davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/__init__.py Normal file
View File

@@ -0,0 +1,37 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The main command group for Cloud Identity Groups CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class Identity(base.Group):
"""Manage Cloud Identity Groups and Memberships resources.
Commands for managing Cloud Identity Groups and Memberships resources.
"""
category = base.IDENTITY_CATEGORY
def Filter(self, context, args):
# TODO(b/190535433): Determine if command group works with project number
base.RequireProjectID(args)
del context, args

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The groups command group for the Cloud Identity Groups CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
class Groups(base.Group):
"""Manage Cloud Identity Groups.
Commands for managing Cloud Identity Groups.
"""

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/config/__init__.py Normal file
View File

@@ -0,0 +1,26 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for managing Cloud Identity group configurations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Config(base.Group):
"""Manage Cloud Identity group configurations."""

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/config/export.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [ALPHA]
command_type: CONFIG_EXPORT
help_text:
brief: Export the configuration for a Cloud Identity group.
description: |
*{command}* exports the configuration for a Cloud Identity group.
Group configurations can be exported in
Kubernetes Resource Model (krm) or Terraform HCL formats. The
default format is `krm`.
Specifying `--all` allows you to export the configurations for all
groups within the project.
Specifying `--path` allows you to export the configuration(s) to
a local directory.
examples: |
To export the configuration for a group, run:
$ {command} my-group
To export the configuration for a group to a file, run:
$ {command} my-group --path=/path/to/dir/
To export the configuration for a group in Terraform
HCL format, run:
$ {command} my-group --resource-format=terraform
To export the configurations for all groups within a
project, run:
$ {command} --all
arguments:
resource:
help_text: Group to export the configuration for.
spec: !REF googlecloudsdk.command_lib.identity.resources:group

230
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/create.yaml Normal file
View File

