feat(securitycenter): Add Resource SCC Management API Org ETD Custom Module code samples (Create, Delete, List, Get) #9743
Conversation
|
Here is the summary of changes. You are about to add 4 region tags.
This comment is generated by snippet-bot.
|
product-auto-label
bot
added
api: securitycenter
...and-center/snippets/src/main/java/management/api/CreateEventThreatDetectionCustomModule.java
Outdated
Show resolved
Hide resolved
...and-center/snippets/src/main/java/management/api/CreateEventThreatDetectionCustomModule.java
Show resolved
Hide resolved
...and-center/snippets/src/main/java/management/api/CreateEventThreatDetectionCustomModule.java
Show resolved
Hide resolved
...mmand-center/snippets/src/test/java/management/api/EventThreatDetectionCustomModuleTest.java
Outdated
Show resolved
Hide resolved
| ListEventThreatDetectionCustomModulesRequest request = | ||
| ListEventThreatDetectionCustomModulesRequest.newBuilder() | ||
| .setParent(String.format("projects/%s/locations/global", PROJECT_ID)) | ||
| .build(); | ||
| ListEventThreatDetectionCustomModulesPagedResponse response = | ||
| client.listEventThreatDetectionCustomModules(request); |
There was a problem hiding this comment.
please refactor to clean up only modules created by this collection of tests. do not delete "other" modules.
There was a problem hiding this comment.
Yes this condition I have already added in the code (if (module.getDisplayName().startsWith("java_sample_custom_module"))). It will be going to delete the modules created by this collection of tests and not the other modules
There was a problem hiding this comment.
It is not enough because the tests in this class can be launched due to different changes in parallel. For example, tests for all code samples are scheduled to execute once in a while to validate overall consistency. The tests for different JDK are launched in parallel to test each push in each PR.
If module IDs is auto-generated and the display name is the only means to distinguish the tests, please add a randomized prefix or suffix to the display name to distinguish resources created in this particular session from resources created in other sessions.
There was a problem hiding this comment.
Addressed, added etd prefix to the display name and it stands for event threat detection
There was a problem hiding this comment.
It does not help in the case this test is executed in parallel by multiple processes. For example, consider when this test is run in parallel in two environments with different JDKs.
Please using java.util.UUID. For the reference you can see how it is used in the compute tests.
There was a problem hiding this comment.
Addressed, as suggested, now added the random UUID as a suffix to the display name
...mmand-center/snippets/src/test/java/management/api/EventThreatDetectionCustomModuleTest.java
Outdated
Show resolved
Hide resolved
...and-center/snippets/src/main/java/management/api/CreateEventThreatDetectionCustomModule.java
Outdated
Show resolved
Hide resolved
| private static EventThreatDetectionCustomModule createCustomModule( | ||
| String projectId, String customModuleDisplayName) throws IOException { | ||
| if (!Strings.isNullOrEmpty(projectId) && !Strings.isNullOrEmpty(customModuleDisplayName)) { | ||
| EventThreatDetectionCustomModule response = | ||
| CreateEventThreatDetectionCustomModule.createEventThreatDetectionCustomModule( | ||
| projectId, customModuleDisplayName); | ||
| return response; | ||
| } | ||
| return null; | ||
| } |
There was a problem hiding this comment.
this method is redundant. it is an exact replica of createEventThreatDetectionCustomModule() except for testing for empty string arguments which look unnecessary for private method inside test class.
There was a problem hiding this comment.
Actually I have created this method because in every test case I am creating the custom module first and then performing the test case. So in order to use the same code I have created this method and calling it in every test case and also you might have noticed I have called the same method createEventThreatDetectionCustomModule() inside this method.
There was a problem hiding this comment.
nit: according to your explanations there is no difference between this method and the direct call to CreateEventThreatDetectionCustomModule.createEventThreatDetectionCustomModule().
this is why this method is redundant.
There was a problem hiding this comment.
