davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/__init__.py Normal file
View File

@@ -0,0 +1,38 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Commands for reading and manipulating network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class NetworkPolicies(base.Group):
"""Manage Compute Engine network policies.
Manage Compute Engine network policies. Network
policies are used to classify network traffic.
"""
category = base.COMPUTE_CATEGORY
NetworkPolicies.detailed_help = {
'brief': 'Manage Compute Engine network policies.',
}

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/associations/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Commands for reading and manipulating network policies associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class NetworkPolicyAssociations(base.Group):
"""Read and manipulate Compute Engine network policy associations."""

88
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/associations/create.py Normal file
View File

@@ -0,0 +1,88 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for creating network policy associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Create(base.CreateCommand):
"""Create a new association between a network policy and a network.
*{command}* is used to create network policy associations. A network policy is
a set of rules that controls access to various resources.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyAssociationArgument(
required=True, operation='create association for'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='create')
flags.AddArgsCreateAssociation(parser)
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_client = client.NetworkPolicy(
ref, compute_client=holder.client
)
network_ref = flags.NetworkArgumentForOtherResource(
'The network to which the network policy attaches.'
).ResolveAsResource(args, holder.resources)
name = args.name or 'network-' + network_ref.Name()
attachment_target = network_ref.SelfLink()
association = holder.client.messages.NetworkPolicyAssociation(
attachmentTarget=attachment_target,
name=name,
)
return network_policy_client.AddAssociation(
association=association,
network_policy=args.network_policy,
)
Create.detailed_help = {
'EXAMPLES': """\
To associate a network policy with name ``my-region-policy'' in
region ``region-a'' to network ``my-network'' with an association
named ``my-association'', run:
$ {command}
--network-policy=my-policy
--network-policy-region=region-a
--network=my-network
--name=my-association
""",
}

73
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/associations/delete.py Normal file
View File

@@ -0,0 +1,73 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for deleting network policy associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Delete(base.DeleteCommand):
"""Delete an association between a network policy and a network.
*{command}* is used to delete network policy associations.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyAssociationArgument(
required=True, operation='delete'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='delete')
flags.AddArgsRemoveAssociation(parser)
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_client = client.NetworkPolicy(
ref, compute_client=holder.client
)
return network_policy_client.RemoveAssociation(
network_policy=args.network_policy,
association=args.name,
)
Delete.detailed_help = {
'EXAMPLES': """\
To delete an association named ``my-association'' from a network policy
with name ``my-policy'' in region ``region-a'', run:
$ {command} \\
--network-policy=my-policy \\
--name=my-association \\
--network-policy-region=region-a
""",
}

72
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/associations/describe.py Normal file
View File

@@ -0,0 +1,72 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for describing network policy associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Describe(base.DescribeCommand):
"""Describe an association between a network policy and a network.
*{command}* is used to describe network policy associations.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyAssociationArgument(
required=True, operation='describe'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='describe')
flags.AddArgsDescribeAssociation(parser)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_client = client.NetworkPolicy(
ref, compute_client=holder.client
)
return network_policy_client.GetAssociation(
network_policy=args.network_policy,
name=args.name,
)
Describe.detailed_help = {
'EXAMPLES': """\
To describe an association named ``my-association'' on a network policy
with name ``my-policy'' in region ``region-a'', run:
$ {command} \\
--network-policy=my-policy \\
--name=my-association \\
--network-policy-region=region-a
""",
}

74
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/create.py Normal file
View File

@@ -0,0 +1,74 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for creating network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Create(base.CreateCommand):
"""Create a Compute Engine network policy.
*{command}* is used to create network policies. A network
policy is a set of rules that classifies network traffic.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyArgument(
required=True, operation='create'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='create')
flags.AddArgNetworkPolicyCreation(parser)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy = client.NetworkPolicy(ref, compute_client=holder.client)
policy = holder.client.messages.NetworkPolicy(
description=args.description, name=ref.Name()
)
return network_policy.Create(
network_policy=policy, only_generate_request=False
)
Create.detailed_help = {
'EXAMPLES': """\
To create a regional network policy named ``my-region-policy'' under project
with ID ``test-project'', in region ``my-region'', run:
$ {command} my-region-policy \
--project=test-project \
--region=my-region
""",
}