@@ -0,0 +1,230 @@
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Create a new group.
description: Create a new group.
GA:
examples: |
To quickly create a new Google Groups discussion group with default settings:
$ {command} eng-discuss@example.com --organization="example.com"
To create a new Google Groups discussion group with a display name and descripton:
$ {command} eng-discuss@example.com \
--organization="example.com" \
--display-name="Engineer Discuss" \
--description="Group for engineering discussions"
To create a new security group:
$ {command} security-group@example.com \
--organization="example.com" \
--group-type="security" \
--display-name="Security Group" \
--description="Description of Security Group"
BETA:
examples: |
To quickly create a new Google Groups discussion group with default settings:
$ {command} eng-discuss@example.com --organization="example.com"
To create a new Google Groups discussion group with a display name and descripton:
$ {command} eng-discuss@example.com \
--organization="example.com" \
--display-name="Engineer Discuss" \
--description="Group for engineering discussions"
To create a new security group:
$ {command} security-group@example.com \
--organization="example.com" \
--group-type="security" \
--display-name="Security Group" \
--description="Description of Security Group"
ALPHA:
examples: |
To quickly create a new Google Groups discussion group with default settings:
$ {command} eng-discuss@example.com --organization="example.com"
To create a new Google Groups discussion group with a display name and descripton:
$ {command} eng-discuss@example.com \
--organization="example.com" \
--display-name="Engineer Discuss" \
--description="Group for engineering discussions"
To create a new security group:
$ {command} security-group@example.com \
--organization="example.com" \
--group-type="security" \
--display-name="Security Group" \
--description="Description of Security Group"
arguments:
params:
- arg_name: email
is_positional: true
required: true
help_text: |
The email address of the group to be created.
- group:
mutex: true
required: true
params:
- arg_name: organization
type: str
help_text: |
The organization the Group being created belongs to. This can be
specified either as an ID ("123456789") or as the associated domain
("example.com").
- arg_name: customer
release_tracks: [GA]
type: str
help_text: |
The customer ID for the customer\'s G Suite account.
Example of customer: "C01k1e9nw"
- arg_name: with-initial-owner
api_field: initialGroupConfig
help_text: |
If specified the user making the request will be added as the initial owner of the group being
created.
choices:
- arg_value: with-initial-owner
enum_value: with-initial-owner
help_text: |
The creator of the group will be the owner of the group. This is
the default for non-dynamic groups.
- arg_value: empty
enum_value: empty
help_text: |
The creator of the group will not be the owner of the group. This is
the default for dynamic groups.
- arg_name: display-name
api_field: group.displayName
help_text: |
The Group's display name.
- arg_name: description
api_field: group.description
help_text: |
An extended description to help users determine the purpose of a Group. For
example, you can include information about who should join the Group, the
types of messages to send to the Group, links to FAQs about the Group, or
related Groups. Maximum length is 4,096 characters.
- arg_name: dynamic-user-query
release_tracks: [ALPHA, BETA, GA]
type: str
help_text: |
Query that determines the memberships of the dynamic group.
Example of a query:
--dynamic-user-query="user.organizations.exists(org,org.title=='SWE')"
- group:
mutex: true
params:
- arg_name: labels
type: str
help_text: |
Labels for group resource.
Example of labels "--labels cloudidentity.googleapis.com/groups.discussion_forum"
- arg_name: group-type
help_text: |
The type of group to create. Setting group-type will add the
appropriate labels for the type of group being created.
choices:
- arg_value: discussion
enum_value: discussion
help_text: Creates a Google Groups discussion group.
- arg_value: dynamic
enum_value: dynamic
help_text: Creates a dynamic group.
- arg_value: security
enum_value: security
help_text: Creates a security group.
default: discussion
- arg_name: posix-group
release_tracks: [ALPHA, BETA]
api_field: group.posixGroups
hidden: true
type:
arg_dict:
flatten: false
spec:
- api_field: gid
arg_name: gid
type: int
- api_field: name
arg_name: name
type: str
help_text: |
Group ID (gid) and name of the POSIX group that you want to associate
with the specified Cloud Identity group. You can specify multiple POSIX
groups with multiple instances of this flag.
For example, use '--posix-group=gid=1005,name=eng' to add a single
group, or '--posix-group=gid=1005,name=eng
--posix-group=gid=1006,name=docs' to add multiple groups.
Caution: POSIX groups are deprecated. As of September 26, 2024, you can
no longer create new POSIX groups. For more information, see [POSIX
groups
deprecation](https://cloud.google.com/identity/docs/deprecations/posix-groups).
request:
collection: cloudidentity.groups
disable_resource_check: true
method: create
ALPHA:
api_version: v1alpha1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetParent
- googlecloudsdk.command_lib.identity.groups.hooks:SetEntityKey
- googlecloudsdk.command_lib.identity.groups.hooks:SetLabelsCreate
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
- googlecloudsdk.command_lib.identity.groups.hooks:SetInitialOwner
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetParent
- googlecloudsdk.command_lib.identity.groups.hooks:SetEntityKey
- googlecloudsdk.command_lib.identity.groups.hooks:SetLabelsCreate
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
- googlecloudsdk.command_lib.identity.groups.hooks:SetInitialOwner
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetParent
- googlecloudsdk.command_lib.identity.groups.hooks:SetEntityKey
- googlecloudsdk.command_lib.identity.groups.hooks:SetLabelsCreate
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
- googlecloudsdk.command_lib.identity.groups.hooks:SetInitialOwner
response:
result_attribute: response

50
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/delete.yaml Normal file
View File

@@ -0,0 +1,50 @@
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Delete an existing group.
description: Delete an existing group.
examples: |
To delete a group:
$ {command} eng-discuss@foo.com
arguments:
params:
- arg_name: email
is_positional: true
required: true
help_text: |
The email address of the group being deleted.
input:
confirmation_prompt: |
You are about to delete a group.
request:
collection: cloudidentity.groups
disable_resource_check: true
method: delete
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetResourceName
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
response:
result_attribute: response

43
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/describe.yaml Normal file
View File

@@ -0,0 +1,43 @@
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Describe an existing group.
description: Describe an existing group.
examples: |
To describe a group:
$ {command} eng-discuss@foo.com
arguments:
params:
- arg_name: email
is_positional: true
required: true
help_text: |
The email address of the group being described.
request:
collection: cloudidentity.groups
disable_resource_check: true
method: get
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetResourceName
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The memberships command group for the Cloud Identity Groups CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
class Memberships(base.Group):
"""Manage Cloud Identity Groups Memberships.
Commands for managing Cloud Identity Groups Memberships.
"""

72
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/add.yaml Normal file
View File

@@ -0,0 +1,72 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Create a new membership in an existing group.
description: Create a new membership in an existing group.
examples: |
To create a new membership in a group:
$ {command} --group-email="eng-discuss@foo.com" \
--member-email="user@foo.com"
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: create
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembership
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipParent
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetEntityKey
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipRoles
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetExpiryDetail
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group the new membership is being added to.
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the group or user being added to a group.
- arg_name: organization
release_tracks: [ALPHA, BETA]
type: str
help_text: |
The organization ID of the group the new membership is being added to.
- arg_name: expiration
type: str
help_text: |
Optional time of expiration for the membership. This is given as a duration from now, for
example '30d', '6m', '3y' for 30 days, 6 months, or 3 years respectively.
- arg_name: roles
type: arg_list
help_text: |
A comma-separated list of roles for a member within the Group. If not specified,
MEMBER will be used as a default value.