Addressed, removed this separate method, now making the direct call in every testcase
There was a problem hiding this comment.
please note that this PR is approved while having a potential test flakiness due to the code that deletes modules based on the display name which is the same in all executions of the tests.
please, use random prefix or suffix for the value of the display name to ensure that clean up operation deletes only resources used in the current testing session.
consider other remarks.
| Map<String, Value> metadata = new HashMap<>(); | ||
| metadata.put("severity", Value.newBuilder().setStringValue("MEDIUM").build()); | ||
| metadata.put( | ||
| "description", Value.newBuilder().setStringValue("add your description here").build()); | ||
| metadata.put( | ||
| "recommendation", | ||
| Value.newBuilder().setStringValue("add your recommendation here").build()); | ||
| Struct metadataStruct = Struct.newBuilder().putAllFields(metadata).build(); | ||
|
|
||
| Struct configStruct = | ||
| Struct.newBuilder() | ||
| .putFields("metadata", Value.newBuilder().setStructValue(metadataStruct).build()) | ||
| .putFields( | ||
| "ips", | ||
| Value.newBuilder() | ||
| .setListValue( | ||
| ListValue.newBuilder() | ||
| .addValues(Value.newBuilder().setStringValue("0.0.0.0").build()) | ||
| .build()) | ||
| .build()) | ||
| .build(); |
There was a problem hiding this comment.
nit: I'd like to propose a refactoring that unifies the process of initiating the protobuf struct according to the typed format. On the side note I would suggest to open a bug here because using untyped protobuf is very strange.
| Map<String, Value> metadata = new HashMap<>(); | |
| metadata.put("severity", Value.newBuilder().setStringValue("MEDIUM").build()); | |
| metadata.put( | |
| "description", Value.newBuilder().setStringValue("add your description here").build()); | |
| metadata.put( | |
| "recommendation", | |
| Value.newBuilder().setStringValue("add your recommendation here").build()); | |
| Struct metadataStruct = Struct.newBuilder().putAllFields(metadata).build(); | |
| Struct configStruct = | |
| Struct.newBuilder() | |
| .putFields("metadata", Value.newBuilder().setStructValue(metadataStruct).build()) | |
| .putFields( | |
| "ips", | |
| Value.newBuilder() | |
| .setListValue( | |
| ListValue.newBuilder() | |
| .addValues(Value.newBuilder().setStringValue("0.0.0.0").build()) | |
| .build()) | |
| .build()) | |
| .build(); | |
| Map<String, Value> metadata = Map.of( | |
| "severity", Value.newBuilder().setStringValue("MEDIUM").build(), | |
| "description", | |
| Value.newBuilder().setStringValue("add your description here").build(), | |
| "recommendation", | |
| Value.newBuilder().setStringValue("add your recommendation here").build(), | |
| ); | |
| List<Value> ips = List.of(Value.newBuilder().setStringValue("0.0.0.0").build()); | |
| Value metadataVal = Value.newBuilder() | |
| .setStructValue(Struct.newBuilder().putAllFields(metadata).build()).build(); | |
| Value ipsValue = Value.newBuilder() | |
| .setListValue(ListValue.newBuilder().addAllValues(ips).build()); | |
| Struct configStruct = | |
| Struct.newBuilder() | |
| .putFields("metadata", metadataVal) | |
| .putFields("ips", ipsVal) | |
| .build(); |
| ListEventThreatDetectionCustomModulesRequest request = | ||
| ListEventThreatDetectionCustomModulesRequest.newBuilder() | ||
| .setParent(String.format("projects/%s/locations/global", PROJECT_ID)) | ||
| .build(); | ||
| ListEventThreatDetectionCustomModulesPagedResponse response = | ||
| client.listEventThreatDetectionCustomModules(request); |
There was a problem hiding this comment.
It is not enough because the tests in this class can be launched due to different changes in parallel. For example, tests for all code samples are scheduled to execute once in a while to validate overall consistency. The tests for different JDK are launched in parallel to test each push in each PR.
