- release_tracks: [ALPHA]
  help_text:
    brief: Lint an IAM condition.
    description: |
      Lint an IAM condition. The problems found by linter will not be fixed.
      Instead, it will show the problems.
    examples: |
      To lint an IAM condition of resource `//cloudresourcemanager.googleapis.com/v1/projects/example-project`,
      and the condtion to lint is expression='true', title='title', description='description', run:

        $ {command} --resource-name='//cloudresourcemanager.googleapis.com/v1/projects/example-project' --expression='true' --title='title' --description='description'

      To lint an IAM condition of resource `//cloudresourcemanager.googleapis.com/v1/projects/example-project`,
      and the condition is read from a local YAML file `condition.yaml`, run:

        $ {command} --resource-name='//cloudresourcemanager.googleapis.com/v1/projects/example-project' --condition-from-file='condition.yaml'
  request:
    collection: iam.iamPolicies
    method: lintPolicy
    api_version: v1
    modify_request_hooks:
    - googlecloudsdk.command_lib.iam.hooks:UpdateRequestWithConditionFromFile

  arguments:
    params:
    - arg_name: resource-name
      api_field: fullResourceName
      help_text: |
        The full resource name of the policy containing the condition to lint.
        See https://cloud.google.com/apis/design/resource_names for details.

        To get a URI from most list commands in gcloud, pass the --uri flag.
        For example:

          $ gcloud compute instances list --project prj --uri

          https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-c/instances/i1
          https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-d/instances/i2
    - group:
        mutex: true
        required: true
        params:
        - arg_name: condition-from-file
          type: googlecloudsdk.command_lib.iam.hooks:ParseConditionFromFile
          help_text: |
            The path to a JSON or YAML file containing the condition.
            See https://cloud.google.com/iam/docs/conditions-overview for schema of the condition.
        - group:
            help_text: |
              The condition to lint. It must have an `expression` property and a `title` property.
              The `description` property is optional.
            params:
            - arg_name: expression
              api_field: condition.expression
              required: true
              help_text: |
                The expression of the condition which evaluates to True or False. This uses a subset
                of Common Expression Language syntax.
            - arg_name: title
              api_field: condition.title
              required: true
              help_text: |
                A title for the expression, i.e. a short string describing its purpose.
            - arg_name: description
              api_field: condition.description
              help_text: |
                A description of the expression. This is a longer text which describes the
                expression.