50
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/check_transitive_membership.yaml Normal file
View File

@@ -0,0 +1,50 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Check a potential member for transitive membership in a group.
description: Check a potential member for transitive membership in a group.
examples: |
To check if a potential member has a transitive membership in a group.
$ {command} --group-email=eng@foo.com --member-email=eng-discuss@foo.com
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: checkTransitiveMembership
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveMembershipParent
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveQuery
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the member to check transitive membership for.
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group to check transitive membership for.

53
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/delete.yaml Normal file
View File

@@ -0,0 +1,53 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Delete a membership from an existing group.
description: Delete a membership from an existing group.
examples: |
To delete a memberships from a group:
$ {command} --group-email="eng-discuss@foo.com" --member-email="user@foo.com"
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: delete
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipResourceName
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group the new membership is being removed from.
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the group or user being removed from the group identified by group-email.
input:
confirmation_prompt: |
You are about to delete a membership.

49
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/describe.yaml Normal file
View File

@@ -0,0 +1,49 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Describe a membership in a group.
description: Describe a membership in a group.
examples: |
To describe a membership in a group:
$ {command} --group-email="eng-discuss@foo.com" --member-email="user@foo.com"
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: get
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipResourceName
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group whose membership is being described.
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the member whose membership is being described.

59
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/get_membership_graph.yaml Normal file
View File

@@ -0,0 +1,59 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Get a membership graph of just a member or both a member and a group.
description: Get a membership graph of just a member or both a member and a group.
examples: |
To get a membership graph of just a member.
$ {command} --member-email=eng-discuss@foo.com --labels=cloudidentity.googleapis.com/groups.discussion_forum
To get a membership graph between a member and a group.
$ {command} --member-email=eng-discuss@foo.com --group-email=eng@foo.com --labels=cloudidentity.googleapis.com/groups.discussion_forum
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: getMembershipGraph
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveMembershipParent
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveQuery
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the member to get the membership graph for.
- arg_name: group-email
type: str
help_text: |
The email address of the group to constrain the membership graph with.
- arg_name: labels
type: str
required: true
help_text: |
The labels of the groups in the membership graph.

64
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/list.yaml Normal file
View File

@@ -0,0 +1,64 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: List memberships in an existing group.
description: List memberships in an existing group.
examples: |
To list memberships of a group:
$ {command} --group-email="eng-discuss@foo.com" --limit=50
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: list
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipParent
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetPageSize
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group to show members for.
- arg_name: view
api_field: view
help_text: |
There are two possible views, 'basic' and 'full', default is 'basic'
choices:
- enum_value: BASIC
arg_value: basic
help_text: |
Response only basic information of the Groups. (e.g. 'display_name', 'name')
- enum_value: FULL
arg_value: full
help_text: |
Response includes all the fields of the Groups
default: basic
- arg_name: page-token
api_field: pageToken
help_text: |
The next_page_token value returned from a previous list request, if any.

77
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/modify_membership_roles.yaml Normal file
View File

@@ -0,0 +1,77 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Add/remove/modify membership roles of a membership in a group.
description: Add/remove/modify membership roles OR update expiry details of membership in a group.
examples: |
To add a new membership role to an existing group-member pair.
$ {command} --group-email="eng-discuss@foo.com" \
--member-email="user@foo.com" \
--add-roles=OWNER
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: modifyMembershipRoles
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetMembershipResourceName
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:UpdateRoles
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetUpdateRolesParams
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group that member-email belongs to.
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the group or user that is being updated
- group:
mutex: true
params:
- arg_name: update-roles-params
type: str
help_text: |
Resource representing the parameters to update membership roles.
An example would be ``--update-roles-params MEMBER=expiry_details.expire_time''.
- group:
params:
- arg_name: add-roles
type: str
help_text: |
Membership roles to be added.
Currently supported MembershipRole: 'MEMBER', 'OWNER', 'MANAGER'.
- arg_name: remove-roles
api_field: modifyMembershipRolesRequest.removeRoles
type: arg_list
help_text: |
Membership role names to be removed.
Currently supported MembershipRole: 'OWNER', 'MANAGER'.
MEMBER-less owner is not supported so removing just MEMBER role won't be possible.

