davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The group for the Org Policies CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.DefaultUniverseOnly
class OrgPolicies(base.Group):
"""Manage Org Policies.
Commands to query and to update your Org Policies.
"""

83
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/allow.py Normal file
View File

@@ -0,0 +1,83 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to add allowed values to an Organization Policy list policy."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import exceptions
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
import six
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Allow(base.Command):
"""Add values to an Organization Policy allowed_values list policy.
Adds one or more values to the specified Organization Policy allowed_values
list policy associated with the specified resource.
## EXAMPLES
The following command adds `devEnv` and `prodEnv` to an Organization Policy
allowed_values list policy for constraint `serviceuser.services`
on project `foo-project`:
$ {command} serviceuser.services --project=foo-project devEnv prodEnv
"""
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
base.Argument(
'allowed_value',
metavar='ALLOWED_VALUE',
nargs='+',
help='The values to add to the allowed_values list policy.',
).AddToParser(parser)
# TODO(b/73831954):consider refactoring
def Run(self, args):
messages = org_policies.OrgPoliciesMessages()
service = org_policies_base.OrgPoliciesService(args)
policy = service.GetOrgPolicy(org_policies_base.GetOrgPolicyRequest(args))
if policy.booleanPolicy or (policy.listPolicy and
policy.listPolicy.deniedValues):
raise exceptions.ResourceManagerError(
'Cannot add values to a non-allowed_values list policy.')
if policy.listPolicy and policy.listPolicy.allValues:
raise exceptions.ResourceManagerError(
'Cannot add values if all_values is already specified.')
if policy.listPolicy and policy.listPolicy.allowedValues:
for value in args.allowed_value:
policy.listPolicy.allowedValues.append(six.text_type(value))
else:
policy.listPolicy = messages.ListPolicy(allowedValues=args.allowed_value)
if policy.restoreDefault:
policy.restoreDefault = None
return service.SetOrgPolicy(
org_policies_base.SetOrgPolicyRequest(args, policy))

70
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/delete.py Normal file
View File

@@ -0,0 +1,70 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to delete an Organization Policy."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
from googlecloudsdk.core import log
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class DeletePolicy(base.DeleteCommand):
"""Delete an Organization Policy.
Deletes an Organization Policy associated with the specified resource.
## EXAMPLES
The following command clears an Organization Policy for constraint
`serviceuser.services` on project `foo-project`:
$ {command} serviceuser.services --project=foo-project
"""
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
result = service.ClearOrgPolicy(self.ClearOrgPolicyRequest(args))
log.DeletedResource(result)
@staticmethod
def ClearOrgPolicyRequest(args):
messages = org_policies.OrgPoliciesMessages()
resource_id = org_policies_base.GetResource(args)
request = messages.ClearOrgPolicyRequest(
constraint=org_policies.FormatConstraint(args.id))
if args.project:
return messages.CloudresourcemanagerProjectsClearOrgPolicyRequest(
projectsId=resource_id, clearOrgPolicyRequest=request)
elif args.organization:
return messages.CloudresourcemanagerOrganizationsClearOrgPolicyRequest(
organizationsId=resource_id, clearOrgPolicyRequest=request)
elif args.folder:
return messages.CloudresourcemanagerFoldersClearOrgPolicyRequest(
foldersId=resource_id, clearOrgPolicyRequest=request)
return None

83
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/deny.py Normal file
View File

@@ -0,0 +1,83 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to add denied values to an Organization Policy list policy."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import exceptions
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
import six
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Deny(base.Command):
r"""Add values to an Organization Policy denied_values list policy.
Adds one or more values to the specified Organization Policy denied_values
list policy associated with the specified resource.
## EXAMPLES
The following command adds `devEnv` and `prodEnv` to an Organization Policy
denied_values list policy for constraint `serviceuser.services`
on project `foo-project`:
$ {command} serviceuser.services --project=foo-project devEnv prodEnv
"""
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
base.Argument(
'denied_value',
metavar='DENIED_VALUE',
nargs='+',
help='The values to add to the denied_values list policy.',
).AddToParser(parser)
# TODO(b/73831954):consider refactoring
def Run(self, args):
messages = org_policies.OrgPoliciesMessages()
service = org_policies_base.OrgPoliciesService(args)
policy = service.GetOrgPolicy(org_policies_base.GetOrgPolicyRequest(args))
if policy.booleanPolicy or (policy.listPolicy and
policy.listPolicy.allowedValues):
raise exceptions.ResourceManagerError(
'Cannot add values to a non-denied_values list policy.')
if policy.listPolicy and policy.listPolicy.allValues:
raise exceptions.ResourceManagerError(
'Cannot add values if all_values is already specified.')
if policy.listPolicy and policy.listPolicy.deniedValues:
for value in args.denied_value:
policy.listPolicy.deniedValues.append(six.text_type(value))
else:
policy.listPolicy = messages.ListPolicy(deniedValues=args.denied_value)
if policy.restoreDefault:
policy.restoreDefault = None
return service.SetOrgPolicy(
org_policies_base.SetOrgPolicyRequest(args, policy))

