuredworkloadsOrganizationsLocationsWorkloadsPatchRequest(
googleCloudAssuredworkloadsV1beta1Workload=workload,
name=name,
updateMask=update_mask,
)
def CreateAcknowledgeRequest(
name, comment, acknowledge_type=None, release_track=ReleaseTrack.GA
):
"""Construct an Assured Workload Violation Acknowledgement Request.
Args:
name: str, the name for the Assured Workloads violation being described in
the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}/violations/{VIOLATION_ID}.
comment: str, the business justification which the user wants to add while
acknowledging a violation.
acknowledge_type: str, the acknowledge type for specified violation, which
is one of: SINGLE_VIOLATION - to acknowledge specified violation,
EXISTING_CHILD_RESOURCE_VIOLATIONS - to acknowledge specified org policy
violation and all associated child resource violations.
release_track: ReleaseTrack, gcloud release track being used
Returns:
A populated Assured Workloads Violation Acknowledgement Request.
"""
messages = util.GetMessagesModule(release_track)
if acknowledge_type:
acknowledge_type = messages.GoogleCloudAssuredworkloadsV1beta1AcknowledgeViolationRequest.AcknowledgeTypeValueValuesEnum(
acknowledge_type
)
if release_track == ReleaseTrack.GA:
return messages.AssuredworkloadsOrganizationsLocationsWorkloadsViolationsAcknowledgeRequest(
googleCloudAssuredworkloadsV1AcknowledgeViolationRequest=messages.GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest(
comment=comment
),
name=name,
)
else:
return messages.AssuredworkloadsOrganizationsLocationsWorkloadsViolationsAcknowledgeRequest(
googleCloudAssuredworkloadsV1beta1AcknowledgeViolationRequest=messages.GoogleCloudAssuredworkloadsV1beta1AcknowledgeViolationRequest(
comment=comment, acknowledgeType=acknowledge_type
),
name=name,
)
WORKLOAD_MAP = {
ReleaseTrack.ALPHA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1Workload,
ReleaseTrack.BETA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1Workload,
ReleaseTrack.GA: GetMessages(
ReleaseTrack.GA
).GoogleCloudAssuredworkloadsV1Workload,
}
KMS_SETTINGS_MAP = {
ReleaseTrack.ALPHA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings,
ReleaseTrack.BETA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings,
ReleaseTrack.GA: GetMessages(
ReleaseTrack.GA
).GoogleCloudAssuredworkloadsV1WorkloadKMSSettings,
}
RESOURCE_SETTINGS_MAP = {
ReleaseTrack.ALPHA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettings,
ReleaseTrack.BETA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettings,
ReleaseTrack.GA: GetMessages(
ReleaseTrack.GA
).GoogleCloudAssuredworkloadsV1WorkloadResourceSettings,
}
PARTNER_PERMISSIONS_MAP = {
ReleaseTrack.ALPHA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadPartnerPermissions,
ReleaseTrack.BETA: GetMessages(
ReleaseTrack.BETA
).GoogleCloudAssuredworkloadsV1beta1WorkloadPartnerPermissions,
ReleaseTrack.GA: GetMessages(
ReleaseTrack.GA
).GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions,
}

76
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/operations.py Normal file
View File

@@ -0,0 +1,76 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities Assured Workloads API, Operations Endpoints."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.assured import util
from googlecloudsdk.core import resources
def GetWorkloadURI(resource):
workload = resources.REGISTRY.ParseRelativeName(
resource.name,
collection='assuredworkloads.organizations.locations.operations')
return workload.SelfLink()
class OperationsClient(object):
"""Client for operations in Assured Workloads API."""
def __init__(self, release_track, no_http=False):
self.client = util.GetClientInstance(release_track, no_http)
self.messages = util.GetMessagesModule(release_track)
self._service = self.client.organizations_locations_operations
def List(self, parent, limit=None, page_size=100):
"""List all Assured Workloads operations that belong to the given parent organization.
Args:
parent: str, the parent organization of the Assured Workloads operations
to be listed, in the form: organizations/{ORG_ID}/locations/{LOCATION}.
limit: int or None, the total number of results to return.
page_size: int, the number of entries in each batch (affects requests
made, but not the yielded results).
Returns:
A list of all Assured Workloads operations that belong to the given parent
organization.
"""
list_req = self.messages.AssuredworkloadsOrganizationsLocationsOperationsListRequest(
name=parent, pageSize=page_size)
return list_pager.YieldFromList(
self._service,
list_req,
field='operations',
batch_size=page_size,
limit=limit,
batch_size_attribute=None)
def Describe(self, name):
"""Describe an Assured Workloads operation.
Args:
name: str, the name for the Assured Operation being described.
Returns:
Described Assured Workloads operation resource.
"""
describe_req = self.messages.AssuredworkloadsOrganizationsLocationsOperationsGetRequest(
name=name)
return self.client.organizations_locations_operations.Get(describe_req)

