From 53419ec2d1bdbcbd2f0f299e9795aa19c8368534 Mon Sep 17 00:00:00 2001 From: Jeff Ching Date: Fri, 11 Sep 2020 15:41:50 -0700 Subject: [PATCH 01/80] feat: initial code generation --- privateca/pom.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 privateca/pom.xml diff --git a/privateca/pom.xml b/privateca/pom.xml new file mode 100644 index 00000000000..248430d10bc --- /dev/null +++ b/privateca/pom.xml @@ -0,0 +1,47 @@ + + + 4.0.0 + com.google.cloud + security-privateca-snippets + jar + Google Certificate Authority Service Snippets + https://github.com/googleapis/java-security-privateca + + + + com.google.cloud.samples + shared-configuration + 1.0.12 + + + + 1.8 + 1.8 + UTF-8 + + + + + + com.google.cloud + google-cloud-security-privateca + 0.0.0 + + + + junit + junit + 4.13 + test + + + com.google.truth + truth + 1.0.1 + test + + + From ff56576a70ac43239283ae62e5e407ad237a0362 Mon Sep 17 00:00:00 2001 From: Jeff Ching Date: Tue, 15 Sep 2020 11:02:07 -0700 Subject: [PATCH 02/80] chore: rename artifact to google-cloud-security-private-ca (#8) --- privateca/pom.xml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 248430d10bc..71a98276949 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -2,10 +2,10 @@ 4.0.0 com.google.cloud - security-privateca-snippets + security-private-ca-snippets jar Google Certificate Authority Service Snippets - https://github.com/googleapis/java-security-privateca + https://github.com/googleapis/java-security-private-ca com.google.cloud - google-cloud-security-privateca + google-cloud-security-private-ca 0.0.0 From 09ad9e4184fe0e1e58040d49b18ccafd5f7b0c8a Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 2 Oct 2020 18:54:16 +0200 Subject: [PATCH 03/80] chore(deps): update dependency com.google.cloud.samples:shared-configuration to v1.0.21 (#27) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [com.google.cloud.samples:shared-configuration](com/google/cloud/samples/shared-configuration) | patch | `1.0.18` -> `1.0.21` | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 71a98276949..04d36decff4 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -14,7 +14,7 @@ com.google.cloud.samples shared-configuration - 1.0.18 + 1.0.21 From d9f8cd31d499be161f65b75be5d70980184fcd4f Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 9 Oct 2020 01:12:20 +0200 Subject: [PATCH 04/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.1.1 (#24) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | minor | `0.0.0` -> `0.1.1` | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 04d36decff4..da88ae31076 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.0.0 + 0.1.1 From fe1c90c3ce0882b85275fcf8d25a87d40463b98b Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 12 Oct 2020 19:01:15 +0200 Subject: [PATCH 05/80] test(deps): update dependency junit:junit to v4.13.1 --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index da88ae31076..aaa47a68bd4 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -34,7 +34,7 @@ junit junit - 4.13 + 4.13.1 test From 9567cedebcfbf6120fbf6ed3f1376b309c913504 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 22 Oct 2020 20:13:40 +0200 Subject: [PATCH 06/80] deps: update dependency com.google.truth:truth to v1.1 (#50) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index aaa47a68bd4..b00aee5be4f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.truth truth - 1.0.1 + 1.1 test From b9f58fbc1a3b8d08991e6d4471c14745d66b2409 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 22 Oct 2020 21:42:23 +0200 Subject: [PATCH 07/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.2.0 (#53) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | minor | `0.1.1` -> `0.2.0` | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index b00aee5be4f..048999af61b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.1.1 + 0.2.0 From 41a7d02b4d175bfaca93cace390c0921264c0bc4 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 2 Nov 2020 23:28:05 +0100 Subject: [PATCH 08/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.2.1 (#64) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | patch | `0.2.0` -> `0.2.1` | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 048999af61b..7c3d0ee6618 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.2.0 + 0.2.1 From 2de90c1347cdfa384dbe39f2525b9217ad8ba798 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 25 Jan 2021 18:32:32 +0100 Subject: [PATCH 09/80] test(deps): update dependency com.google.truth:truth to v1.1.2 (#104) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.truth:truth](com/google/truth/truth) | `1.1` -> `1.1.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.2/compatibility-slim/1.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.2/confidence-slim/1.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 7c3d0ee6618..c957f5af85f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.truth truth - 1.1 + 1.1.2 test From c52e24099b2d1928d79dc1781e92f37a3ce1216c Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 16 Feb 2021 19:06:23 +0100 Subject: [PATCH 10/80] test(deps): update dependency junit:junit to v4.13.2 (#119) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [junit:junit](http://junit.org) ([source](https://togithub.com/junit-team/junit4)) | `4.13.1` -> `4.13.2` | [![age](https://badges.renovateapi.com/packages/maven/junit:junit/4.13.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/junit:junit/4.13.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/junit:junit/4.13.2/compatibility-slim/4.13.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/junit:junit/4.13.2/confidence-slim/4.13.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index c957f5af85f..7a9e2fefe19 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -34,7 +34,7 @@ junit junit - 4.13.1 + 4.13.2 test From 210830b73d46bec4cf80226cfa891bae0dabb181 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 24 Feb 2021 22:53:40 +0100 Subject: [PATCH 11/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.2.6 (#115) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 7a9e2fefe19..78f4b588a2e 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.2.1 + 0.2.6 From af6132a0aea400b65f5a48a2c6a955d5d9b293a5 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 25 Feb 2021 01:18:06 +0100 Subject: [PATCH 12/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.2.7 (#128) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `0.2.6` -> `0.2.7` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.7/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.7/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.7/compatibility-slim/0.2.6)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.7/confidence-slim/0.2.6)](https://docs.renovatebot.com/merge-confidence/) | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 78f4b588a2e..0fa92d6a099 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.2.6 + 0.2.7 From ed4a697b689d84de4391f76fe30782be893f7c57 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 26 Feb 2021 02:18:42 +0100 Subject: [PATCH 13/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.2.8 (#134) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `0.2.7` -> `0.2.8` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.8/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.8/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.8/compatibility-slim/0.2.7)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.2.8/confidence-slim/0.2.7)](https://docs.renovatebot.com/merge-confidence/) | --- ### Renovate configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 0fa92d6a099..0d7f20c4e7b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.2.7 + 0.2.8 From ae9c953dfef3640ca0ba9bdd41dbfbe59ffdd0f6 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 9 Apr 2021 19:52:21 +0200 Subject: [PATCH 14/80] chore(deps): update dependency com.google.cloud.samples:shared-configuration to v1.0.22 (#148) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | com.google.cloud.samples:shared-configuration | `1.0.21` -> `1.0.22` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.22/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.22/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.22/compatibility-slim/1.0.21)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.22/confidence-slim/1.0.21)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 0d7f20c4e7b..a608ed4834b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -14,7 +14,7 @@ com.google.cloud.samples shared-configuration - 1.0.21 + 1.0.22 From 7b4dc76082a08f9cfccdd0051a3e7504cb339316 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 19 Apr 2021 23:54:03 +0200 Subject: [PATCH 15/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.3.0 (#157) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `0.2.8` -> `0.3.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.3.0/compatibility-slim/0.2.8)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.3.0/confidence-slim/0.2.8)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration :date: **Schedule**: At any time (no schedule defined). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index a608ed4834b..f7f9ffc49d1 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.2.8 + 0.3.0 From da3934bbd4e39c445a41730040c140a1ceb23efd Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 26 May 2021 18:16:02 +0200 Subject: [PATCH 16/80] test(deps): update dependency com.google.truth:truth to v1.1.3 (#182) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | com.google.truth:truth | `1.1.2` -> `1.1.3` | [![age](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.3/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.3/compatibility-slim/1.1.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.truth:truth/1.1.3/confidence-slim/1.1.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻️ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index f7f9ffc49d1..48e077e60e2 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.truth truth - 1.1.2 + 1.1.3 test From 241a764f74ff48722bcc46d4e67dd54fe3f4090c Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 31 May 2021 20:06:13 +0200 Subject: [PATCH 17/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v0.4.0 (#184) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `0.3.0` -> `0.4.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.4.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.4.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.4.0/compatibility-slim/0.3.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/0.4.0/confidence-slim/0.3.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻️ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 48e077e60e2..cd528f84248 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.3.0 + 0.4.0 From c134de0e12fc3d063bc02d698914829d0d7cf6bf Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 8 Jun 2021 00:32:34 +0200 Subject: [PATCH 18/80] chore(deps): update dependency com.google.cloud.samples:shared-configuration to v1.0.23 (#188) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | com.google.cloud.samples:shared-configuration | `1.0.22` -> `1.0.23` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.23/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.23/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.23/compatibility-slim/1.0.22)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.0.23/confidence-slim/1.0.22)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index cd528f84248..59a84c9dc4f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -14,7 +14,7 @@ com.google.cloud.samples shared-configuration - 1.0.22 + 1.0.23 From 23a28ef6de738178f05aa1747b69bfde3d95c320 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 18 Jun 2021 00:32:11 +0200 Subject: [PATCH 19/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v1 (#198) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 59a84c9dc4f..e8607b3bf1e 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -28,7 +28,7 @@ com.google.cloud google-cloud-security-private-ca - 0.4.0 + 1.0.0 From ddaccef104a54535ae8cbf5bbb96db090647a630 Mon Sep 17 00:00:00 2001 From: sitalakshmis <79585041+sitalakshmis@users.noreply.github.com> Date: Wed, 30 Jun 2021 22:00:05 +0530 Subject: [PATCH 20/80] feat: add client code samples (#203) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * init commit - code samples for private ca * Added support for LRO and included comments. * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * docs: added comments for more context * refactor: modified ca param name to disambiguate * feat: added samples and tests to create, list and revoke certificates * chore: modified dependency to include kms * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * refactor: improves readability * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * refactor: added error reporting context and modified class names to align with API design * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * docs: updated the client name in comment Co-authored-by: Owl Bot --- .../src/main/java/privateca/CreateCaPool.java | 80 +++++ .../java/privateca/CreateCertificate.java | 186 ++++++++++ .../privateca/CreateCertificateAuthority.java | 133 ++++++++ .../src/main/java/privateca/DeleteCaPool.java | 80 +++++ .../privateca/DeleteCertificateAuthority.java | 113 ++++++ .../DisableCertificateAuthority.java | 99 ++++++ .../privateca/EnableCertificateAuthority.java | 95 ++++++ .../src/main/java/privateca/ListCaPools.java | 65 ++++ .../privateca/ListCertificateAuthorities.java | 65 ++++ .../main/java/privateca/ListCertificates.java | 64 ++++ .../java/privateca/RevokeCertificate.java | 84 +++++ .../src/test/java/privateca/SnippetsIT.java | 322 ++++++++++++++++++ privateca/pom.xml | 29 ++ 13 files changed, 1415 insertions(+) create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateCaPool.java create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateCertificate.java create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java create mode 100644 privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java create mode 100644 privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java create mode 100644 privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java create mode 100644 privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java create mode 100644 privateca/cloud-client/src/main/java/privateca/ListCaPools.java create mode 100644 privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java create mode 100644 privateca/cloud-client/src/main/java/privateca/ListCertificates.java create mode 100644 privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java create mode 100644 privateca/cloud-client/src/test/java/privateca/SnippetsIT.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java new file mode 100644 index 00000000000..9a0ab28e9a8 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java @@ -0,0 +1,80 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_ca_pool] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPool; +import com.google.cloud.security.privateca.v1.CaPool.Tier; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CreateCaPoolRequest; +import com.google.cloud.security.privateca.v1.LocationName; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class CreateCaPool { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: Set a unique name for the CA pool. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + createCaPool(project, location, caPoolName); + } + + // Create a Certificate Authority Pool. All certificates created under this CA pool will + // follow the same issuance policy, IAM policies,etc., + public static void createCaPool(String project, String location, String caPoolName) + throws InterruptedException, ExecutionException, IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + /* Create the pool request + Set Parent which denotes the project id and location. + Set the Tier (see: https://cloud.google.com/certificate-authority-service/docs/tiers). + */ + CreateCaPoolRequest caPoolRequest = + CreateCaPoolRequest.newBuilder() + .setParent(LocationName.of(project, location).toString()) + .setCaPoolId(caPoolName) + .setCaPool(CaPool.newBuilder().setTier(Tier.ENTERPRISE).build()) + .build(); + + // Create the CA pool. + ApiFuture futureCall = + certificateAuthorityServiceClient.createCaPoolCallable().futureCall(caPoolRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while creating CA pool !" + response.getError()); + return; + } + + System.out.println("CA pool created successfully: " + caPoolName); + } + } +} +// [END privateca_create_ca_pool] diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java new file mode 100644 index 00000000000..8be4f175bc4 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java @@ -0,0 +1,186 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_certificate] + +import com.google.api.core.ApiFuture; +import com.google.cloud.kms.v1.CryptoKeyVersionName; +import com.google.cloud.kms.v1.KeyManagementServiceClient; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateConfig; +import com.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig; +import com.google.cloud.security.privateca.v1.CreateCertificateRequest; +import com.google.cloud.security.privateca.v1.KeyUsage; +import com.google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions; +import com.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions; +import com.google.cloud.security.privateca.v1.PublicKey; +import com.google.cloud.security.privateca.v1.PublicKey.KeyFormat; +import com.google.cloud.security.privateca.v1.Subject; +import com.google.cloud.security.privateca.v1.SubjectAltNames; +import com.google.cloud.security.privateca.v1.X509Parameters; +import com.google.cloud.security.privateca.v1.X509Parameters.CaOptions; +import com.google.protobuf.ByteString; +import com.google.protobuf.Duration; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class CreateCertificate { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + + // To sign and issue a certificate, a public key is essential. Here, we are making use + // of Cloud KMS to retrieve an already created public key. Specify the following details to + // retrieve the key. For more info, see: https://cloud.google.com/kms/docs/retrieve-public-key + String project = "your-project-id"; + String kmsLocation = "kms-location"; + String keyRingId = "your-ring-id"; + String keyId = "your-key-id"; + String keyVersionId = "your-version-id"; + + // Retrieve the public key from Cloud KMS. + ByteString publicKeyBytes = + retrievePublicKey(project, kmsLocation, keyRingId, keyId, keyVersionId); + + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: Set a unique name for the CA pool. + // certificateAuthorityName: The name of the certificate authority which issues the certificate. + // certificateName: Set a unique name for the certificate. + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateAuthorityName = "certificate-authority-name"; + String certificateName = "certificate-name"; + + createCertificate( + project, location, caPoolName, certificateAuthorityName, certificateName, publicKeyBytes); + } + + // Create a Certificate which is issued by the Certificate Authority present in the CA Pool. + // The key used to sign the certificate is created by the Cloud KMS. + public static void createCertificate( + String project, + String location, + String caPoolName, + String certificateAuthorityName, + String certificateName, + ByteString publicKeyBytes) + throws InterruptedException, ExecutionException, IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // commonName: Enter a title for your certificate. + // orgName: Provide the name of your company. + // domainName: List the fully qualified domain name. + // certificateLifetime: The validity of the certificate in seconds. + String commonName = "common-name"; + String orgName = "org-name"; + String domainName = "dnsname.com"; + long certificateLifetime = 1000L; + + // Set the Public Key and its format as obtained from the Cloud KMS. + PublicKey publicKey = + PublicKey.newBuilder().setKey(publicKeyBytes).setFormat(KeyFormat.PEM).build(); + + SubjectConfig subjectConfig = + SubjectConfig.newBuilder() + // Set the common name and org name. + .setSubject( + Subject.newBuilder().setCommonName(commonName).setOrganization(orgName).build()) + // Set the fully qualified domain name. + .setSubjectAltName(SubjectAltNames.newBuilder().addDnsNames(domainName).build()) + .build(); + + // Set the X.509 fields required for the certificate. + X509Parameters x509Parameters = + X509Parameters.newBuilder() + .setKeyUsage( + KeyUsage.newBuilder() + .setBaseKeyUsage( + KeyUsageOptions.newBuilder() + .setDigitalSignature(true) + .setKeyEncipherment(true) + .setCertSign(true) + .build()) + .setExtendedKeyUsage( + ExtendedKeyUsageOptions.newBuilder().setServerAuth(true).build()) + .build()) + .setCaOptions(CaOptions.newBuilder().setIsCa(true).buildPartial()) + .build(); + + // Create certificate. + Certificate certificate = + Certificate.newBuilder() + .setConfig( + CertificateConfig.newBuilder() + .setPublicKey(publicKey) + .setSubjectConfig(subjectConfig) + .setX509Config(x509Parameters) + .build()) + .setLifetime(Duration.newBuilder().setSeconds(certificateLifetime).build()) + .build(); + + // Create the Certificate Request. + CreateCertificateRequest certificateRequest = + CreateCertificateRequest.newBuilder() + .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setCertificateId(certificateName) + .setCertificate(certificate) + .setIssuingCertificateAuthorityId(certificateAuthorityName) + .build(); + + // Get the Certificate response. + ApiFuture future = + certificateAuthorityServiceClient + .createCertificateCallable() + .futureCall(certificateRequest); + + Certificate response = future.get(); + // Get the PEM encoded, signed X.509 certificate. + System.out.println(response.getPemCertificate()); + // To verify the obtained certificate, use this intermediate chain list. + System.out.println(response.getPemCertificateChainList()); + } + } + + // Get the public Key used for signing the certificate from Cloud KMS. + public static ByteString retrievePublicKey( + String project, String kmsLocation, String keyRingId, String keyId, String keyVersionId) + throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `client.close()` method on the client to safely + // clean up any remaining background resources. + try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { + + CryptoKeyVersionName keyVersionName = + CryptoKeyVersionName.of(project, kmsLocation, keyRingId, keyId, keyVersionId); + com.google.cloud.kms.v1.PublicKey publicKey = client.getPublicKey(keyVersionName); + + ByteString publicKeyBytes = publicKey.getPemBytes(); + return publicKeyBytes; + } + } +} +// [END privateca_create_certificate] diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java new file mode 100644 index 00000000000..b4877b90b60 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java @@ -0,0 +1,133 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_ca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.CertificateAuthority; +import com.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpec; +import com.google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithm; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateConfig; +import com.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig; +import com.google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest; +import com.google.cloud.security.privateca.v1.KeyUsage; +import com.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions; +import com.google.cloud.security.privateca.v1.Subject; +import com.google.cloud.security.privateca.v1.X509Parameters; +import com.google.cloud.security.privateca.v1.X509Parameters.CaOptions; +import com.google.longrunning.Operation; +import com.google.protobuf.Duration; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class CreateCertificateAuthority { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: Set it to the CA Pool under which the CA should be created. + // certificateAuthorityName: Unique name for the CA. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateAuthorityName = "certificate-authority-name"; + createCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + } + + // Create Certificate Authority which is the root CA in the given CA Pool. This CA will be + // responsible for signing certificates within this pool. + public static void createCertificateAuthority( + String project, String location, String caPoolName, String certificateAuthorityName) + throws InterruptedException, ExecutionException, IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + String commonName = "common-name"; + String orgName = "org-name"; + int caDuration = 100000; // Validity of this CA in seconds. + + // Set the types of Algorithm used to create a cloud KMS key. + KeyVersionSpec keyVersionSpec = + KeyVersionSpec.newBuilder().setAlgorithm(SignHashAlgorithm.RSA_PKCS1_4096_SHA256).build(); + + // Set CA subject config. + SubjectConfig subjectConfig = + SubjectConfig.newBuilder() + .setSubject( + Subject.newBuilder().setCommonName(commonName).setOrganization(orgName).build()) + .build(); + + // Set the key usage options for X.509 fields. + X509Parameters x509Parameters = + X509Parameters.newBuilder() + .setKeyUsage( + KeyUsage.newBuilder() + .setBaseKeyUsage( + KeyUsageOptions.newBuilder().setCrlSign(true).setCertSign(true).build()) + .build()) + .setCaOptions(CaOptions.newBuilder().setIsCa(true).build()) + .build(); + + // Set certificate authority settings. + CertificateAuthority certificateAuthority = + CertificateAuthority.newBuilder() + // CertificateAuthority.Type.SELF_SIGNED denotes that this CA is a root CA. + .setType(CertificateAuthority.Type.SELF_SIGNED) + .setKeySpec(keyVersionSpec) + .setConfig( + CertificateConfig.newBuilder() + .setSubjectConfig(subjectConfig) + .setX509Config(x509Parameters) + .build()) + // Set the CA validity duration. + .setLifetime(Duration.newBuilder().setSeconds(caDuration).build()) + .build(); + + // Create the CertificateAuthorityRequest. + CreateCertificateAuthorityRequest certificateAuthorityRequest = + CreateCertificateAuthorityRequest.newBuilder() + .