92
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/describe.py Normal file
View File

@@ -0,0 +1,92 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to describe an Organization Policy."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import exceptions
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class Describe(base.DescribeCommand):
"""Describe an Organization Policy.
Describes an Organization Policy associated with the specified resource.
## EXAMPLES
The following command retrieves an Organization Policy
for constraint `serviceuser.services` on project `foo-project`:
$ {command} serviceuser.services --project=foo-project
The following command retrieves the effective Organization Policy
for constraint `serviceuser.services` on project `foo-project`:
$ {command} serviceuser.services --project=foo-project --effective
"""
POLICY_V2_WARNING = ('This policy has been set with Tags through Organization'
' Policy V2 API, please use `gcloud org-policies` '
'commands instead.')
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
base.Argument(
'--effective',
action='store_true',
required=False,
default=False,
help='Show the effective policy.').AddToParser(parser)
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
if not args.effective:
response = service.GetOrgPolicy(
org_policies_base.GetOrgPolicyRequest(args))
if response.version is not None and response.version == 2:
raise exceptions.ResourceManagerError(self.POLICY_V2_WARNING)
else:
response = service.GetEffectiveOrgPolicy(
self.GetEffectiveOrgPolicyRequest(args))
return response
@staticmethod
def GetEffectiveOrgPolicyRequest(args):
m = org_policies.OrgPoliciesMessages()
resource_id = org_policies_base.GetResource(args)
request = m.GetEffectiveOrgPolicyRequest(
constraint=org_policies.FormatConstraint(args.id))
if args.project:
return m.CloudresourcemanagerProjectsGetEffectiveOrgPolicyRequest(
projectsId=resource_id, getEffectiveOrgPolicyRequest=request)
elif args.organization:
return m.CloudresourcemanagerOrganizationsGetEffectiveOrgPolicyRequest(
organizationsId=resource_id, getEffectiveOrgPolicyRequest=request)
elif args.folder:
return m.CloudresourcemanagerFoldersGetEffectiveOrgPolicyRequest(
foldersId=resource_id, getEffectiveOrgPolicyRequest=request)
return None

57
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/disable_enforce.py Normal file
View File

@@ -0,0 +1,57 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to turn off enforcement of a boolean constraint."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class DisableEnforce(base.Command):
"""Turns off enforcement of boolean Organization Policy constraint.
Turns off enforcement of a boolean Organization Policy constraint at
the specified resource.
## EXAMPLES
The following command disables enforcement of the Organization Policy boolean
constraint `compute.disableSerialPortAccess` on project `foo-project`:
$ {command} compute.disableSerialPortAccess --project=foo-project
"""
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
messages = org_policies.OrgPoliciesMessages()
return service.SetOrgPolicy(
org_policies_base.SetOrgPolicyRequest(
args,
messages.OrgPolicy(
constraint=org_policies.FormatConstraint(args.id),
booleanPolicy=messages.BooleanPolicy(enforced=False))))

57
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/enable_enforce.py Normal file
View File

@@ -0,0 +1,57 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to turn on enforcement of a boolean constraint."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class EnableEnforce(base.Command):
"""Turns on enforcement of boolean Organization Policy constraint.
Turns on enforcement of a boolean Organization Policy constraint at
the specified resource.
## EXAMPLES
The following command enables enforcement of the Organization Policy boolean
constraint `compute.disableSerialPortAccess` on project `foo-project`:
$ {command} compute.disableSerialPortAccess --project=foo-project
"""
@staticmethod
def Args(parser):
flags.AddIdArgToParser(parser)
flags.AddParentResourceFlagsToParser(parser)
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
messages = org_policies.OrgPoliciesMessages()
return service.SetOrgPolicy(
org_policies_base.SetOrgPolicyRequest(
args,
messages.OrgPolicy(
constraint=org_policies.FormatConstraint(args.id),
booleanPolicy=messages.BooleanPolicy(enforced=True))))

121
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/list.py Normal file
View File

