davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/scc/assets/__init__.py Normal file
View File

27
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/scc/assets/flags.yaml Normal file
View File

@@ -0,0 +1,27 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Shared flags definitions for assets commands.
compare_duration:
arg_name: compare-duration
type: googlecloudsdk.core.util.times:ParseDuration
processor: googlecloudsdk.core.util.times:FormatDurationForJson
api_field: compareDuration
is_positional: false
required: false
help_text: |
The result's "state_change" attribute is updated to indicate whether the asset was added, removed,
or remained present during the compare_duration period of time that precedes the read_time. See
`$ gcloud topic datetimes` for information on supported duration formats.

154
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/scc/assets/request_hooks.py Normal file
View File

@@ -0,0 +1,154 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Declarative Request Hooks for Cloud SCC's Asset responses."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
import re
from googlecloudsdk.api_lib.scc import securitycenter_client as sc_client
from googlecloudsdk.command_lib.scc.errors import InvalidSCCInputError
from googlecloudsdk.command_lib.scc.hooks import CleanUpUserInput
from googlecloudsdk.command_lib.scc.hooks import GetOrganization
from googlecloudsdk.command_lib.scc.hooks import GetParentFromResourceName
from googlecloudsdk.command_lib.scc.util import GetParentFromPositionalArguments
def ListAssetsReqHook(ref, args, req):
"""Hook up filter such that the CSCC filter is used rather than gcloud."""
del ref
req.parent = GetParentFromPositionalArguments(args)
if req.fieldMask is not None:
req.fieldMask = CleanUpUserInput(req.fieldMask)
req.filter = args.filter
args.filter = ""
return req
def DescribeAssetReqHook(ref, args, req):
"""Generate organization name from organization id."""
del ref
req.parent = GetParentFromPositionalArguments(args)
req.filter = _GetNameOrResourceFilterForParent(args)
return req
def GetParentAssetReqHook(ref, args, req):
"""Generate organization name from organization id."""
del ref
req.parent = GetOrganization(args)
req.filter = _GetNameOrResourceFilter(args)
return req
def GetProjectAssetReqHook(ref, args, req):
"""Generate organization name from organization id."""
del ref
req.parent = GetOrganization(args)
req.filter = _GetNameOrResourceFilter(args)
return req
def GroupAssetsReqHook(ref, args, req):
"""Hook up filter such that the CSCC filter is used rather than gcloud."""
del ref
req.parent = GetParentFromPositionalArguments(args)
if not req.groupAssetsRequest:
messages = sc_client.GetMessages()
req.groupAssetsRequest = messages.GroupAssetsRequest()
req.groupAssetsRequest.filter = args.filter
args.filter = ""
return req
def ListAssetSecurityMarksReqHook(ref, args, req):
"""Retrieves records for a specific asset."""
del ref
_ValidateMutexOnAssetAndOrganization(args)
asset_name = _GetAssetNameForParent(args)
req.parent = GetParentFromResourceName(asset_name)
req.filter = "name=\"" + asset_name + "\""
return req
def UpdateAssetSecurityMarksReqHook(ref, args, req):
"""Generate a security mark's name using org, source and finding."""
del ref
_ValidateMutexOnAssetAndOrganization(args)
req.name = _GetAssetNameForParent(args) + "/securityMarks"
if req.updateMask is not None:
req.updateMask = CleanUpUserInput(req.updateMask)
return req
def _GetAssetName(args):
"""Prepares asset relative path using organization and asset."""
resource_pattern = re.compile("organizations/[0-9]+/assets/[0-9]+")
id_pattern = re.compile("[0-9]+")
if (not resource_pattern.match(args.asset) and
not id_pattern.match(args.asset)):
raise InvalidSCCInputError(
"Asset must match either organizations/[0-9]+/assets/[0-9]+ or [0-9]+.")
if resource_pattern.match(args.asset):
# Handle asset id as full resource name
return args.asset
return GetOrganization(args) + "/assets/" + args.asset
def _GetAssetNameForParent(args):
"""Prepares asset relative path using organization and asset."""
resource_pattern = re.compile(
"^(organizations|projects|folders)/.*/assets/[0-9]+$")
id_pattern = re.compile("^[0-9]+$")
if (not resource_pattern.match(args.asset) and
not id_pattern.match(args.asset)):
raise InvalidSCCInputError(
"Asset argument must match either be the full resource name of "
"the asset or only the number asset id.")
if resource_pattern.match(args.asset):
# Handle asset id as full resource name
return args.asset
return GetParentFromPositionalArguments(args) + "/assets/" + args.asset
def _GetNameOrResourceFilter(args):
"""Returns a filter with either name or resourceName as filter."""
request_filter = ""
if args.asset is not None:
request_filter = "name=\"" + _GetAssetName(args) + "\""
else:
request_filter = "securityCenterProperties.resourceName=\"" + args.resource_name + "\""
return request_filter
def _GetNameOrResourceFilterForParent(args):
"""Returns a filter with either name or resourceName as filter."""
request_filter = ""
if args.asset is not None:
request_filter = "name=\"" + _GetAssetNameForParent(args) + "\""
else:
request_filter = "securityCenterProperties.resourceName=\"" + args.resource_name + "\""
return request_filter
def _ValidateMutexOnAssetAndOrganization(args):
"""Validates that only a full resource name or split arguments are provided."""
if "/" in args.asset and args.organization is not None:
raise InvalidSCCInputError(
"Only provide a full resouce name "
"(organizations/123/assets/456) or an --organization flag, not both.")