65
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/delete.py Normal file
View File

@@ -0,0 +1,65 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for deleting network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Delete(base.DeleteCommand):
"""Delete a Compute Engine network policy.
*{command}* is used to delete network policies. A network
policy is a set of rules that classifies network traffic.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyArgument(
required=True, operation='delete'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='delete')
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy = client.NetworkPolicy(ref, compute_client=holder.client)
return network_policy.Delete(only_generate_request=False)
Delete.detailed_help = {
'EXAMPLES': """\
To delete a network policy with name ``my-policy'',
in region ``my-region'', run:
$ {command} my-policy --region=my-region
""",
}

64
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/describe.py Normal file
View File

@@ -0,0 +1,64 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for describing network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Describe(base.DescribeCommand):
"""Describe a Compute Engine network policy.
*{command}* is used to describe network policies. A network
policy is a set of rules that classifies network traffic.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyArgument(
required=True, operation='describe'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='describe')
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy = client.NetworkPolicy(ref, compute_client=holder.client)
return network_policy.Describe(only_generate_request=False)
Describe.detailed_help = {
'EXAMPLES': """\
To describe a network policy with name ``my-policy'',
in region ``my-region'', run:
$ {command} my-policy --region=my-region
""",
}

113
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/list.py Normal file
View File

@@ -0,0 +1,113 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for listing network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import itertools
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute import lister
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute.network_policies import flags
from googlecloudsdk.core import properties
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class List(base.ListCommand):
"""List Compute Engine network policies.
*{command}* is used to list network policies. A network policy is a set of
rules that controls network traffic classification.
"""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat("""\
table(
name,
region.basename(),
description
)
""")
lister.AddRegionsArgWithoutBaseArgs(parser)
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
client = holder.client.apitools_client
messages = client.MESSAGES_MODULE
if args.project:
project = args.project
else:
project = properties.VALUES.core.project.GetOrFail()
# List RNPs in given regions
if args.regions:
regional_generators = [
list_pager.YieldFromList(
client.regionNetworkPolicies,
messages.ComputeRegionNetworkPoliciesListRequest(
project=project, region=region.strip()
),
field='items',
limit=args.limit,
batch_size=None,
)
for region in args.regions
]
return itertools.chain.from_iterable(regional_generators)
# Aggregated network policies for all regions defined in project
request = messages.ComputeRegionNetworkPoliciesAggregatedListRequest(
project=project, returnPartialSuccess=True
)
network_policies, next_page_token = _GetListPage(client, request)
while next_page_token:
request.pageToken = next_page_token
list_page, next_page_token = _GetListPage(client, request)
network_policies += list_page
return network_policies
def _GetListPage(client, request):
response = client.regionNetworkPolicies.AggregatedList(request)
network_policy_chain = itertools.chain.from_iterable(
network_policy_in_scope.value.networkPolicies
for network_policy_in_scope in response.items.additionalProperties
)
return list(network_policy_chain), response.nextPageToken
List.detailed_help = {
'EXAMPLES': """\
To list regional network policies under project ``my-project'',
specify a list of regions with ``--regions'':
$ {command} --project=my-project --regions="region-a, region-b"
To list all network policies under project
``my-project'', omit ``--regions'':
$ {command} --project=my-project
""",
}

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/traffic_classification_rules/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Commands for reading and manipulating network policies rules."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class NetworkPolicyRules(base.Group):
"""Read and manipulate Compute Engine network policy rules."""