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setCertificateAuthorityId(certificateAuthorityName) + .setCertificateAuthority(certificateAuthority) + .build(); + + // Create Certificate Authority. + ApiFuture futureCall = + certificateAuthorityServiceClient + .createCertificateAuthorityCallable() + .futureCall(certificateAuthorityRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while creating CA !" + response.getError()); + return; + } + + System.out.println( + "Certificate Authority created successfully : " + certificateAuthorityName); + } + } +} +// [END privateca_create_ca] diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java new file mode 100644 index 00000000000..69e0a12a380 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java @@ -0,0 +1,80 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_delete_ca_pool] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.DeleteCaPoolRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeoutException; + +public class DeleteCaPool { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException, TimeoutException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: The name of the CA pool to be deleted. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + deleteCaPool(project, location, caPoolName); + } + + // Delete the CA pool as mentioned by the caPoolName. + // Before deleting the pool, all CAs in the pool MUST BE deleted. + public static void deleteCaPool(String project, String location, String caPoolName) + throws InterruptedException, ExecutionException, IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Set the project, location and caPoolName to delete. + CaPoolName caPool = + CaPoolName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .build(); + + // Create the Delete request. + DeleteCaPoolRequest deleteCaPoolRequest = + DeleteCaPoolRequest.newBuilder().setName(caPool.toString()).build(); + + // Delete the CA Pool. + ApiFuture futureCall = + certificateAuthorityServiceClient.deleteCaPoolCallable().futureCall(deleteCaPoolRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while deleting CA pool !" + response.getError()); + return; + } + + System.out.println("Deleted CA Pool: " + caPoolName); + } + } +} +// [END privateca_delete_ca_pool] diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java new file mode 100644 index 00000000000..d370acf8306 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java @@ -0,0 +1,113 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_delete_ca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthority.State; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.DeleteCertificateAuthorityRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class DeleteCertificateAuthority { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: The name of the CA pool under which the CA is present. + // certificateAuthorityName: The name of the CA to be deleted. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateAuthorityName = "certificate-authority-name"; + deleteCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + } + + // Delete the Certificate Authority from the specified CA pool. + // Before deletion, the CA must be disabled and must not contain any active certificates. + public static void deleteCertificateAuthority( + String project, String location, String caPoolName, String certificateAuthorityName) + throws IOException, ExecutionException, InterruptedException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + // Create the Certificate Authority Name. + CertificateAuthorityName certificateAuthorityNameParent = + CertificateAuthorityName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .setCertificateAuthority(certificateAuthorityName) + .build(); + + // Check if the CA is enabled. + State caState = + certificateAuthorityServiceClient + .getCertificateAuthority(certificateAuthorityNameParent) + .getState(); + if (caState == State.ENABLED) { + System.out.println( + "Please disable the Certificate Authority before deletion ! Current state: " + caState); + return; + } + + // Create the DeleteCertificateAuthorityRequest. + // Setting the setIgnoreActiveCertificates() to true, will delete the CA + // even if it contains active certificates. Care should be taken to re-anchor + // the certificates to new CA before deleting. + DeleteCertificateAuthorityRequest deleteCertificateAuthorityRequest = + DeleteCertificateAuthorityRequest.newBuilder() + .setName(certificateAuthorityNameParent.toString()) + .setIgnoreActiveCertificates(false) + .build(); + + // Delete the Certificate Authority. + ApiFuture futureCall = + certificateAuthorityServiceClient + .deleteCertificateAuthorityCallable() + .futureCall(deleteCertificateAuthorityRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while deleting Certificate Authority !" + response.getError()); + return; + } + + // Check if the CA has been deleted. + caState = + certificateAuthorityServiceClient + .getCertificateAuthority(certificateAuthorityNameParent) + .getState(); + if (caState == State.DELETED) { + System.out.println( + "Successfully deleted Certificate Authority : " + certificateAuthorityName); + } else { + System.out.println( + "Unable to delete Certificate Authority. Please try again ! Current state: " + caState); + } + } + } +} +// [END privateca_delete_ca] diff --git a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java new file mode 100644 index 00000000000..73ab2cf1163 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java @@ -0,0 +1,99 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_disable_ca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthority.State; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class DisableCertificateAuthority { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: The name of the CA pool under which the CA is present. + // certificateAuthorityName: The name of the CA to be disabled. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateAuthorityName = "certificate-authority-name"; + disableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + } + + // Disable a Certificate Authority which is present in the given CA pool. + public static void disableCertificateAuthority( + String project, String location, String caPoolName, String certificateAuthorityName) + throws IOException, ExecutionException, InterruptedException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Create the Certificate Authority Name. + CertificateAuthorityName certificateAuthorityNameParent = + CertificateAuthorityName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .setCertificateAuthority(certificateAuthorityName) + .build(); + + // Create the Disable Certificate Authority Request. + DisableCertificateAuthorityRequest disableCertificateAuthorityRequest = + DisableCertificateAuthorityRequest.newBuilder() + .setName(certificateAuthorityNameParent.toString()) + .build(); + + // Disable the Certificate Authority. + ApiFuture futureCall = + certificateAuthorityServiceClient + .disableCertificateAuthorityCallable() + .futureCall(disableCertificateAuthorityRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while disabling Certificate Authority !" + response.getError()); + return; + } + + // Get the current CA state. + State caState = + certificateAuthorityServiceClient + .getCertificateAuthority(certificateAuthorityNameParent) + .getState(); + + // Check if the Certificate Authority is disabled. + if (caState == State.DISABLED) { + System.out.println("Disabled Certificate Authority : " + certificateAuthorityName); + } else { + System.out.println( + "Cannot disable the Certificate Authority ! Current CA State: " + caState); + } + } + } +} +// [END privateca_disable_ca] diff --git a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java new file mode 100644 index 00000000000..121d7998b77 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java @@ -0,0 +1,95 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_enable_ca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthority.State; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.EnableCertificateAuthorityRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class EnableCertificateAuthority { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: The name of the CA pool under which the CA is present. + // certificateAuthorityName: The name of the CA to be enabled. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateAuthorityName = "certificate-authority-name"; + enableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + } + + // Enable the Certificate Authority present in the given ca pool. + // CA cannot be enabled if it has been already deleted. + public static void enableCertificateAuthority( + String project, String location, String caPoolName, String certificateAuthorityName) + throws IOException, ExecutionException, InterruptedException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + // Create the Certificate Authority Name. + CertificateAuthorityName certificateAuthorityParent = + CertificateAuthorityName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .setCertificateAuthority(certificateAuthorityName) + .build(); + + // Create the Enable Certificate Authority Request. + EnableCertificateAuthorityRequest enableCertificateAuthorityRequest = + EnableCertificateAuthorityRequest.newBuilder() + .setName(certificateAuthorityParent.toString()) + .build(); + + // Enable the Certificate Authority. + ApiFuture futureCall = + certificateAuthorityServiceClient + .enableCertificateAuthorityCallable() + .futureCall(enableCertificateAuthorityRequest); + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while enabling Certificate Authority !" + response.getError()); + return; + } + + // Get the current CA state. + State caState = + certificateAuthorityServiceClient + .getCertificateAuthority(certificateAuthorityParent) + .getState(); + + // Check if the CA is enabled. + if (caState == State.ENABLED) { + System.out.println("Enabled Certificate Authority : " + certificateAuthorityName); + } else { + System.out.println( + "Cannot enable the Certificate Authority ! Current CA State: " + caState); + } + } + } +} +// [END privateca_enable_ca] diff --git a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java new file mode 100644 index 00000000000..aec8ff4e134 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java @@ -0,0 +1,65 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_list_ca_pool] + +import com.google.cloud.security.privateca.v1.CaPool; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.LocationName; +import java.io.IOException; + +public class ListCaPools { + + public static void main(String[] args) throws IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + String project = "your-project-id"; + String location = "ca-location"; + listCaPools(project, location); + } + + // List all CA pools present in the given project and location. + public static void listCaPools(String project, String location) throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Set the Location Name which contains project and location of the pool. + LocationName locationName = + LocationName.newBuilder().setProject(project).setLocation(location).build(); + + String caPoolName = ""; + System.out.println("Available CA pools: "); + + // List the CA pools. + for (CaPool caPool : + certificateAuthorityServiceClient.listCaPools(locationName).iterateAll()) { + caPoolName = caPool.getName(); + // caPoolName represents the full resource name of the + // format 'projects/{project-id}/locations/{location}/ca-pools/{ca-pool-name}'. + // Hence stripping it down to just pool name. + System.out.println( + caPoolName.substring(caPoolName.lastIndexOf("/") + 1) + " " + caPool.isInitialized()); + } + } + } +} +// [END privateca_list_ca_pool] diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java new file mode 100644 index 00000000000..49d76dfb875 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java @@ -0,0 +1,65 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_list_ca] + +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.CertificateAuthority; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import java.io.IOException; + +public class ListCertificateAuthorities { + + public static void main(String[] args) throws IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: The name of the CA pool under which the CAs to be listed are present. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + listCertificateAuthority(project, location, caPoolName); + } + + // List all Certificate authorities present in the given CA Pool. + public static void listCertificateAuthority(String project, String location, String caPoolName) + throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Create CA pool name comprising of project, location and the pool name. + CaPoolName parent = + CaPoolName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .build(); + + // List the CA name and its corresponding state. + for (CertificateAuthority certificateAuthority : + certificateAuthorityServiceClient.listCertificateAuthorities(parent).iterateAll()) { + System.out.println( + certificateAuthority.getName() + " is " + certificateAuthority.getState()); + } + } + } +} +// [END privateca_list_ca] diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java new file mode 100644 index 00000000000..1e255c21bb2 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java @@ -0,0 +1,64 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_list_certificate] + +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import java.io.IOException; + +public class ListCertificates { + + public static void main(String[] args) throws IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: Name of the CA pool which contains the certificates to be listed. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + listCertificates(project, location, caPoolName); + } + + // List Certificates present in the given CA pool. + public static void listCertificates(String project, String location, String caPoolName) + throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + CaPoolName caPool = + CaPoolName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .build(); + + // Retrieve and print the certificate names. + System.out.println("Available certificates: "); + for (Certificate certificate : + certificateAuthorityServiceClient.listCertificates(caPool).iterateAll()) { + System.out.println(certificate.getName()); + } + } + } +} +// [END privateca_list_certificate] diff --git a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java new file mode 100644 index 00000000000..c12171ca1f9 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java @@ -0,0 +1,84 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_revoke_certificate] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateName; +import com.google.cloud.security.privateca.v1.RevocationReason; +import com.google.cloud.security.privateca.v1.RevokeCertificateRequest; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class RevokeCertificate { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // caPoolName: Name for the CA pool which contains the certificate. + // certificateName: Name of the certificate to be revoked. + String project = "your-project-id"; + String location = "ca-location"; + String caPoolName = "ca-pool-name"; + String certificateName = "certificate-name"; + revokeCertificate(project, location, caPoolName, certificateName); + } + + // Revoke an issued certificate. Once revoked, the certificate will become invalid and will expire + // post its lifetime. + public static void revokeCertificate( + String project, String location, String caPoolName, String certificateName) + throws IOException, ExecutionException, InterruptedException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Create Certificate Name. + CertificateName certificateNameParent = + CertificateName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(caPoolName) + .setCertificate(certificateName) + .build(); + + // Create Revoke Certificate Request and specify the appropriate revocation reason. + RevokeCertificateRequest revokeCertificateRequest = + RevokeCertificateRequest.newBuilder() + .setName(certificateNameParent.toString()) + .setReason(RevocationReason.PRIVILEGE_WITHDRAWN) + .build(); + + // Revoke certificate. + ApiFuture response = + certificateAuthorityServiceClient + .revokeCertificateCallable() + .futureCall(revokeCertificateRequest); + Certificate certificateResponse = response.get(); + + System.out.println("Certificate Revoked: " + certificateResponse.getName()); + } + } +} +// [END privateca_revoke_certificate] diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java new file mode 100644 index 00000000000..6764556402a --- /dev/null +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -0,0 +1,322 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +import static com.google.common.truth.Truth.assertThat; +import static com.google.common.truth.Truth.assertWithMessage; + +import com.google.cloud.kms.v1.CreateKeyRingRequest; +import com.google.cloud.kms.v1.CryptoKey; +import com.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose; +import com.google.cloud.kms.v1.CryptoKeyVersion; +import com.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm; +import com.google.cloud.kms.v1.CryptoKeyVersionName; +import com.google.cloud.kms.v1.CryptoKeyVersionTemplate; +import com.google.cloud.kms.v1.KeyManagementServiceClient; +import com.google.cloud.kms.v1.KeyRing; +import com.google.cloud.kms.v1.KeyRingName; +import com.google.cloud.kms.v1.LocationName; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthority; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateName; +import com.google.protobuf.ByteString; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintStream; +import java.util.UUID; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public class SnippetsIT { + + private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT"); + private static String LOCATION; + private static String KMS_LOCATION; + private static String CA_POOL_NAME; + private static String CA_POOL_NAME_DELETE; + private static String CA_NAME; + private static String CA_NAME_DELETE; + private static String CERTIFICATE_NAME; + private static String KEY_RING_ID; + private static String KEY_ID; + private static String VERSION_ID; + + private ByteArrayOutputStream stdOut; + + // Check if the required environment variables are set. + public static void reqEnvVar(String envVarName) { + assertWithMessage(String.format("Missing environment variable '%s' ", envVarName)) + .that(System.getenv(envVarName)) + .isNotEmpty(); + } + + @BeforeClass + public static void setUp() throws InterruptedException, ExecutionException, IOException { + reqEnvVar("GOOGLE_APPLICATION_CREDENTIALS"); + reqEnvVar("GOOGLE_CLOUD_PROJECT"); + + LOCATION = "asia-south1"; + KMS_LOCATION = "global"; + CA_POOL_NAME = "ca-pool-" + UUID.randomUUID().toString(); + CA_POOL_NAME_DELETE = "ca-pool-" + UUID.randomUUID().toString(); + CA_NAME = "ca-name-" + UUID.randomUUID().toString(); + CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); + CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); + KEY_RING_ID = "key-ring-id-" + UUID.randomUUID().toString(); + KEY_ID = "key-id-" + UUID.randomUUID().toString(); + VERSION_ID = "1"; + + // Create CA Pool. + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); + + // Create and Enable Certificate Authorities. + privateca.CreateCertificateAuthority.createCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + privateca.CreateCertificateAuthority.createCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + sleep(10); + privateca.EnableCertificateAuthority.enableCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + + // Create Asymmetric Sign Key used to sign certificate, with Cloud KMS. + createKeyRing(); + sleep(5); + createAsymmetricSignKey(); + + // Retrieve public key from Cloud KMS and Create Certificate. + ByteString publicKey = + privateca.CreateCertificate.retrievePublicKey( + PROJECT_ID, KMS_LOCATION, KEY_RING_ID, KEY_ID, VERSION_ID); + privateca.CreateCertificate.createCertificate( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME, CERTIFICATE_NAME, publicKey); + sleep(5); + } + + @AfterClass + public static void cleanUp() throws InterruptedException, ExecutionException, IOException { + + ByteArrayOutputStream stdOut = new ByteArrayOutputStream(); + System.setOut(new PrintStream(stdOut)); + + // De-provision public key. + cleanupCertificateSignKey(); + + // Delete CA and CA pool. + privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + sleep(5); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); + + stdOut = null; + System.setOut(null); + } + + // Create a new key ring. + public static void createKeyRing() throws IOException { + // Initialize client that will be used to send requests. This client only + // needs to be created once, and can be reused for multiple requests. After + // completing all of your requests, call the "close" method on the client to + // safely clean up any remaining background resources. + try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { + // Build the parent name from the project and location. + LocationName locationName = LocationName.of(PROJECT_ID, KMS_LOCATION); + + // Build the key ring to create. + KeyRing keyRing = KeyRing.newBuilder().setName(locationName.toString()).build(); + + // Create the key ring. + KeyRing createdKeyRing = + client.createKeyRing( + CreateKeyRingRequest.newBuilder() + .setParent(locationName.toString()) + .setKeyRing(keyRing) + .setKeyRingId(KEY_RING_ID) + .build()); + System.out.printf("Created key ring: %s%n", createdKeyRing.getName()); + } + } + + // Create a new asymmetric key for the purpose of signing and verifying data. + public static void createAsymmetricSignKey() throws IOException { + // Initialize client that will be used to send requests. This client only + // needs to be created once, and can be reused for multiple requests. After + // completing all of your requests, call the "close" method on the client to + // safely clean up any remaining background resources. + try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { + // Build the parent name from the project, location, and key ring. + KeyRingName keyRingName = KeyRingName.of(PROJECT_ID, KMS_LOCATION, KEY_RING_ID); + + // Build the asymmetric key to create. + CryptoKey key = + CryptoKey.newBuilder() + .setPurpose(CryptoKeyPurpose.ASYMMETRIC_SIGN) + .setVersionTemplate( + CryptoKeyVersionTemplate.newBuilder() + .setAlgorithm(CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256)) + .build(); + + // Create the key. + CryptoKey createdKey = client.createCryptoKey(keyRingName, KEY_ID, key); + System.out.printf("Created asymmetric key: %s%n", createdKey.getName()); + } + } + + public static void cleanupCertificateSignKey() throws IOException, InterruptedException { + try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { + CryptoKeyVersionName cryptoKeyVersionName = + CryptoKeyVersionName.of(PROJECT_ID, KMS_LOCATION, KEY_RING_ID, KEY_ID, VERSION_ID); + // Destroy the crypto key version. + CryptoKeyVersion cryptoKeyVersion = client.destroyCryptoKeyVersion(cryptoKeyVersionName); + sleep(5); + // If the response has destroy time, then the version is successfully destroyed. + Assert.assertTrue(cryptoKeyVersion.hasDestroyTime()); + } + } + + // Wait for the specified amount of time. + public static void sleep(int seconds) throws InterruptedException { + TimeUnit.SECONDS.sleep(seconds); + } + + @Before + public void beforeEach() { + stdOut = new ByteArrayOutputStream(); + System.setOut(new PrintStream(stdOut)); + } + + @After + public void afterEach() { + stdOut = null; + System.setOut(null); + } + + @Test + public void testCreateCAPool() throws IOException { + // Check if the CA pool created during setup is successful. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + String caPoolName = + certificateAuthorityServiceClient + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_NAME).toString()) + .getName(); + assertThat(caPoolName) + .contains( + String.format( + "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_NAME)); + } + } + + @Test + public void testListCAPools() throws IOException { + privateca.ListCaPools.listCaPools(PROJECT_ID, LOCATION); + assertThat(stdOut.toString()).contains(CA_POOL_NAME); + } + + @Test + public void testDeleteCAPool() + throws InterruptedException, ExecutionException, IOException, TimeoutException { + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); + assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_NAME_DELETE); + } + + @Test + public void testCreateCertificateAuthority() throws IOException { + // Check if the CA created during setup is successful. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + CertificateAuthority response = + certificateAuthorityServiceClient.getCertificateAuthority( + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME).toString()); + assertThat(response.getName()).contains(CA_NAME); + } + } + + @Test + public void testListCertificateAuthorities() throws IOException { + privateca.ListCertificateAuthorities.listCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME); + assertThat(stdOut.toString()).contains(CA_NAME); + } + + @Test + public void testEnableDisableCertificateAuthority() + throws InterruptedException, ExecutionException, IOException { + privateca.EnableCertificateAuthority.enableCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + assertThat(stdOut.toString()).contains("Enabled Certificate Authority : " + CA_NAME); + privateca.DisableCertificateAuthority.disableCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + assertThat(stdOut.toString()).contains("Disabled Certificate Authority : " + CA_NAME); + } + + @Test + public void testDeleteCertificateAuthority() + throws InterruptedException, ExecutionException, IOException { + privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + assertThat(stdOut.toString()) + .contains("Successfully deleted Certificate Authority : " + CA_NAME_DELETE); + } + + @Test + public void testCreateCertificate() throws IOException { + // Check if the certificate created during setup is successful. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + CertificateName certificateName = + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + Certificate certificate = certificateAuthorityServiceClient.getCertificate(certificateName); + assertThat(certificate.getName()).contains(CERTIFICATE_NAME); + } + } + + @Test + public void testListCertificates() throws IOException { + privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_NAME); + assertThat(stdOut.toString()).contains(CERTIFICATE_NAME); + } + + @Test + public void testRevokeCertificate() throws InterruptedException, ExecutionException, IOException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + // Revoke the certificate. + privateca.RevokeCertificate.revokeCertificate( + PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + + // Check if the certificate has revocation details. If it does, then the certificate is + // considered as revoked. + CertificateName certificateName = + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + Assert.assertTrue( + certificateAuthorityServiceClient.getCertificate(certificateName).hasRevocationDetails()); + } + } +} diff --git a/privateca/pom.xml b/privateca/pom.xml index e8607b3bf1e..62902c21208 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -1,4 +1,16 @@ + 4.0.0 com.google.cloud @@ -23,6 +35,18 @@ UTF-8 + + + + com.google.cloud + libraries-bom + 20.7.0 + pom + import + + + + @@ -31,6 +55,11 @@ 1.0.0 + + com.google.cloud + google-cloud-kms + + junit junit From 50d1d744cc5255db42c4ff4182b1a5c224b5f50e Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 7 Jul 2021 19:05:49 +0200 Subject: [PATCH 21/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v1.1.0 (#208) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 62902c21208..f37a7ebfc31 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 1.0.0 + 1.1.0 From cbb836fe710dc8a6555ac172c64dec37bc754dba Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 9 Jul 2021 17:34:22 +0200 Subject: [PATCH 22/80] chore(deps): update dependency com.google.cloud:libraries-bom to v20.8.0 (#210) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `20.7.0` -> `20.8.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.8.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.8.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.8.0/compatibility-slim/20.7.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.8.0/confidence-slim/20.7.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index f37a7ebfc31..28b7be9a7be 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 20.7.0 + 20.8.0 pom import From 24005cb62c8220edf952d80851d7adeab62b22b7 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 28 Jul 2021 01:12:35 +0200 Subject: [PATCH 23/80] chore(deps): update dependency com.google.cloud:libraries-bom to v20.9.0 (#220) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `20.8.0` -> `20.9.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.9.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.9.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.9.0/compatibility-slim/20.8.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/20.9.0/confidence-slim/20.8.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 28b7be9a7be..62464ee33e4 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 20.8.0 + 20.9.0 pom import From 618b17e2f61f370f390dbcc5f8758ea4c7d1f9ac Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Tue, 3 Aug 2021 21:15:05 +0530 Subject: [PATCH 24/80] fix: changed the crypto public key provider to Bouncy Castle (#223) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: changed the crypto public key provider to Bouncy Castle * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * fix: changed the crypto public key provider to Bouncy Castle * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * refactor: tweaked key creation acc to review comments * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * docs: lint changes acc to review comments * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../java/privateca/CreateCertificate.java | 42 +---- .../src/test/java/privateca/SnippetsIT.java | 151 +++++++----------- privateca/pom.xml | 6 +- 3 files changed, 70 insertions(+), 129 deletions(-) diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java index 8be4f175bc4..dd716f48439 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java @@ -18,8 +18,6 @@ // [START privateca_create_certificate] import com.google.api.core.ApiFuture; -import com.google.cloud.kms.v1.CryptoKeyVersionName; -import com.google.cloud.kms.v1.KeyManagementServiceClient; import com.google.cloud.security.privateca.v1.CaPoolName; import com.google.cloud.security.privateca.v1.Certificate; import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; @@ -46,24 +44,14 @@ public static void main(String[] args) throws InterruptedException, ExecutionException, IOException { // TODO(developer): Replace these variables before running the sample. - // To sign and issue a certificate, a public key is essential. Here, we are making use - // of Cloud KMS to retrieve an already created public key. Specify the following details to - // retrieve the key. For more info, see: https://cloud.google.com/kms/docs/retrieve-public-key - String project = "your-project-id"; - String kmsLocation = "kms-location"; - String keyRingId = "your-ring-id"; - String keyId = "your-key-id"; - String keyVersionId = "your-version-id"; - - // Retrieve the public key from Cloud KMS. - ByteString publicKeyBytes = - retrievePublicKey(project, kmsLocation, keyRingId, keyId, keyVersionId); - + // publicKeyBytes: Public key used in signing the certificates. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations // caPoolName: Set a unique name for the CA pool. // certificateAuthorityName: The name of the certificate authority which issues the certificate. // certificateName: Set a unique name for the certificate. + String project = "your-project-id"; + ByteString publicKeyBytes = ByteString.copyFrom(new byte[] {}); String location = "ca-location"; String caPoolName = "ca-pool-name"; String certificateAuthorityName = "certificate-authority-name"; @@ -74,7 +62,8 @@ public static void main(String[] args) } // Create a Certificate which is issued by the Certificate Authority present in the CA Pool. - // The key used to sign the certificate is created by the Cloud KMS. + // The public key used to sign the certificate can be generated using any crypto + // library/framework. public static void createCertificate( String project, String location, @@ -99,7 +88,7 @@ public static void createCertificate( String domainName = "dnsname.com"; long certificateLifetime = 1000L; - // Set the Public Key and its format as obtained from the Cloud KMS. + // Set the Public Key and its format. PublicKey publicKey = PublicKey.newBuilder().setKey(publicKeyBytes).setFormat(KeyFormat.PEM).build(); @@ -163,24 +152,5 @@ public static void createCertificate( System.out.println(response.getPemCertificateChainList()); } } - - // Get the public Key used for signing the certificate from Cloud KMS. - public static ByteString retrievePublicKey( - String project, String kmsLocation, String keyRingId, String keyId, String keyVersionId) - throws IOException { - // Initialize client that will be used to send requests. This client only needs to be created - // once, and can be reused for multiple requests. After completing all of your requests, call - // the `client.close()` method on the client to safely - // clean up any remaining background resources. - try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { - - CryptoKeyVersionName keyVersionName = - CryptoKeyVersionName.of(project, kmsLocation, keyRingId, keyId, keyVersionId); - com.google.cloud.kms.v1.PublicKey publicKey = client.getPublicKey(keyVersionName); - - ByteString publicKeyBytes = publicKey.getPemBytes(); - return publicKeyBytes; - } - } } // [END privateca_create_certificate] diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index 6764556402a..f9903a9bf17 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -18,17 +18,6 @@ import static com.google.common.truth.Truth.assertThat; import static com.google.common.truth.Truth.assertWithMessage; -import com.google.cloud.kms.v1.CreateKeyRingRequest; -import com.google.cloud.kms.v1.CryptoKey; -import com.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose; -import com.google.cloud.kms.v1.CryptoKeyVersion; -import com.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm; -import com.google.cloud.kms.v1.CryptoKeyVersionName; -import com.google.cloud.kms.v1.CryptoKeyVersionTemplate; -import com.google.cloud.kms.v1.KeyManagementServiceClient; -import com.google.cloud.kms.v1.KeyRing; -import com.google.cloud.kms.v1.KeyRingName; -import com.google.cloud.kms.v1.LocationName; import com.google.cloud.security.privateca.v1.CaPoolName; import com.google.cloud.security.privateca.v1.Certificate; import com.google.cloud.security.privateca.v1.CertificateAuthority; @@ -38,11 +27,22 @@ import com.google.protobuf.ByteString; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.io.OutputStreamWriter; import java.io.PrintStream; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; import java.util.UUID; import java.util.concurrent.ExecutionException; import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeoutException; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.util.io.pem.PemObject; +import org.bouncycastle.util.io.pem.PemWriter; import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; @@ -57,15 +57,12 @@ public class SnippetsIT { private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT"); private static String LOCATION; - private static String KMS_LOCATION; private static String CA_POOL_NAME; private static String CA_POOL_NAME_DELETE; private static String CA_NAME; private static String CA_NAME_DELETE; private static String CERTIFICATE_NAME; - private static String KEY_RING_ID; - private static String KEY_ID; - private static String VERSION_ID; + private static int KEY_SIZE; private ByteArrayOutputStream stdOut; @@ -77,24 +74,24 @@ public static void reqEnvVar(String envVarName) { } @BeforeClass - public static void setUp() throws InterruptedException, ExecutionException, IOException { + public static void setUp() + throws IOException, ExecutionException, NoSuchProviderException, NoSuchAlgorithmException, + InterruptedException { reqEnvVar("GOOGLE_APPLICATION_CREDENTIALS"); reqEnvVar("GOOGLE_CLOUD_PROJECT"); LOCATION = "asia-south1"; - KMS_LOCATION = "global"; CA_POOL_NAME = "ca-pool-" + UUID.randomUUID().toString(); CA_POOL_NAME_DELETE = "ca-pool-" + UUID.randomUUID().toString(); CA_NAME = "ca-name-" + UUID.randomUUID().toString(); CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); - KEY_RING_ID = "key-ring-id-" + UUID.randomUUID().toString(); - KEY_ID = "key-id-" + UUID.randomUUID().toString(); - VERSION_ID = "1"; + KEY_SIZE = 2048; // Default key size // Create CA Pool. privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); + sleep(5); // Create and Enable Certificate Authorities. privateca.CreateCertificateAuthority.createCertificateAuthority( @@ -105,17 +102,27 @@ public static void setUp() throws InterruptedException, ExecutionException, IOEx privateca.EnableCertificateAuthority.enableCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); - // Create Asymmetric Sign Key used to sign certificate, with Cloud KMS. - createKeyRing(); - sleep(5); - createAsymmetricSignKey(); + // Create an asymmetric key pair using Bouncy Castle crypto framework. + KeyPair asymmetricKeyPair = createAsymmetricKeyPair(); + + // Cast the keys to their respective components. + RSAPublicKey publicKey = (RSAPublicKey) asymmetricKeyPair.getPublic(); + RSAPrivateKey privateKey = (RSAPrivateKey) asymmetricKeyPair.getPrivate(); + + // Construct the PemObject for public and private keys. + PemObject publicKeyPemObject = new PemObject("PUBLIC KEY", publicKey.getEncoded()); + PemObject privateKeyPemObject = new PemObject("PRIVATE KEY", privateKey.getEncoded()); + + // Only the public key will be used to create the certificate. + ByteString publicKeyByteString = convertToPemEncodedByteString(publicKeyPemObject); - // Retrieve public key from Cloud KMS and Create Certificate. - ByteString publicKey = - privateca.CreateCertificate.retrievePublicKey( - PROJECT_ID, KMS_LOCATION, KEY_RING_ID, KEY_ID, VERSION_ID); + // TODO (Developers): Save the private key by writing it to a file and + // TODO (cont): use it to verify the issued certificate. + ByteString privateKeyByteString = convertToPemEncodedByteString(privateKeyPemObject); + + // Create certificate with the above generated public key. privateca.CreateCertificate.createCertificate( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME, CERTIFICATE_NAME, publicKey); + PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); sleep(5); } @@ -125,9 +132,6 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO ByteArrayOutputStream stdOut = new ByteArrayOutputStream(); System.setOut(new PrintStream(stdOut)); - // De-provision public key. - cleanupCertificateSignKey(); - // Delete CA and CA pool. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); @@ -138,71 +142,34 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO System.setOut(null); } - // Create a new key ring. - public static void createKeyRing() throws IOException { - // Initialize client that will be used to send requests. This client only - // needs to be created once, and can be reused for multiple requests. After - // completing all of your requests, call the "close" method on the client to - // safely clean up any remaining background resources. - try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { - // Build the parent name from the project and location. - LocationName locationName = LocationName.of(PROJECT_ID, KMS_LOCATION); - - // Build the key ring to create. - KeyRing keyRing = KeyRing.newBuilder().setName(locationName.toString()).build(); - - // Create the key ring. - KeyRing createdKeyRing = - client.createKeyRing( - CreateKeyRingRequest.newBuilder() - .setParent(locationName.toString()) - .setKeyRing(keyRing) - .setKeyRingId(KEY_RING_ID) - .build()); - System.out.printf("Created key ring: %s%n", createdKeyRing.getName()); - } + // Wait for the specified amount of time. + public static void sleep(int seconds) throws InterruptedException { + TimeUnit.SECONDS.sleep(seconds); } - // Create a new asymmetric key for the purpose of signing and verifying data. - public static void createAsymmetricSignKey() throws IOException { - // Initialize client that will be used to send requests. This client only - // needs to be created once, and can be reused for multiple requests. After - // completing all of your requests, call the "close" method on the client to - // safely clean up any remaining background resources. - try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { - // Build the parent name from the project, location, and key ring. - KeyRingName keyRingName = KeyRingName.of(PROJECT_ID, KMS_LOCATION, KEY_RING_ID); - - // Build the asymmetric key to create. - CryptoKey key = - CryptoKey.newBuilder() - .setPurpose(CryptoKeyPurpose.ASYMMETRIC_SIGN) - .setVersionTemplate( - CryptoKeyVersionTemplate.newBuilder() - .setAlgorithm(CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256)) - .build(); - - // Create the key. - CryptoKey createdKey = client.createCryptoKey(keyRingName, KEY_ID, key); - System.out.printf("Created asymmetric key: %s%n", createdKey.getName()); - } - } + // Create an asymmetric key pair to be used in certificate signing. + public static KeyPair createAsymmetricKeyPair() + throws NoSuchAlgorithmException, NoSuchProviderException { + Security.addProvider(new BouncyCastleProvider()); - public static void cleanupCertificateSignKey() throws IOException, InterruptedException { - try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { - CryptoKeyVersionName cryptoKeyVersionName = - CryptoKeyVersionName.of(PROJECT_ID, KMS_LOCATION, KEY_RING_ID, KEY_ID, VERSION_ID); - // Destroy the crypto key version. - CryptoKeyVersion cryptoKeyVersion = client.destroyCryptoKeyVersion(cryptoKeyVersionName); - sleep(5); - // If the response has destroy time, then the version is successfully destroyed. - Assert.assertTrue(cryptoKeyVersion.hasDestroyTime()); - } + // Generate the key pair with RSA algorithm using Bouncy Castle (BC). + KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC"); + generator.initialize(KEY_SIZE); + KeyPair keyPair = generator.generateKeyPair(); + + return keyPair; } - // Wait for the specified amount of time. - public static void sleep(int seconds) throws InterruptedException { - TimeUnit.SECONDS.sleep(seconds); + // Convert the encoded PemObject to ByteString. + public static ByteString convertToPemEncodedByteString(PemObject pemEncodedKey) + throws IOException { + ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); + PemWriter pemWriter = new PemWriter(new OutputStreamWriter(byteArrayOutputStream)); + pemWriter.writeObject(pemEncodedKey); + pemWriter.close(); + ByteString keyByteString = ByteString.copyFrom(byteArrayOutputStream.toByteArray()); + + return keyByteString; } @Before diff --git a/privateca/pom.xml b/privateca/pom.xml index 62464ee33e4..45035eaae95 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -54,7 +54,11 @@ google-cloud-security-private-ca 1.1.0 - + + org.bouncycastle + bcpkix-jdk15on + 1.58 + com.google.cloud google-cloud-kms From 352439d13b20b1639ba52481f55035a5378616ea Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Tue, 3 Aug 2021 23:37:02 +0530 Subject: [PATCH 25/80] docs: client sample docs update (#219) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs: update comments * docs: update comments * (docs): Adding README.md * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * docs: updated README.md * refactor: replaced POOL_NAME with POOL_ID to align with cloud docs. * docs: lint fix * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md Co-authored-by: sitalakshmis <79585041+sitalakshmis@users.noreply.github.com> Co-authored-by: Owl Bot --- privateca/cloud-client/README.md | 75 +++++++++++++++++++ .../src/main/java/privateca/CreateCaPool.java | 12 +-- .../java/privateca/CreateCertificate.java | 10 +-- .../privateca/CreateCertificateAuthority.java | 15 ++-- .../src/main/java/privateca/DeleteCaPool.java | 16 ++-- .../privateca/DeleteCertificateAuthority.java | 10 +-- .../DisableCertificateAuthority.java | 10 +-- .../privateca/EnableCertificateAuthority.java | 10 +-- .../src/main/java/privateca/ListCaPools.java | 4 +- .../privateca/ListCertificateAuthorities.java | 10 +-- .../main/java/privateca/ListCertificates.java | 10 +-- .../java/privateca/RevokeCertificate.java | 10 +-- .../src/test/java/privateca/SnippetsIT.java | 53 +++++++------ 13 files changed, 159 insertions(+), 86 deletions(-) create mode 100644 privateca/cloud-client/README.md diff --git a/privateca/cloud-client/README.md b/privateca/cloud-client/README.md new file mode 100644 index 00000000000..948896c744d --- /dev/null +++ b/privateca/cloud-client/README.md @@ -0,0 +1,75 @@ +# Google Cloud Private Certificate Authority Service + + +Open in Cloud Shell + +Google [Cloud Private Certificate Authority Service](https://cloud.google.com/certificate-authority-service) is a highly available, scalable Google Cloud service that enables you to simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA). + +These sample Java applications demonstrate how to access the Cloud CA API using the +Google Java API Client Libraries. + +## Prerequisites + +### Google Cloud Project + +Set up a Google Cloud project with billing enabled. + +### Enable the API + +You must [enable the Google Private Certificate Authority Service API](https://console.cloud.google.com/flows/enableapi?apiid=privateca.googleapis.com) for your project in order to use these samples. + +### Service account + +A service account with private key credentials is required to create signed bearer tokens. +Create a [service account](https://console.cloud.google.com/iam-admin/serviceaccounts/create) and download the credentials file as JSON. + +### Set Environment Variables + +You must set your project ID and service account credentials in order to run the tests. + +``` +$ export GOOGLE_CLOUD_PROJECT="" +$ export GOOGLE_APPLICATION_CREDENTIALS="" +``` + +### Grant Permissions + +You must ensure that the [user account or service account](https://cloud.google.com/iam/docs/service-accounts#differences_between_a_service_account_and_a_user_account) you used to authorize your gcloud session has the proper permissions to edit Private CA resources for your project. In the Cloud Console under IAM, add the following roles to the project whose service account you're using to test: + +* Cloud CA Service Admin +* Cloud CA Service Certificate Requester +* Cloud CA Service Certificate Manager +* Cloud CA Service Certificate Template User +* Cloud CA Service Workload Certificate Requester +* Cloud CA Service Operation Manager +* Cloud CA Service Auditor + +More information can be found in the [Google Private Certificate Authority Service Docs](https://cloud.google.com/certificate-authority-service/docs/reference/permissions-and-roles). + + +## Build and Run + +The following instructions will help you prepare your development environment. + +1. Download and install the [Java Development Kit (JDK)](https://www.oracle.com/java/technologies/javase-downloads.html). + Verify that the [JAVA_HOME](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars001.html) environment variable is set and points to your JDK installation. + + +2. Download and install [Apache Maven](http://maven.apache.org/download.cgi) by following the [Maven installation guide](http://maven.apache.org/install.html) for your specific operating system. + + +3. Clone the java-security-private-ca repository. +``` +git clone https://github.com/googleapis/java-security-private-ca.git +``` + +4. Navigate to the sample code directory. + +``` +cd java-security-private-ca/samples/snippets/cloud-client +``` + +5. Run the **SnippetsIT** test file present under the test folder. + +### Crypto frameworks +[Bouncy Castle](https://www.bouncycastle.org/documentation.html) cryptographic framework is used as a part of testing. diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java index 9a0ab28e9a8..3bbb6e5085a 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java @@ -34,16 +34,16 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set a unique name for the CA pool. + // pool_Id: Set a unique pool_Id for the CA pool. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - createCaPool(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + createCaPool(project, location, pool_Id); } // Create a Certificate Authority Pool. All certificates created under this CA pool will // follow the same issuance policy, IAM policies,etc., - public static void createCaPool(String project, String location, String caPoolName) + public static void createCaPool(String project, String location, String pool_Id) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -59,7 +59,7 @@ Set the Tier (see: https://cloud.google.com/certificate-authority-service/docs/t CreateCaPoolRequest caPoolRequest = CreateCaPoolRequest.newBuilder() .setParent(LocationName.of(project, location).toString()) - .setCaPoolId(caPoolName) + .setCaPoolId(pool_Id) .setCaPool(CaPool.newBuilder().setTier(Tier.ENTERPRISE).build()) .build(); @@ -73,7 +73,7 @@ Set the Tier (see: https://cloud.google.com/certificate-authority-service/docs/t return; } - System.out.println("CA pool created successfully: " + caPoolName); + System.out.println("CA pool created successfully: " + pool_Id); } } } diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java index dd716f48439..296a9964592 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java @@ -47,18 +47,18 @@ public static void main(String[] args) // publicKeyBytes: Public key used in signing the certificates. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set a unique name for the CA pool. + // pool_Id: Set a unique id for the CA pool. // certificateAuthorityName: The name of the certificate authority which issues the certificate. // certificateName: Set a unique name for the certificate. String project = "your-project-id"; ByteString publicKeyBytes = ByteString.copyFrom(new byte[] {}); String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool_Id"; String certificateAuthorityName = "certificate-authority-name"; String certificateName = "certificate-name"; createCertificate( - project, location, caPoolName, certificateAuthorityName, certificateName, publicKeyBytes); + project, location, pool_Id, certificateAuthorityName, certificateName, publicKeyBytes); } // Create a Certificate which is issued by the Certificate Authority present in the CA Pool. @@ -67,7 +67,7 @@ public static void main(String[] args) public static void createCertificate( String project, String location, - String caPoolName, + String pool_Id, String certificateAuthorityName, String certificateName, ByteString publicKeyBytes) @@ -133,7 +133,7 @@ public static void createCertificate( // Create the Certificate Request. CreateCertificateRequest certificateRequest = CreateCertificateRequest.newBuilder() - .