davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/__init__.py Normal file
View File

@@ -0,0 +1,38 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The command group for keyrings."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.kms import flags
from googlecloudsdk.core import resources
class KeyRings(base.Group):
"""Create and manage keyrings.
A keyring is a toplevel logical grouping of keys.
"""
category = base.IDENTITY_AND_SECURITY_CATEGORY
@staticmethod
def Args(parser):
parser.display_info.AddUriFunc(
cloudkms_base.MakeGetUriFunc(flags.KEY_RING_COLLECTION))

34
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/add_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,34 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Add IAM policy binding for a kms keyring.
description: |
Adds a policy binding to the IAM policy of a kms keyring. A binding consists of at least one
member, a role, and an optional condition.
examples: |
To add an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com'
on the keyring fellowship with location global, run:
$ {command} fellowship --location='global' --member='user:test-user@gmail.com' --role='roles/editor'
To add an IAM policy binding which expires at the end of the year 2018 for the role of
'roles/cloudkms.signer' and the user 'test-user@gmail.com' on the keyring fellowship and
location global, run:
$ {command} fellowship --location='global' --member='user:test-user@gmail.com' --role='roles/cloudkms.signer' --condition='expression=request.time < timestamp("2019-01-01T00:00:00Z"),title=expires_end_of_2018,description=Expires at midnight on 2018-12-31'
See https://cloud.google.com/iam/docs/managing-policies for details of
policy role and member types.
request:
collection: cloudkms.projects.locations.keyRings
arguments:
resource:
help_text: The keyring to add the IAM policy binding.
spec: !REF googlecloudsdk.command_lib.kms.resources:key_ring
iam:
enable_condition: true
policy_version: 3
get_iam_policy_version_path: options_requestedPolicyVersion

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/config/__init__.py Normal file
View File

@@ -0,0 +1,26 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for managing Cloud KMS key ring configurations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Config(base.Group):
"""Manage Cloud KMS key ring configurations."""

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/config/export.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [ALPHA]
command_type: CONFIG_EXPORT
help_text:
brief: Export the configuration for a Cloud KMS key ring.
description: |
*{command}* exports the configuration for a Cloud KMS key ring.
Key ring configurations can be exported in
Kubernetes Resource Model (krm) or Terraform HCL formats. The
default format is `krm`.
Specifying `--all` allows you to export the configurations for all
key rings within the project.
Specifying `--path` allows you to export the configuration(s) to
a local directory.
examples: |
To export the configuration for a key ring, run:
$ {command} my-key-ring
To export the configuration for a key ring to a file, run:
$ {command} my-key-ring --path=/path/to/dir/
To export the configuration for a key ring in Terraform
HCL format, run:
$ {command} my-key-ring --resource-format=terraform
To export the configurations for all key rings within a
project, run:
$ {command} --all
arguments:
resource:
help_text: Key ring to export the configuration for.
spec: !REF googlecloudsdk.command_lib.kms.resources:key_ring

57
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/create.py Normal file
View File

@@ -0,0 +1,57 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create a keyring."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.kms import flags
from googlecloudsdk.command_lib.kms import resource_args
class Create(base.CreateCommand):
"""Create a new keyring.
Creates a new keyring within the given location.
## Examples
The following command creates a keyring named `fellowship` within the
location `global`:
$ {command} fellowship --location=global
"""
@staticmethod
def Args(parser):
resource_args.AddKmsKeyringResourceArgForKMS(parser, True, 'keyring')
parser.display_info.AddCacheUpdater(flags.KeyRingCompleter)
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = args.CONCEPTS.keyring.Parse()
parent_ref = key_ring_ref.Parent()
req = messages.CloudkmsProjectsLocationsKeyRingsCreateRequest(
parent=parent_ref.RelativeName(),
keyRingId=key_ring_ref.Name(),
keyRing=messages.KeyRing())
return client.projects_locations_keyRings.Create(req)

53
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/describe.py Normal file
View File

@@ -0,0 +1,53 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe a keyring."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.kms import resource_args
class Describe(base.DescribeCommand):
"""Get metadata for a keyring.
Returns metadata for the given keyring.
## EXAMPLES
The following command returns the metadata for the keyring `towers`
in the location `us-east1`:
$ {command} towers --location=us-east1
"""
@staticmethod
def Args(parser):
resource_args.AddKmsKeyringResourceArgForKMS(parser, True, 'keyring')
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = args.CONCEPTS.keyring.Parse()
if not key_ring_ref.Name():
raise exceptions.InvalidArgumentException('keyring',
'keyring id must be non-empty.')
return client.projects_locations_keyRings.Get(
messages.CloudkmsProjectsLocationsKeyRingsGetRequest(
name=key_ring_ref.RelativeName()))

48
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/get_iam_policy.py Normal file
View File