63
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/search_transitive_groups.yaml Normal file
View File

@@ -0,0 +1,63 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Search transitive groups of a member.
description: Search transitive groups of a member.
examples: |
To search transitive groups of a member.
$ {command} --labels=cloudidentity.googleapis.com/groups.discussion_forum --member-email=eng-discuss@foo.com --page-size=10
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: searchTransitiveGroups
disable_pagination: true
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveMembershipParent
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveQuery
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: member-email
type: str
required: true
help_text: |
The email address of the member to search transitive groups for.
- arg_name: labels
type: str
required: true
help_text: |
The labels of the transitive groups.
- arg_name: page-size
type: int
api_field: pageSize
help_text: |
The maximum number of results to return.
- arg_name: page-token
type: str
api_field: pageToken
help_text: |
The next_page_token value returned from a previous search request, if any.

55
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/memberships/search_transitive_memberships.yaml Normal file
View File

@@ -0,0 +1,55 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Search transitive memberships of a group.
description: Search transitive memberships of a group.
examples: |
To search transitive memberships of a group.
$ {command} --group-email=eng@foo.com --page-size=10
request:
collection: cloudidentity.groups.memberships
disable_resource_check: true
method: searchTransitiveMemberships
disable_pagination: true
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.memberships.hooks:SetTransitiveMembershipParent
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
params:
- arg_name: group-email
type: str
required: true
help_text: |
The email address of the group to search transitive memberships for.
- arg_name: page-size
type: int
api_field: pageSize
help_text: |
The maximum number of results to return.
- arg_name: page-token
type: str
api_field: pageToken
help_text: |
The next_page_token value returned from a previous search request, if any.

126
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/preview.py Normal file
View File

@@ -0,0 +1,126 @@
# -*- coding: utf-8 -*- #
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The `groups preview` command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.identity import admin_directory
from googlecloudsdk.calliope import arg_parsers
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.util.apis import arg_utils
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA)
class Preview(base.Command):
"""Retrieve a list of users in a customer account using CEL query.
"""
detailed_help = {
'DESCRIPTION':
'{description}',
'EXAMPLES':
"""\
To retrieve a list of user in a customer and filter it with a query, run:
$ {command} --query="user.locations.exists(loc, loc.desk_code == 'abc')" --customer=A1234abcd
To retrieve a list of users with only fullName and primaryEMail fields, run:
$ {command} --query="user.locations.exists(loc, loc.desk_code == 'abc')" --customer=A1234abcd --format="flattened(nextPageToken, users[].primaryEmail, users[].name.fullName)"
""",
}
@staticmethod
def Args(parser):
scope_args = parser.add_mutually_exclusive_group(required=True)
# TODO(b/142400670): Add support for my_customer option.
scope_args.add_argument(
'--customer',
help=('The customer ID for the customer\'s G Suite account.'))
parser.add_argument(
'--query',
help=('Query string using CEL and supported user attributes'))
parser.add_argument(
'--projection',
choices=['basic', 'full', 'custom'],
default='basic',
help='Subsets of fields to fetch for this user.')
parser.add_argument(
'--custom-field-mask',
metavar='custom-mask',
type=arg_parsers.ArgList(),
help=('A comma-separated list of schema names. All fields from these '
'schemas are fetched. This should only be set when '
'--projection=custom.'))
parser.add_argument(
'--view-type',
choices=['admin-view', 'domain-public'],
default='admin-view',
help=('Whether to fetch the administrator-only or domain-wide public '
'view of the user.'))
# TODO(b/142472316): Consider using default gcloud list options.
parser.add_argument(
'--max-results',
default=100,
type=int,
help=('Maximum number of results to return. Acceptable values are 1 to '
'500, inclusive.'))
parser.add_argument(
'--page-token', help=('Token to specify next page in the list.'))
def Run(self, args):
messages = admin_directory.GetMessages()
projection = ChoiceToEnum(
args.projection,
(messages.DirectoryUsersListRequest.ProjectionValueValuesEnum))
view_type = ChoiceToEnum(
args.view_type,
(messages.DirectoryUsersListRequest.ViewTypeValueValuesEnum))
return admin_directory.Preview(
messages.DirectoryUsersListRequest(
customer=args.customer,
query=args.query,
projection=projection,
customFieldMask=args.custom_field_mask,
viewType=view_type,
maxResults=args.max_results,
pageToken=args.page_token))
def ChoiceToEnumName(choice):
"""Converts an argument value to the string representation of the Enum."""
return choice.replace('-', '_')
def ChoiceToEnum(choice, enum_type, item_type='choice', valid_choices=None):
"""Converts the typed choice into an apitools Enum value."""
if choice is None:
return None
name = ChoiceToEnumName(choice)
valid_choices = (
valid_choices or
[arg_utils.EnumNameToChoice(n) for n in enum_type.names()])
try:
return enum_type.lookup_by_name(name)
except KeyError:
raise arg_parsers.ArgumentTypeError(
'Invalid {item}: {selection}. Valid choices are: [{values}].'.format(
item=item_type,
selection=arg_utils.EnumNameToChoice(name),
values=', '.join(c for c in sorted(valid_choices))))