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setParent(CaPoolName.of(project, location, pool_Id).toString()) .setCertificateId(certificateName) .setCertificate(certificate) .setIssuingCertificateAuthorityId(certificateAuthorityName) diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java index b4877b90b60..e67851cf99b 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java @@ -43,19 +43,18 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set it to the CA Pool under which the CA should be created. + // pool_Id: Set it to the CA Pool under which the CA should be created. // certificateAuthorityName: Unique name for the CA. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - createCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + createCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } - // Create Certificate Authority which is the root CA in the given CA Pool. This CA will be - // responsible for signing certificates within this pool. + // Create Certificate Authority which is the root CA in the given CA Pool. public static void createCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -68,7 +67,7 @@ public static void createCertificateAuthority( String orgName = "org-name"; int caDuration = 100000; // Validity of this CA in seconds. - // Set the types of Algorithm used to create a cloud KMS key. + // Set the type of Algorithm. KeyVersionSpec keyVersionSpec = KeyVersionSpec.newBuilder().setAlgorithm(SignHashAlgorithm.RSA_PKCS1_4096_SHA256).build(); @@ -108,7 +107,7 @@ public static void createCertificateAuthority( // Create the CertificateAuthorityRequest. CreateCertificateAuthorityRequest certificateAuthorityRequest = CreateCertificateAuthorityRequest.newBuilder() - .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setParent(CaPoolName.of(project, location, pool_Id).toString()) .setCertificateAuthorityId(certificateAuthorityName) .setCertificateAuthority(certificateAuthority) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java index 69e0a12a380..b97e4fc7579 100644 --- a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java @@ -33,16 +33,16 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool to be deleted. + // pool_Id: The id of the CA pool to be deleted. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - deleteCaPool(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + deleteCaPool(project, location, pool_Id); } - // Delete the CA pool as mentioned by the caPoolName. + // Delete the CA pool as mentioned by the pool_Id. // Before deleting the pool, all CAs in the pool MUST BE deleted. - public static void deleteCaPool(String project, String location, String caPoolName) + public static void deleteCaPool(String project, String location, String pool_Id) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -51,12 +51,12 @@ public static void deleteCaPool(String project, String location, String caPoolNa try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { - // Set the project, location and caPoolName to delete. + // Set the project, location and pool_Id to delete. CaPoolName caPool = CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // Create the Delete request. @@ -73,7 +73,7 @@ public static void deleteCaPool(String project, String location, String caPoolNa return; } - System.out.println("Deleted CA Pool: " + caPoolName); + System.out.println("Deleted CA Pool: " + pool_Id); } } } diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java index d370acf8306..7f5df99ef7c 100644 --- a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be deleted. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - deleteCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + deleteCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Delete the Certificate Authority from the specified CA pool. // Before deletion, the CA must be disabled and must not contain any active certificates. public static void deleteCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -58,7 +58,7 @@ public static void deleteCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java index 73ab2cf1163..0e427676b3d 100644 --- a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java @@ -33,18 +33,18 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be disabled. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - disableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + disableCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Disable a Certificate Authority which is present in the given CA pool. public static void disableCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -58,7 +58,7 @@ public static void disableCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java index 121d7998b77..2a182e3bc3f 100644 --- a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be enabled. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - enableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + enableCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Enable the Certificate Authority present in the given ca pool. // CA cannot be enabled if it has been already deleted. public static void enableCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { @@ -54,7 +54,7 @@ public static void enableCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java index aec8ff4e134..b7deb564a66 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java @@ -54,8 +54,8 @@ public static void listCaPools(String project, String location) throws IOExcepti certificateAuthorityServiceClient.listCaPools(locationName).iterateAll()) { caPoolName = caPool.getName(); // caPoolName represents the full resource name of the - // format 'projects/{project-id}/locations/{location}/ca-pools/{ca-pool-name}'. - // Hence stripping it down to just pool name. + // format 'projects/{project-id}/locations/{location}/ca-pools/{ca-pool-id}'. + // Hence stripping it down to just CA pool id. System.out.println( caPoolName.substring(caPoolName.lastIndexOf("/") + 1) + " " + caPool.isInitialized()); } diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java index 49d76dfb875..c0faf5a8393 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java @@ -28,15 +28,15 @@ public static void main(String[] args) throws IOException { // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CAs to be listed are present. + // pool_Id: The id of the CA pool under which the CAs to be listed are present. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - listCertificateAuthority(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + listCertificateAuthority(project, location, pool_Id); } // List all Certificate authorities present in the given CA Pool. - public static void listCertificateAuthority(String project, String location, String caPoolName) + public static void listCertificateAuthority(String project, String location, String pool_Id) throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -50,7 +50,7 @@ public static void listCertificateAuthority(String project, String location, Str CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // List the CA name and its corresponding state. diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java index 1e255c21bb2..53adf5bcb8f 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java @@ -28,15 +28,15 @@ public static void main(String[] args) throws IOException { // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Name of the CA pool which contains the certificates to be listed. + // pool_Id: Id of the CA pool which contains the certificates to be listed. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - listCertificates(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + listCertificates(project, location, pool_Id); } // List Certificates present in the given CA pool. - public static void listCertificates(String project, String location, String caPoolName) + public static void listCertificates(String project, String location, String pool_Id) throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -49,7 +49,7 @@ public static void listCertificates(String project, String location, String caPo CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // Retrieve and print the certificate names. diff --git a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java index c12171ca1f9..afec32c1f36 100644 --- a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Name for the CA pool which contains the certificate. + // pool_Id: Id for the CA pool which contains the certificate. // certificateName: Name of the certificate to be revoked. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateName = "certificate-name"; - revokeCertificate(project, location, caPoolName, certificateName); + revokeCertificate(project, location, pool_Id, certificateName); } // Revoke an issued certificate. Once revoked, the certificate will become invalid and will expire // post its lifetime. public static void revokeCertificate( - String project, String location, String caPoolName, String certificateName) + String project, String location, String pool_Id, String certificateName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -59,7 +59,7 @@ public static void revokeCertificate( CertificateName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificate(certificateName) .build(); diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index f9903a9bf17..736bc37e542 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -57,8 +57,8 @@ public class SnippetsIT { private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT"); private static String LOCATION; - private static String CA_POOL_NAME; - private static String CA_POOL_NAME_DELETE; + private static String CA_POOL_ID; + private static String CA_POOL_ID_DELETE; private static String CA_NAME; private static String CA_NAME_DELETE; private static String CERTIFICATE_NAME; @@ -81,26 +81,26 @@ public static void setUp() reqEnvVar("GOOGLE_CLOUD_PROJECT"); LOCATION = "asia-south1"; - CA_POOL_NAME = "ca-pool-" + UUID.randomUUID().toString(); - CA_POOL_NAME_DELETE = "ca-pool-" + UUID.randomUUID().toString(); + CA_POOL_ID = "ca-pool-" + UUID.randomUUID().toString(); + CA_POOL_ID_DELETE = "ca-pool-" + UUID.randomUUID().toString(); CA_NAME = "ca-name-" + UUID.randomUUID().toString(); CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); KEY_SIZE = 2048; // Default key size // Create CA Pool. - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); sleep(5); // Create and Enable Certificate Authorities. privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); sleep(10); privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); // Create an asymmetric key pair using Bouncy Castle crypto framework. KeyPair asymmetricKeyPair = createAsymmetricKeyPair(); @@ -122,7 +122,7 @@ public static void setUp() // Create certificate with the above generated public key. privateca.CreateCertificate.createCertificate( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); sleep(5); } @@ -134,9 +134,9 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO // Delete CA and CA pool. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); sleep(5); - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); stdOut = null; System.setOut(null); @@ -191,26 +191,26 @@ public void testCreateCAPool() throws IOException { CertificateAuthorityServiceClient.create()) { String caPoolName = certificateAuthorityServiceClient - .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_NAME).toString()) + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_ID).toString()) .getName(); assertThat(caPoolName) .contains( String.format( - "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_NAME)); + "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_ID)); } } @Test public void testListCAPools() throws IOException { privateca.ListCaPools.listCaPools(PROJECT_ID, LOCATION); - assertThat(stdOut.toString()).contains(CA_POOL_NAME); + assertThat(stdOut.toString()).contains(CA_POOL_ID); } @Test public void testDeleteCAPool() throws InterruptedException, ExecutionException, IOException, TimeoutException { - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); - assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_NAME_DELETE); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); + assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_ID_DELETE); } @Test @@ -220,15 +220,14 @@ public void testCreateCertificateAuthority() throws IOException { CertificateAuthorityServiceClient.create()) { CertificateAuthority response = certificateAuthorityServiceClient.getCertificateAuthority( - CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME).toString()); + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME).toString()); assertThat(response.getName()).contains(CA_NAME); } } @Test public void testListCertificateAuthorities() throws IOException { - privateca.ListCertificateAuthorities.listCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.ListCertificateAuthorities.listCertificateAuthority(PROJECT_ID, LOCATION, CA_POOL_ID); assertThat(stdOut.toString()).contains(CA_NAME); } @@ -236,10 +235,10 @@ public void testListCertificateAuthorities() throws IOException { public void testEnableDisableCertificateAuthority() throws InterruptedException, ExecutionException, IOException { privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); assertThat(stdOut.toString()).contains("Enabled Certificate Authority : " + CA_NAME); privateca.DisableCertificateAuthority.disableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); assertThat(stdOut.toString()).contains("Disabled Certificate Authority : " + CA_NAME); } @@ -247,7 +246,7 @@ public void testEnableDisableCertificateAuthority() public void testDeleteCertificateAuthority() throws InterruptedException, ExecutionException, IOException { privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); assertThat(stdOut.toString()) .contains("Successfully deleted Certificate Authority : " + CA_NAME_DELETE); } @@ -258,7 +257,7 @@ public void testCreateCertificate() throws IOException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); Certificate certificate = certificateAuthorityServiceClient.getCertificate(certificateName); assertThat(certificate.getName()).contains(CERTIFICATE_NAME); } @@ -266,7 +265,7 @@ public void testCreateCertificate() throws IOException { @Test public void testListCertificates() throws IOException { - privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_ID); assertThat(stdOut.toString()).contains(CERTIFICATE_NAME); } @@ -276,12 +275,12 @@ public void testRevokeCertificate() throws InterruptedException, ExecutionExcept CertificateAuthorityServiceClient.create()) { // Revoke the certificate. privateca.RevokeCertificate.revokeCertificate( - PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); // Check if the certificate has revocation details. If it does, then the certificate is // considered as revoked. CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); Assert.assertTrue( certificateAuthorityServiceClient.getCertificate(certificateName).hasRevocationDetails()); } From 2bbb7deda3099698e58569988f2dc5c761ee3493 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 10 Aug 2021 19:06:26 +0200 Subject: [PATCH 26/80] deps: update dependency org.bouncycastle:bcpkix-jdk15on to v1.69 (#234) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 45035eaae95..4e151bf4361 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -57,7 +57,7 @@ org.bouncycastle bcpkix-jdk15on - 1.58 + 1.69 com.google.cloud From cd315df3733b80632c811228c1e9bc08476f65a4 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 19 Aug 2021 19:56:19 +0200 Subject: [PATCH 27/80] chore(deps): update dependency com.google.cloud:libraries-bom to v21 (#247) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `20.9.0` -> `21.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/21.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/21.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/21.0.0/compatibility-slim/20.9.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/21.0.0/confidence-slim/20.9.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 4e151bf4361..81727a008f5 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 20.9.0 + 21.0.0 pom import From 790977a1adeeae01d7b4513a967a15cb1966fd08 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 27 Aug 2021 17:02:15 +0200 Subject: [PATCH 28/80] chore(deps): update dependency com.google.cloud:libraries-bom to v22 (#256) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `21.0.0` -> `22.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/22.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/22.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/22.0.0/compatibility-slim/21.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/22.0.0/confidence-slim/21.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 81727a008f5..7387199ef3e 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 21.0.0 + 22.0.0 pom import From b9638af98f84927eefbd794050f2b6cb7da5f8a2 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Fri, 27 Aug 2021 22:27:42 +0530 Subject: [PATCH 29/80] docs(samples): adding client library samples (#242) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: add samples for creating and activating subordinate ca * feat: add sample for filtering certificate. * feat: add sample for undeleting CA. * fix: adding all pem certificates in chain. * docs: lint fix * refactor: filter conditions changed to arg * test: added test cases * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * fix: region tag mismatch * fix: correct region tag mismatch * refactor: added comments for certificate chain setting * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * docs: lint fix * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../java/privateca/ActivateSubordinateCa.java | 133 ++++++++++++++++++ .../java/privateca/CreateCertificate_CSR.java | 108 ++++++++++++++ .../java/privateca/CreateSubordinateCa.java | 132 +++++++++++++++++ .../java/privateca/FilterCertificates.java | 81 +++++++++++ .../UndeleteCertificateAuthority.java | 107 ++++++++++++++ .../src/test/java/privateca/SnippetsIT.java | 126 +++++++++++++++-- 6 files changed, 679 insertions(+), 8 deletions(-) create mode 100644 privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java create mode 100644 privateca/cloud-client/src/main/java/privateca/FilterCertificates.java create mode 100644 privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java b/privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java new file mode 100644 index 00000000000..ddb714d7a22 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java @@ -0,0 +1,133 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_activate_subordinateca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.SubordinateConfig; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; + +public class ActivateSubordinateCa { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: Set a unique id for the CA pool. + // subordinateCaName: The CA to be activated. + // pemCACertificate: The signed certificate, obtained by signing the CSR. + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String subordinateCaName = "subordinate-certificate-authority-name"; + String pemCACertificate = + "-----BEGIN CERTIFICATE-----\n" + "sample-pem-certificate\n" + "-----END CERTIFICATE-----"; + + // certificateAuthorityName: The name of the certificate authority which signed the CSR. + // If an external CA (CA not present in Google Cloud) was used for signing, + // then use the CA's issuerCertificateChain. + String certificateAuthorityName = "certificate-authority-name"; + + activateSubordinateCA( + project, location, pool_Id, certificateAuthorityName, subordinateCaName, pemCACertificate); + } + + // Activate a subordinate CA. + // *Prerequisite*: Get the CSR of the subordinate CA signed by another CA. Pass in the signed + // certificate and (issuer CA's name or the issuer CA's Certificate chain). + // *Post*: After activating the subordinate CA, it should be enabled before issuing certificates. + public static void activateSubordinateCA( + String project, + String location, + String pool_Id, + String certificateAuthorityName, + String subordinateCaName, + String pemCACertificate) + throws ExecutionException, InterruptedException, IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + // Subordinate CA parent. + String subordinateCaParent = + CertificateAuthorityName.of(project, location, pool_Id, subordinateCaName).toString(); + + // Construct the "Activate CA Request". + ActivateCertificateAuthorityRequest activateCertificateAuthorityRequest = + ActivateCertificateAuthorityRequest.newBuilder() + .setName(subordinateCaParent) + // The signed certificate. + .setPemCaCertificate(pemCACertificate) + .setSubordinateConfig( + SubordinateConfig.newBuilder() + // Follow one of the below methods: + + // Method 1: If issuer CA is in Google Cloud, set the Certificate Authority + // Name. + .setCertificateAuthority( + CertificateAuthorityName.of( + project, location, pool_Id, certificateAuthorityName) + .toString()) + + // Method 2: If issuer CA is external to Google Cloud, set the issuer's + // certificate chain. + // The certificate chain of the CA (which signed the CSR) from leaf to root. + // .setPemIssuerChain( + // SubordinateConfigChain.newBuilder() + // .addAllPemCertificates(issuerCertificateChain) + // .build()) + + .build()) + .build(); + + // Activate the CA. + ApiFuture futureCall = + certificateAuthorityServiceClient + .activateCertificateAuthorityCallable() + .futureCall(activateCertificateAuthorityRequest); + + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while activating the subordinate CA! " + response.getError()); + return; + } + + System.out.println( + "Subordinate Certificate Authority activated successfully ! !" + subordinateCaName); + TimeUnit.SECONDS.sleep(3); + // The current state will be STAGED. + // The Subordinate CA has to be ENABLED before issuing certificates. + System.out.println( + "Current State: " + + certificateAuthorityServiceClient + .getCertificateAuthority(subordinateCaParent) + .getState()); + } + } +} +// [END privateca_activate_subordinateca] diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java new file mode 100644 index 00000000000..b47c4b16bfd --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java @@ -0,0 +1,108 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_certificate_csr] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CreateCertificateRequest; +import com.google.protobuf.Duration; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class CreateCertificate_CSR { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException { + // TODO(developer): Replace these variables before running the sample. + + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: Set a unique id for the CA pool. + // certificateAuthorityName: The name of the certificate authority to sign the CSR. + // certificateName: Set a unique name for the certificate. + // pemCSR: Set the Certificate Issuing Request in the pem encoded format. + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String certificateAuthorityName = "certificate-authority-name"; + String certificateName = "certificate-name"; + String pemCSR = + "-----BEGIN CERTIFICATE REQUEST-----\n" + + "sample-pem-csr-format\n" + + "-----END CERTIFICATE REQUEST-----"; + + createCertificateWithCSR( + project, location, pool_Id, certificateAuthorityName, certificateName, pemCSR); + } + + // Create a Certificate which is issued by the specified Certificate Authority. + // The certificate details and the public key is provided as a CSR (Certificate Signing Request). + public static void createCertificateWithCSR( + String project, + String location, + String pool_Id, + String certificateAuthorityName, + String certificateName, + String pemCSR) + throws IOException, ExecutionException, InterruptedException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + // certificateLifetime: The validity of the certificate in seconds. + long certificateLifetime = 1000L; + + // Create certificate with CSR. + // The pemCSR contains the public key and the domain details required. + Certificate certificate = + Certificate.newBuilder() + .setPemCsr(pemCSR) + .setLifetime(Duration.newBuilder().setSeconds(certificateLifetime).build()) + .build(); + + // Create the Certificate Request. + // Set the CA which is responsible for creating the certificate with the provided CSR. + CreateCertificateRequest certificateRequest = + CreateCertificateRequest.newBuilder() + .setParent(CaPoolName.of(project, location, pool_Id).toString()) + .setIssuingCertificateAuthorityId(certificateAuthorityName) + .setCertificateId(certificateName) + .setCertificate(certificate) + .build(); + + // Get the certificate response. + ApiFuture future = + certificateAuthorityServiceClient + .createCertificateCallable() + .futureCall(certificateRequest); + + Certificate certificateResponse = future.get(); + + System.out.println("Certificate created successfully : " + certificateResponse.getName()); + + // Get the signed certificate and the issuer chain list. + System.out.println("Signed certificate:\n " + certificateResponse.getPemCertificate()); + System.out.println("Issuer chain list:\n" + certificateResponse.getPemCertificateChainList()); + } + } +} +// [END privateca_create_certificate_csr] diff --git a/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java b/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java new file mode 100644 index 00000000000..78f95b57ffc --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java @@ -0,0 +1,132 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_subordinateca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.CertificateAuthority; +import com.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpec; +import com.google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithm; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateConfig; +import com.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig; +import com.google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest; +import com.google.cloud.security.privateca.v1.KeyUsage; +import com.