If module IDs is auto-generated and the display name is the only means to distinguish the tests, please add a randomized prefix or suffix to the display name to distinguish resources created in this particular session from resources created in other sessions.
| private static EventThreatDetectionCustomModule createCustomModule( | ||
| String projectId, String customModuleDisplayName) throws IOException { | ||
| if (!Strings.isNullOrEmpty(projectId) && !Strings.isNullOrEmpty(customModuleDisplayName)) { | ||
| EventThreatDetectionCustomModule response = | ||
| CreateEventThreatDetectionCustomModule.createEventThreatDetectionCustomModule( | ||
| projectId, customModuleDisplayName); | ||
| return response; | ||
| } | ||
| return null; | ||
| } |
There was a problem hiding this comment.
nit: according to your explanations there is no difference between this method and the direct call to CreateEventThreatDetectionCustomModule.createEventThreatDetectionCustomModule().
this is why this method is redundant.
| ListEventThreatDetectionCustomModulesRequest request = | ||
| ListEventThreatDetectionCustomModulesRequest.newBuilder() | ||
| .setParent(String.format("projects/%s/locations/global", PROJECT_ID)) | ||
| .build(); | ||
| ListEventThreatDetectionCustomModulesPagedResponse response = | ||
| client.listEventThreatDetectionCustomModules(request); |
There was a problem hiding this comment.
It does not help in the case this test is executed in parallel by multiple processes. For example, consider when this test is run in parallel in two environments with different JDKs.
Please using java.util.UUID. For the reference you can see how it is used in the compute tests.
* chore(job): migrate regions by associating them with an official product with a job_ prefix (#9883) * chore(endpoints): delete region 'swagger' in endpoints/multiple-versions (#9857) * chore(endpoints): delete region swagger to openapi-v1.yaml * chore(endpoints): delete region swagger to openapi-v2.yaml * chore(job): delete sample jobs_java_dependencies_beta (#9810) * chore(job): delete sample jobs_java_dependencies_beta * chore(job): delete region_tab 'jobs_java_dependencies_beta' and update 'google-api-services-jobs' version * feat(compute): add compute disk regional replicated sample (#9697) * Implemented compute_disk_regional_replicated sample, created test * Fixed zone * Fixed test * Fixed test * Fixed disk size * Fixed code as requested in the comment * feat(compute): add compute disk start/stop replication samples (#9650) * Implemented compute_disk_start_replication and compute_disk_stop_replication samples, created tests * Fixed test * Deleted not related classes * Fixed lint issue * Increased timeout * Split samples for zonal location * Fixed code * Fixed code * Increased timeout * Increased timeout * feat(tpu): add tpu vm create spot sample. (#9610) * Changed package, added information to CODEOWNERS * Added information to CODEOWNERS * Added timeout * Fixed parameters for test * Fixed DeleteTpuVm and naming * Added comment, created Util class * Fixed naming * Fixed whitespace * Split PR into smaller, deleted redundant code * Implemented tpu_vm_create_spot sample, created test * changed zone * Changed zone * Fixed empty lines and tests, deleted cleanup method * Changed zone * Deleted redundant test class * Increased timeout * Fixed test * feat(tpu): add tpu vm create startup script sample. (#9612) * Changed package, added information to CODEOWNERS * Added information to CODEOWNERS * Added timeout * Fixed parameters for test * Fixed DeleteTpuVm and naming * Added comment, created Util class * Fixed naming * Fixed whitespace * Split PR into smaller, deleted redundant code * Implemented tpu_vm_create_startup_script sample, created test * Fixed tests and empty lines * Changed zone * Deleted redundant test classes * Increased timeout * Fixed code * feat(tpu): add tpu queued resources create/get/delete samples (#9613) * Changed package, added information to CODEOWNERS * Added information to CODEOWNERS * Added timeout * Fixed parameters for test * Fixed DeleteTpuVm and naming * Added comment, created