davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/assured/__init__.py Normal file
View File

@@ -0,0 +1,14 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

105
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/assured/create_workload.py Normal file
View File

@@ -0,0 +1,105 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Base class used to create a new Assured Workloads environment."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.assured import endpoint_util
from googlecloudsdk.api_lib.assured import message_util
from googlecloudsdk.api_lib.assured import workloads as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.core import log
_DETAILED_HELP = {
'DESCRIPTION': 'Create a new Assured Workloads environment',
'EXAMPLES': """ \
The following example command creates a new Assured Workloads environment with these properties:
* belonging to an organization with ID 123
* located in the `us-central1` region
* display name `Test-Workload`
* compliance regime `FEDRAMP_MODERATE`
* billing account `billingAccounts/456`
* first key rotation set for 10:15am on the December 30, 2020
* key rotation interval set for every 48 hours
* with the label: key = 'LabelKey1', value = 'LabelValue1'
* with the label: key = 'LabelKey2', value = 'LabelValue2'
* provisioned resources parent 'folders/789'
* with custom project id 'my-custom-id' for consumer project
* with external identifier for the workload of 'external-id'
$ {command} --organization=123 --location=us-central1 --display-name=Test-Workload --compliance-regime=FEDRAMP_MODERATE --billing-account=billingAccounts/456 --next-rotation-time=2020-12-30T10:15:00.00Z --rotation-period=172800s --labels=LabelKey1=LabelValue1,LabelKey2=LabelValue2 --provisioned-resources-parent=folders/789 --resource-settings=consumer-project-id=my-custom-id --external-identifier=external-id
The following example command creates a new Partner Assured Workloads, with the following properties:
* belonging to an organization with ID 123
* located in the `me-central2` region
* display name `Test-Workload`
* partner `CNTXT`
* partner services billing account `billingAccounts/789`
* billing account `billingAccounts/456`
* data logs viewer partner permission enabled
* first key rotation set for 10:15am on the December 30, 2020
* key rotation interval set for every 48 hours
* with the label: key = 'LabelKey1', value = 'LabelValue1'
* with the label: key = 'LabelKey2', value = 'LabelValue2'
* provisioned resources parent 'folders/789'
* with custom project id 'my-custom-id' for consumer project
* with external identifier for the workload of 'external-id'
$ {command} --organization=123 --location=me-central2 --display-name=Test-Workload --compliance-regime=ASSURED_WORKLOADS_FOR_PARTNERS --partner=SOVEREIGN_CONTROLS_BY_CNTXT --partner-services-billing-account=billingAccounts/01BF3F-2C6DE5-30C607 --partner-permissions=data-logs-viewer=true --billing-account=billingAccounts/456 --next-rotation-time=2020-12-30T10:15:00.00Z --rotation-period=172800s --labels=LabelKey1=LabelValue1,LabelKey2=LabelValue2 --provisioned-resources-parent=folders/789 --resource-settings=consumer-project-id=my-custom-id --external-identifier=external-id
""",
}
class CreateWorkload(base.CreateCommand):
"""Create a new Assured Workloads environment."""
detailed_help = _DETAILED_HELP
def Run(self, args):
"""Run the create command."""
with endpoint_util.AssuredWorkloadsEndpointOverridesFromRegion(
release_track=self.ReleaseTrack(), region=args.location):
parent = message_util.CreateAssuredParent(
organization_id=args.organization, location=args.location)
workload = message_util.CreateAssuredWorkload(
display_name=args.display_name,
compliance_regime=args.compliance_regime,
partner=args.partner,
partner_services_billing_account=args.partner_services_billing_account,
partner_permissions=args.partner_permissions,
billing_account=args.billing_account,
next_rotation_time=args.next_rotation_time,
rotation_period=args.rotation_period,
labels=args.labels,
provisioned_resources_parent=args.provisioned_resources_parent,
resource_settings=args.resource_settings,
enable_sovereign_controls=args.enable_sovereign_controls,
release_track=self.ReleaseTrack(),
)
client = apis.WorkloadsClient(release_track=self.ReleaseTrack())
self.created_resource = client.Create(
external_id=args.external_identifier,
parent=parent,
workload=workload)
return self.created_resource
def Epilog(self, resources_were_displayed):
log.CreatedResource(
self.created_resource.name, kind='Assured Workloads environment')