@@ -0,0 +1,121 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# pylint: disable=line-too-long
"""Command to list Organization Policies associated with the specified resource."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class List(base.ListCommand):
"""List Organization Policies associated with the specified resource.
## EXAMPLES
The following command lists all set Organization Policies associated with
project `foo-project`:
$ {command} --project=foo-project
The following command lists all available constraints in addition to set
Organization Policies associated with project `foo-project`:
$ {command} --project=foo-project --show-unset
"""
@staticmethod
def Args(parser):
flags.AddParentResourceFlagsToParser(parser)
base.Argument(
'--show-unset',
action='store_true',
required=False,
default=False,
help="""
Show available constraints. For more information about constraints, see
https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints
""").AddToParser(parser)
parser.display_info.AddFormat("""
table(
constraint,
listPolicy.yesno(no="-", yes="SET"),
booleanPolicy.yesno(no="-", yes="SET"),
etag
)
""")
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
response = service.ListOrgPolicies(self.ListOrgPoliciesRequest(args))
if args.show_unset:
constraints = service.ListAvailableOrgPolicyConstraints(
self.ListAvailableOrgPolicyConstraintsRequest(args))
existing_policies = [policy.constraint for policy in response.policies]
messages = org_policies.OrgPoliciesMessages()
for constraint in constraints.constraints:
if constraint.name not in existing_policies:
response.policies.append(
messages.OrgPolicy(constraint=constraint.name))
return response.policies
@staticmethod
def ListOrgPoliciesRequest(args):
messages = org_policies.OrgPoliciesMessages()
resource_id = org_policies_base.GetResource(args)
request = messages.ListOrgPoliciesRequest()
if args.project:
return messages.CloudresourcemanagerProjectsListOrgPoliciesRequest(
projectsId=resource_id, listOrgPoliciesRequest=request)
elif args.organization:
return messages.CloudresourcemanagerOrganizationsListOrgPoliciesRequest(
organizationsId=resource_id, listOrgPoliciesRequest=request)
elif args.folder:
return messages.CloudresourcemanagerFoldersListOrgPoliciesRequest(
foldersId=resource_id, listOrgPoliciesRequest=request)
return None
@staticmethod
def ListAvailableOrgPolicyConstraintsRequest(args):
messages = org_policies.OrgPoliciesMessages()
resource_id = org_policies_base.GetResource(args)
request = messages.ListAvailableOrgPolicyConstraintsRequest()
if args.project:
# pylint: disable=line-too-long
return messages.CloudresourcemanagerProjectsListAvailableOrgPolicyConstraintsRequest(
projectsId=resource_id,
listAvailableOrgPolicyConstraintsRequest=request)
elif args.organization:
# pylint: disable=line-too-long
return messages.CloudresourcemanagerOrganizationsListAvailableOrgPolicyConstraintsRequest(
organizationsId=resource_id,
listAvailableOrgPolicyConstraintsRequest=request)
elif args.folder:
# pylint: disable=line-too-long
return messages.CloudresourcemanagerFoldersListAvailableOrgPolicyConstraintsRequest(
foldersId=resource_id,
listAvailableOrgPolicyConstraintsRequest=request)
return None

75
gcloud auth application-default login/google-cloud-sdk/lib/surface/resource_manager/org_policies/set_policy.py Normal file
View File

@@ -0,0 +1,75 @@
# -*- coding: utf-8 -*- #
# Copyright 2017 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command to set an Organization Policy."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.resource_manager import org_policies
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.resource_manager import org_policies_base
from googlecloudsdk.command_lib.resource_manager import org_policies_flags as flags
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class SetPolicy(base.DescribeCommand):
"""Set Organization Policy.
Sets an Organization Policy associated with the specified resource from
a file that contains the JSON or YAML encoded Organization Policy.
## EXAMPLES
Organization policy list constraint YAML file example:
constraint: constraints/CONSTRAINT_NAME
listPolicy:
deniedValues:
- VALUE_A
Organization policy list constraint JSON file example:
{
"constraint": "constraints/CONSTRAINT_NAME",
"listPolicy": {
"deniedValues": ["VALUE_A"]
}
}
The following command sets an Organization Policy for a constraint
on project `foo-project` from file `/tmp/policy.yaml`:
$ {command} --project=foo-project /tmp/policy.yaml
"""
@staticmethod
def Args(parser):
flags.AddParentResourceFlagsToParser(parser)
base.Argument(
'policy_file',
help='JSON or YAML file with the Organization Policy.').AddToParser(
parser)
def Run(self, args):
service = org_policies_base.OrgPoliciesService(args)
messages = org_policies.OrgPoliciesMessages()
return service.SetOrgPolicy(
org_policies_base.SetOrgPolicyRequest(args,
org_policies.GetFileAsMessage(
args.policy_file,
messages.OrgPolicy)))