Util class * Fixed naming * Fixed whitespace * Split PR into smaller, deleted redundant code * Implemented tpu_queued_resources_create, tpu_queued_resources_get, tpu_queued_resources_delete_force and tpu_queued_resources_delete samples, created tests * Fixed test * Fixed tests * Fixed error massage * Fixed typo * Fixed zone * Fixed test * Fixed code * Deleted commented imports * Fixed code as requested in comments * feat(tpu): add tpu queued resources create spot (#9615) Add a code sample for tpu_queued_resources_create_spot * chore: add translate dev team for translate samples (#9888) b/385243174 * feat(securitycenter): Add Resource SCC Management API Org ETD Custom Module code samples (Create, Delete, List, Get) (#9743) * sample codes for event threat detection custom modules * addressed comments * addressed comments * addressed comments * addressed comments * fix(compute): fixed compute_reservation_create_shared sample and test to use mocked client (#9840) * Fixed sample and test to use mocked client * Fixed code as requested in the comments * feat(compute): add compute instance create replicated boot disk sample (#9735) * Implemented compute_instance_create_replicated_boot_disk sample, created test * Fixed test * Fixed code as requested in the comments * Fixed Util class * Fixed code * feat(compute): add compute consistency group stop replication (#9694) * Implemented compute_consistency_group_create and compute_consistency_group_delete samples, created test * Implemented compute_consistency_group_stop_replication sample * Implemented compute_consistency_group_stop_replication sample * Created test and added needed classes for testing * Fixed test * Moved clean up methods * Added clean up methods for reservations * Fixed clean up method * Fixed clean up method * Added timeout * Reverted not related changes * Reverted not related changes * Reverted not related changes * Reverted not related changes * Fixed code * Split samples for zonal location * Added comments for methods * Fixed comments * feat(secretmanager): add optional ttl to create secret sample (#9889) * feat(secretmanager): add optional ttl to create secret sample * nit: Update secretmanager/src/main/java/secretmanager/CreateSecret.java Co-authored-by: code-review-assist[bot] <182814678+code-review-assist[bot]@users.noreply.github.com> * fix(secretmanager): fix comment indentation to resolve linting issues --------- Co-authored-by: Jennifer Davis <[email protected]> Co-authored-by: code-review-assist[bot] <182814678+code-review-assist[bot]@users.noreply.github.com> * feat(tpu): add tpu queued resources list sample (#9614) * Changed package, added information to CODEOWNERS * Added information to CODEOWNERS * Added timeout * Fixed parameters for test * Fixed DeleteTpuVm and naming * Added comment, created Util class * Fixed naming * Fixed whitespace * Split PR into smaller, deleted redundant code * Implemented tpu_queued_resources_create, tpu_queued_resources_get, tpu_queued_resources_delete_force and tpu_queued_resources_delete samples, created tests * Implemented tpu_queued_resources_list sample, created test * Fixed test * Fixed tests, deleted cleanup method * Fixed test * Fixed imports * feat(compute): add compute disk create secondary regional sample (#9641) * Implemented compute_disk_create_secondary_regional. created test * Fixed test * Fixed test * Fixed test * Fixed zone * Fixed naming * Fixed spaces * Fixed code * Fixed indentations * Fixed variable * Fixed code * Added cleanup methods * Fixed lint issue * Fixed lint issue * Fixed test * Fixed code * Fixed code * Fixed code * Deleted duplicated assertion * feat(compute): add compute disk create secondary sample. (#9643) * Implemented compute_disk_create_secondary sample, created test * Fixed code * Fixed variable * Fixed code * Merged changes from main * Fixed lint issue * fix(storage): migrate old region all to storagetransfer_transfer_all step 1 (#9917) * fix(job): remove old region create_job (#9914) * feat(compute): attach/ remove snapshot schedule to disk (#9791) * Implemented compute_snapshot_schedule_attach