davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/__init__.py Normal file
View File

@@ -0,0 +1,30 @@
# -*- coding: utf-8 -*- #
# Copyright 2018 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The policies command group for the IAM CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Policies(base.Group):
"""Manage IAM deny policies.
Commands for managing Google Cloud IAM deny policies.
"""

88
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/create.py Normal file
View File

@@ -0,0 +1,88 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to create a policy on the given attachment point."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import textwrap
from googlecloudsdk.api_lib.iam import policies as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import policies_flags as flags
from googlecloudsdk.core import log
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Create(base.CreateCommand):
"""Create a policy on the given attachment point with the given name."""
detailed_help = {
'EXAMPLES':
textwrap.dedent("""\
The following command creates the IAM policy defined at the resource
project ``123'' of kind ``denypolicies'' and id ``my-deny-policy'' from the
file ``policy.json'':
$ {command} my-deny-policy --attachment-point=cloudresourcemanager.googleapis.com/projects/123 --kind=denypolicies --policy-file=policy.json
"""),
}
@staticmethod
def Args(parser):
flags.GetAttachmentPointFlag().AddToParser(parser)
flags.GetKindFlag().AddToParser(parser)
flags.GetPolicyIDFlag().AddToParser(parser)
flags.GetPolicyFileFlag().AddToParser(parser)
def Run(self, args):
release_track = args.calliope_command.ReleaseTrack()
client = apis.GetClientInstance(release_track)
messages = apis.GetMessagesModule(release_track)
kinds = {
'denypolicies': 'denyPolicy',
'principalaccessboundarypolicies': 'principalAccessBoundaryPolicy',
'accessboundarypolicies': 'accessboundaryPolicy',
}
attachment_point = args.attachment_point.replace('/', '%2F')
if release_track == base.ReleaseTrack.ALPHA:
result = client.policies.CreatePolicy(
messages.IamPoliciesCreatePolicyRequest(
parent='policies/{}/{}'.format(attachment_point, args.kind),
policyId=args.policy_id,
googleIamV2alphaPolicy=apis.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.GoogleIamV2alphaPolicy)))
elif release_track == base.ReleaseTrack.BETA:
result = client.policies.CreatePolicy(
messages.IamPoliciesCreatePolicyRequest(
parent='policies/{}/{}'.format(attachment_point, args.kind),
policyId=args.policy_id,
googleIamV2betaPolicy=apis.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.GoogleIamV2betaPolicy)))
else:
# GA
result = client.policies.CreatePolicy(
messages.IamPoliciesCreatePolicyRequest(
parent='policies/{}/{}'.format(attachment_point, args.kind),
policyId=args.policy_id,
googleIamV2Policy=apis.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.GoogleIamV2Policy)))
log.CreatedResource(result.name, kinds[args.kind], is_async=True)
return result

69
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/delete.py Normal file
View File

@@ -0,0 +1,69 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to delete a policy on the given attachment point."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import textwrap
from googlecloudsdk.api_lib.iam import policies as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import policies_flags as flags
from googlecloudsdk.core import log
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Delete(base.DeleteCommand):
"""Delete a policy on the given attachment point with the given name."""
detailed_help = {
'EXAMPLES':
textwrap.dedent("""\
The following command deletes the IAM policy defined at the resource
project ``123'' of kind ``denypolicies'' and id ``my-deny-policy'',
with etag ``abc'':
$ {command} my-deny-policy --attachment-point=cloudresourcemanager.googleapis.com/projects/123 --kind=denypolicies --etag=abc
"""),
}
@staticmethod
def Args(parser):
flags.GetAttachmentPointFlag().AddToParser(parser)
flags.GetKindFlag().AddToParser(parser)
flags.GetPolicyIDFlag().AddToParser(parser)
flags.GetEtagFlag().AddToParser(parser)
def Run(self, args):
release_track = args.calliope_command.ReleaseTrack()
client = apis.GetClientInstance(release_track)
messages = apis.GetMessagesModule(release_track)
attachment_point = args.attachment_point.replace('/', '%2F')
kinds = {
'denypolicies': 'denyPolicy',
'principalaccessboundarypolicies': 'principalAccessBoundaryPolicy',
'accessboundarypolicies': 'accessboundaryPolicy',
}
result = client.policies.Delete(
messages.IamPoliciesDeleteRequest(
name='policies/{}/{}/{}'.format(attachment_point, args.kind,
args.policy_id),
etag=args.etag))
log.DeletedResource(result.name, kinds[args.kind], is_async=True)
return result