39
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/scc/assets/resource_hooks.py Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Declarative Resource Hooks for Cloud SCC's Assets."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from googlecloudsdk.command_lib.util.apis import yaml_data
from googlecloudsdk.command_lib.util.args import resource_args
from googlecloudsdk.command_lib.util.concepts import concept_parsers
def AppendAssetArg():
"""Add asset as positional resource."""
asset_spec_data = yaml_data.ResourceYAMLData.FromPath("scc.asset")
arg_specs = [
resource_args.GetResourcePresentationSpec(
verb="to be used for the SCC (Security Command Center) command",
name="asset",
required=True,
prefixes=False,
positional=True,
resource_data=asset_spec_data.GetData()),
]
return [concept_parsers.ConceptParser(arg_specs, [])]

152
gcloud auth application-default login/google-cloud-sdk/lib/googlecloudsdk/command_lib/scc/assets/response_hooks.py Normal file
View File

@@ -0,0 +1,152 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Declarative Response Hooks for Cloud SCC's Asset responses."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from apitools.base.py.extra_types import _JsonValueToPythonValue
from googlecloudsdk.api_lib.scc import securitycenter_client as sc_client
from googlecloudsdk.command_lib.scc.errors import InvalidSCCInputError
def ExtractSecurityMarksFromResponse(response, args):
"""Returns security marks from asset response."""
del args
list_asset_response = list(response)
if len(list_asset_response) > 1:
raise InvalidSCCInputError(
"ListAssetResponse must only return one asset since it is filtered "
"by Asset Name.")
for asset_result in list_asset_response:
return asset_result.asset.securityMarks
def ExtractMatchingAssetFromDescribeResponse(response, args):
"""Returns asset that matches the user provided asset or resource-name."""
del args
list_asset_response = list(response)
if not list_asset_response:
raise InvalidSCCInputError("Asset or resource does not exist.")
if len(list_asset_response) > 1:
raise InvalidSCCInputError(
"ListAssetResponse must only return one asset since it is filtered "
"by Asset Name or Resource Name.")
for asset_result in list_asset_response:
result_dictionary = {
"asset": int(asset_result.asset.name.split("/")[3]),
"resourceName": asset_result.asset.securityCenterProperties.resourceName
}
return result_dictionary
def ExtractMatchingAssetFromGetParentResponse(response, args):
"""Returns Parent for the user provided asset or resource-name."""
del args
asset_result = _ValidateAndGetAssetResult(response)
asset_parent = _GetAssetResourceParent(asset_result)
organization = _ExtractOrganization(asset_result)
resource_name_filter = _FilterOnResourceName(asset_parent)
asset = _GetAsset(organization, resource_name_filter)
parent = _GetParent(asset)
result_dictionary = {"parent": parent}
return result_dictionary
def ExtractMatchingAssetFromGetProjectResponse(response, args):
"""Returns ProjectId for the user provided asset or resource-name."""
del args
asset_result = _ValidateAndGetAssetResult(response)
asset_project = _GetAssetProject(asset_result)
organization = _ExtractOrganization(asset_result)
resource_name_filter = _FilterOnResourceName(asset_project)
asset = _GetAsset(organization, resource_name_filter)
project_id = _GetProjectId(asset)
result_dictionary = {"projectId": project_id}
return result_dictionary
def _ValidateAndGetAssetResult(response):
list_asset_response = list(response)
if not list_asset_response:
raise InvalidSCCInputError(
"Asset or resource does not exist for the provided Organization. Please"
" verify that both the OrganizationId and AssetId/ResourceName are "
"correct.")
if len(list_asset_response) > 1:
raise InvalidSCCInputError(
"An asset can not have multiple projects. Something went wrong.")
return list_asset_response[0]
def _GetAssetResourceParent(asset_result):
asset_parent = asset_result.asset.securityCenterProperties.resourceParent
if asset_parent is None:
raise InvalidSCCInputError("Asset does not have a parent.")
return asset_parent
def _GetAssetProject(asset_result):
asset_project = asset_result.asset.securityCenterProperties.resourceProject
if asset_project is None:
raise InvalidSCCInputError(
"Organization assets do not belong to a Project.")
return asset_project
def _FilterOnResourceName(asset_property):
return "securityCenterProperties.resourceName=\"" + asset_property + "\""
def _GetProjectId(asset):
project_id = [
x.value
for x in asset.resourceProperties.additionalProperties
if x.key == "projectId"
]
if not project_id:
raise InvalidSCCInputError("No projectId exists for this asset.")
return _JsonValueToPythonValue(project_id[0])
def _GetParent(asset):
parent = [
x.value
for x in asset.resourceProperties.additionalProperties
if x.key == "name"
]
if not parent:
raise InvalidSCCInputError("No parent exists for this asset.")
return _JsonValueToPythonValue(parent[0])
def _ExtractOrganization(asset_result):
return (asset_result.asset.name.split("/")[0] + "/" +
asset_result.asset.name.split("/")[1])
def _GetAsset(parent, request_filter=None):
asset_service_client = sc_client.AssetsClient()
list_asset_response_for_project = asset_service_client.List(
parent=parent, request_filter=request_filter)
list_asset_results = list_asset_response_for_project.listAssetsResults
if len(list_asset_results) != 1:
raise InvalidSCCInputError(
"Something went wrong while retrieving the ProjectId for this Asset.")
return list_asset_results[0].asset