112
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/search.yaml Normal file
View File

@@ -0,0 +1,112 @@
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Searches for Groups matching a specified query.
description: Searches for Groups matching a specified query.
examples: |
To Search groups:
$ {command} --organization="5149234212" \
--labels="cloudidentity.googleapis.com/groups.discussion_forum" \
--page-size=3 \
--page-token="ala9glealanal908"
arguments:
params:
- group:
mutex: true
required: true
params:
- arg_name: organization
type: str
help_text: |
The organization ID for the groups being searched.
- arg_name: customer
release_tracks: [GA]
type: str
help_text: |
The customer ID for the customer's G Suite account.
Example of customer: "C01k1e9nw"
- arg_name: labels
required: true
help_text: |
One or more label entries that apply to the Group. Currently supported labels contain a key
with an empty value.
Google Groups are the default type of group and have a label with a key of
'cloudidentity.googleapis.com/groups.discussion_forum' and an empty value.
Existing Google Groups can have an additional label with a key of
'cloudidentity.googleapis.com/groups.security' and an empty value added to them.
*This is an immutable change and the security label cannot be removed once added.*
POSIX groups have a label with a key of 'cloudidentity.googleapis.com/groups.posix'.
Dynamic groups have a label with a key of 'cloudidentity.googleapis.com/groups.dynamic'.
Identity-mapped groups for Cloud Search have a label with a key of 'system/groups/external'
and an empty value.
Examples: {"cloudidentity.googleapis.com/groups.discussion_forum": ""} or
{"system/groups/external": ""}.
- arg_name: view
api_field: view
help_text: |
The level of detail to be returned. There are two possible views: 'basic' and 'full'.
If unspecified, default to 'basic'
choices:
- enum_value: BASIC
arg_value: basic
help_text: |
Default. Only basic group information is returned.
- enum_value: FULL
arg_value: full
help_text: |
All group information is returned.
default: basic
- arg_name: page-token
api_field: pageToken
help_text: |
The nextPageToken value returned from a previous search request, if any.
- arg_name: page-size
type: int
api_field: pageSize
help_text: |
The maximum number of results to return.
Note that the number of results returned may be less than this value even if there are more
available results. To fetch all results, clients must continue calling this method
repeatedly until the response no longer contains a nextPageToken.
If unspecified, defaults to 200 'basic' view and to 50 for 'full' view.
Must not be greater than 1000 for 'basic' view or 500 for 'full' view.
request:
collection: cloudidentity.groups
method: search
disable_pagination: true
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:GenerateQuery
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1

190
gcloud auth application-default login/google-cloud-sdk/lib/surface/identity/groups/update.yaml Normal file
View File