59
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/get.py Normal file
View File

@@ -0,0 +1,59 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to get a policy on the given attachment point."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import textwrap
from googlecloudsdk.api_lib.iam import policies as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import policies_flags as flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Get(base.DescribeCommand):
"""Get a policy on the given attachment point with the given name."""
detailed_help = {
'EXAMPLES':
textwrap.dedent("""\
The following command gets the IAM policy defined at the resource
project ``123'' of kind ``denypolicies'' and id ``my-deny-policy'':
$ {command} my-deny-policy --attachment-point=cloudresourcemanager.googleapis.com/projects/123 --kind=denypolicies
"""),
}
@staticmethod
def Args(parser):
flags.GetAttachmentPointFlag().AddToParser(parser)
flags.GetKindFlag().AddToParser(parser)
flags.GetPolicyIDFlag().AddToParser(parser)
def Run(self, args):
client = apis.GetClientInstance(args.calliope_command.ReleaseTrack())
messages = apis.GetMessagesModule(args.calliope_command.ReleaseTrack())
attachment_point = args.attachment_point.replace('/', '%2F')
result = client.policies.Get(
messages.IamPoliciesGetRequest(name='policies/{}/{}/{}'.format(
attachment_point, args.kind, args.policy_id)))
return result

68
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/lint_condition.yaml Normal file
View File

@@ -0,0 +1,68 @@
- release_tracks: [ALPHA]
help_text:
brief: Lint an IAM condition.
description: |
Lint an IAM condition. The problems found by linter will not be fixed.
Instead, it will show the problems.
examples: |
To lint an IAM condition of resource `//cloudresourcemanager.googleapis.com/v1/projects/example-project`,
and the condtion to lint is expression='true', title='title', description='description', run:
$ {command} --resource-name='//cloudresourcemanager.googleapis.com/v1/projects/example-project' --expression='true' --title='title' --description='description'
To lint an IAM condition of resource `//cloudresourcemanager.googleapis.com/v1/projects/example-project`,
and the condition is read from a local YAML file `condition.yaml`, run:
$ {command} --resource-name='//cloudresourcemanager.googleapis.com/v1/projects/example-project' --condition-from-file='condition.yaml'
request:
collection: iam.iamPolicies
method: lintPolicy
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.iam.hooks:UpdateRequestWithConditionFromFile
arguments:
params:
- arg_name: resource-name
api_field: fullResourceName
help_text: |
The full resource name of the policy containing the condition to lint.
See https://cloud.google.com/apis/design/resource_names for details.
To get a URI from most list commands in gcloud, pass the --uri flag.
For example:
$ gcloud compute instances list --project prj --uri
https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-c/instances/i1
https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-d/instances/i2
- group:
mutex: true
required: true
params:
- arg_name: condition-from-file
type: googlecloudsdk.command_lib.iam.hooks:ParseConditionFromFile
help_text: |
The path to a JSON or YAML file containing the condition.
See https://cloud.google.com/iam/docs/conditions-overview for schema of the condition.
- group:
help_text: |
The condition to lint. It must have an `expression` property and a `title` property.
The `description` property is optional.
params:
- arg_name: expression
api_field: condition.expression
required: true
help_text: |
The expression of the condition which evaluates to True or False. This uses a subset
of Common Expression Language syntax.
- arg_name: title
api_field: condition.title
required: true
help_text: |
A title for the expression, i.e. a short string describing its purpose.
- arg_name: description
api_field: condition.description
help_text: |
A description of the expression. This is a longer text which describes the
expression.