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions; +import com.google.cloud.security.privateca.v1.Subject; +import com.google.cloud.security.privateca.v1.X509Parameters; +import com.google.cloud.security.privateca.v1.X509Parameters.CaOptions; +import com.google.longrunning.Operation; +import com.google.protobuf.Duration; +import java.io.IOException; +import java.util.concurrent.ExecutionException; + +public class CreateSubordinateCa { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: Set it to the CA Pool under which the CA should be created. + // subordinateCaName: Unique name for the Subordinate CA. + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String subordinateCaName = "subordinate-certificate-authority-name"; + + createSubordinateCertificateAuthority(project, location, pool_Id, subordinateCaName); + } + + public static void createSubordinateCertificateAuthority( + String project, String location, String pool_Id, String subordinateCaName) + throws IOException, ExecutionException, InterruptedException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + String commonName = "common-name"; + String orgName = "csr-org-name"; + int caDuration = 100000; // Validity of this CA in seconds. + + // Set the type of Algorithm. + KeyVersionSpec keyVersionSpec = + KeyVersionSpec.newBuilder().setAlgorithm(SignHashAlgorithm.RSA_PKCS1_4096_SHA256).build(); + + // Set CA subject config. + SubjectConfig subjectConfig = + SubjectConfig.newBuilder() + .setSubject( + Subject.newBuilder().setCommonName(commonName).setOrganization(orgName).build()) + .build(); + + // Set the key usage options for X.509 fields. + X509Parameters x509Parameters = + X509Parameters.newBuilder() + .setKeyUsage( + KeyUsage.newBuilder() + .setBaseKeyUsage( + KeyUsageOptions.newBuilder().setCrlSign(true).setCertSign(true).build()) + .build()) + .setCaOptions(CaOptions.newBuilder().setIsCa(true).build()) + .build(); + + // Set certificate authority settings. + CertificateAuthority subCertificateAuthority = + CertificateAuthority.newBuilder() + .setType(CertificateAuthority.Type.SUBORDINATE) + .setKeySpec(keyVersionSpec) + .setConfig( + CertificateConfig.newBuilder() + .setSubjectConfig(subjectConfig) + .setX509Config(x509Parameters) + .build()) + // Set the CA validity duration. + .setLifetime(Duration.newBuilder().setSeconds(caDuration).build()) + .build(); + + // Create the CertificateAuthorityRequest. + CreateCertificateAuthorityRequest subCertificateAuthorityRequest = + CreateCertificateAuthorityRequest.newBuilder() + .setParent(CaPoolName.of(project, location, pool_Id).toString()) + .setCertificateAuthorityId(subordinateCaName) + .setCertificateAuthority(subCertificateAuthority) + .build(); + + // Create Subordinate CA. + ApiFuture futureCall = + certificateAuthorityServiceClient + .createCertificateAuthorityCallable() + .futureCall(subCertificateAuthorityRequest); + + Operation response = futureCall.get(); + + if (response.hasError()) { + System.out.println("Error while creating Subordinate CA !" + response.getError()); + return; + } + + System.out.println( + "Subordinate Certificate Authority created successfully : " + subordinateCaName); + } + } +} +// [END privateca_create_subordinateca] diff --git a/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java b/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java new file mode 100644 index 00000000000..9ba8d93a223 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java @@ -0,0 +1,81 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_filter_certificate] + +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.Certificate; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.ListCertificatesRequest; +import java.io.IOException; + +public class FilterCertificates { + + public static void main(String[] args) throws IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: Id of the CA pool which contains the certificates to be listed. + // filterCondition: Filter certificates based on the given condition. + // For more info on conditions supported, + // see: + // https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String filterCondition = "filter-condition"; + + filterCertificates(project, location, pool_Id, filterCondition); + } + + // Filter certificates based on a condition and list them. + public static void filterCertificates( + String project, String location, String pool_Id, String filterCondition) throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + CaPoolName caPool = + CaPoolName.newBuilder() + .setProject(project) + .setLocation(location) + .setCaPool(pool_Id) + .build(); + + // Create the certificate request and set the filter condition. + ListCertificatesRequest listCertificatesRequest = + ListCertificatesRequest.newBuilder() + .setParent(caPool.toString()) + // Filter certificates according to the given condition. + .setFilter(filterCondition) + .build(); + + // Retrieve and print the certificate names. + System.out.println("Available certificates: "); + for (Certificate certificate : + certificateAuthorityServiceClient + .listCertificates(listCertificatesRequest) + .iterateAll()) { + System.out.println(certificate.getName()); + } + } + } +} +// [END privateca_filter_certificate] diff --git a/privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java new file mode 100644 index 00000000000..644a7201a06 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java @@ -0,0 +1,107 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_undelete_ca] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthority.State; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.UndeleteCertificateAuthorityRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class UndeleteCertificateAuthority { + + public static void main(String[] args) + throws InterruptedException, ExecutionException, TimeoutException, IOException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: The id of the CA pool under which the deleted CA is present. + // certificateAuthorityName: The name of the CA to be restored (undeleted). + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String certificateAuthorityName = "certificate-authority-name"; + + undeleteCertificateAuthority(project, location, pool_Id, certificateAuthorityName); + } + + // Restore a deleted CA, if still within the grace period of 30 days. + public static void undeleteCertificateAuthority( + String project, String location, String pool_Id, String certificateAuthorityName) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. After completing all of your requests, call + // the `certificateAuthorityServiceClient.close()` method on the client to safely + // clean up any remaining background resources. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + String certificateAuthorityParent = + CertificateAuthorityName.of(project, location, pool_Id, certificateAuthorityName) + .toString(); + + // Confirm if the CA is in DELETED stage. + if (getCurrentState(certificateAuthorityServiceClient, certificateAuthorityParent) + != State.DELETED) { + System.out.println("CA is not deleted !"); + return; + } + + // Create the Request. + UndeleteCertificateAuthorityRequest undeleteCertificateAuthorityRequest = + UndeleteCertificateAuthorityRequest.newBuilder() + .setName(certificateAuthorityParent) + .build(); + + // Undelete the CA. + ApiFuture futureCall = + certificateAuthorityServiceClient + .undeleteCertificateAuthorityCallable() + .futureCall(undeleteCertificateAuthorityRequest); + + Operation response = futureCall.get(5, TimeUnit.SECONDS); + + // CA state changes from DELETED to DISABLED if successfully restored. + // Confirm if the CA is DISABLED. + if (response.hasError() + || getCurrentState(certificateAuthorityServiceClient, certificateAuthorityParent) + != State.DISABLED) { + System.out.println( + "Unable to restore the Certificate Authority! Please try again !" + + response.getError()); + return; + } + + // The CA will be in the DISABLED state. Enable before use. + System.out.println( + "Successfully restored the Certificate Authority ! " + certificateAuthorityName); + } + } + + // Get the current state of CA. + private static State getCurrentState( + CertificateAuthorityServiceClient client, String certificateAuthorityParent) { + return client.getCertificateAuthority(certificateAuthorityParent).getState(); + } +} +// [END privateca_undelete_ca] diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index 736bc37e542..db1cc226b47 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -24,6 +24,7 @@ import com.google.cloud.security.privateca.v1.CertificateAuthorityName; import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; import com.google.cloud.security.privateca.v1.CertificateName; +import com.google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse; import com.google.protobuf.ByteString; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -61,7 +62,9 @@ public class SnippetsIT { private static String CA_POOL_ID_DELETE; private static String CA_NAME; private static String CA_NAME_DELETE; + private static String SUBORDINATE_CA_NAME; private static String CERTIFICATE_NAME; + private static String CSR_CERTIFICATE_NAME; private static int KEY_SIZE; private ByteArrayOutputStream stdOut; @@ -85,23 +88,47 @@ public static void setUp() CA_POOL_ID_DELETE = "ca-pool-" + UUID.randomUUID().toString(); CA_NAME = "ca-name-" + UUID.randomUUID().toString(); CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); + SUBORDINATE_CA_NAME = "sub-ca-name-" + UUID.randomUUID().toString(); CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); + CSR_CERTIFICATE_NAME = "csr-certificate-name-" + UUID.randomUUID().toString(); KEY_SIZE = 2048; // Default key size + // <--- START CA POOL ---> // Create CA Pool. privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); sleep(5); + // <--- END CA POOL ---> - // Create and Enable Certificate Authorities. + // <--- START ROOT CA ---> + // Create and Enable Certificate Authority. privateca.CreateCertificateAuthority.createCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); - privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); sleep(10); privateca.EnableCertificateAuthority.enableCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + // Create and Delete Certificate Authority. + privateca.CreateCertificateAuthority.createCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + sleep(10); + privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + // <--- END ROOT CA ---> + + // <--- START SUBORDINATE CA ---> + // Create a Subordinate Certificate Authority. + privateca.CreateSubordinateCa.createSubordinateCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME); + sleep(10); + // Fetch CSR. + String pemCSR = fetchPemCSR(CA_POOL_ID, SUBORDINATE_CA_NAME); + // Sign the CSR, and create a certificate. + privateca.CreateCertificate_CSR.createCertificateWithCSR( + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CSR_CERTIFICATE_NAME, pemCSR); + // <--- END SUBORDINATE CA ---> + + // <--- START CERTIFICATE ---> // Create an asymmetric key pair using Bouncy Castle crypto framework. KeyPair asymmetricKeyPair = createAsymmetricKeyPair(); @@ -124,6 +151,7 @@ public static void setUp() privateca.CreateCertificate.createCertificate( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); sleep(5); + // <--- END CERTIFICATE ---> } @AfterClass @@ -132,10 +160,23 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO ByteArrayOutputStream stdOut = new ByteArrayOutputStream(); System.setOut(new PrintStream(stdOut)); - // Delete CA and CA pool. + // Revoke Certificate. + privateca.RevokeCertificate.revokeCertificate( + PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME); + + // Delete root CA. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); sleep(5); + // Deleting the undeleted CA. + privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + + // Delete Subordinate CA. + privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME); + sleep(5); + // Delete CA Pool. privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); stdOut = null; @@ -147,6 +188,20 @@ public static void sleep(int seconds) throws InterruptedException { TimeUnit.SECONDS.sleep(seconds); } + // Fetch CSR of the given CA. + public static String fetchPemCSR(String pool_Id, String caName) throws IOException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + String caParent = + CertificateAuthorityName.of(PROJECT_ID, LOCATION, pool_Id, caName).toString(); + + FetchCertificateAuthorityCsrResponse response = + certificateAuthorityServiceClient.fetchCertificateAuthorityCsr(caParent); + + return response.getPemCsr(); + } + } + // Create an asymmetric key pair to be used in certificate signing. public static KeyPair createAsymmetricKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException { @@ -243,12 +298,14 @@ public void testEnableDisableCertificateAuthority() } @Test - public void testDeleteCertificateAuthority() - throws InterruptedException, ExecutionException, IOException { - privateca.DeleteCertificateAuthority.deleteCertificateAuthority( + public void testDeleteUndeleteCertificateAuthority() + throws InterruptedException, ExecutionException, IOException, TimeoutException { + // CA deleted as part of setup(). Undelete the CA. + // The undelete operation will be executed only if the CA was successfully deleted. + privateca.UndeleteCertificateAuthority.undeleteCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); assertThat(stdOut.toString()) - .contains("Successfully deleted Certificate Authority : " + CA_NAME_DELETE); + .contains("Successfully restored the Certificate Authority ! " + CA_NAME_DELETE); } @Test @@ -269,6 +326,17 @@ public void testListCertificates() throws IOException { assertThat(stdOut.toString()).contains(CERTIFICATE_NAME); } + @Test + public void testFilterCertificates() throws IOException { + // Filter only certificates created using CSR. + String filterCondition = + "certificate_description.subject_description.subject.organization=csr-org-name"; + privateca.FilterCertificates.filterCertificates( + PROJECT_ID, LOCATION, CA_POOL_ID, filterCondition); + assertThat(stdOut.toString()).contains(CSR_CERTIFICATE_NAME); + assertThat(stdOut.toString()).doesNotContain(CERTIFICATE_NAME); + } + @Test public void testRevokeCertificate() throws InterruptedException, ExecutionException, IOException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = @@ -285,4 +353,46 @@ public void testRevokeCertificate() throws InterruptedException, ExecutionExcept certificateAuthorityServiceClient.getCertificate(certificateName).hasRevocationDetails()); } } + + @Test + public void testCreateSubordinateCertificateAuthority() throws IOException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + CertificateAuthority response = + certificateAuthorityServiceClient.getCertificateAuthority( + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME) + .toString()); + Assert.assertTrue(response.hasCreateTime()); + } + } + + @Test + public void testCreateCertificateWithCSR() throws IOException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + Certificate response = + certificateAuthorityServiceClient.getCertificate( + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME) + .toString()); + Assert.assertTrue(response.hasCreateTime()); + } + } + + @Test + public void testActivateSubordinateCertificateAuthority() + throws IOException, ExecutionException, InterruptedException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + Certificate response = + certificateAuthorityServiceClient.getCertificate( + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME) + .toString()); + + String pemCertificate = response.getPemCertificate(); + + privateca.ActivateSubordinateCa.activateSubordinateCA( + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, SUBORDINATE_CA_NAME, pemCertificate); + assertThat(stdOut.toString()).contains("Current State: STAGED"); + } + } } From e4033ad5ede167cf1fb097be1b026878296b2bf4 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 1 Sep 2021 01:36:32 +0200 Subject: [PATCH 30/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2 (#241) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `1.1.0` -> `2.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.0.0/compatibility-slim/1.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.0.0/confidence-slim/1.1.0)](https://docs.renovatebot.com/merge-confidence/) | *** ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. *** * \[ ] If you want to rebase/retry this PR, check this box. *** This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 7387199ef3e..f442cc52914 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 1.1.0 + 2.0.0 org.bouncycastle From 6606d8084b1b125bd6ec3252d926be45fac05db1 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 1 Sep 2021 02:31:42 +0200 Subject: [PATCH 31/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.0.2 (#261) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index f442cc52914..4fd38ae1c32 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.0.0 + 2.0.2 org.bouncycastle From 3b3ededa5c3ecf9e448f2f03e8590676f83bf24f Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 2 Sep 2021 17:58:53 +0200 Subject: [PATCH 32/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.1.0 (#265) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.0.2` -> `2.1.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.0/compatibility-slim/2.0.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.0/confidence-slim/2.0.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 4fd38ae1c32..56cf9f1007a 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.0.2 + 2.1.0 org.bouncycastle From c2129aefbc675717a1feed302bba87b510d9709a Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 13 Sep 2021 18:48:36 +0200 Subject: [PATCH 33/80] chore(deps): update dependency com.google.cloud:libraries-bom to v23 (#269) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `22.0.0` -> `23.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.0.0/compatibility-slim/22.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.0.0/confidence-slim/22.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 56cf9f1007a..88eb1796a1a 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 22.0.0 + 23.0.0 pom import From aab5bb516cc72cdfd65421a60beb45bb6f6f7fa6 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Tue, 14 Sep 2021 06:15:27 +0530 Subject: [PATCH 34/80] docs(samples): added samples for issuance policy and certificate templates (#264) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs(samples): init commit - set issuance policy * docs(samples): added certificate template CRUD samples * refactor(samples): modified the samples for test coherence * test(samples): Added tests for issuance policy and certificate templates. * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * refactor(samples): included filter condition and comments * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * refactor(samples): included review comments * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../java/privateca/CreateCertificate.java | 2 +- .../privateca/CreateCertificateTemplate.java | 121 ++++++++++++++++ .../java/privateca/CreateSubordinateCa.java | 4 + .../privateca/DeleteCertificateTemplate.java | 78 ++++++++++ .../java/privateca/FilterCertificates.java | 23 +-- .../privateca/ListCertificateTemplates.java | 73 ++++++++++ .../UpdateCaPool_IssuancePolicy.java | 134 ++++++++++++++++++ .../privateca/UpdateCertificateTemplate.java | 116 +++++++++++++++ .../src/test/java/privateca/SnippetsIT.java | 95 ++++++++++--- 9 files changed, 619 insertions(+), 27 deletions(-) create mode 100644 privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java create mode 100644 privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java create mode 100644 privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java create mode 100644 privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java create mode 100644 privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java index 296a9964592..5cac09dd929 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java @@ -85,7 +85,7 @@ public static void createCertificate( // certificateLifetime: The validity of the certificate in seconds. String commonName = "common-name"; String orgName = "org-name"; - String domainName = "dnsname.com"; + String domainName = "dns.your-domain.com"; long certificateLifetime = 1000L; // Set the Public Key and its format. diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java new file mode 100644 index 00000000000..e3c4b5cc670 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java @@ -0,0 +1,121 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_create_certificate_template] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateIdentityConstraints; +import com.google.cloud.security.privateca.v1.CertificateTemplate; +import com.google.cloud.security.privateca.v1.CreateCertificateTemplateRequest; +import com.google.cloud.security.privateca.v1.KeyUsage; +import com.google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions; +import com.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions; +import com.google.cloud.security.privateca.v1.LocationName; +import com.google.cloud.security.privateca.v1.X509Parameters; +import com.google.cloud.security.privateca.v1.X509Parameters.CaOptions; +import com.google.longrunning.Operation; +import com.google.type.Expr; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class CreateCertificateTemplate { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* TODO(developer): Replace these variables before running the sample. + location: For a list of locations, see: + https://cloud.google.com/certificate-authority-service/docs/locations */ + String project = "your-project-id"; + String location = "ca-location"; + String certificateTemplateId = "certificate-template-id"; + + createCertificateTemplate(project, location, certificateTemplateId); + } + + /* Creates a Certificate template. These templates can be reused for common + certificate issuance scenarios. */ + public static void createCertificateTemplate( + String project, String location, String certificateTemplateId) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + /* Describes any predefined X.509 values set by this template. + The provided extensions are copied over to certificate requests that use this template.*/ + KeyUsage keyUsage = + KeyUsage.newBuilder() + .setBaseKeyUsage( + KeyUsageOptions.newBuilder() + .setDigitalSignature(true) + .setKeyEncipherment(true) + .build()) + .setExtendedKeyUsage(ExtendedKeyUsageOptions.newBuilder().setServerAuth(true).build()) + .build(); + + CaOptions caOptions = CaOptions.newBuilder().setIsCa(false).build(); + + /* CEL expression that is evaluated against the Subject and + Subject Alternative Name of the certificate before it is issued. */ + Expr expr = + Expr.newBuilder().setExpression("subject_alt_names.all(san, san.type == DNS)").build(); + + // Set the certificate issuance schema. + CertificateTemplate certificateTemplate = + CertificateTemplate.newBuilder() + .setPredefinedValues( + X509Parameters.newBuilder().setKeyUsage(keyUsage).setCaOptions(caOptions).build()) + .setIdentityConstraints( + CertificateIdentityConstraints.newBuilder() + .setCelExpression(expr) + .setAllowSubjectPassthrough(false) + .setAllowSubjectAltNamesPassthrough(false) + .build()) + .build(); + + // Set the parent and certificate template properties. + CreateCertificateTemplateRequest certificateTemplateRequest = + CreateCertificateTemplateRequest.newBuilder() + .setParent(LocationName.of(project, location).toString()) + .setCertificateTemplate(certificateTemplate) + .setCertificateTemplateId(certificateTemplateId) + .build(); + + // Create Template request. + ApiFuture futureCall = + certificateAuthorityServiceClient + .createCertificateTemplateCallable() + .futureCall(certificateTemplateRequest); + + Operation response = futureCall.get(60, TimeUnit.SECONDS); + + if (response.hasError()) { + System.out.println("Error creating certificate template ! " + response.getError()); + return; + } + + System.out.println("Successfully created certificate template ! " + response.getName()); + } + } +} +// [END privateca_create_certificate_template] diff --git a/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java b/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java index 78f95b57ffc..29b3f7ef4f3 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java @@ -29,6 +29,7 @@ import com.google.cloud.security.privateca.v1.KeyUsage; import com.