@@ -0,0 +1,190 @@
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Update a group.
description: Update a group.
GA:
examples: |
To update a group:
$ {command} eng-discuss@foo.com \
--display-name="New Engineer Discuss" \
--description="Group for engineering discussions"
BETA:
examples: |
To update a group:
$ {command} eng-discuss@foo.com \
--display-name="New Engineer Discuss" \
--description="Group for engineering discussions"
To remove POSIX information from a Google Group:
$ {command} eng-discuss@foo.com \
--remove-posix-groups=eng
ALPHA:
examples: |
To update a group:
$ {command} eng-discuss@foo.com \
--display-name="New Engineer Discuss" \
--description="Group for engineering discussions"
To remove POSIX information from a Google Group:
$ {command} eng-discuss@foo.com \
--remove-posix-groups=eng
arguments:
params:
- arg_name: email
is_positional: true
required: true
help_text: |
The email address of the group to be updated.
- group:
mutex: true
params:
- arg_name: display-name
api_field: group.displayName
help_text: |
Replace existing display name on group being updated.
- arg_name: clear-display-name
type: bool
help_text: |
Clear existing display name on group being updated.
- group:
mutex: true
params:
- arg_name: description
api_field: group.description
help_text: Replace existing description on group being updated.
- arg_name: clear-description
type: bool
help_text: Clear existing description on group being updated.
- group:
release_tracks: [ALPHA, BETA]
mutex: true
params:
- arg_name: add-posix-group
api_field: group.posixGroups
hidden: true
type:
arg_dict:
flatten: false
spec:
- api_field: gid
arg_name: gid
type: int
- api_field: name
arg_name: name
type: str
help_text: |
Group id (gid) and a name for a POSIX group that you want to add
to the specified Cloud Identity group. You can specify multiple
POSIX groups to add with multiple instances of this flag.
For example, use '--add-posix-group=gid=1005,name=eng'
to add a single group, or '--add-posix-group=gid=1005,name=eng
--add-posix-group=gid=1006,name=docs' to add multiple groups.
Caution: POSIX groups are deprecated. As of September 26, 2024, you
can no longer create new POSIX groups. For more information, see
[POSIX groups
deprecation](https://cloud.google.com/identity/docs/deprecations/posix-groups).
- arg_name: remove-posix-groups
type: "googlecloudsdk.calliope.arg_parsers:ArgList:"
metavar: POSIX_GROUP
help_text: |
Remove POSIX groups from the specified Cloud Identity group.
You can specify multiple POSIX groups by either name or gid by
using a comma-separated list.
For example, use '--remove-posix-groups=1005,1006' to remove POSIX
groups with group ids '1005' and '1006', or use
'--remove-posix-groups=eng,docs' to remove POSIX groups named 'eng'
and 'docs'.
- arg_name: clear-posix-groups
type: bool
help_text: |
Clear all POSIX groups from the specified Cloud Identity
group.
- arg_name: labels
release_tracks: [BETA, GA]
ALPHA:
hidden: true
type: str
help_text: |
One or more label entries that apply to the group. Currently supported labels contain a key
with an empty value.
Google Groups are the default type of group and have a label with a key of
'cloudidentity.googleapis.com/groups.discussion_forum' and an empty value.
Existing Google Groups can have an additional label with a key of
'cloudidentity.googleapis.com/groups.security' and an empty value added to them.
*This is an immutable change and the security label cannot be removed once added.*
Dynamic groups have a label with a key of 'cloudidentity.googleapis.com/groups.dynamic'.
Identity-mapped groups for Cloud Search have a label with a key of 'system/groups/external'
and an empty value.
Examples: {"cloudidentity.googleapis.com/groups.discussion_forum": ""} or
{"system/groups/external": ""}.
- arg_name: dynamic-user-query
type: str
help_text: |
Query that determines the memberships of the dynamic group.
Example of a query:
`--dynamic-user-query="user.organizations.exists(org,org.title=='SWE')"`
request:
collection: cloudidentity.groups
disable_resource_check: true
method: patch
ALPHA:
api_version: v1alpha1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetResourceName
- googlecloudsdk.command_lib.identity.groups.hooks:SetGroupUpdateMask
- googlecloudsdk.command_lib.identity.groups.hooks:UpdatePosixGroups
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
BETA:
api_version: v1beta1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetResourceName
- googlecloudsdk.command_lib.identity.groups.hooks:SetGroupUpdateMask
- googlecloudsdk.command_lib.identity.groups.hooks:SetLabels
- googlecloudsdk.command_lib.identity.groups.hooks:UpdatePosixGroups
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.identity.groups.hooks:SetResourceName
- googlecloudsdk.command_lib.identity.groups.hooks:SetGroupUpdateMask
- googlecloudsdk.command_lib.identity.groups.hooks:SetLabels
- googlecloudsdk.command_lib.identity.groups.hooks:SetDynamicUserQuery
response:
result_attribute: response