43
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/util.py Normal file
View File

@@ -0,0 +1,43 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities Assured Workloads API, Client Generation Functions."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.util import apis
from googlecloudsdk.calliope.base import ReleaseTrack
VERSION_MAP = {
ReleaseTrack.ALPHA: 'v1beta1',
ReleaseTrack.BETA: 'v1beta1',
ReleaseTrack.GA: 'v1'
}
API_NAME = 'assuredworkloads'
def GetMessagesModule(release_track=ReleaseTrack.GA):
api_version = VERSION_MAP.get(release_track)
return apis.GetMessagesModule(API_NAME, api_version)
def GetClientInstance(release_track=ReleaseTrack.GA, no_http=False):
api_version = VERSION_MAP.get(release_track)
return apis.GetClientInstance(API_NAME, api_version, no_http)
def GetApiVersion(release_track=ReleaseTrack.GA):
return VERSION_MAP.get(release_track)

115
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/violations.py Normal file
View File

@@ -0,0 +1,115 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities Assured Workloads API, Workloads Endpoints."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.assured import message_util
from googlecloudsdk.api_lib.assured import util
from googlecloudsdk.core import resources
def GetViolationURI(resource):
violation = resources.REGISTRY.ParseRelativeName(
resource.name,
collection='assuredworkloads.organizations.locations.workloads.violations'
)
return violation.SelfLink()
class ViolationsClient(object):
"""Client for Violations in Assured Workloads API."""
def __init__(self, release_track, no_http=False):
self.client = util.GetClientInstance(release_track, no_http)
self.messages = util.GetMessagesModule(release_track)
self._release_track = release_track
self._service = self.client.organizations_locations_workloads_violations
def List(self, parent, limit=None, page_size=100):
"""List all Assured Workloads violations belonging to the given workload.
Args:
parent: str, the parent workload of the Assured Workloads Violations to be
listed, in the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD}.
limit: int or None, the total number of results to return.
page_size: int, the number of entries in each batch (affects requests
made, but not the yielded results).
Returns:
A list of all Assured Workloads violations belonging to a given workload.
"""
list_req = self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsViolationsListRequest(
parent=parent, pageSize=page_size
)
return list_pager.YieldFromList(
self._service,
list_req,
field='violations',
batch_size=page_size,
limit=limit,
batch_size_attribute=None,
)
def Describe(self, name):
"""Describe an existing Assured Workloads compliance violation.
Args:
name: str, the name for the Assured Workloads Violation being described in
the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}/violations/{VIOLATION_ID}.
Returns:
Specified Assured Workloads Violation.
"""
describe_req = self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsViolationsGetRequest(
name=name
)
return self.client.organizations_locations_workloads_violations.Get(
describe_req
)
def Acknowledge(
self,
name,
comment,
acknowledge_type=None,
):
"""Acknowledge an existing Assured Workloads compliance violation.
Args:
name: str, the name for the Assured Workloads violation being described in
the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}/violations/{VIOLATION_ID}.
comment: str, the business justification which the user wants to add while
acknowledging a violation.
acknowledge_type: str, the acknowledge type for specified violation, which
is one of: SINGLE_VIOLATION - to acknowledge specified violation,
EXISTING_CHILD_RESOURCE_VIOLATIONS - to acknowledge specified org policy
violation and all associated child resource violations.
Returns:
Specified Assured Workloads Violation.
"""
acknowledgement_req = message_util.CreateAcknowledgeRequest(
name, comment, acknowledge_type, self._release_track
)
return self.client.organizations_locations_workloads_violations.Acknowledge(
acknowledgement_req
)

194
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/api_lib/assured/workloads.py Normal file
View File