sample, created test * Implemented compute_snapshot_schedule_remove sample, created test * Fixed code * Fixed code as requested in the comments * feat(compute): add compute consistency group clone sample (#9885) * Implemented compute_consistency_group_clone and compute_consistency_group_clone_regional_disk samples, created tests * Fixed naming * feat(compute): add compute instance attach regional disk force sample (#9730) * Implemented compute_instance_attach_regional_disk_force sample, created test * Added clean up method * Fixed comments and parameters * Test order deleted * Fixed code * Fixed code * Fixed code * Increased timeout * Increased timeout * Increased timeout * Fixed code * Fixed code * Fixed code * Fixed naming * feat(compute): add compute disk create secondary custom sample (#9644) * Implemented compute_disk_create_secondary_custom sample, created test * Fixed code * Fixed variable * Fixed code * Fixed whitespace * Fixed whitespace * feat(compute): add compute snapshot schedule create/get/edit/list/delete samples (#9742) * Implemented compute_snapshot_schedule_delete and compute_snapshot_schedule_create samples, created test * Fixed test * Added compute_snapshot_schedule_get sample, created test * Fixed naming * Implemented compute_snapshot_schedule_edit, created test * Fixed naming * Implemented compute_snapshot_schedule_list sample, created test * Cleaned resources * Cleaned resources * Cleaned resources * Cleaned resources * Fixed test * Added comment * Fixed tests * Fixed code * Fixed code as requested in the comments * feat(compute): add compute disk create with snapshot schedule (#9788) * Implemented compute_disk_create_with_snapshot_schedule sample, created test * Fixed code * Fixed code * Fixed test * Fixed code * Fixed code as requested in the comments * Fixed lint issue * Fixed lint issue * Deleted redundant code * feat(tpu): add tpu queued resources time bound sample. (#9617) * Changed package, added information to CODEOWNERS * Added information to CODEOWNERS * Added timeout * Fixed parameters for test * Fixed DeleteTpuVm and naming * Added comment, created Util class * Fixed naming * Fixed whitespace * Split PR into smaller, deleted redundant code * Implemented tpu_queued_resources_create, tpu_queued_resources_get, tpu_queued_resources_delete_force and tpu_queued_resources_delete samples, created tests * Implemented tpu_queued_resources_time_bound sample, created test * Changed zone for tpu * Cleanup resources * Fixed tests * Fixed test * Fixed code as requested in the comments * Fixed code as requested in the comments * fix(job): delete old region tag update_job_with_field_mask (#9940) * feat(job): migrate region tags to include product prefix (#9966) * fix(endpoints): migrate all regions (#9943) * fix: disable flakybot reporting (#9968) * chore(job): remove unused region tags (#9969) * feat(securitycenter): Add Resource SCC Management API Org ETD Custom Module code samples (Update, Get Eff, List Eff, List Desc, Validate) (#9912) * sample codes for event threat detection custom modules * fixed lint * addressed comments * lint fix * addressed comments --------- Co-authored-by: OremGLG <[email protected]> Co-authored-by: eapl.me <[email protected]> Co-authored-by: Тетяна Ягодська <[email protected]> Co-authored-by: Jennifer Davis <[email protected]> Co-authored-by: lovenishs04 <[email protected]> Co-authored-by: alarconesparza <[email protected]> Co-authored-by: Jennifer Davis <[email protected]> Co-authored-by: code-review-assist[bot] <182814678+code-review-assist[bot]@users.noreply.github.com> Co-authored-by: Brian Dorsey <[email protected]>
Description
Fixes # b/347346890, b/347346971, b/347346892, b/347346464
Reference to b/347346890, b/347346971, b/347346892, b/347346464
This PR adds SCC Managament API Org Event Threat Detection Custom Module Code Samples for Create, Delete, List & Get.
Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.
Checklist
pom.xmlparent set to latestshared-configurationmvn clean verifyrequiredmvn -P lint checkstyle:checkrequiredmvn -P lint clean compile pmd:cpd-check spotbugs:checkadvisory only