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions; import com.google.cloud.security.privateca.v1.Subject; +import com.google.cloud.security.privateca.v1.SubjectAltNames; import com.google.cloud.security.privateca.v1.X509Parameters; import com.google.cloud.security.privateca.v1.X509Parameters.CaOptions; import com.google.longrunning.Operation; @@ -65,6 +66,7 @@ public static void createSubordinateCertificateAuthority( String commonName = "common-name"; String orgName = "csr-org-name"; + String domainName = "dns.your-domain.com"; int caDuration = 100000; // Validity of this CA in seconds. // Set the type of Algorithm. @@ -76,6 +78,8 @@ public static void createSubordinateCertificateAuthority( SubjectConfig.newBuilder() .setSubject( Subject.newBuilder().setCommonName(commonName).setOrganization(orgName).build()) + // Set the fully qualified domain name. + .setSubjectAltName(SubjectAltNames.newBuilder().addDnsNames(domainName).build()) .build(); // Set the key usage options for X.509 fields. diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java new file mode 100644 index 00000000000..417ffae28a4 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java @@ -0,0 +1,78 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_delete_certificate_template] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateTemplateName; +import com.google.cloud.security.privateca.v1.DeleteCertificateTemplateRequest; +import com.google.longrunning.Operation; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class DeleteCertificateTemplate { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* TODO(developer): Replace these variables before running the sample. + location: For a list of locations, see: + https://cloud.google.com/certificate-authority-service/docs/locations + certificateTemplateId: Id of the certificate template to delete. */ + String project = "your-project-id"; + String location = "ca-location"; + String certificateTemplateId = "certificate-template-id"; + + deleteCertificateTemplate(project, location, certificateTemplateId); + } + + // Deletes the certificate template present in the given project and location. + public static void deleteCertificateTemplate( + String project, String location, String certificateTemplateId) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Set the parent name of the certificate template to be deleted. + DeleteCertificateTemplateRequest request = + DeleteCertificateTemplateRequest.newBuilder() + .setName( + CertificateTemplateName.of(project, location, certificateTemplateId).toString()) + .build(); + + ApiFuture futureCall = + certificateAuthorityServiceClient.deleteCertificateTemplateCallable().futureCall(request); + + Operation response = futureCall.get(60, TimeUnit.SECONDS); + + // Check for errors. + if (response.hasError()) { + System.out.println("Error deleting the certificate template ! " + response.getError()); + return; + } + + System.out.println("Successfully created certificate template ! " + response.getName()); + } + } +} +// [END privateca_delete_certificate_template] diff --git a/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java b/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java index 9ba8d93a223..6a199f93171 100644 --- a/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java +++ b/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java @@ -30,21 +30,16 @@ public static void main(String[] args) throws IOException { // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations // pool_Id: Id of the CA pool which contains the certificates to be listed. - // filterCondition: Filter certificates based on the given condition. - // For more info on conditions supported, - // see: - // https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support String project = "your-project-id"; String location = "ca-location"; String pool_Id = "ca-pool-id"; - String filterCondition = "filter-condition"; - filterCertificates(project, location, pool_Id, filterCondition); + filterCertificates(project, location, pool_Id); } // Filter certificates based on a condition and list them. - public static void filterCertificates( - String project, String location, String pool_Id, String filterCondition) throws IOException { + public static void filterCertificates(String project, String location, String pool_Id) + throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call // the `certificateAuthorityServiceClient.close()` method on the client to safely @@ -63,8 +58,16 @@ public static void filterCertificates( ListCertificatesRequest listCertificatesRequest = ListCertificatesRequest.newBuilder() .setParent(caPool.toString()) - // Filter certificates according to the given condition. - .setFilter(filterCondition) + /* Filter certificates based on the given condition. + For more info on conditions supported, + see: + https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support + Few examples for constructing conditions: + certificate_description.subject_description.not_after_time=timestamp(com.google.protobuf) + certificate_description.subject_description.subject_alt_name.dns_names:my-dns + Here, we are filtering certificates which has organization name = csr-org-name */ + .setFilter( + "certificate_description.subject_description.subject.organization=csr-org-name") .build(); // Retrieve and print the certificate names. diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java b/privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java new file mode 100644 index 00000000000..bc574c0259a --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java @@ -0,0 +1,73 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_list_certificate_template] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateTemplate; +import com.google.cloud.security.privateca.v1.ListCertificateTemplatesRequest; +import com.google.cloud.security.privateca.v1.ListCertificateTemplatesResponse; +import com.google.cloud.security.privateca.v1.LocationName; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class ListCertificateTemplates { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* TODO(developer): Replace these variables before running the sample. + location: For a list of locations, see: + https://cloud.google.com/certificate-authority-service/docs/locations */ + String project = "your-project-id"; + String location = "ca-location"; + + listCertificateTemplates(project, location); + } + + // Lists the certificate templates present in the given project and location. + public static void listCertificateTemplates(String project, String location) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Set the parent name to list the certificate templates. + ListCertificateTemplatesRequest request = + ListCertificateTemplatesRequest.newBuilder() + .setParent(LocationName.of(project, location).toString()) + .build(); + + ApiFuture futureCall = + certificateAuthorityServiceClient.listCertificateTemplatesCallable().futureCall(request); + + // Get the response. + ListCertificateTemplatesResponse response = futureCall.get(60, TimeUnit.SECONDS); + + // List all templates. + for (CertificateTemplate template : response.getCertificateTemplatesList()) { + System.out.println(template.getName()); + } + } + } +} +// [END privateca_list_certificate_template] diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java b/privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java new file mode 100644 index 00000000000..1b0914323c0 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java @@ -0,0 +1,134 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_set_issuance_policy] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CaPool; +import com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy; +import com.google.cloud.security.privateca.v1.CaPoolName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateIdentityConstraints; +import com.google.cloud.security.privateca.v1.UpdateCaPoolRequest; +import com.google.longrunning.Operation; +import com.google.protobuf.FieldMask; +import com.google.type.Expr; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class UpdateCaPool_IssuancePolicy { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: The CA pool for which the issuance policy is to be updated. + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + + updateCaPoolIssuancePolicy(project, location, pool_Id); + } + + /* Update the Issuance policy for a CA Pool. All certificates issued from this CA Pool should + meet the issuance policy. */ + public static void updateCaPoolIssuancePolicy(String project, String location, String pool_Id) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + /* Set the updated issuance policy for the CA Pool. + This particular issuance policy allows only SANs that + have DNS Names as "us.google.org" or ending in ".google.com". */ + String expr = + "subject_alt_names.all(san, san.type == DNS && (san.value == \"us.google.org\"" + + " || san.value.endsWith(\".google.com\")) )"; + + CaPool.IssuancePolicy issuancePolicy = + IssuancePolicy.newBuilder() + .setIdentityConstraints( + CertificateIdentityConstraints.newBuilder() + .setAllowSubjectPassthrough(true) + .setAllowSubjectAltNamesPassthrough(true) + .setCelExpression(Expr.newBuilder().setExpression(expr).build()) + .build()) + .build(); + + CaPool caPool = + CaPool.newBuilder() + .setName(CaPoolName.of(project, location, pool_Id).toString()) + .setIssuancePolicy(issuancePolicy) + .build(); + + /* 1. Set the CA pool with updated values. + 2. Set the update mask to specify which properties of the CA Pool should be updated. + Only the properties specified in the mask will be updated. Make sure that the mask fields + match the updated issuance policy. + For more info on constructing path for update mask, see: + https://cloud.google.com/certificate-authority-service/docs/reference/rest/v1/projects.locations.caPools#issuancepolicy */ + UpdateCaPoolRequest updateCaPoolRequest = + UpdateCaPoolRequest.newBuilder() + .setCaPool(caPool) + .setUpdateMask( + FieldMask.newBuilder( + FieldMask.newBuilder() + .addPaths( + "issuance_policy.identity_constraints.allow_subject_passthrough") + .addPaths( + "issuance_policy.identity_constraints.allow_subject_alt_names_passthrough") + .addPaths("issuance_policy.identity_constraints.cel_expression") + .build())) + .build(); + + // Update CA Pool request. + ApiFuture futureCall = + certificateAuthorityServiceClient.updateCaPoolCallable().futureCall(updateCaPoolRequest); + + Operation operation = futureCall.get(60, TimeUnit.SECONDS); + + // Check for errors. + if (operation.hasError()) { + System.out.println("Error in updating CA Pool Issuance policy ! " + operation.getError()); + return; + } + + // Get the CA Pool's issuance policy and verify if the fields have been successfully updated. + IssuancePolicy response = + certificateAuthorityServiceClient + .getCaPool(CaPoolName.of(project, location, pool_Id).toString()) + .getIssuancePolicy(); + + // Similarly, you can check for other modified fields as well. + if (response.getIdentityConstraints().getAllowSubjectPassthrough() + && response.getIdentityConstraints().getAllowSubjectAltNamesPassthrough()) { + System.out.println("CA Pool Issuance policy has been updated successfully ! "); + return; + } + + System.out.println( + "Error in updating CA Pool Issuance policy ! Please try again ! " + response); + } + } +} +// [END privateca_set_issuance_policy] diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java b/privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java new file mode 100644 index 00000000000..66feb63f7c8 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java @@ -0,0 +1,116 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_update_certificate_template] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.CertificateIdentityConstraints; +import com.google.cloud.security.privateca.v1.CertificateTemplate; +import com.google.cloud.security.privateca.v1.CertificateTemplateName; +import com.google.cloud.security.privateca.v1.UpdateCertificateTemplateRequest; +import com.google.longrunning.Operation; +import com.google.protobuf.FieldMask; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class UpdateCertificateTemplate { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // certificateTemplateId: Id of the certificate template to update. + String project = "your-project-id"; + String location = "ca-location"; + String certificateTemplateId = "certificate-template-id"; + + updateCertificateTemplate(project, location, certificateTemplateId); + } + + // Updates an existing certificate template. + public static void updateCertificateTemplate( + String project, String location, String certificateTemplateId) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + String certificateTemplateName = + CertificateTemplateName.of(project, location, certificateTemplateId).toString(); + + // Set the parent name and the properties to be updated. + CertificateTemplate certificateTemplate = + CertificateTemplate.newBuilder() + .setName(certificateTemplateName) + .setIdentityConstraints( + CertificateIdentityConstraints.newBuilder() + .setAllowSubjectPassthrough(false) + .setAllowSubjectAltNamesPassthrough(true) + .build()) + .build(); + + // Set the mask corresponding to the properties updated above. + FieldMask fieldMask = + FieldMask.newBuilder() + .addPaths("identity_constraints.allow_subject_alt_names_passthrough") + .addPaths("identity_constraints.allow_subject_passthrough") + .build(); + + /* Set the new template. + Set the mask to specify which properties of the template should be updated. */ + UpdateCertificateTemplateRequest request = + UpdateCertificateTemplateRequest.newBuilder() + .setCertificateTemplate(certificateTemplate) + .setUpdateMask(fieldMask) + .build(); + + // Create the update certificate template request. + ApiFuture futureCall = + certificateAuthorityServiceClient.updateCertificateTemplateCallable().futureCall(request); + + Operation response = futureCall.get(60, TimeUnit.SECONDS); + + // Check for errors. + if (response.hasError()) { + System.out.println("Error in updating certificate template ! " + response.getError()); + return; + } + + // Get the updated certificate template and check if the properties have been updated. + CertificateIdentityConstraints updatedCertificateIdentityConstraints = + certificateAuthorityServiceClient + .getCertificateTemplate(certificateTemplateName) + .getIdentityConstraints(); + + if (!updatedCertificateIdentityConstraints.getAllowSubjectPassthrough() + && updatedCertificateIdentityConstraints.getAllowSubjectAltNamesPassthrough()) { + System.out.println("Successfully updated the certificate template ! " + response.getName()); + return; + } + + System.out.println("Error in updating certificate template ! "); + } + } +} +// [END privateca_update_certificate_template] diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index db1cc226b47..d907faa388c 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -18,12 +18,14 @@ import static com.google.common.truth.Truth.assertThat; import static com.google.common.truth.Truth.assertWithMessage; +import com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy; import com.google.cloud.security.privateca.v1.CaPoolName; import com.google.cloud.security.privateca.v1.Certificate; import com.google.cloud.security.privateca.v1.CertificateAuthority; import com.google.cloud.security.privateca.v1.CertificateAuthorityName; import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; import com.google.cloud.security.privateca.v1.CertificateName; +import com.google.cloud.security.privateca.v1.CertificateTemplateName; import com.google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse; import com.google.protobuf.ByteString; import java.io.ByteArrayOutputStream; @@ -63,6 +65,7 @@ public class SnippetsIT { private static String CA_NAME; private static String CA_NAME_DELETE; private static String SUBORDINATE_CA_NAME; + private static String CERTIFICATE_TEMPLATE_NAME; private static String CERTIFICATE_NAME; private static String CSR_CERTIFICATE_NAME; private static int KEY_SIZE; @@ -79,18 +82,19 @@ public static void reqEnvVar(String envVarName) { @BeforeClass public static void setUp() throws IOException, ExecutionException, NoSuchProviderException, NoSuchAlgorithmException, - InterruptedException { + InterruptedException, TimeoutException { reqEnvVar("GOOGLE_APPLICATION_CREDENTIALS"); reqEnvVar("GOOGLE_CLOUD_PROJECT"); LOCATION = "asia-south1"; - CA_POOL_ID = "ca-pool-" + UUID.randomUUID().toString(); - CA_POOL_ID_DELETE = "ca-pool-" + UUID.randomUUID().toString(); - CA_NAME = "ca-name-" + UUID.randomUUID().toString(); - CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); - SUBORDINATE_CA_NAME = "sub-ca-name-" + UUID.randomUUID().toString(); - CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); - CSR_CERTIFICATE_NAME = "csr-certificate-name-" + UUID.randomUUID().toString(); + CA_POOL_ID = "ca-pool-" + UUID.randomUUID(); + CA_POOL_ID_DELETE = "ca-pool-" + UUID.randomUUID(); + CA_NAME = "ca-name-" + UUID.randomUUID(); + CA_NAME_DELETE = "ca-name-" + UUID.randomUUID(); + SUBORDINATE_CA_NAME = "sub-ca-name-" + UUID.randomUUID(); + CERTIFICATE_TEMPLATE_NAME = "certificate-template-name-" + UUID.randomUUID(); + CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID(); + CSR_CERTIFICATE_NAME = "csr-certificate-name-" + UUID.randomUUID(); KEY_SIZE = 2048; // Default key size // <--- START CA POOL ---> @@ -98,6 +102,9 @@ public static void setUp() privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); sleep(5); + // Set the issuance policy for the created CA Pool. + privateca.UpdateCaPool_IssuancePolicy.updateCaPoolIssuancePolicy( + PROJECT_ID, LOCATION, CA_POOL_ID); // <--- END CA POOL ---> // <--- START ROOT CA ---> @@ -117,18 +124,23 @@ public static void setUp() // <--- END ROOT CA ---> // <--- START SUBORDINATE CA ---> - // Create a Subordinate Certificate Authority. + // Follow the below steps to create and enable a Subordinate Certificate Authority. + // 1. Create a Subordinate Certificate Authority. privateca.CreateSubordinateCa.createSubordinateCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME); sleep(10); - // Fetch CSR. + // 2. Fetch CSR. String pemCSR = fetchPemCSR(CA_POOL_ID, SUBORDINATE_CA_NAME); - // Sign the CSR, and create a certificate. + // 3. Sign the CSR, and create a certificate. privateca.CreateCertificate_CSR.createCertificateWithCSR( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CSR_CERTIFICATE_NAME, pemCSR); // <--- END SUBORDINATE CA ---> // <--- START CERTIFICATE ---> + // Create Certificate Template. + privateca.CreateCertificateTemplate.createCertificateTemplate( + PROJECT_ID, LOCATION, CERTIFICATE_TEMPLATE_NAME); + // Create an asymmetric key pair using Bouncy Castle crypto framework. KeyPair asymmetricKeyPair = createAsymmetricKeyPair(); @@ -155,7 +167,8 @@ public static void setUp() } @AfterClass - public static void cleanUp() throws InterruptedException, ExecutionException, IOException { + public static void cleanUp() + throws InterruptedException, ExecutionException, IOException, TimeoutException { ByteArrayOutputStream stdOut = new ByteArrayOutputStream(); System.setOut(new PrintStream(stdOut)); @@ -164,6 +177,10 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO privateca.RevokeCertificate.revokeCertificate( PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME); + // Delete Certificate Template. + privateca.DeleteCertificateTemplate.deleteCertificateTemplate( + PROJECT_ID, LOCATION, CERTIFICATE_TEMPLATE_NAME); + // Delete root CA. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); @@ -255,6 +272,23 @@ public void testCreateCAPool() throws IOException { } } + @Test + public void testUpdateCAPoolIssuancePolicy() throws IOException { + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + IssuancePolicy issuancePolicy = + certificateAuthorityServiceClient + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_ID).toString()) + .getIssuancePolicy(); + + String actualExpression = + issuancePolicy.getIdentityConstraints().getCelExpression().getExpression(); + String expectedExpression = + "subject_alt_names.all(san, san.type == DNS && (san.value == \"us.google.org\" || san.value.endsWith(\".google.com\")) )"; + assertThat(actualExpression).contains(expectedExpression); + } + } + @Test public void testListCAPools() throws IOException { privateca.ListCaPools.listCaPools(PROJECT_ID, LOCATION); @@ -308,6 +342,38 @@ public void testDeleteUndeleteCertificateAuthority() .contains("Successfully restored the Certificate Authority ! " + CA_NAME_DELETE); } + @Test + public void testCreateCertificateTemplate() throws IOException { + // Check that the Certificate template has been created as part of the setup. + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + String certificateTemplate = + certificateAuthorityServiceClient + .getCertificateTemplate( + CertificateTemplateName.of(PROJECT_ID, LOCATION, CERTIFICATE_TEMPLATE_NAME) + .toString()) + .getName(); + + assertThat(certificateTemplate) + .contains(String.format("projects/%s/locations/%s/", PROJECT_ID, LOCATION)); + } + } + + @Test + public void testListCertificateTemplate() + throws IOException, ExecutionException, InterruptedException, TimeoutException { + privateca.ListCertificateTemplates.listCertificateTemplates(PROJECT_ID, LOCATION); + assertThat(stdOut.toString()).contains(CERTIFICATE_TEMPLATE_NAME); + } + + @Test + public void updateCertificateTemplate() + throws IOException, ExecutionException, InterruptedException, TimeoutException { + privateca.UpdateCertificateTemplate.updateCertificateTemplate( + PROJECT_ID, LOCATION, CERTIFICATE_TEMPLATE_NAME); + assertThat(stdOut.toString()).contains("Successfully updated the certificate template ! "); + } + @Test public void testCreateCertificate() throws IOException { // Check if the certificate created during setup is successful. @@ -329,10 +395,7 @@ public void testListCertificates() throws IOException { @Test public void testFilterCertificates() throws IOException { // Filter only certificates created using CSR. - String filterCondition = - "certificate_description.subject_description.subject.organization=csr-org-name"; - privateca.FilterCertificates.filterCertificates( - PROJECT_ID, LOCATION, CA_POOL_ID, filterCondition); + privateca.FilterCertificates.filterCertificates(PROJECT_ID, LOCATION, CA_POOL_ID); assertThat(stdOut.toString()).contains(CSR_CERTIFICATE_NAME); assertThat(stdOut.toString()).doesNotContain(CERTIFICATE_NAME); } From 4883026c5e890ad0468fc69eb01b14cd25a0c5fd Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 20 Sep 2021 22:02:47 +0200 Subject: [PATCH 35/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.1.1 (#279) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.1.0` -> `2.1.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.1/compatibility-slim/2.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.1/confidence-slim/2.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 88eb1796a1a..819f35d807b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.1.0 + 2.1.1 org.bouncycastle From 74776a20c4acffd32c4268feacf24c34d17a3f57 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Tue, 21 Sep 2021 13:34:46 +0530 Subject: [PATCH 36/80] docs(samples): added samples and tests for updating and monitoring CA (#274) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs(samples): added samples and tests for updating and monitoring CA * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * docs(samples): added review comments * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../MonitorCertificateAuthority.java | 91 +++++++++++++++++ .../privateca/UpdateCertificateAuthority.java | 99 +++++++++++++++++++ .../src/test/java/privateca/SnippetsIT.java | 13 +++ privateca/pom.xml | 4 + 4 files changed, 207 insertions(+) create mode 100644 privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java create mode 100644 privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java new file mode 100644 index 00000000000..f34f8800698 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java @@ -0,0 +1,91 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_monitor_ca_expiry] + +import com.google.cloud.monitoring.v3.AlertPolicyServiceClient; +import com.google.cloud.monitoring.v3.NotificationChannelServiceClient; +import com.google.monitoring.v3.AlertPolicy; +import com.google.monitoring.v3.AlertPolicy.Condition; +import com.google.monitoring.v3.AlertPolicy.Condition.MonitoringQueryLanguageCondition; +import com.google.monitoring.v3.AlertPolicy.ConditionCombinerType; +import com.google.monitoring.v3.NotificationChannel; +import com.google.monitoring.v3.ProjectName; +import java.io.IOException; + +public class MonitorCertificateAuthority { + + public static void main(String[] args) throws IOException { + // TODO(developer): Replace these variables before running the sample. + String project = "your-project-id"; + createCaMonitoringPolicy(project); + } + + // Creates a monitoring policy that notifies you 30 days before a managed CA expires. + public static void createCaMonitoringPolicy(String project) throws IOException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `client.close()` method on the client to safely + clean up any remaining background resources. */ + try (AlertPolicyServiceClient client = AlertPolicyServiceClient.create(); + NotificationChannelServiceClient notificationClient = + NotificationChannelServiceClient.create()) { + + String policyName = "policy-name"; + + /* Query which indicates the resource to monitor and the constraints. + Here, the alert policy notifies you 30 days before a managed CA expires. + For more info on creating queries, see: https://cloud.google.com/monitoring/mql/alerts */ + String query = + "fetch privateca.googleapis.com/CertificateAuthority" + + "| metric 'privateca.googleapis.com/ca/cert_chain_expiration'" + + "| group_by 5m," + + "[value_cert_chain_expiration_mean: mean(value.cert_chain_expiration)]" + + "| every 5m" + + "| condition val() < 2.592e+06 's'"; + + // Create a notification channel. + NotificationChannel notificationChannel = + NotificationChannel.newBuilder() + .setType("email") + .putLabels("email_address", "java-docs-samples-testing@google.com") + .build(); + NotificationChannel channel = + notificationClient.createNotificationChannel( + ProjectName.of(project), notificationChannel); + + // Set the query and notification channel. + AlertPolicy alertPolicy = + AlertPolicy.newBuilder() + .setDisplayName(policyName) + .addConditions( + Condition.newBuilder() + .setDisplayName("ca-cert-chain-expiration") + .setConditionMonitoringQueryLanguage( + MonitoringQueryLanguageCondition.newBuilder().setQuery(query).build()) + .build()) + .setCombiner(ConditionCombinerType.AND) + .addNotificationChannels(channel.getName()) + .build(); + + AlertPolicy policy = client.createAlertPolicy(ProjectName.of(project), alertPolicy); + + System.out.println("Monitoring policy successfully created !" + policy.getName()); + } + } +} +// [END privateca_monitor_ca_expiry] diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java new file mode 100644 index 00000000000..b4953910d03 --- /dev/null +++ b/privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java @@ -0,0 +1,99 @@ +/* + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package privateca; + +// [START privateca_update_ca_label] + +import com.google.api.core.ApiFuture; +import com.google.cloud.security.privateca.v1.CertificateAuthority; +import com.google.cloud.security.privateca.v1.CertificateAuthorityName; +import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient; +import