159
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/traffic_classification_rules/create.py Normal file
View File

@@ -0,0 +1,159 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for creating network policy rules."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
from googlecloudsdk.command_lib.compute.network_policies import rules_utils
from googlecloudsdk.command_lib.util.apis import arg_utils
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Create(base.CreateCommand):
r"""Creates a Compute Engine network policy rule.
*{command}* is used to create network policy rules.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyRuleArgument(
required=True, operation='create'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='create')
flags.AddArgsAddRule(parser)
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_rule_client = client.NetworkPolicyRule(
ref=ref, compute_client=holder.client
)
name = None
description = None
priority = None
src_ip_ranges = []
dest_ip_ranges = []
layer4_configs = []
target_service_accounts = []
disabled = False
target_secure_tags = []
dscp_value = None
dscp_mode = self._GetDscpMode(holder.client.messages, args.dscp_mode)
traffic_class = self._GetTrafficClass(
holder.client.messages, args.traffic_class
)
if args.IsSpecified('name'):
name = args.name
if args.IsSpecified('description'):
description = args.description
if args.IsSpecified('priority'):
priority = args.priority
if args.IsSpecified('src_ip_ranges'):
src_ip_ranges = args.src_ip_ranges
if args.IsSpecified('dest_ip_ranges'):
dest_ip_ranges = args.dest_ip_ranges
if args.IsSpecified('layer4_configs'):
layer4_configs = args.layer4_configs
if args.IsSpecified('target_service_accounts'):
target_service_accounts = args.target_service_accounts
if args.IsSpecified('disabled'):
disabled = args.disabled
if args.IsSpecified('dscp_value'):
dscp_value = args.dscp_value
if args.IsSpecified('target_secure_tags'):
target_secure_tags = rules_utils.TranslateSecureTags(
holder.client, args.target_secure_tags
)
layer4_config_list = rules_utils.ParseLayer4Configs(
layer4_configs, holder.client.messages
)
matcher = (
holder.client.messages.NetworkPolicyTrafficClassificationRuleMatcher(
srcIpRanges=src_ip_ranges,
destIpRanges=dest_ip_ranges,
layer4Configs=layer4_config_list,
)
)
network_policy_rule = holder.client.messages.NetworkPolicyTrafficClassificationRule(
priority=rules_utils.ConvertPriorityToInt(priority),
action=holder.client.messages.NetworkPolicyTrafficClassificationRuleAction(
type=args.action,
trafficClass=traffic_class,
dscpMode=dscp_mode,
dscpValue=dscp_value,
),
match=matcher,
targetServiceAccounts=target_service_accounts,
description=description,
ruleName=name,
disabled=disabled,
targetSecureTags=target_secure_tags,
)
return network_policy_rule_client.CreateRule(
network_policy=args.network_policy,
network_policy_rule=network_policy_rule,
)
def _GetDscpMode(self, messages, dscp_mode: str):
return arg_utils.ChoiceToEnum(
dscp_mode,
messages.NetworkPolicyTrafficClassificationRuleAction.DscpModeValueValuesEnum,
)
def _GetTrafficClass(self, messages, traffic_class: str):
return arg_utils.ChoiceToEnum(
traffic_class,
messages.NetworkPolicyTrafficClassificationRuleAction.TrafficClassValueValuesEnum,
)
Create.detailed_help = {
'EXAMPLES': """\
To create a traffic classification rule with priority ``10'' in a network
policy with name ``my-policy'' and description ``example rule'', in
region ``region-a'', run:
$ {command} \
--priority=10 \
--action=apply_traffic_classification \
--network-policy=my-policy \
--network-policy-region=region-a \
--dest-ip-ranges=11.0.0.0/8 \
--description="example rule" \
--traffic-class tc1
--dscp-mode custom
--dscp-value 3
--layer4-configs=tcp:80,udp
""",
}

68
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/traffic_classification_rules/delete.py Normal file
View File