@@ -0,0 +1,194 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Utilities Assured Workloads API, Workloads Endpoints."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.assured import message_util
from googlecloudsdk.api_lib.assured import util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.core import resources
WORKLOAD_CREATION_IN_PROGRESS_MESSAGE = 'Creating Assured Workloads environment'
def GetWorkloadURI(resource):
workload = resources.REGISTRY.ParseRelativeName(
resource.name,
collection='assuredworkloads.organizations.locations.workloads',
)
return workload.SelfLink()
class WorkloadsClient(object):
"""Client for Workloads in Assured Workloads API."""
def __init__(self, release_track, no_http=False):
self.client = util.GetClientInstance(release_track, no_http)
self.messages = util.GetMessagesModule(release_track)
self._release_track = release_track
self._service = self.client.organizations_locations_workloads
def List(self, parent, limit=None, page_size=100):
"""List all Assured Workloads environments belonging to a given parent organization.
Args:
parent: str, the parent organization of the Assured Workloads environment
to be listed, in the form: organizations/{ORG_ID}/locations/{LOCATION}.
limit: int or None, the total number of results to return.
page_size: int, the number of entries in each batch (affects requests
made, but not the yielded results).
Returns:
A list of all Assured Workloads environments belonging to a given parent
organization.
"""
list_req = self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsListRequest(
parent=parent, pageSize=page_size
)
return list_pager.YieldFromList(
self._service,
list_req,
field='workloads',
batch_size=page_size,
limit=limit,
batch_size_attribute=None,
)
def Create(self, parent, external_id, workload):
"""Create a new Assured Workloads environment in the parent organization.
Args:
parent: str, the parent organization of the Assured Workloads environment
to be created, in the form: organizations/{ORG_ID}/locations/{LOCATION}.
external_id: str, the identifier that identifies this Assured Workloads
environment externally.
workload: Workload, new Assured Workloads environment containing the
values to be used.
Returns:
The created Assured Workloads environment resource.
"""
create_req = message_util.CreateCreateRequest(
external_id, parent, workload, self._release_track
)
op = self.client.organizations_locations_workloads.Create(create_req)
return self.WaitForOperation(op, WORKLOAD_CREATION_IN_PROGRESS_MESSAGE)
def Delete(self, name, etag):
"""Delete an existing Assured Workloads environment.
Args:
name: str, name of the Assured Workloads environtment to be deleted, in
the form:
organization/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}
etag: str, the etag string acquired by reading the Workload.
Returns:
Empty response message.
"""
delete_req = self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsDeleteRequest(
name=name, etag=etag
)
return self.client.organizations_locations_workloads.Delete(delete_req)
def Describe(self, name):
"""Describe an existing Assured Workloads environment.
Args:
name: str, the name for the Assured Workloads environment being described
in the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}.
Returns:
Specified Assured Workloads resource.
"""
describe_req = (
self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsGetRequest(
name=name
)
)
return self.client.organizations_locations_workloads.Get(describe_req)
def Update(self, workload, name, update_mask):
"""Update the configuration values of an existing Assured Workloads environment.
Args:
workload: googleCloudAssuredworkloadsV1beta1Workload, new Assured
Workloads environment containing the new configuration values to be
used.
name: str, the name for the Assured Workloads environment being updated in
the form:
organizations/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}.
update_mask: str, list of the fields to be updated, for example,
workload.display_name,workload.labels,workload.violation_notifications_enabled
Returns:
Updated Assured Workloads environment resource.
"""
update_req = message_util.CreateUpdateRequest(
workload, name, update_mask, self._release_track
)
return self.client.organizations_locations_workloads.Patch(update_req)
def EnableResourceMonitoring(self, name):
"""Enable resource violation monitoring for a workload.
Args:
name: str, name of the Assured Workloads for which Resource Monitoring is
enabled, in the form:
organization/{ORG_ID}/locations/{LOCATION}/workloads/{WORKLOAD_ID}
Returns:
Empty response message.
"""
enable_req = self.messages.AssuredworkloadsOrganizationsLocationsWorkloadsEnableResourceMonitoringRequest(
name=name
)
return (
self.client.organizations_locations_workloads.EnableResourceMonitoring(
enable_req
)
)
def WaitForOperation(self, operation, progress_message):
"""Waits for the given google.longrunning.Operation to complete.
Args:
operation: The operation to poll.
progress_message: String to display for default progress_tracker.
Raises:
apitools.base.py.HttpError: if the request returns an HTTP error
Returns:
The created Environment resource.
"""
operation_ref = self.GetOperationResource(operation.name)
poller = waiter.CloudOperationPoller(
self.client.organizations_locations_workloads,
self.client.organizations_locations_operations,
)
return waiter.WaitFor(poller, operation_ref, progress_message)
def GetOperationResource(self, name):
return resources.REGISTRY.ParseRelativeName(
name, collection='assuredworkloads.organizations.locations.operations'
)