com.google.cloud.security.privateca.v1.UpdateCertificateAuthorityRequest; +import com.google.longrunning.Operation; +import com.google.protobuf.FieldMask; +import java.io.IOException; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +public class UpdateCertificateAuthority { + + public static void main(String[] args) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + // TODO(developer): Replace these variables before running the sample. + // location: For a list of locations, see: + // https://cloud.google.com/certificate-authority-service/docs/locations + // pool_Id: Set it to the CA Pool under which the CA should be created. + // certificateAuthorityName: Unique name for the CA. + String project = "your-project-id"; + String location = "ca-location"; + String pool_Id = "ca-pool-id"; + String certificateAuthorityName = "certificate-authority-name"; + + updateCaLabel(project, location, pool_Id, certificateAuthorityName); + } + + // Updates the labels in a certificate authority. + public static void updateCaLabel( + String project, String location, String pool_Id, String certificateAuthorityName) + throws IOException, ExecutionException, InterruptedException, TimeoutException { + /* Initialize client that will be used to send requests. This client only needs to be created + once, and can be reused for multiple requests. After completing all of your requests, call + the `certificateAuthorityServiceClient.close()` method on the client to safely + clean up any remaining background resources. */ + try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = + CertificateAuthorityServiceClient.create()) { + + // Set the parent path and the new labels. + String certificateAuthorityParent = + CertificateAuthorityName.of(project, location, pool_Id, certificateAuthorityName) + .toString(); + CertificateAuthority certificateAuthority = + CertificateAuthority.newBuilder() + .setName(certificateAuthorityParent) + .putLabels("env", "test") + .build(); + + // Create a request to update the CA. + UpdateCertificateAuthorityRequest request = + UpdateCertificateAuthorityRequest.newBuilder() + .setCertificateAuthority(certificateAuthority) + .setUpdateMask(FieldMask.newBuilder().addPaths("labels").build()) + .build(); + + // Update the CA and wait for the operation to complete. + ApiFuture futureCall = + certificateAuthorityServiceClient + .updateCertificateAuthorityCallable() + .futureCall(request); + Operation operation = futureCall.get(60, TimeUnit.SECONDS); + + // Check for errors. + if (operation.hasError()) { + System.out.println("Error in updating labels ! " + operation.getError()); + } + + // Get the updated CA and check if it contains the new label. + CertificateAuthority response = + certificateAuthorityServiceClient.getCertificateAuthority(certificateAuthorityParent); + if (response.getLabelsMap().containsKey("env") + && response.getLabelsMap().get("env").equalsIgnoreCase("test")) { + System.out.println("Successfully updated the labels ! "); + } + } + } +} +// [END privateca_update_ca_label] diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index d907faa388c..4b6ecf35f25 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -320,6 +320,19 @@ public void testListCertificateAuthorities() throws IOException { assertThat(stdOut.toString()).contains(CA_NAME); } + @Test + public void testUpdateCertificateAuthority() + throws IOException, ExecutionException, InterruptedException, TimeoutException { + privateca.UpdateCertificateAuthority.updateCaLabel(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + assertThat(stdOut.toString()).contains("Successfully updated the labels ! "); + } + + @Test + public void testMonitorCertificateAuthority() throws IOException, InterruptedException { + privateca.MonitorCertificateAuthority.createCaMonitoringPolicy(PROJECT_ID); + assertThat(stdOut.toString()).contains("Monitoring policy successfully created !"); + } + @Test public void testEnableDisableCertificateAuthority() throws InterruptedException, ExecutionException, IOException { diff --git a/privateca/pom.xml b/privateca/pom.xml index 819f35d807b..c3828d5d464 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -63,6 +63,10 @@ com.google.cloud google-cloud-kms + + com.google.cloud + google-cloud-monitoring + junit From 8ef05813d9daa89739432b7f68c022425b6d5fcb Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 27 Sep 2021 21:22:56 +0200 Subject: [PATCH 37/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.1.2 (#288) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.1.1` -> `2.1.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.2/compatibility-slim/2.1.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.1.2/confidence-slim/2.1.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index c3828d5d464..8fa4f63906f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.1.1 + 2.1.2 org.bouncycastle From 033513e3b1dcbf3893417f8ed5a507570756a470 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 1 Oct 2021 16:18:39 +0200 Subject: [PATCH 38/80] chore(deps): update dependency com.google.cloud:libraries-bom to v23.1.0 (#291) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `23.0.0` -> `23.1.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.1.0/compatibility-slim/23.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/23.1.0/confidence-slim/23.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 8fa4f63906f..da383ce0f49 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 23.0.0 + 23.1.0 pom import From ed417cb254479422bacf240c066822028dec74d5 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 21 Oct 2021 19:08:52 +0200 Subject: [PATCH 39/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.0 (#301) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.1.2` -> `2.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.0/compatibility-slim/2.1.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.0/confidence-slim/2.1.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index da383ce0f49..af7d3adeb65 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.1.2 + 2.2.0 org.bouncycastle From 692edc48709c7e051859f4cc5d33bfa2f4b0c046 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 27 Oct 2021 18:22:50 +0200 Subject: [PATCH 40/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24 (#306) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `23.1.0` -> `24.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.0.0/compatibility-slim/23.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.0.0/confidence-slim/23.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index af7d3adeb65..f817800b0e7 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 23.1.0 + 24.0.0 pom import From da96b5b22bd12cda6f9c5c2b64567027ffcb273b Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 6 Dec 2021 18:58:08 +0100 Subject: [PATCH 41/80] deps: update dependency org.bouncycastle:bcpkix-jdk15on to v1.70 (#320) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index f817800b0e7..284e2912ba6 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -57,7 +57,7 @@ org.bouncycastle bcpkix-jdk15on - 1.69 + 1.70 com.google.cloud From 91a23e4f43f2c4559ebbe1eac998ba11c5daf163 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 6 Dec 2021 23:32:14 +0100 Subject: [PATCH 42/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.1 (#325) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.2.0` -> `2.2.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.1/compatibility-slim/2.2.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.1/confidence-slim/2.2.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 284e2912ba6..405e6794c3c 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.0 + 2.2.1 org.bouncycastle From 6333941d989374805717861d329b0fa327991e01 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 7 Dec 2021 00:20:10 +0100 Subject: [PATCH 43/80] chore(deps): update dependency com.google.cloud.samples:shared-configuration to v1.2.0 (#321) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud.samples:shared-configuration](https://togithub.com/GoogleCloudPlatform/java-repo-tools) | `1.0.23` -> `1.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.2.0/compatibility-slim/1.0.23)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud.samples:shared-configuration/1.2.0/confidence-slim/1.0.23)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
GoogleCloudPlatform/java-repo-tools ### [`v1.2.0`](https://togithub.com/GoogleCloudPlatform/java-repo-tools/compare/v1.0.24...v1.2.0) [Compare Source](https://togithub.com/GoogleCloudPlatform/java-repo-tools/compare/v1.0.24...v1.2.0) ### [`v1.0.24`](https://togithub.com/GoogleCloudPlatform/java-repo-tools/compare/v1.0.23...v1.0.24) [Compare Source](https://togithub.com/GoogleCloudPlatform/java-repo-tools/compare/v1.0.23...v1.0.24)
--- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 405e6794c3c..848fad2457f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -26,7 +26,7 @@ com.google.cloud.samples shared-configuration - 1.0.23 + 1.2.0 From e8c75069ae5f1cb2c92b530cd06fcc137bfc926e Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 9 Dec 2021 00:10:11 +0100 Subject: [PATCH 44/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.1.0 (#328) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `24.0.0` -> `24.1.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.0/compatibility-slim/24.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.0/confidence-slim/24.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 848fad2457f..6f8c954352b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.0.0 + 24.1.0 pom import From 27c1fcfc02b2091996b3c3db254acd9136eed475 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 28 Dec 2021 22:18:15 +0100 Subject: [PATCH 45/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.1.1 (#329) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `24.1.0` -> `24.1.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.1/compatibility-slim/24.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.1/confidence-slim/24.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 6f8c954352b..8bc12dd2684 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.1.0 + 24.1.1 pom import From b5ebac30d31720b7231b5544840c7e96d49e3408 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 7 Jan 2022 16:48:22 +0100 Subject: [PATCH 46/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.1.2 (#333) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `24.1.1` -> `24.1.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.2/compatibility-slim/24.1.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.1.2/confidence-slim/24.1.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 8bc12dd2684..4d3ad3fa0a8 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.1.1 + 24.1.2 pom import From b7c92ef383d6d80b53e52ea4cf7f432713c550d0 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 17 Jan 2022 19:16:14 +0100 Subject: [PATCH 47/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.2 (#338) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.2.1` -> `2.2.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.2/compatibility-slim/2.2.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.2/confidence-slim/2.2.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 4d3ad3fa0a8..90f618e489c 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.1 + 2.2.2 org.bouncycastle From 13c89d0eb3c291fe112a5295bea62e2ada1cadd1 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 18 Jan 2022 19:58:13 +0100 Subject: [PATCH 48/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.2.0 (#343) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java) | `24.1.2` -> `24.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.2.0/compatibility-slim/24.1.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.2.0/confidence-slim/24.1.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 90f618e489c..da84aed9ef6 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.1.2 + 24.2.0 pom import From 59b8db452e9b6a67bc336b043b08ec41b5d793ca Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 9 Feb 2022 00:27:12 +0100 Subject: [PATCH 49/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.3.0 (#362) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `24.2.0` -> `24.3.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.3.0/compatibility-slim/24.2.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.3.0/confidence-slim/24.2.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index da84aed9ef6..d38a3228d2c 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.2.0 + 24.3.0 pom import From 0546e726ddc08722236037ba3d3eef8165bdb3c3 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 1 Mar 2022 19:56:12 +0100 Subject: [PATCH 50/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.3 (#357) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.3 * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index d38a3228d2c..e91c3717746 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.2 + 2.2.3 org.bouncycastle From d0542ce48237dbf93b80d26ebcc895963be86c0e Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 3 Mar 2022 02:44:23 +0100 Subject: [PATCH 51/80] chore(deps): update dependency com.google.cloud:libraries-bom to v24.4.0 (#378) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `24.3.0` -> `24.4.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.4.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.4.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.4.0/compatibility-slim/24.3.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/24.4.0/confidence-slim/24.3.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index e91c3717746..7b7293b3609 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.3.0 + 24.4.0 pom import From c9f400100234bd7b7c207fef4948104f2217b5b5 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 8 Mar 2022 04:46:42 +0100 Subject: [PATCH 52/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.4 (#381) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.2.3` -> `2.2.4` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.4/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.4/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.4/compatibility-slim/2.2.3)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.4/confidence-slim/2.2.3)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 7b7293b3609..b8c378f4725 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.3 + 2.2.4 org.bouncycastle From 52ecb61becb87a77e34fb55abfadc08188ecba59 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 14 Mar 2022 23:30:25 +0100 Subject: [PATCH 53/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.2.5 (#391) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.2.4` -> `2.2.5` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.5/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.5/compatibility-slim/2.2.4)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.2.5/confidence-slim/2.2.4)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index b8c378f4725..3e58d40ed91 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.4 + 2.2.5 org.bouncycastle From 327c6288f20a3dfce3b6df7d42a80829225fc5c7 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 14 Mar 2022 23:46:29 +0100 Subject: [PATCH 54/80] chore(deps): update dependency com.google.cloud:libraries-bom to v25 (#392) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `24.4.0` -> `25.0.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.0.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.0.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.0.0/compatibility-slim/24.4.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.0.0/confidence-slim/24.4.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 3e58d40ed91..1e283be9afa 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 24.4.0 + 25.0.0 pom import From 197a68b497ed80e336b69e2d672a5dde1783d74a Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 1 Apr 2022 18:36:31 +0200 Subject: [PATCH 55/80] chore(deps): update dependency com.google.cloud:libraries-bom to v25.1.0 (#398) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `25.0.0` -> `25.1.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.1.0/compatibility-slim/25.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.1.0/confidence-slim/25.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 1e283be9afa..10fe89101fe 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 25.0.0 + 25.1.0 pom import From 4c3e631339f806adc80c704516ad5705dd98b49e Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 1 Apr 2022 18:48:10 +0200 Subject: [PATCH 56/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.3.0 (#397) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.2.5` -> `2.3.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.0/compatibility-slim/2.2.5)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.0/confidence-slim/2.2.5)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 10fe89101fe..25223957a66 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.2.5 + 2.3.0 org.bouncycastle From 49ee6a1c84940804d0821f9a46e3f32d8105f92c Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 18 Apr 2022 17:42:45 +0200 Subject: [PATCH 57/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.3.1 (#404) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.3.0` -> `2.3.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.1/compatibility-slim/2.3.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.3.1/confidence-slim/2.3.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 25223957a66..9054028b859 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.3.0 + 2.3.1 org.bouncycastle From 66c8db85db979ead19dde771e7962f630452bb51 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 27 Apr 2022 17:36:24 +0200 Subject: [PATCH 58/80] chore(deps): update dependency com.google.cloud:libraries-bom to v25.2.0 (#409) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `25.1.0` -> `25.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/compatibility-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/confidence-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 9054028b859..5e917708d4f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 25.1.0 + 25.2.0 pom import From c756bff3b1a4e75c7dbb7570d3e51ec24a60fd05 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 16 May 2022 19:46:30 +0200 Subject: [PATCH 59/80] chore(deps): update dependency com.google.cloud:libraries-bom to v25.3.0 (#414) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `25.2.0` -> `25.3.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.3.0/compatibility-slim/25.2.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.3.0/confidence-slim/25.2.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 5e917708d4f..2cc07f7251e 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 25.2.0 + 25.3.0 pom import From 4e886df6177d2ae431b19585b19d93176b215f7b Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 26 May 2022 00:20:13 +0200 Subject: [PATCH 60/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.4.0 (#420) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.3.1` -> `2.4.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.4.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.4.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.4.0/compatibility-slim/2.3.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.4.0/confidence-slim/2.3.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 2cc07f7251e..ca57d15e2da 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.3.1 + 2.4.0 org.bouncycastle From ff12714a2df6d1fb9791d6be26cc7ac3c4b2c74b Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Mon, 11 Jul 2022 23:14:44 +0200 Subject: [PATCH 61/80] chore(deps): update dependency com.google.cloud:libraries-bom to v25.4.0 (#421) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index ca57d15e2da..499caa08c9f 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 25.3.0 + 25.4.0 pom import From e47f7f4afaaaf87bbaf42046573887965c417608 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 14 Jul 2022 15:54:53 +0200 Subject: [PATCH 62/80] chore(deps): update dependency com.google.cloud:libraries-bom to v26 (#437) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 499caa08c9f..5cea1701e92 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 25.4.0 + 26.0.0 pom import From 6be65a365bf6e803d6efdb505b98c0986d681218 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 14 Jul 2022 18:37:20 +0200 Subject: [PATCH 63/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.5.0 (#435) --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 5cea1701e92..9ea1ab435fe 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.4.0 + 2.5.0 org.bouncycastle From fd4a24f30656f14bbd1790d0a61ad04566607d1c Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 16 Aug 2022 18:52:15 +0200 Subject: [PATCH 64/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.5.1 (#448) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-) | `2.5.0` -> `2.5.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.1/compatibility-slim/2.5.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.1/confidence-slim/2.5.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 9ea1ab435fe..8d157b47b24 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.5.0 + 2.5.1 org.bouncycastle From 626e37ea2b76990c9d0b763ffc47b54ebfc7bd21 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 16 Aug 2022 19:20:20 +0200 Subject: [PATCH 65/80] chore(deps): update dependency com.google.cloud:libraries-bom to v26.1.0 (#449) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/googleapis/java-cloud-bom)) | `26.0.0` -> `26.1.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.0/compatibility-slim/26.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.0/confidence-slim/26.0.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 8d157b47b24..c5aba9abbba 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 26.0.0 + 26.1.0 pom import From e27071c92ea28b803a240ca493019d9b85017924 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Wed, 31 Aug 2022 22:40:30 +0200 Subject: [PATCH 66/80] chore(deps): update dependency com.google.cloud:libraries-bom to v26.1.1 (#453) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/googleapis/java-cloud-bom)) | `26.1.0` -> `26.1.1` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.1/compatibility-slim/26.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.1/confidence-slim/26.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index c5aba9abbba..39c79aa84a0 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 26.1.0 + 26.1.1 pom import From e790d66e21024ecc36065a5ff5eecaac9422a21b Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 9 Sep 2022 17:18:19 +0200 Subject: [PATCH 67/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.5.2 (#458) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-security-private-ca) ([source](https://togithub.com/googleapis/java-)) | `2.5.1` -> `2.5.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.2/compatibility-slim/2.5.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.2/confidence-slim/2.5.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 39c79aa84a0..a33665b8465 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.5.1 + 2.5.2 org.bouncycastle From 35a1d8065bbb837e3e9c8b18a5b1b4ad7b897e0d Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 20 Sep 2022 16:22:23 +0200 Subject: [PATCH 68/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.5.3 (#464) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-security-private-ca) ([source](https://togithub.com/googleapis/java-)) | `2.5.2` -> `2.5.3` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.3/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.3/compatibility-slim/2.5.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.3/confidence-slim/2.5.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index a33665b8465..fe67c8703ae 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.5.2 + 2.5.3 org.bouncycastle From 6dd4491989201ca5a4cc3e75893275cc67d3b021 Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Tue, 20 Sep 2022 17:28:19 +0200 Subject: [PATCH 69/80] chore(deps): update dependency com.google.cloud:libraries-bom to v26.1.2 (#465) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/googleapis/java-cloud-bom)) | `26.1.1` -> `26.1.2` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.2/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.2/compatibility-slim/26.1.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.2/confidence-slim/26.1.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index fe67c8703ae..f143d024c6b 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 26.1.1 + 26.1.2 pom import From 9081b43c1afba424b5c6af2e4bb1459249787cbd Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Thu, 6 Oct 2022 17:54:16 +0200 Subject: [PATCH 70/80] chore(deps): update dependency com.google.cloud:google-cloud-security-private-ca to v2.5.4 (#483) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-security-private-ca](https://togithub.com/googleapis/java-security-private-ca) ([source](https://togithub.com/googleapis/java-)) | `2.5.3` -> `2.5.4` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.4/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.4/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.4/compatibility-slim/2.5.3)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:google-cloud-security-private-ca/2.5.4/confidence-slim/2.5.3)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. ⚠ **Warning**: custom changes will be lost. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index f143d024c6b..7fcafee63b1 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -52,7 +52,7 @@ com.google.cloud google-cloud-security-private-ca - 2.5.3 + 2.5.4 org.bouncycastle From 17bd4e55689bb2c6500b218461eca0e236df965c Mon Sep 17 00:00:00 2001 From: WhiteSource Renovate Date: Fri, 7 Oct 2022 20:02:12 +0200 Subject: [PATCH 71/80] chore(deps): update dependency com.google.cloud:libraries-bom to v26.1.3 (#484) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/googleapis/java-cloud-bom)) | `26.1.2` -> `26.1.3` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.3/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.3/compatibility-slim/26.1.