366
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/assured/flags.py Normal file
View File

@@ -0,0 +1,366 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Flags and helpers for the Assured related commands."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.assured import message_util
from googlecloudsdk.calliope import arg_parsers
from googlecloudsdk.calliope import base as calliope_base
from googlecloudsdk.command_lib.assured import resource_args
from googlecloudsdk.command_lib.util.apis import arg_utils
from googlecloudsdk.command_lib.util.concepts import concept_parsers
def AddListWorkloadsFlags(parser):
parser.add_argument(
'--location',
required=True,
help=(
'The location of the Assured Workloads environments. For a '
'current list of supported LOCATION values, see '
'[Assured Workloads locations]'
'(https://cloud.google.com/assured-workloads/docs/locations).'
),
)
parser.add_argument(
'--organization',
required=True,
help=(
'The parent organization of the Assured Workloads environments, '
'provided as an organization ID.'
),
)
def AddListOperationsFlags(parser):
parser.add_argument(
'--location',
required=True,
help=(
'The location of the Assured Workloads operations. For a '
'current list of supported LOCATION values, see '
'[Assured Workloads locations]'
'(https://cloud.google.com/assured-workloads/docs/locations).'
),
)
parser.add_argument(
'--organization',
required=True,
help=(
'The parent organization of the Assured Workloads operations, '
'provided as an organization ID.'
),
)
def AddCreateWorkloadFlags(parser, release_track):
"""Adds required flags to the assured workloads create command.
Args:
parser: Parser, Parser used to construct the command flags.
release_track: ReleaseTrack, Release track of the command being called.
Returns:
None.
"""
parser.add_argument(
'--location',
required=True,
help=(
'The location of the new Assured Workloads environment. For a '
'current list of supported LOCATION values, see '
'[Assured Workloads locations]'
'(https://cloud.google.com/assured-workloads/docs/locations).'
),
)
parser.add_argument(
'--organization',
required=True,
help=(
'The parent organization of the new Assured Workloads environment, '
'provided as an organization ID'
),
)
parser.add_argument(
'--external-identifier',
help='The external identifier of the new Assured Workloads environment',
)
parser.add_argument(
'--display-name',
required=True,
help='The display name of the new Assured Workloads environment',
)
arg_utils.ChoiceEnumMapper(
'--compliance-regime',
message_util.GetComplianceRegimesEnum(release_track),
include_filter=lambda regime: regime != 'COMPLIANCE_REGIME_UNSPECIFIED',
required=True,
help_str='The compliance regime of the new Assured Workloads environment',
).choice_arg.AddToParser(parser)
arg_utils.ChoiceEnumMapper(
'--partner',
message_util.GetPartnersEnum(release_track),
include_filter=lambda regime: regime != 'PARTNER_UNSPECIFIED',
help_str=(
'The partner choice when creating a workload managed by local trusted'
' partners.'
),
).choice_arg.AddToParser(parser)
parser.add_argument(
'--partner-permissions',
type=arg_parsers.ArgDict(
spec={
'data-logs-viewer': bool,
}
),
metavar='KEY=VALUE',
help=(
'The partner permissions for the partner regime, for example,'
' data-logs-viewer=true/false'
),
)
parser.add_argument(
'--partner-services-billing-account',
required=False,
help=(
'Billing account necessary for purchasing services from Sovereign'
' Partners. This field is required for creating SIA/PSN/CNTXT'
' partner workloads. The caller should have'
" 'billing.resourceAssociations.create' IAM permission on this"
' billing-account. The format of this string is'
' billingAccounts/AAAAAA-BBBBBB-CCCCCC'
),
)
parser.add_argument(
'--billing-account',
required=True,
help=(
'The billing account of the new Assured Workloads environment, for '
'example, billingAccounts/0000AA-AAA00A-A0A0A0'
),
)
parser.add_argument(
'--next-rotation-time',
help=(
'The next rotation time of the KMS settings of new Assured '
'Workloads environment, for example, 2020-12-30T10:15:30.00Z'
),
)
parser.add_argument(
'--rotation-period',
help=(
'The rotation period of the KMS settings of the new Assured '
'Workloads environment, for example, 172800s'
),
)
parser.add_argument(
'--labels',
type=arg_parsers.ArgDict(),
metavar='KEY=VALUE',
help=(
'The labels of the new Assured Workloads environment, for example, '
'LabelKey1=LabelValue1,LabelKey2=LabelValue2'
),
)
parser.add_argument(
'--provisioned-resources-parent',
help=(
'The parent of the provisioned projects, for example, '
'folders/{FOLDER_ID}'
),
)
parser.add_argument(
'--enable-sovereign-controls',
type=bool,
default=False,
help=(
'If true, enable sovereign controls for the new Assured Workloads '