@@ -0,0 +1,48 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Fetch the IAM policy for a keyring."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.cloudkms import iam
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.kms import flags
class GetIamPolicy(base.ListCommand):
"""Get the IAM policy for a keyring.
Gets the IAM policy for the given keyring.
Returns an empty policy if the resource does not have a policy set.
## EXAMPLES
The following command gets the IAM policy for the keyring `fellowship`
within the location `us-central1`:
$ {command} fellowship --location=us-central1
"""
@staticmethod
def Args(parser):
flags.AddLocationFlag(parser, 'keyring')
flags.AddKeyRingArgument(parser, 'whose IAM policy to fetch')
base.URI_FLAG.RemoveFromParser(parser)
def Run(self, args):
return iam.GetKeyRingIamPolicy(flags.ParseKeyRingName(args))

59
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/list.py Normal file
View File

@@ -0,0 +1,59 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List keyrings within a location."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.kms import resource_args
class List(base.ListCommand):
"""List keyrings within a location.
Lists all keyrings within the given location.
## EXAMPLES
The following command lists a maximum of five keyrings in the location
`global`:
$ {command} --location=global --limit=5
"""
@staticmethod
def Args(parser):
resource_args.AddKmsLocationResourceArgForKMS(parser, True, '--location')
parser.display_info.AddFormat('table(name)')
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
location_ref = args.CONCEPTS.location.Parse()
request = messages.CloudkmsProjectsLocationsKeyRingsListRequest(
parent=location_ref.RelativeName())
return list_pager.YieldFromList(
client.projects_locations_keyRings,
request,
field='keyRings',
limit=args.limit,
batch_size_attribute='pageSize')

41
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/remove_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,41 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Remove IAM policy binding for a kms keyring.
description: |
Removes a policy binding from the IAM policy of a kms keyring. A binding consists of at least
one member, a role, and an optional condition.
examples: |
To remove an IAM policy binding for the role of 'roles/cloudkms.signer' for the user
'test-user@gmail.com' on the keyring fellowship with location global, run:
$ {command} fellowship --location='global' --member='user:test-user@gmail.com' --role='roles/cloudkms.signer'
To remove an IAM policy binding with a condition of
expression='request.time < timestamp("2019-01-01T00:00:00Z")', title='expires_end_of_2018',
and description='Expires at midnight on 2018-12-31' for the role of 'roles/cloudkms.signer'
for the user 'test-user@gmail.com' on the keyring fellowship with location global, run:
$ {command} fellowship --location='global' --member='user:test-user@gmail.com' --role='roles/cloudkms.signer' --condition='expression=request.time < timestamp("2019-01-01T00:00:00Z"),title=expires_end_of_2018,description=Expires at midnight on 2018-12-31'
To remove all IAM policy bindings regardless of the condition for the role of
'roles/cloudkms.signer' and for the user 'test-user@gmail.com' on the keyring fellowship with
location global, run:
$ {command} fellowship --location='global' --member='user:test-user@gmail.com' --role='roles/cloudkms.signer' --all
See https://cloud.google.com/iam/docs/managing-policies for details of
policy role and member types.
request:
collection: cloudkms.projects.locations.keyRings
arguments:
resource:
help_text: The keyring to remove the IAM policy binding.
spec: !REF googlecloudsdk.command_lib.kms.resources:key_ring
iam:
enable_condition: true
policy_version: 3
get_iam_policy_version_path: options_requestedPolicyVersion

59
gcloud auth application-default login/google-cloud-sdk/lib/surface/kms/keyrings/set_iam_policy.py Normal file
View File

@@ -0,0 +1,59 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Set the IAM policy for a keyring."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base
from googlecloudsdk.api_lib.cloudkms import iam
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.iam import iam_util
from googlecloudsdk.command_lib.kms import flags
class SetIamPolicy(base.Command):
"""Set the IAM policy for a keyring.
Sets the IAM policy for the given keyring as defined in a JSON or YAML file.
See https://cloud.google.com/iam/docs/managing-policies for details of
the policy file format and contents.
## EXAMPLES
The following command will read am IAM policy defined in a JSON file
'policy.json' and set it for the keyring `fellowship` with location `global`:
$ {command} fellowship policy.json --location=global
"""
@staticmethod
def Args(parser):
flags.AddLocationFlag(parser, 'keyring')
flags.AddKeyRingArgument(parser, 'whose IAM policy to update')
parser.add_argument('policy_file', help=('JSON or YAML file with '
'the IAM policy'))
def Run(self, args):
messages = cloudkms_base.GetMessagesModule()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(args.policy_file,
messages.Policy)
keyring_ref = flags.ParseKeyRingName(args)
result = iam.SetKeyRingIamPolicy(keyring_ref, policy, update_mask)
iam_util.LogSetIamPolicy(keyring_ref.Name(), 'keyring')
return result