@@ -0,0 +1,68 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for deleting network policy rules."""
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
from googlecloudsdk.command_lib.compute.network_policies import rules_utils
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Delete(base.DeleteCommand):
"""Deletes a Compute Engine network policy rule.
*{command}* is used to delete network policy rules.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyRuleArgument(
required=True, operation='delete'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='delete')
flags.AddArgsRemoveRule(parser)
parser.display_info.AddCacheUpdater(flags.NetworkPoliciesCompleter)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_rule_client = client.NetworkPolicyRule(
ref=ref, compute_client=holder.client
)
return network_policy_rule_client.DeleteRule(
network_policy=args.network_policy,
priority=rules_utils.ConvertPriorityToInt(args.priority),
)
Delete.detailed_help = {
'EXAMPLES': """\
To delete a rule with priority ``10'' in a network policy
with name ``my-policy'', in region ``region-a'', run:
$ {command} --priority=10 --network-policy=my-policy \
--network-policy-region=region-a
""",
}

70
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/traffic_classification_rules/describe.py Normal file
View File

@@ -0,0 +1,70 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for deleting network policy rules."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
from googlecloudsdk.command_lib.compute.network_policies import rules_utils
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Describe(base.DescribeCommand):
"""Describes a Compute Engine network policy rule.
*{command}* is used to describe network policy rules.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyRuleArgument(
required=True, operation='describe'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='describe')
flags.AddArgsDescribeRule(parser)
def Run(self, args):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_rule_client = client.NetworkPolicyRule(
ref=ref, compute_client=holder.client
)
return network_policy_rule_client.DescribeRule(
network_policy=args.network_policy,
priority=rules_utils.ConvertPriorityToInt(args.priority),
)
Describe.detailed_help = {
'EXAMPLES': """\
To describe a rule with priority ``10'' in a network policy
with name ``my-policy'', in region ``region-a'', run:
$ {command} --priority=10 --network-policy=my-policy \
--network-policy-region=region-a
""",
}

175
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/traffic_classification_rules/update.py Normal file
View File