'environment, currently only supported by EU_REGIONS_AND_SUPPORT'
),
)
_AddResourceSettingsFlag(parser, release_track)
def _AddResourceSettingsFlag(parser, release_track):
"""Adds the resource settings flag to the assured workloads create command.
Args:
parser: Parser, Parser used to construct the command flags.
release_track: ReleaseTrack, Release track of the command being called.
Returns:
None.
"""
if release_track == calliope_base.ReleaseTrack.GA:
parser.add_argument(
'--resource-settings',
type=arg_parsers.ArgDict(
spec={
'consumer-project-id': str,
'consumer-project-name': str,
'encryption-keys-project-id': str,
'encryption-keys-project-name': str,
'keyring-id': str,
}
),
metavar='KEY=VALUE',
help=(
'A comma-separated, key=value map of custom resource settings such'
' as custom project ids, for example:'
' consumer-project-id={CONSUMER_PROJECT_ID} Note: Currently only'
' consumer-project-id, consumer-project-name,'
' encryption-keys-project-id, encryption-keys-project-name and'
' keyring-id are supported. The encryption-keys-project-id,'
' encryption-keys-project-name and keyring-id settings can be'
' specified only if KMS settings are provided'
),
)
else:
parser.add_argument(
'--resource-settings',
type=arg_parsers.ArgDict(
spec={
'encryption-keys-project-id': str,
'encryption-keys-project-name': str,
'keyring-id': str,
}
),
metavar='KEY=VALUE',
help=(
'A comma-separated, key=value map of custom resource settings such'
' as custom project ids, for example:'
' consumer-project-id={CONSUMER_PROJECT_ID} Note: Currently only'
' encryption-keys-project-id, encryption-keys-project-name and'
' keyring-id are supported. The encryption-keys-project-id,'
' encryption-keys-project-name and keyring-id settings can be'
' specified only if KMS settings are provided'
),
)
def AddDeleteWorkloadFlags(parser):
AddWorkloadResourceArgToParser(parser, verb='delete')
parser.add_argument(
'--etag',
help=(
'The etag acquired by reading the Assured Workloads environment or '
'AW "resource".'
),
)
def AddDescribeWorkloadFlags(parser):
AddWorkloadResourceArgToParser(parser, verb='describe')
def AddDescribeViolationFlags(parser):
AddViolationResourceArgToParser(parser, verb='describe')
def AddEnableResourceMonitoringFlags(parser):
AddWorkloadResourceArgToParser(parser, verb='enable-resource-monitoring')
def AddUpdateWorkloadFlags(parser):
"""Method to add update workload flags."""
AddWorkloadResourceArgToParser(parser, verb='update')
parser.add_argument(
'--etag',
help=(
'The etag acquired by reading the Assured Workloads environment '
'before updating.'
),
)
updatable_fields = parser.add_group(
required=True,
help='Settings that can be updated on the Assured Workloads environment.',
)
updatable_fields.add_argument(
'--display-name',
help='The new display name of the Assured Workloads environment.',
)
updatable_fields.add_argument(
'--violation-notifications-enabled',
help='The notification setting of the Assured Workloads environment.',
)
updatable_fields.add_argument(
'--labels',
metavar='KEY=VALUE',
type=arg_parsers.ArgDict(),
help=(
'The new labels of the Assured Workloads environment, for example, '
'LabelKey1=LabelValue1,LabelKey2=LabelValue2'
),
)
def AddDescribeOperationFlags(parser):
concept_parsers.ConceptParser.ForResource(
'operation',
resource_args.GetOperationResourceSpec(),
'The Assured Workloads operation resource to describe.',
required=True,
).AddToParser(parser)
def AddWorkloadResourceArgToParser(parser, verb):
concept_parsers.ConceptParser.ForResource(
'workload',
resource_args.GetWorkloadResourceSpec(),
'The Assured Workloads environment resource to {}.'.format(verb),
required=True,
).AddToParser(parser)
def AddViolationResourceArgToParser(parser, verb):
concept_parsers.ConceptParser.ForResource(
'violation',
resource_args.GetViolationResourceSpec(),
'The Assured Workloads violation resource to {}.'.format(verb),
required=True,
).AddToParser(parser)
def AddListViolationsFlags(parser):
"""Method to add list violations flags."""
AddListWorkloadsFlags(parser)
parser.add_argument(
'--workload',
required=True,
help=(
'The parent workload of the Assured Workloads violations, '
'provided as workload ID.'
),
)
def AddAcknowledgeViolationsFlags(parser):
"""Method to add acknowledge violations flags."""
AddViolationResourceArgToParser(parser, verb='acknowledge')
parser.add_argument(
'--comment',
required=True,
help='Business justification used added to acknowledge a violation.',
)
parser.add_argument(
'--acknowledge-type',
help="""the acknowledge type for specified violation, which is one of:
SINGLE_VIOLATION - to acknowledge specified violation,
EXISTING_CHILD_RESOURCE_VIOLATIONS - to acknowledge specified org policy
violation and all associated child resource violations.""",
)