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/26.1.3/confidence-slim/26.1.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-security-private-ca). --- privateca/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/pom.xml b/privateca/pom.xml index 7fcafee63b1..c0905d485ee 100644 --- a/privateca/pom.xml +++ b/privateca/pom.xml @@ -40,7 +40,7 @@ com.google.cloud libraries-bom - 26.1.2 + 26.1.3 pom import From a85d82f2fba85a04fc8b67f5a9ad823097a42578 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Sat, 12 Nov 2022 02:50:14 +0530 Subject: [PATCH 72/80] update readme to reference java docs samples repository --- privateca/cloud-client/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/privateca/cloud-client/README.md b/privateca/cloud-client/README.md index 948896c744d..6755d3ac7f5 100644 --- a/privateca/cloud-client/README.md +++ b/privateca/cloud-client/README.md @@ -1,6 +1,6 @@ # Google Cloud Private Certificate Authority Service - + Open in Cloud Shell Google [Cloud Private Certificate Authority Service](https://cloud.google.com/certificate-authority-service) is a highly available, scalable Google Cloud service that enables you to simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA). @@ -58,15 +58,15 @@ The following instructions will help you prepare your development environment. 2. Download and install [Apache Maven](http://maven.apache.org/download.cgi) by following the [Maven installation guide](http://maven.apache.org/install.html) for your specific operating system. -3. Clone the java-security-private-ca repository. +3. Clone the GoogleCloudPlatform/java-docs-samples repository. ``` -git clone https://github.com/googleapis/java-security-private-ca.git +git clone https://github.com/GoogleCloudPlatform/java-docs-samples.git ``` 4. Navigate to the sample code directory. ``` -cd java-security-private-ca/samples/snippets/cloud-client +cd privateca/samples/snippets ``` 5. Run the **SnippetsIT** test file present under the test folder. From 0c886441852c33a842ebc668f5e3690cfdff7f67 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Sat, 12 Nov 2022 02:51:30 +0530 Subject: [PATCH 73/80] update readme --- privateca/cloud-client/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/privateca/cloud-client/README.md b/privateca/cloud-client/README.md index 6755d3ac7f5..5587b341ed2 100644 --- a/privateca/cloud-client/README.md +++ b/privateca/cloud-client/README.md @@ -1,6 +1,6 @@ # Google Cloud Private Certificate Authority Service - + Open in Cloud Shell Google [Cloud Private Certificate Authority Service](https://cloud.google.com/certificate-authority-service) is a highly available, scalable Google Cloud service that enables you to simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA). @@ -66,7 +66,7 @@ git clone https://github.com/GoogleCloudPlatform/java-docs-samples.git 4. Navigate to the sample code directory. ``` -cd privateca/samples/snippets +cd privateca/snippets ``` 5. Run the **SnippetsIT** test file present under the test folder. From 4c6c294eb6ca4d06cfd5addc2a9f545e4b063926 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Sat, 12 Nov 2022 02:54:23 +0530 Subject: [PATCH 74/80] moved the samples to snippets/ folder --- privateca/{cloud-client => snippets}/README.md | 0 .../src/main/java/privateca/ActivateSubordinateCa.java | 0 .../src/main/java/privateca/CreateCaPool.java | 0 .../src/main/java/privateca/CreateCertificate.java | 0 .../src/main/java/privateca/CreateCertificateAuthority.java | 0 .../src/main/java/privateca/CreateCertificateTemplate.java | 0 .../src/main/java/privateca/CreateCertificate_CSR.java | 0 .../src/main/java/privateca/CreateSubordinateCa.java | 0 .../src/main/java/privateca/DeleteCaPool.java | 0 .../src/main/java/privateca/DeleteCertificateAuthority.java | 0 .../src/main/java/privateca/DeleteCertificateTemplate.java | 0 .../src/main/java/privateca/DisableCertificateAuthority.java | 0 .../src/main/java/privateca/EnableCertificateAuthority.java | 0 .../src/main/java/privateca/FilterCertificates.java | 0 .../src/main/java/privateca/ListCaPools.java | 0 .../src/main/java/privateca/ListCertificateAuthorities.java | 0 .../src/main/java/privateca/ListCertificateTemplates.java | 0 .../src/main/java/privateca/ListCertificates.java | 0 .../src/main/java/privateca/MonitorCertificateAuthority.java | 0 .../src/main/java/privateca/RevokeCertificate.java | 0 .../src/main/java/privateca/UndeleteCertificateAuthority.java | 0 .../src/main/java/privateca/UpdateCaPool_IssuancePolicy.java | 0 .../src/main/java/privateca/UpdateCertificateAuthority.java | 0 .../src/main/java/privateca/UpdateCertificateTemplate.java | 0 .../src/test/java/privateca/SnippetsIT.java | 0 25 files changed, 0 insertions(+), 0 deletions(-) rename privateca/{cloud-client => snippets}/README.md (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/ActivateSubordinateCa.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateCaPool.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateCertificate.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateCertificateTemplate.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateCertificate_CSR.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/CreateSubordinateCa.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/DeleteCaPool.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/DeleteCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/DeleteCertificateTemplate.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/DisableCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/EnableCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/FilterCertificates.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/ListCaPools.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/ListCertificateAuthorities.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/ListCertificateTemplates.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/ListCertificates.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/MonitorCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/RevokeCertificate.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/UndeleteCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/UpdateCertificateAuthority.java (100%) rename privateca/{cloud-client => snippets}/src/main/java/privateca/UpdateCertificateTemplate.java (100%) rename privateca/{cloud-client => snippets}/src/test/java/privateca/SnippetsIT.java (100%) diff --git a/privateca/cloud-client/README.md b/privateca/snippets/README.md similarity index 100% rename from privateca/cloud-client/README.md rename to privateca/snippets/README.md diff --git a/privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java b/privateca/snippets/src/main/java/privateca/ActivateSubordinateCa.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/ActivateSubordinateCa.java rename to privateca/snippets/src/main/java/privateca/ActivateSubordinateCa.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java b/privateca/snippets/src/main/java/privateca/CreateCaPool.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateCaPool.java rename to privateca/snippets/src/main/java/privateca/CreateCaPool.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/snippets/src/main/java/privateca/CreateCertificate.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateCertificate.java rename to privateca/snippets/src/main/java/privateca/CreateCertificate.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/CreateCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/CreateCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java b/privateca/snippets/src/main/java/privateca/CreateCertificateTemplate.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateCertificateTemplate.java rename to privateca/snippets/src/main/java/privateca/CreateCertificateTemplate.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java b/privateca/snippets/src/main/java/privateca/CreateCertificate_CSR.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateCertificate_CSR.java rename to privateca/snippets/src/main/java/privateca/CreateCertificate_CSR.java diff --git a/privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java b/privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/CreateSubordinateCa.java rename to privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java b/privateca/snippets/src/main/java/privateca/DeleteCaPool.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java rename to privateca/snippets/src/main/java/privateca/DeleteCaPool.java diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/DeleteCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/DeleteCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java b/privateca/snippets/src/main/java/privateca/DeleteCertificateTemplate.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/DeleteCertificateTemplate.java rename to privateca/snippets/src/main/java/privateca/DeleteCertificateTemplate.java diff --git a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/DisableCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/DisableCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/EnableCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/EnableCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/FilterCertificates.java b/privateca/snippets/src/main/java/privateca/FilterCertificates.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/FilterCertificates.java rename to privateca/snippets/src/main/java/privateca/FilterCertificates.java diff --git a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java b/privateca/snippets/src/main/java/privateca/ListCaPools.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/ListCaPools.java rename to privateca/snippets/src/main/java/privateca/ListCaPools.java diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java b/privateca/snippets/src/main/java/privateca/ListCertificateAuthorities.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java rename to privateca/snippets/src/main/java/privateca/ListCertificateAuthorities.java diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java b/privateca/snippets/src/main/java/privateca/ListCertificateTemplates.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/ListCertificateTemplates.java rename to privateca/snippets/src/main/java/privateca/ListCertificateTemplates.java diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java b/privateca/snippets/src/main/java/privateca/ListCertificates.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/ListCertificates.java rename to privateca/snippets/src/main/java/privateca/ListCertificates.java diff --git a/privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/MonitorCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/MonitorCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/MonitorCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java b/privateca/snippets/src/main/java/privateca/RevokeCertificate.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java rename to privateca/snippets/src/main/java/privateca/RevokeCertificate.java diff --git a/privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/UndeleteCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/UndeleteCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/UndeleteCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java b/privateca/snippets/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java rename to privateca/snippets/src/main/java/privateca/UpdateCaPool_IssuancePolicy.java diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java b/privateca/snippets/src/main/java/privateca/UpdateCertificateAuthority.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/UpdateCertificateAuthority.java rename to privateca/snippets/src/main/java/privateca/UpdateCertificateAuthority.java diff --git a/privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java b/privateca/snippets/src/main/java/privateca/UpdateCertificateTemplate.java similarity index 100% rename from privateca/cloud-client/src/main/java/privateca/UpdateCertificateTemplate.java rename to privateca/snippets/src/main/java/privateca/UpdateCertificateTemplate.java diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/snippets/src/test/java/privateca/SnippetsIT.java similarity index 100% rename from privateca/cloud-client/src/test/java/privateca/SnippetsIT.java rename to privateca/snippets/src/test/java/privateca/SnippetsIT.java From 77a96dc6b12056c81245abb003b0cfe75e1d4832 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Sat, 12 Nov 2022 02:55:48 +0530 Subject: [PATCH 75/80] moved pom file --- privateca/{ => snippets}/pom.xml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename privateca/{ => snippets}/pom.xml (100%) diff --git a/privateca/pom.xml b/privateca/snippets/pom.xml similarity index 100% rename from privateca/pom.xml rename to privateca/snippets/pom.xml From bd99ca34b43af254b1ba6f602fa8903face0b5c7 Mon Sep 17 00:00:00 2001 From: SitaLakshmi Date: Thu, 17 Nov 2022 21:10:58 +0530 Subject: [PATCH 76/80] change names to match issuance policy --- .../snippets/src/main/java/privateca/CreateCertificate.java | 6 +++--- .../src/main/java/privateca/CreateSubordinateCa.java | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/privateca/snippets/src/main/java/privateca/CreateCertificate.java b/privateca/snippets/src/main/java/privateca/CreateCertificate.java index 5cac09dd929..79c34cae49f 100644 --- a/privateca/snippets/src/main/java/privateca/CreateCertificate.java +++ b/privateca/snippets/src/main/java/privateca/CreateCertificate.java @@ -83,9 +83,9 @@ public static void createCertificate( // orgName: Provide the name of your company. // domainName: List the fully qualified domain name. // certificateLifetime: The validity of the certificate in seconds. - String commonName = "common-name"; - String orgName = "org-name"; - String domainName = "dns.your-domain.com"; + String commonName = "commonname"; + String orgName = "orgname"; + String domainName = "dns.example.com"; long certificateLifetime = 1000L; // Set the Public Key and its format. diff --git a/privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java b/privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java index 29b3f7ef4f3..4b1510c03f9 100644 --- a/privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java +++ b/privateca/snippets/src/main/java/privateca/CreateSubordinateCa.java @@ -64,9 +64,9 @@ public static void createSubordinateCertificateAuthority( try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { - String commonName = "common-name"; - String orgName = "csr-org-name"; - String domainName = "dns.your-domain.com"; + String commonName = "commonname"; + String orgName = "csrorgname"; + String domainName = "dns.example.com"; int caDuration = 100000; // Validity of this CA in seconds. // Set the type of Algorithm. From 12414499212d5dcfc13ce4f7b5b6791ef3720912 Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Fri, 18 Nov 2022 18:08:59 +0530 Subject: [PATCH 77/80] Update pom.xml --- privateca/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privateca/snippets/pom.xml b/privateca/snippets/pom.xml index c0905d485ee..884193b3d83 100644 --- a/privateca/snippets/pom.xml +++ b/privateca/snippets/pom.xml @@ -17,7 +17,7 @@ security-private-ca-snippets jar Google Certificate Authority Service Snippets - https://github.com/googleapis/java-security-private-ca + https://github.com/GoogleCloudPlatform/java-docs-samples // Create CA Pool. - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_poolId); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_poolId_DELETE); sleep(5); // Set the issuance policy for the created CA Pool. - privateca.UpdateCaPool_IssuancePolicy.updateCaPoolIssuancePolicy( - PROJECT_ID, LOCATION, CA_POOL_ID); + UpdateCaPoolIssuancePolicy.updateCaPoolIssuancePolicy( + PROJECT_ID, LOCATION, CA_poolId); // <--- END CA POOL ---> // <--- START ROOT CA ---> // Create and Enable Certificate Authority. privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME); sleep(10); privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME); // Create and Delete Certificate Authority. privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME_DELETE); sleep(10); privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME_DELETE); // <--- END ROOT CA ---> // <--- START SUBORDINATE CA ---> // Follow the below steps to create and enable a Subordinate Certificate Authority. // 1. Create a Subordinate Certificate Authority. privateca.CreateSubordinateCa.createSubordinateCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, SUBORDINATE_CA_NAME); sleep(10); // 2. Fetch CSR. - String pemCSR = fetchPemCSR(CA_POOL_ID, SUBORDINATE_CA_NAME); + String pemCsr = fetchPemCSR(CA_poolId, SUBORDINATE_CA_NAME); // 3. Sign the CSR, and create a certificate. - privateca.CreateCertificate_CSR.createCertificateWithCSR( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CSR_CERTIFICATE_NAME, pemCSR); + CreateCertificateCsr.createCertificateWithCsr( + PROJECT_ID, LOCATION, CA_poolId, CA_NAME, CSR_CERTIFICATE_NAME, pemCsr); // <--- END SUBORDINATE CA ---> // <--- START CERTIFICATE ---> @@ -162,7 +162,7 @@ public static void setUp() // Create certificate with the above generated public key. privateca.CreateCertificate.createCertificate( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); sleep(5); // <--- END CERTIFICATE ---> } @@ -176,7 +176,7 @@ public static void cleanUp() // Revoke Certificate. privateca.RevokeCertificate.revokeCertificate( - PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME); + PROJECT_ID, LOCATION, CA_poolId, CSR_CERTIFICATE_NAME); // Delete Certificate Template. privateca.DeleteCertificateTemplate.deleteCertificateTemplate( @@ -184,18 +184,18 @@ public static void cleanUp() // Delete root CA. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME); sleep(5); // Deleting the undeleted CA. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME_DELETE); // Delete Subordinate CA. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, SUBORDINATE_CA_NAME); sleep(5); // Delete CA Pool. - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_poolId); stdOut = null; System.setOut(null); @@ -207,11 +207,11 @@ public static void sleep(int seconds) throws InterruptedException { } // Fetch CSR of the given CA. - public static String fetchPemCSR(String pool_Id, String caName) throws IOException { + public static String fetchPemCSR(String poolId, String caName) throws IOException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { String caParent = - CertificateAuthorityName.of(PROJECT_ID, LOCATION, pool_Id, caName).toString(); + CertificateAuthorityName.of(PROJECT_ID, LOCATION, poolId, caName).toString(); FetchCertificateAuthorityCsrResponse response = certificateAuthorityServiceClient.fetchCertificateAuthorityCsr(caParent); @@ -264,12 +264,12 @@ public void testCreateCAPool() throws IOException { CertificateAuthorityServiceClient.create()) { String caPoolName = certificateAuthorityServiceClient - .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_ID).toString()) + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_poolId).toString()) .getName(); assertThat(caPoolName) .contains( String.format( - "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_ID)); + "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_poolId)); } } @@ -279,7 +279,7 @@ public void testUpdateCAPoolIssuancePolicy() throws IOException { CertificateAuthorityServiceClient.create()) { IssuancePolicy issuancePolicy = certificateAuthorityServiceClient - .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_ID).toString()) + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_poolId).toString()) .getIssuancePolicy(); String actualExpression = @@ -294,14 +294,14 @@ public void testUpdateCAPoolIssuancePolicy() throws IOException { @Test public void testListCAPools() throws IOException { privateca.ListCaPools.listCaPools(PROJECT_ID, LOCATION); - assertThat(stdOut.toString()).contains(CA_POOL_ID); + assertThat(stdOut.toString()).contains(CA_poolId); } @Test public void testDeleteCAPool() throws InterruptedException, ExecutionException, IOException, TimeoutException { - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); - assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_ID_DELETE); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_poolId_DELETE); + assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_poolId_DELETE); } @Test @@ -311,21 +311,21 @@ public void testCreateCertificateAuthority() throws IOException { CertificateAuthorityServiceClient.create()) { CertificateAuthority response = certificateAuthorityServiceClient.getCertificateAuthority( - CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME).toString()); + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_poolId, CA_NAME).toString()); assertThat(response.getName()).contains(CA_NAME); } } @Test public void testListCertificateAuthorities() throws IOException { - privateca.ListCertificateAuthorities.listCertificateAuthority(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.ListCertificateAuthorities.listCertificateAuthority(PROJECT_ID, LOCATION, CA_poolId); assertThat(stdOut.toString()).contains(CA_NAME); } @Test public void testUpdateCertificateAuthority() throws IOException, ExecutionException, InterruptedException, TimeoutException { - privateca.UpdateCertificateAuthority.updateCaLabel(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + privateca.UpdateCertificateAuthority.updateCaLabel(PROJECT_ID, LOCATION, CA_poolId, CA_NAME); assertThat(stdOut.toString()).contains("Successfully updated the labels ! "); } @@ -339,10 +339,10 @@ public void testMonitorCertificateAuthority() throws IOException, InterruptedExc public void testEnableDisableCertificateAuthority() throws InterruptedException, ExecutionException, IOException { privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME); assertThat(stdOut.toString()).contains("Enabled Certificate Authority : " + CA_NAME); privateca.DisableCertificateAuthority.disableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME); assertThat(stdOut.toString()).contains("Disabled Certificate Authority : " + CA_NAME); } @@ -352,7 +352,7 @@ public void testDeleteUndeleteCertificateAuthority() // CA deleted as part of setup(). Undelete the CA. // The undelete operation will be executed only if the CA was successfully deleted. privateca.UndeleteCertificateAuthority.undeleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_poolId, CA_NAME_DELETE); assertThat(stdOut.toString()) .contains("Successfully restored the Certificate Authority ! " + CA_NAME_DELETE); } @@ -395,7 +395,7 @@ public void testCreateCertificate() throws IOException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_poolId, CERTIFICATE_NAME); Certificate certificate = certificateAuthorityServiceClient.getCertificate(certificateName); assertThat(certificate.getName()).contains(CERTIFICATE_NAME); } @@ -403,14 +403,14 @@ public void testCreateCertificate() throws IOException { @Test public void testListCertificates() throws IOException { - privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_poolId); assertThat(stdOut.toString()).contains(CERTIFICATE_NAME); } @Test public void testFilterCertificates() throws IOException { // Filter only certificates created using CSR. - privateca.FilterCertificates.filterCertificates(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.FilterCertificates.filterCertificates(PROJECT_ID, LOCATION, CA_poolId); assertThat(stdOut.toString()).contains(CSR_CERTIFICATE_NAME); assertThat(stdOut.toString()).doesNotContain(CERTIFICATE_NAME); } @@ -421,12 +421,12 @@ public void testRevokeCertificate() throws InterruptedException, ExecutionExcept CertificateAuthorityServiceClient.create()) { // Revoke the certificate. privateca.RevokeCertificate.revokeCertificate( - PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); + PROJECT_ID, LOCATION, CA_poolId, CERTIFICATE_NAME); // Check if the certificate has revocation details. If it does, then the certificate is // considered as revoked. CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_poolId, CERTIFICATE_NAME); Assert.assertTrue( certificateAuthorityServiceClient.getCertificate(certificateName).hasRevocationDetails()); } @@ -438,7 +438,7 @@ public void testCreateSubordinateCertificateAuthority() throws IOException { CertificateAuthorityServiceClient.create()) { CertificateAuthority response = certificateAuthorityServiceClient.getCertificateAuthority( - CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_ID, SUBORDINATE_CA_NAME) + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_poolId, SUBORDINATE_CA_NAME) .toString()); Assert.assertTrue(response.hasCreateTime()); } @@ -450,7 +450,7 @@ public void testCreateCertificateWithCSR() throws IOException { CertificateAuthorityServiceClient.create()) { Certificate response = certificateAuthorityServiceClient.getCertificate( - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME) + CertificateName.of(PROJECT_ID, LOCATION, CA_poolId, CSR_CERTIFICATE_NAME) .toString()); Assert.assertTrue(response.hasCreateTime()); } @@ -463,13 +463,13 @@ public void testActivateSubordinateCertificateAuthority() CertificateAuthorityServiceClient.create()) { Certificate response = certificateAuthorityServiceClient.getCertificate( - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME) + CertificateName.of(PROJECT_ID, LOCATION, CA_poolId, CSR_CERTIFICATE_NAME) .toString()); String pemCertificate = response.getPemCertificate(); - privateca.ActivateSubordinateCa.activateSubordinateCA( - PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, SUBORDINATE_CA_NAME, pemCertificate); + privateca.ActivateSubordinateCa.activateSubordinateCa( + PROJECT_ID, LOCATION, CA_poolId, CA_NAME, SUBORDINATE_CA_NAME, pemCertificate); assertThat(stdOut.toString()).contains("Current State: STAGED"); } }