63
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/list.py Normal file
View File

@@ -0,0 +1,63 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to list the policies on the given attachment point."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import textwrap
from googlecloudsdk.api_lib.iam import policies as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import policies_flags as flags
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class List(base.ListCommand):
"""List the policies on the given attachment point."""
detailed_help = {
'EXAMPLES':
textwrap.dedent("""\
The following command lists the IAM policy defined at the resource
project ``123'' of kind ``denypolicies'':
$ {command} --attachment-point=cloudresourcemanager.googleapis.com/projects/123 --kind=denypolicies
"""),
}
@staticmethod
def Args(parser):
base.URI_FLAG.RemoveFromParser(parser)
flags.GetPageTokenFlag().AddToParser(parser)
flags.GetAttachmentPointFlag().AddToParser(parser)
flags.GetKindFlag().AddToParser(parser)
def Run(self, args):
client = apis.GetClientInstance(args.calliope_command.ReleaseTrack())
messages = apis.GetMessagesModule(args.calliope_command.ReleaseTrack())
attachment_point = args.attachment_point.replace('/', '%2F')
result = client.policies.ListPolicies(
messages.IamPoliciesListPoliciesRequest(
parent='policies/{}/{}'.format(attachment_point, args.kind),
pageSize=args.page_size,
pageToken=args.page_token))
return result

87
gcloud auth application-default login/google-cloud-sdk/lib/surface/iam/policies/update.py Normal file
View File

@@ -0,0 +1,87 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to update a policy on the given attachment point."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import textwrap
from googlecloudsdk.api_lib.iam import policies as apis
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import policies_flags as flags
from googlecloudsdk.core import log
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Update(base.UpdateCommand):
"""Update the policy on the given attachment point with the given name."""
detailed_help = {
'EXAMPLES':
textwrap.dedent("""\
The following command updates the IAM policy ``my-deny-policy'', which
is attached to the resource project ``123'' and has the etag ``abc'':
$ {command} my-deny-policy --attachment-point=cloudresourcemanager.googleapis.com/projects/123 --kind=denypolicies --policy-file=policy.json --etag=abc
"""),
}
@staticmethod
def Args(parser):
flags.GetAttachmentPointFlag().AddToParser(parser)
flags.GetKindFlag().AddToParser(parser)
flags.GetPolicyIDFlag().AddToParser(parser)
flags.GetPolicyFileFlag().AddToParser(parser)
flags.GetEtagFlag().AddToParser(parser)
def Run(self, args):
release_track = args.calliope_command.ReleaseTrack()
client = apis.GetClientInstance(release_track)
messages = apis.GetMessagesModule(release_track)
attachment_point = args.attachment_point.replace('/', '%2F')
kinds = {
'denypolicies': 'denyPolicy',
'principalaccessboundarypolicies': 'principalAccessBoundaryPolicy',
'accessboundarypolicies': 'accessboundaryPolicy',
}
if release_track == base.ReleaseTrack.ALPHA:
policy = apis.ParseYamlOrJsonPolicyFile(args.policy_file,
messages.GoogleIamV2alphaPolicy)
elif release_track == base.ReleaseTrack.BETA:
policy = apis.ParseYamlOrJsonPolicyFile(args.policy_file,
messages.GoogleIamV2betaPolicy)
else:
# GA
policy = apis.ParseYamlOrJsonPolicyFile(args.policy_file,
messages.GoogleIamV2Policy)
policy.name = 'policies/{}/{}/{}'.format(attachment_point, args.kind,
args.policy_id)
etag = args.etag
if etag is None:
etag = policy.etag
policy.etag = etag
result = client.policies.Update(policy)
log.UpdatedResource(result.name, kinds[args.kind], is_async=True)
return result