75
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/assured/resource_args.py Normal file
View File

@@ -0,0 +1,75 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Flags and helpers for the Assured related commands."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope.concepts import concepts
def OrganizationAttributeConfig():
return concepts.ResourceParameterAttributeConfig(
name='organization',
help_text='The parent organization for the {resource}.')
def LocationAttributeConfig():
return concepts.ResourceParameterAttributeConfig(
name='location', help_text='The location for the {resource}.')
def WorkloadAttributeConfig():
return concepts.ResourceParameterAttributeConfig(
name='workload', help_text='The workload for the {resource}.')
def ViolationAttributeConfig():
return concepts.ResourceParameterAttributeConfig(
name='violation', help_text='The violation for the {resource}.')
def OperationAttributeConfig():
return concepts.ResourceParameterAttributeConfig(
name='operation', help_text='The operation for the {resource}.')
def GetWorkloadResourceSpec():
return concepts.ResourceSpec(
'assuredworkloads.organizations.locations.workloads',
resource_name='workload',
workloadsId=WorkloadAttributeConfig(),
locationsId=LocationAttributeConfig(),
organizationsId=OrganizationAttributeConfig())
def GetViolationResourceSpec():
return concepts.ResourceSpec(
'assuredworkloads.organizations.locations.workloads.violations',
resource_name='violation',
violationsId=ViolationAttributeConfig(),
workloadsId=WorkloadAttributeConfig(),
locationsId=LocationAttributeConfig(),
organizationsId=OrganizationAttributeConfig())
def GetOperationResourceSpec():
return concepts.ResourceSpec(
'assuredworkloads.organizations.locations.operations',
resource_name='operation',
operationsId=OperationAttributeConfig(),
locationsId=LocationAttributeConfig(),
organizationsId=OrganizationAttributeConfig())