@@ -0,0 +1,175 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for updating network policy rules."""
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
from googlecloudsdk.command_lib.compute.network_policies import rules_utils
from googlecloudsdk.command_lib.util.apis import arg_utils
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Update(base.UpdateCommand):
r"""Updates a Compute Engine network policy rule.
*{command}* is used to update network policy rules.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyRuleArgument(
required=True, operation='update'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser)
flags.AddArgsUpdateRule(parser)
def Run(self, args):
clearable_arg_name_to_field_name = {
'src_ip_ranges': 'match.srcIpRanges',
'dest_ip_ranges': 'match.destIpRanges',
'target_secure_tags': 'targetSecureTags',
}
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_rule_client = client.NetworkPolicyRule(
ref=ref, compute_client=holder.client
)
priority = rules_utils.ConvertPriorityToInt(args.priority)
src_ip_ranges = []
dest_ip_ranges = []
layer4_config_list = []
target_service_accounts = []
disabled = None
should_setup_match = False
target_secure_tags = []
cleared_fields = []
should_setup_action = False
traffic_class = None
dscp_mode = None
dscp_value = None
for arg in clearable_arg_name_to_field_name:
if args.IsKnownAndSpecified(arg) and not args.GetValue(arg):
cleared_fields.append(clearable_arg_name_to_field_name[arg])
if args.IsSpecified('traffic_class'):
should_setup_action = True
traffic_class = self._GetTrafficClass(
holder.client.messages, args.traffic_class
)
if args.IsSpecified('dscp_mode'):
should_setup_action = True
dscp_mode = self._GetDscpMode(holder.client.messages, args.dscp_mode)
if args.IsSpecified('dscp_value'):
should_setup_action = True
dscp_value = args.dscp_value
if args.IsSpecified('src_ip_ranges'):
src_ip_ranges = args.src_ip_ranges
should_setup_match = True
if args.IsSpecified('dest_ip_ranges'):
dest_ip_ranges = args.dest_ip_ranges
should_setup_match = True
if args.IsSpecified('layer4_configs'):
should_setup_match = True
layer4_config_list = rules_utils.ParseLayer4Configs(
args.layer4_configs, holder.client.messages
)
if args.IsSpecified('target_service_accounts'):
target_service_accounts = args.target_service_accounts
if args.IsSpecified('disabled'):
disabled = args.disabled
if args.IsSpecified('new_priority'):
new_priority = rules_utils.ConvertPriorityToInt(args.new_priority)
else:
new_priority = priority
if args.IsSpecified('target_secure_tags'):
target_secure_tags = rules_utils.TranslateSecureTags(
holder.client, args.target_secure_tags
)
if should_setup_match:
matcher = (
holder.client.messages.NetworkPolicyTrafficClassificationRuleMatcher(
srcIpRanges=src_ip_ranges,
destIpRanges=dest_ip_ranges,
layer4Configs=layer4_config_list,
)
)
else:
matcher = None
if should_setup_action:
action = (
holder.client.messages.NetworkPolicyTrafficClassificationRuleAction(
trafficClass=traffic_class,
dscpMode=dscp_mode,
dscpValue=dscp_value,
)
)
else:
action = None
network_policy_rule = (
holder.client.messages.NetworkPolicyTrafficClassificationRule(
priority=new_priority,
action=action,
match=matcher,
targetServiceAccounts=target_service_accounts,
description=args.description,
disabled=disabled,
targetSecureTags=target_secure_tags,
)
)
with holder.client.apitools_client.IncludeFields(cleared_fields):
return network_policy_rule_client.UpdateRule(
priority=priority,
network_policy=args.network_policy,
network_policy_rule=network_policy_rule,
)
def _GetDscpMode(self, messages, dscp_mode: str):
return arg_utils.ChoiceToEnum(
dscp_mode,
messages.NetworkPolicyTrafficClassificationRuleAction.DscpModeValueValuesEnum,
)
def _GetTrafficClass(self, messages, traffic_class: str):
return arg_utils.ChoiceToEnum(
traffic_class,
messages.NetworkPolicyTrafficClassificationRuleAction.TrafficClassValueValuesEnum,
)
Update.detailed_help = {
'EXAMPLES': """\
To update a rule with priority ``10'' in a network policy with name
``my-policy'' to change the description to ``new example rule'', run:
$ {command} \
--priority=10 \
--network-policy=my-policy \
--description="new example rule"
""",
}

73
gcloud auth application-default login/google-cloud-sdk/lib/surface/compute/network_policies/update.py Normal file
View File

@@ -0,0 +1,73 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for updating network policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import argparse
from typing import ClassVar
from googlecloudsdk.api_lib.compute import base_classes
from googlecloudsdk.api_lib.compute.network_policies import client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.compute import flags as compute_flags
from googlecloudsdk.command_lib.compute.network_policies import flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Update(base.UpdateCommand):
"""Update a Compute Engine network policy.
*{command}* is used to update network policies. A network
policy is a set of rules that classifies network traffic.
"""
NETWORK_POLICY_ARG: ClassVar[compute_flags.ResourceArgument]
@classmethod
def Args(cls, parser: argparse.ArgumentParser):
cls.NETWORK_POLICY_ARG = flags.NetworkPolicyArgument(
required=True, operation='update'
)
cls.NETWORK_POLICY_ARG.AddArgument(parser, operation_type='update')
flags.AddArgsUpdateNetworkPolicy(parser)
def Run(self, args: argparse.Namespace):
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.NETWORK_POLICY_ARG.ResolveAsResource(args, holder.resources)
network_policy_client = client.NetworkPolicy(
ref, compute_client=holder.client
)
new_network_policy = holder.client.messages.NetworkPolicy(
description=args.description,
)
return network_policy_client.Update(network_policy=new_network_policy)
Update.detailed_help = {
'EXAMPLES': """\
To update a network policy with name ``my-policy'',
to change the description to ``New description'', run:
$ {command} my-policy \
--description='New description' \
--region=my-region
""",
}